Why you'll love Mint.com:
* Easy --set up in minutes
* All your accounts in one place
* Alerts for bills, fees, budgets, and low balances
* Personalized savings
* Complete security and privacy
View >>
Introduction to Neural Networks
Humans can learn a lot from nature. In fact, many inventions and technological advances are inspired by biology. One idea inspired by biological nervous systems is the artificial neural network (ANN), often referred to as just a neural network (NN). A neural network consists of many processing nodes, or neurons, interconnected with varying connection strength. To understand what makes up a neural network, let’s look at a biological neuron.
The soma, often referred to as the cell body, receives information from other cells via many dendrites. The electrical impulses are then summed together upon arrival. If the summed electrochemical signals entering the neuron are of great enough magnitude, the neuron becomes active and fires signals down the axon. The axon is the transmission in which signals travel. The electrical impulses then reach the axon terminals where neurotransmitters and chemicals are release across the synapse, a small gap between the sending (presynaptic) and receiving (postsynaptic) membrane.
Neural networks attempt to communicate and process information in the same manner that biological networks do. An artificial neuron, or node, mimics the processing of a biological neuron. Information is received from many input sources and summed. If the summed total of the input is at or beyond the active threshold, then the neuron becomes active. Otherwise, the neuron is inactive. This artificial neuron behaves similar to biological neurons when processing information.
Neural networks are comprised of many neurons formed into interconnected layers. In a simple feed-forward network, you will typically see 3 layers of neurons. The first layer is the input layer. As the name suggests, this starting layer receives the initial input data to be fed into the network for processing. The next layer is the hidden layer. There can be one or more hidden layers in a neural network. The hidden layer gets its name based on the fact that it is only receiving and sending to and from other nodes, and its input and output are not read directly. Quite simply, the hidden layer is “sandwiched” between the input layer, and our last layer – the output layer. This last layer receives the data from the hidden layer and the state of each neuron acts as the result set from our input data fed into the input layer. Let’s have a look at what a simple three-layer neural network could look like.
Notice how each node in the input layer connects to every node in the hidden layer, and the same for each node in the hidden layer connecting to the every node in the output layer. You can see the node sets i, j, and y, but what about the w’s? Those represent the strength of the connection between each node. Every connection between two nodes has a weight. The weight determines how strong or weak the transporting signal becomes. So how does information process through a neural network? It’s not so difficult. The value of j1 can be determined by first, summing up its weighted inputs. In this case, the value weighted inputs are the value of i1 multiplied by w1, plus the value of i2 multiplied by w2, plus the value of i3 multiplied by w3.
This can be expressed mathematically as: i1w1 + i2w2 + i3w3
The same is concept can apply to any node in the network.
Given n number of inputs, we can define the weighted sum to be:
Once the weighted sum is determined, it is passed to the transfer function which determines the active or inactive status of the neuron (Typically a value of 1 for active, and 0 or -1 for inactive). The threshold function is usually a nonlinear function such as sigmoid, or step function.
A sigmoid function is characterized by its “S” shape and can be expressed as:
A step function is defined simply by: f(x) = 1 when x >= 0 and f(x) = 0 when x < 0
At this point, you should be familiar with what a neural network is, and how information is processed through from the input to the output (forward calculation). Please feel free to send me your questions or comments.
The soma, often referred to as the cell body, receives information from other cells via many dendrites. The electrical impulses are then summed together upon arrival. If the summed electrochemical signals entering the neuron are of great enough magnitude, the neuron becomes active and fires signals down the axon. The axon is the transmission in which signals travel. The electrical impulses then reach the axon terminals where neurotransmitters and chemicals are release across the synapse, a small gap between the sending (presynaptic) and receiving (postsynaptic) membrane.
Neural networks attempt to communicate and process information in the same manner that biological networks do. An artificial neuron, or node, mimics the processing of a biological neuron. Information is received from many input sources and summed. If the summed total of the input is at or beyond the active threshold, then the neuron becomes active. Otherwise, the neuron is inactive. This artificial neuron behaves similar to biological neurons when processing information.
