Hisham M. Haddad

Learn More
In Software Engineering (SE), video game development is unique yet similar to other software endeavors. It is unique in that it combines the work of teams covering multiple disciplines (art, music, acting, programming, etc.), and that engaging game play is sought after through the use of prototypes and iterations. With that, game development is faced with(More)
The role of metrics in software quality is well recognized. However, software metrics are yet to be standardized and integrated into development practices across software industry. While process, project, and product metrics share a common goal of contributing to software quality and reliability, utilization of metrics has been at minimum. This work is an(More)
Clickjacking attacks are an emerging threat on the web. An attacker application presents a User Interface (UI) element of a target application out of context, such as hiding sensitive UI element by making it transparent to the end user. The user is tricked to click on the hidden element out of context. These attacks can cause severe damages such as(More)
Security risk assessment in Web Engineering is an emerging discipline, where security is given a special attention, allowing software engineers to develop high quality and secure Web-based applications. A preliminary study revealed that asset identification (and evaluation) is an essential phase in risk assessment practices. This phase represents a degree(More)
CMMI certification is a major accomplishment for a software organization, and is often required for an organization to stay competitive. This work is a case study of the challenges faced by a growing tax preparation software company during its attempt to achieve CMMI certification at maturity level two, while simultaneously implementing agile development(More)
Since the birth of computer science some 40 years ago, educators and researchers alike have struggled with improving student success, particularly in the introductory programming courses, which often have a very high failure rate. Although many researchers have studied how and why students succeed in programming courses, no research to date has analyzed(More)
Buffer overflow (BOF) is a notorious vulnerability that leads to non-secure software. The presence of BOF hampers essential security objectives - confidentiality, integrity and availability. A BOF might result in neigh boring data values corruption, application core dumps, etc. This research focuses on the detection and patching of BOF vulnerabilities. The(More)
Anticipating and mitigating security threats is critical during software development. This work investigates security vulnerabilities and mitigation strategies to help software developers build secure applications. The work examines common vulnerabilities, and relevant mitigation strategies, from several perspectives, including the input environment used to(More)