Dr. Yang's research includes secure software engineering, software security, secure code analysis and visualization, source code visualization, learning analytics, cyber security education, and computer science education.
Secure Code Analysis
To design and build a Secure Code Analyzer in a Cloud-Based Object-Oriented Programming Environment for
a) detecting data leaks of private information in code,
b) alerting programmers to those leaks to capture the source of leaks while coding,
c) visualizing data flow graphs of leaks from a source to destinations affected by the leak in the code,
d) guiding secure coding with compliant code examples for secure software development
To increase program comprehension and overcome learning obstacles of Object-Oriented Programming (OOP), this research develops a cloud-based programming environment, JaguarCode, which supports Java programming along with UML diagrams (class, object, and sequence) and execution traces of programs. JaguarCode uses an approach to integrate the structural and behavioral aspects of OOP in a platform-independent environment. It provides a synchronized static and dynamic visualization of Java programs at line level and a full overview of a project under development. It aims to help students better understand the static structure and dynamic behavior of the programs, as well as object-oriented design concepts.