Neural networks are comprised of many neurons formed into interconnected layers. In a simple feed-forward network, you will typically see 3 layers of neurons. The first layer is the input layer. As the name suggests, this starting layer receives the initial input data to be fed into the network for processing. The next layer is the hidden layer. There can be one or more hidden layers in a neural network. The hidden layer gets its name based on the fact that it is only receiving and sending to and from other nodes, and its input and output are not read directly. Quite simply, the hidden layer is “sandwiched” between the input layer, and our last layer – the output layer. This last layer receives the data from the hidden layer and the state of each neuron acts as the result set from our input data fed into the input layer. Let’s have a look at what a simple three-layer neural network could look like.
Notice how each node in the input layer connects to every node in the hidden layer, and the same for each node in the hidden layer connecting to the every node in the output layer. You can see the node sets i, j, and y, but what about the w’s? Those represent the strength of the connection between each node. Every connection between two nodes has a weight. The weight determines how strong or weak the transporting signal becomes. So how does information process through a neural network? It’s not so difficult. The value of j1 can be determined by first, summing up its weighted inputs. In this case, the value weighted inputs are the value of i1 multiplied by w1, plus the value of i2 multiplied by w2, plus the value of i3 multiplied by w3.
This can be expressed mathematically as: i1w1 + i2w2 + i3w3
The same is concept can apply to any node in the network.
Given n number of inputs, we can define the weighted sum to be:
Once the weighted sum is determined, it is passed to the transfer function which determines the active or inactive status of the neuron (Typically a value of 1 for active, and 0 or -1 for inactive). The threshold function is usually a nonlinear function such as sigmoid, or step function.
A sigmoid function is characterized by its “S” shape and can be expressed as:
A step function is defined simply by: f(x) = 1 when x >= 0 and f(x) = 0 when x < 0
At this point, you should be familiar with what a neural network is, and how information is processed through from the input to the output (forward calculation). Please feel free to send me your questions or comments.
De-clutter your desktop with Launchy
Do you have too many icons on your desktop? Do you have a hard time finding files, documents or pictures? Launchy can help. Launchy is an open source keystroke launcher for Windows. That means that with just a few keystrokes, you can quickly and easily locate anything on your computer, reducing the need for space-consuming icons on your desktop. To get started, visit http://www.launchy.net. Click “Download (Launchy, Skins and Plugins)”. Then click the “here” link.
Once you download and install Launchy, double click the icon to run the application. If you don’t see anything, try pressing Alt+Space to open the Launchy window.
Although optional, the first thing you’ll want to do to get the most from Launchy is to update the catalog. To do so, click the gear icon in the top right corner, or right click the Launchy window and click “Options”. Then click the catalog tab and add extra folders that you would like Launchy to index. More information on the catalog can be found in Launchy’s official documentation at http://www.launchy.net/Readme.pdf. (Note: You must have Adobe Reader to view PDF files.) Now you can bring up the Launchy window by pressing Alt+Space. Type in the name of a folder, application, or file, and Launchy will quickly display a list of likely items you’re trying to open.
Press Enter or click the item you want to open and it will launch. Now you can remove space-consuming icons from your desktop and let Launchy do the work for you!
Once you download and install Launchy, double click the icon to run the application. If you don’t see anything, try pressing Alt+Space to open the Launchy window.
Although optional, the first thing you’ll want to do to get the most from Launchy is to update the catalog. To do so, click the gear icon in the top right corner, or right click the Launchy window and click “Options”. Then click the catalog tab and add extra folders that you would like Launchy to index. More information on the catalog can be found in Launchy’s official documentation at http://www.launchy.net/Readme.pdf. (Note: You must have Adobe Reader to view PDF files.) Now you can bring up the Launchy window by pressing Alt+Space. Type in the name of a folder, application, or file, and Launchy will quickly display a list of likely items you’re trying to open.
