*** has been widely-used as an event-driven server-side architecture. To improve performance, a task in a *** application is usually divided into a group of events, which are non-deterministically scheduled by ***. De...
详细信息
ISBN:
(纸本)9781728108698
*** has been widely-used as an event-driven server-side architecture. To improve performance, a task in a *** application is usually divided into a group of events, which are non-deterministically scheduled by ***. Developers may assume that the group of events (named atomic event group) should be atomically processed, without interruption. However, the atomicity of an atomic event group is not guaranteed by ***, and thus other events may interrupt the execution of the atomic event group, break down the atomicity and cause unexpected results. Existing approaches mainly focus on event race among two events, and cannot detect high-level atomicity violations among a group of events. In this paper, we propose nodeAV, which can predictively detect atomicity violations in *** applications based on an execution trace. Based on happens-before relations among events in an execution trace, we automatically identify a pair of events that should be atomically processed, and use predefined atomicity violation patterns to detect atomicity violations. We have evaluated nodeAV on real-world *** applications. The experimental results show that nodeAV can effectively detect atomicity violations in these *** applications.
In today's world, data is one of the most important assets than any other. Every user wants to secure their data from the outer world. Blockchain is the prominent technology that can provide the security and loyal...
详细信息
ISBN:
(纸本)9781728158754
In today's world, data is one of the most important assets than any other. Every user wants to secure their data from the outer world. Blockchain is the prominent technology that can provide the security and loyalty of data. Initially, blockchain has been used for the cryptocurrency and all the data were available on the public distributed ledger. But now a days, private Blockchain is widely used within the organizations for data security. Blockchain engenders decentralized systems in which data can be send and receive securely and efficiently over the network. It means there is everything is hidden from the outer world;only authorized users have the authority to read and write the data on the network. World's topmost industries;like Walmart, IBM, Google, etc. are adopting the blockchain technology to build the Decentralized Applications (DApps). Decentralized Applications are the smart systems that are executed on a distributed computer network. Blockchain enables one of the most secure applications called Smart Contract. Smart Contracts are the computerized and secured distributed ledgers that enable secure, transparent, and tamper-proof transactions. Smart contracts create and verify the data with the help of hashing. It is a mathematical procedure that uses the most powerful algorithm cryptographic Hash Algorithm i.e. SHA-256. It engenders 256-bit signature for the input text. Ethereum Blockchain Platform is a widely used platform to build the DApps. This platform is a public network platform, which is open to all and anyone can participate in this network to send and receives the transactions. Blockchain Technology is enabled in every sector like marketing, business, education and supply chain, etc. This paper carries out the study Ethereum Blockchain Platform in Education System. We have developed an application for the Online-Examination System using Blockchain Ethereum Platform with features of Smart Contracts that enables server runtime environment nodejs a
The paper discusses some features of the client and server implementation of a web application for visualization, analysis, and processing of spatial-temporal data using the react JavaScript library and the organizati...
详细信息
The existing methods of difference analysis cannot cope with event-driven codewell, since they explore only the input space for program input like integers and strings, but do not explore the event space for all possi...
详细信息
ISBN:
(纸本)9781450381048
The existing methods of difference analysis cannot cope with event-driven codewell, since they explore only the input space for program input like integers and strings, but do not explore the event space for all possible event sequences. This paper proposes a novel heuristic, as well as a tool called Diverjs, for performing difference analysis that copes well with both the input space and event space. To efficiently explore huge space, Diverjs prunes redundant event sequences based on Dynamic Partial Order Reduction (DPOR). Diverjs also stochastically switches two exploration heuristics: (1) one aims to increase code coverage, using shared variable information, derived from Write-Read (WR) set and dynamic taint analysis, (2) the other aims to guide the execution to the location of code changes, using the distance between the branch to be negated and the change. We conducted a preliminary experiment to evaluate the detection accuracy of program behavioral differences, and the efficiency of exploration by the number of paths. The result shows Diverjs outperformed the existing methods;Diverjs detected the differences with higher detection accuracy in fewer paths, which suggests our Diverjs's difference analysis is effective and efficient.
*** provides the ability to write JavaScript programs for the server-side and has become a popular language for developing web applications. *** allows direct access to the underlying filesystem, operating system reso...
详细信息
ISBN:
(纸本)9781450355728
*** provides the ability to write JavaScript programs for the server-side and has become a popular language for developing web applications. *** allows direct access to the underlying filesystem, operating system resources, and databases, but does not provide any security mechanism such as sandboxing of untrusted code, and injection vulnerabilities are now commonly reported in *** modules. Existing static dataflow analysis techniques do not scale to *** applications to find injection vulnerabilities because small *** web applications typically depend on many third-party modules. We present a new feedback-driven static analysis that scales well to detect injection vulnerabilities in *** applications. The key idea behind our new technique is that not all third-party modules need to be analyzed to detect an injection vulnerability. Results of running our analysis, nodeST, on real-world *** applications show that the technique scales to large applications and finds previously known as well as new vulnerabilities. In particular, nodeST finds 63 true positive taint flows in a set of our benchmarks, whereas a state-of-the-art static analysis reports 3 only. Moreover, our analysis scales to Express, the most popular *** web framework, and reports non-trivial injection vulnerabilities.
暂无评论