An efficient backward execution method for AND-parallelism in logic programs is proposed. It is devised through a close examination of some relation over literals, which can be represented by paths in the data depende...
详细信息
An efficient backward execution method for AND-parallelism in logic programs is proposed. It is devised through a close examination of some relation over literals, which can be represented by paths in the data dependency graphs. The scheme is more efficient than other works in the sense that it performs less unfruitful resetting (and consequently, canceling) operations. Its rationale is also intuitively clear and natural. Furthermore, the relevant analyses needed for the proposal are largely achieved at compile time, which alludes to actual efficiency.
Automatically detecting buffer overflow vulnerabilities is an important research topic in software security. Recent studies have shown that vulnerability detection performance utilizing deep learning-based techniques ...
详细信息
Automatically detecting buffer overflow vulnerabilities is an important research topic in software security. Recent studies have shown that vulnerability detection performance utilizing deep learning-based techniques can be significantly enhanced. However, due to information loss during code representation, existing approaches cannot learn the features associated with vulnerabilities, leading to a high false negative rate (FNR) and low precision. To resolve the existing problems, we propose a method for buffer overflow vulnerability detection based on graph feature extraction (BovdGFE) in C/C++ programs. BovdGFE constructs the buffer overflow function samples. Then, we present a new representation structure, code representation sequence (CoRS), which incorporates the control flow, data dependencies, and syntax structure of the vulnerable code for reducing information loss during code representation. After the function samples are transformed into CoRS, a deep learning model is used to learn vulnerable features and perform vulnerability classification. The results of the experiments show that BovdGFE improves the precision and FNR by 6.3% and 3.9% respectively compared with state-of-the-art methods, which can significantly improve the capability of vulnerability detection.
With the continuous expansion of software applications,people’s requirements for software quality are *** defect prediction is an important technology to improve software *** often encodes the software into several f...
详细信息
With the continuous expansion of software applications,people’s requirements for software quality are *** defect prediction is an important technology to improve software *** often encodes the software into several features and applies the machine learning method to build defect prediction classifiers,which can estimate the software areas is clean or ***,the current encoding methods are mainly based on the traditional manual features or the AST of source *** manual features are difficult to reflect the deep semantics of programs,and there is a lot of noise information in AST,which affects the expression of semantic *** overcome the above deficiencies,we combined with the Convolutional Neural Networks(CNN)and proposed a novel compiler Intermediate Representation(IR)based program encoding method for software defect prediction(CIR-CNN).Specifically,our program encoding method is based on the compiler IR,which can eliminate a large amount of noise information in the syntax structure of the source code and facilitate the acquisition of more accurate semantic ***,with the help of data flow analysis,a data dependency graph(DDG)is constructed on the compiler IR,which helps to capture the deeper semantic information of the ***,we use the widely used CNN model to build a software defect prediction model,which can increase the adaptive ability of the *** evaluate the performance of the CIR-CNN,we use seven projects from PROMISE datasets to set up comparative *** experiments results show that,in WPDP,with our CIR-CNN method,the prediction accuracy was improved by 12%for the AST-encoded CNN-based model and by 20.9%for the traditional features-based LR model,*** in CPDP,the AST-encoded DBNbased model was improved by 9.1%and the traditional features-based TCA+model by 19.2%,respectively.
We present two methods for expressing computations based on recurrence relations and discuss their relative merits. One method, the structural blanks approach, is built on top of traditional programming languages like...
详细信息
The great challenge in parallel computing is to make a task of programming parallel machines easy while not sacrificing the efficiency of target code. One of the successful methodologies is to start from a high-level ...
详细信息
ISBN:
(纸本)0818680679
The great challenge in parallel computing is to make a task of programming parallel machines easy while not sacrificing the efficiency of target code. One of the successful methodologies is to start from a high-level specification of the functional behaviour of a program by applying a sequence of optimizing transformations tuned for a particular architecture to generate a specification of the operational behaviour of a parallel program. We believe that visualization is an excellent way to bring this methodology to a wider programming community. In this paper we describe an interactive visual system which integrates 3D graphics, animation, and direct manipulation techniques into parallel programming environment.
Binary analysis and software debugging are critical tools in the modern software security ecosystem. With the security arms race between attackers discovering and exploiting vulnerabilities and the development teams p...
详细信息
Binary analysis and software debugging are critical tools in the modern software security ecosystem. With the security arms race between attackers discovering and exploiting vulnerabilities and the development teams patching bugs ever-tightening, there is an immense need for more tooling to streamline the binary analysis and debugging processes. Whether attempting to find the root cause for a buffer overflow or a segmentation fault, the analysis process often involves manually tracing the movement of data throughout a program’s life cycle. Up until this point, there has not been a viable solution to the human limitation of maintaining a cohesive mental image of the intricacies of a program’s data flow. This thesis proposes a novel data dependency graph (DDG) analysis as an addition to angr’s analyses suite. This new analysis ingests a symbolic execution trace in order to generate a directed acyclic graph of the program’s data dependencies. In addition to the development of the backend logic needed to generate this graph, an angr management view to visualize the DDG was implemented. This user interface provides functionality for ancestor and descendant dependency tracing and sub-graph creation. To evaluate the analysis, a user study was conducted to measure the view’s efficacy in regards to binary analysis and software debugging. The study consisted of a control group and experimental group attempting to solve a series of 3 challenges and subsequently providing feedback concerning perceived functionality and comprehensibility pertaining to the view. The results show that the view had a positive trend in relation to challenge-solving accuracy in its target domain, as participants solved 32% more challenges 21% faster when using the analysis than when using vanilla angr management.
暂无评论