Press Enter or click the item you want to open and it will launch. Now you can remove space-consuming icons from your desktop and let Launchy do the work for you!
Security Vulnerabilities in Your Web Application
Do you know if your web site is secure? You may be surprised to find that the answer is “No”. Developers’ coding practices can lead to many pitfalls when it come to security, and naturally so. We as programmers often think in terms of how an application “should” work, instead of how it “could” work. Especially when you have to code for last-minute requirements, or meet an upcoming deadline, security tends to be at the bottom of our priority list. First, I’ll go over the top two of the Open Web Application Security Project (OWASP) top ten vulnerabilities, and then discuss what you can do to protect against them.
The OWASP Top Ten Project can be found at their website: http://www.owasp.org/index.php/OWASP_Top_Ten_Project
The number one security vulnerability as of writing this article, is Cross-site Scripting (XSS). Cross-site scripting occurs when an attacker inserts malicious coding into a page element appears to be from a trustworthy source. When a user interacts with the element, (i.e. clicks a link or even views an image) the embedded programming is submitted as part of the browser’s request and can execute on the user's computer. For example, many forum and guestbook sites allow users to submit posts with embedded HTML and JavaScript. If someone views a post that contains malicious JavaScript, then the user can be subjected to information theft or session hijacking.
Additional common vulnerabilities are Injection Flaws. A site that accepts user input and executes commands based on some or all of that user-supplied data, is vulnerable to injection attacks. The most common form of injection is SQL injection. One form of SQL injection is when text provided by a user is inserted directly into a SQL command, which can result in elevated privileges, information theft, and information tampering. Lets imagine that an insecure website that contains a username and password login form.
The website then takes the username and password supplied by the user, and builds the SQL query string below.
SELECT * FROM Users WHERE username = ‘“ + txtUserName.Text + “’ AND password = ‘” + txtPassword.Text + ”’;
This approach does work, but what it also does is allow a malicious user to inject his own SQL into the command, and possibly gain unauthorized access. What would happen if a user entered the following into the login form?
When the form is submitted, the SQL query that gets executed would look something like this:
SELECT * FROM Users WHERE username = ‘’ OR 1=1 --’ AND password = ‘randomtext’;
This is a valid SQL query that will execute and always return true, allowing the user to gain access to the system. The “--“ command acts as a comment, which tells the SQL engine to ignore anything after it. So “’ AND password = ‘randomtext’;” is ignored.
Surprisingly, both XSS and injection flaws are easily avoidable. The easiest and most important way to protect against these types of attacks is one of my golden rules.
ALWAYS VALIDATE USER INPUT!
As a web developer, it is a mistake to trust any data coming from the browser. Data should be validated and revalidated to ensure that it cannot be used in an unsafe manner. There are two types of validation - positive validation and negative validation. Most developers would approach fixing a vulnerability by restricting the use of certain characters. In the SQL injection example, one could just eliminate the use of the apostrophe, equals sign, and hyphens. The same applies for the XSS example. One can restrict the special characters used in JavaScript. These are examples of negative validation, also known as black listing. But one problem with negative validation, is that there is still room for other special characters to make their way into the application if the developer chooses to use negative validation alone. On the other hand, one could also only allow A through Z characters into a textbox, and disallow all others, which is an example of positive validation, also known as white listing. By using positive validation, the developer specifies which characters are allowed while disallowing all others. Overall, you should always use positive validation when validating user input, or even better, use both positive and negative validation.
Another method in protecting against security vulnerabilities, particularly SQL injection attacks, is to use parameterized queries or stored procedures. In ASP .NET, Visual Studio allows developers to quickly and easily create parameterized queries for database operations. For more information on using parameterized queries, check out http://aspnet101.com/aspnet101/tutorials.aspx?id=1.
Encoding data that is displayed in the browser is also important. If special characters do make it into a field, and your application reflects that data back to the screen, it could render as code. So make sure to HTML encode your output before sending it to the screen by calling Server.HTMLEncode(String). This way, malicious code is rendered as harmless text.
It doesn’t take much to prevent many security flaws from creeping into your application. Just remember to always validate user input, HTML encode your output, and use parameterized queries or stored procedures.
Related Post: Define Your Development Team's .NET Coding Standards
The OWASP Top Ten Project can be found at their website: http://www.owasp.org/index.php/OWASP_Top_Ten_Project
The number one security vulnerability as of writing this article, is Cross-site Scripting (XSS). Cross-site scripting occurs when an attacker inserts malicious coding into a page element appears to be from a trustworthy source. When a user interacts with the element, (i.e. clicks a link or even views an image) the embedded programming is submitted as part of the browser’s request and can execute on the user's computer. For example, many forum and guestbook sites allow users to submit posts with embedded HTML and JavaScript. If someone views a post that contains malicious JavaScript, then the user can be subjected to information theft or session hijacking.
Additional common vulnerabilities are Injection Flaws. A site that accepts user input and executes commands based on some or all of that user-supplied data, is vulnerable to injection attacks. The most common form of injection is SQL injection. One form of SQL injection is when text provided by a user is inserted directly into a SQL command, which can result in elevated privileges, information theft, and information tampering. Lets imagine that an insecure website that contains a username and password login form.
The website then takes the username and password supplied by the user, and builds the SQL query string below.
SELECT * FROM Users WHERE username = ‘“ + txtUserName.Text + “’ AND password = ‘” + txtPassword.Text + ”’;
This approach does work, but what it also does is allow a malicious user to inject his own SQL into the command, and possibly gain unauthorized access. What would happen if a user entered the following into the login form?
When the form is submitted, the SQL query that gets executed would look something like this:
SELECT * FROM Users WHERE username = ‘’ OR 1=1 --’ AND password = ‘randomtext’;
This is a valid SQL query that will execute and always return true, allowing the user to gain access to the system. The “--“ command acts as a comment, which tells the SQL engine to ignore anything after it. So “’ AND password = ‘randomtext’;” is ignored.
Surprisingly, both XSS and injection flaws are easily avoidable. The easiest and most important way to protect against these types of attacks is one of my golden rules.
ALWAYS VALIDATE USER INPUT!
As a web developer, it is a mistake to trust any data coming from the browser. Data should be validated and revalidated to ensure that it cannot be used in an unsafe manner. There are two types of validation - positive validation and negative validation. Most developers would approach fixing a vulnerability by restricting the use of certain characters. In the SQL injection example, one could just eliminate the use of the apostrophe, equals sign, and hyphens. The same applies for the XSS example. One can restrict the special characters used in JavaScript. These are examples of negative validation, also known as black listing. But one problem with negative validation, is that there is still room for other special characters to make their way into the application if the developer chooses to use negative validation alone. On the other hand, one could also only allow A through Z characters into a textbox, and disallow all others, which is an example of positive validation, also known as white listing. By using positive validation, the developer specifies which characters are allowed while disallowing all others. Overall, you should always use positive validation when validating user input, or even better, use both positive and negative validation.
Another method in protecting against security vulnerabilities, particularly SQL injection attacks, is to use parameterized queries or stored procedures. In ASP .NET, Visual Studio allows developers to quickly and easily create parameterized queries for database operations. For more information on using parameterized queries, check out http://aspnet101.com/aspnet101/tutorials.aspx?id=1.
Encoding data that is displayed in the browser is also important. If special characters do make it into a field, and your application reflects that data back to the screen, it could render as code. So make sure to HTML encode your output before sending it to the screen by calling Server.HTMLEncode(String). This way, malicious code is rendered as harmless text.
It doesn’t take much to prevent many security flaws from creeping into your application. Just remember to always validate user input, HTML encode your output, and use parameterized queries or stored procedures.
Related Post: Define Your Development Team's .NET Coding Standards
Define Your .NET Coding Standards
These days, software development is accomplished by several developers. Many team members work on code during development, but in most cases, it is unlikely that the code is maintained by those same developers long after it is installed into production. For this and many other reasons, a good set of standards and best practices should be defined for your organization. The following standards are used by my development team and I, but feel free to adopt and change these standards and practices to best fit the needs of your organization. Also, look into what other organizations in your industry are using. Note: All code examples are in VB .NET but most can apply to C# .NET as well.
Environment
It is extremely important, when coding in .NET, to enable Option Explicit and Option strict for all projects. This forces developers to explicitly declare and type variables before they are used. The compiler will generate more efficient machine code and significantly increase application performance.
Formatting
Formatting makes the logical organization of the code obvious. Taking the time to ensure that the source code is formatted in a consistent, logical manner is helpful to you and to other developers who must decipher the source code.
- Align blocks of code using indentation.
- Keep maximum line length for comments and code to a reasonable length to avoid having to scroll the source code editor. This strategy also provides cleaner hard copy presentation.
- Use line breaks between logical blocks of code. Doing so creates "paragraphs" of code, which aid the reader in comprehending the logical segmenting of the software.
- Place the concatenation operator (“_”) at the end of each line instead of at the beginning.
- Do not use an underscore (“_”) in function names except for event handlers.
- Develop and use structured error-handling routines where applicable. This includes file IO, database operations, and network operations.
- Explicitly release object references.
- Do not use abbreviations or contractions as parts of identifier names. For example, use GetWindow instead of GetWin.
- Do not use acronyms that are not generally accepted in the computing field.
- Where appropriate, use well-known acronyms to replace lengthy phrase names. For example, use UI for User Interface and OLAP for On-line Analytical Processing.
- When using acronyms, use Pascal case or camel case for acronyms more than two characters long. For example, use HtmlButton or htmlButton. However, you should capitalize acronyms that consist of only two characters, such as System.IO instead of System.Io.
- When writing SQL statements, use all uppercase for keywords and mixed case for database elements, such as tables, columns, and views.
- Put each major SQL clause on a separate line so that statements are easier to read and edit.
Variables
Good variable naming standards and practices is vital in creating code that is easily understood and maintained. In most situations, the developer working with code is not the developer who originally wrote it. There are three naming standards that you should be aware of:
Pascal case
The first letter in the identifier and the first letter of each subsequent concatenated word are capitalized. You can use Pascal case for identifiers of three or more characters. For example
Camel case
The first letter of an identifier is lowercase and the first letter of each subsequent concatenated word is capitalized. For example:
Uppercase
All letters in the identifier are capitalized. Use this convention only for identifiers that consist of two or fewer letters. For example:
Refer to these capitalization styles for the variable naming standards below.
- Keep the scope of variables as small as possible to avoid confusion and to ensure maintainability.
- Use Camel case for local variables and parameters
- Use Pascal case for namespaces, properties, enumerated values, classes, events, methods and functions.
- Use the prefixes below for visual objects used on your forms. This lets you and other developers know what object type you are working with, and aids in readability and understanding of your code. For client-side objects, declared variables, and visual objects that are not used such as static labels, no prefix is necessary.
LBL - Label
GRD or GRID - GridView
TXT - Textbox
DL - DataList
CMD or BUT - Button
DTL - DetailsList
CMD or BUT - LinkButton
FMV - FormView
CMD or BUT - ImageButton
REP - Repeater
LNK - HyperLink
DS - SqlDataSource
CMB or DDL - DropDownList
DS - AccessDataSource
LST - ListBox
DS - ObjectDataSource
CHK - Checkbox
DS - XmlDataSource
CHK - CheckboxList
DS - SiteMapDataSource
OPT - RadioButton
RTV - ReportViewer
OPT - RadioButtonList
IMG - Image
IMG - ImageMap
TBL - Table
UOL - BulletedList
HID - HiddenField
LIT - Literal
CAL - Calendar
AD - AdRotator
FUL - FileUpload
WIZ - Wizard
XML - XML
MLV - MultiView
PNL - Panel
PLH - PlaceHolder
VIEW - View
SUB - Substitution
LOC - Localize
SQL
Using a naming standard and good practices for the SQL statements in your project will make your queries easier to read and understand, which will make the underlying dataset and relevant code easier to understand as well.
- Capitalize keywords.
- Never use “SELECT *”
- Do not use prefixes for database objects. For example, use Employee instead of tblEmployee.
- Database object names should be singular. For example, name a table “Order” instead of “Orders”.
- When creating a SQL query in your code, put each statement on a separate line.
- Avoid using reserved keywords for database object or field names. You can use the SQL Reserved Words Checker located at http://www.petefreitag.com/tools/sql_reserved_words_checker to make sure.
Getting Out of Debt on Your Own
I’m no financial expert, but if you’re one of many people who have credit card debt, you could be heading down the wrong financial path. In my opinion, no one should ever have to use a credit card. Simply put, if you can’t afford it, don’t buy it! For larger purchases, it is better to save up for what you want than to finance it. The first important step in the right financial direction is always to pay off all credit card debt.
So what’s the first step? Stop paying interest! Not all the money you pay on your credit card goes towards the amount you owe. In fact, interest is paid before one cent is applied to your principal balance. So the first step in getting out of credit card debt is to transfer your balance to a zero interest credit card. There are many credit card companies that offer 0% APR on balance transfers for 12 months, and that is exactly the deal you need to take advantage of. A great resource for learning your best options for transferring your credit card balance is http://www.smartbalancetransfers.com/. This site has an abundance of information to help you decide which company and plan is right for you. Even with a 3% balance transfer fee, the money you’ll save in interest is more than enough to cover the balance transfer fee.
Once you’re balance is transferred, you can start to make some real progress towards being debt-free. Forget about minimum payments. Make a budget of your income and expenses, and figure out a monthly payment that you can afford. It should be more than your minimum monthly payment. A good financial planning website is http://www.mint.com. Once you register, you can add your checking and credit card accounts to your Mint.com account. Mint will automatically download your transaction history and show you where money is coming in, and most importantly, where it is being spent.
Transferring your balance to a zero interest APR, sticking to your budget, and making regular monthly payments on your credit card that you can afford, will get you heading on your way down the right financial path to a brighter financial future.
Add Google Maps To Your Site Using ASP .NET
Embedding Google Maps into your website or blog has never been easier. If you’re unfamiliar with Google Maps, check out http://maps.google.com. With Google’s Map API, you can provide geographic data visualization using a more interactive and robust interface, all for free!
Used alone, Google’s API is utilized entirely by JavaScript, which, in my opinion, can be difficult to manage, and can quickly clutter up your code. Therefore, I searched for an alternative solution using ASP .NET. The solution I found is a Google Maps ASP .NET user control developed and maintained by http://en.googlemaps.subgurim.net. This user control acts as a wrapper around the Google Maps API, providing easy access to many of the features in the Google Maps API, as well as some additional features that take advantage of the ASP .NET data source objects. All of this is contained in one user control, and best of all, not a single line of JavaScript is needed!
To get started using the Google Maps API along with the GoogleMaps.Subgurim.NET user control, you first have to visit the Google Maps API site at http://code.google.com/apis/maps, and sign up to receive a Google Maps API key. When signing up, keep the following in mind:
- You must have a Google Account to get a Maps API key, and your API key will be connected to your Google Account. If you don’t have one, create one here: https://www.google.com/accounts/NewAccount.
- The key is only valid for the web address you specify, and you must abide by Google’s terms and conditions.
Once you have obtained your key, visit the home of the GoogleMaps.Subgurim.NET user control at http://en.googlemaps.subgurim.net. Downloading the control is free and no registration is necessary. The best thing about this control is the supporting documentation and forums available to assist developers of all experience levels. Once you download the .zip file, do the following:
- Copy the GMaps.dll file into your application’s “bin” directory.
- Add the control to the toolbox by right-clicking the toolbox; Choose Items; .NET Framework Components; Browse. Locate the GMaps.dll and select it. Click OK.
Subscribe to:
Posts (Atom)