检索结果-内蒙古大学图书馆

44th ACM/IEEE International Conference on Software Engineering, ICSE 2024

作者： Li, Zhen Wang, Ning Zou, Deqing Li, Yating Zhang, Ruqian Xu, Shouhuai Zhang, Chao Jin, Hai Hubei Key Laboratory of Distributed System Security Hubei Engineering Research Center on Big Data Security Cluster and Grid Computing Lab National Engineering Research Center for Big Data Technology and System Services Computing Technology and System Lab Hong Kong Jin YinHu Laboratory Wuhan China School of Cyber Science and Engineering Huazhong University of Science and Technology Wuhan China University of Colorado Colorado Springs Department of Computer Science Colorado Springs Colorado United States Institute for Network Sciences and Cyberspace Tsinghua University Beijing China School of Computer Science and Technology Huazhong University of Science and Technology Wuhan China

ISBN: (纸本)9798400702174

Software vulnerabilities are a major cyber threat and it is important to detect them. One important approach to detecting vulnerabilities is to use deep learning while treating a program function as a whole, known as function-level vulnerability detectors. However, the limitation of this approach is not understood. In this paper, we investigate its limitation in detecting one class of vulnerabilities known as inter-procedural vulnerabilities, where the to-be-patched statements and the vulnerability-triggering statements belong to different functions. For this purpose, we create the first Inter -Procedural Vulnerability Dataset (InterPVD) based on C/C++ open-source software, and we propose a tool dubbed VulTrigger for identifying vulnerability-triggering statements across functions. Experimental results show that VulTrigger can effectively identify vulnerability-triggering statements and inter-procedural vulnerabilities. Our findings include: (i) inter-procedural vulnerabilities are prevalent with an average of 2.8 inter-procedural layers;and (ii) function-level vulner-ability detectors are much less effective in detecting to-be-patched functions of inter-procedural vulnerabilities than detecting their counterparts of intra-procedural vulnerabilities. © 2024 ACM.

关键词： Open source software

来源：评论

学校读者我要写书评

暂无评论

$k$k-TEVS: A $ k$k-Times E-Voting Scheme on Blockchain With Supervision

引用

IEEE Transactions on Dependable and Secure computing 2024年第3期22卷 2326-2337页

作者： Yang Liu Debiao He Min Luo Lianhai Wang Cong Peng School of Cyber Science and Engineering Wuhan University Wuhan China Institute of Information Technology Shenzhen Institute of Information Technology Shenzhen China Key Laboratory of Computing Power Network and Information Security Ministry of Education Shandong Computer Science Center Qilu University of Technology (Shandong Academy of Sciences) Jinan China Shanghai Technology Innovation Centre of Distributed Privacy-Preserving Artificial Intelligence Matrix Elements Technologies Shanghai China Shandong Provincial Key Laboratory of Industrial Network and Information System Security Shandong Fundamental Research Center for Computer Science Jinan China

The e-vote is regarded as a way to express the opinion that the voters ask for. Actually, the e-vote could be applied wildly like questionnaire, survey and feedback. Moreover, the coexistences of efficiency and security as well as transparency and privacy could be considered as building blocks in the e-vote system. The blockchain could provide a public access board to reduce the storage costs for the field consisted of the vote group manager (GM) with its vote assistants (VA). Particularly the $k$ -times anonymous authentication ( $k$ -TAA) could also be a practical approach to preserve voters’ privacy and reduce the computation costs during the vote process. However, the e-vote scheme with pure $k$ -TAA strategy could damage either the supervision of voting or the efficiency and consistency of authentication process. What’s more, the impacts of dishonest voters couldn’t be stopped until the vote end. To tackle these problems, we apply the accumulator technology to add or revoke the voters at any time and extend the framework of $k$ -TAA with the update process for the e-vote on blockchain for supervision ( $ k$ -TEVS). In our scheme, the voter updates his membership witness and proves the fact that he is still a valid member with respective VA under the latest accumulator value. What’s more, this witness update operation is not contained in the authentication process, which means that the authentication process is still constant and efficient. Moreover, our add or delete update process with signature of knowledge needs only one pairing operation. For the security, we prove that the relaxed anonymity still holds in the $ k$ -TEVS framework. Finally, We implement $ k$ -TEVS scheme, the Emura’s work [1] and the Huang’s work [2] for comparison. Then we make time cost and communication cost experiments, which present the feasibility and practicality of this scheme.

关键词： Blockchains Authentication Costs Protocols Security Privacy Surveys Electronic voting Computer science Information security

来源：评论

学校读者我要写书评

暂无评论

On the Effectiveness of Function-Level Vulnerability Detectors for Inter-Procedural Vulnerabilities

On the Effectiveness of Function-Level Vulnerability Detecto...

引用

International Conference on Software Engineering (ICSE)

作者： Zhen Li Ning Wang Deqing Zou Yating Li Ruqian Zhang Shouhuai Xu Chao Zhang Hai Jin National Engineering Research Center for Big Data Technology and System Services Computing Technology and System Lab Hubei Key Laboratory of Distributed System Security Hubei Engineering Research Center on Big Data Security Cluster and Grid Computing Lab School of Cyber Science and Engineering Huazhong University of Science and Technology Wuhan China Jin YinHu Laboratory Wuhan China Department of Computer Science University of Colorado Colorado Springs Colorado Springs Colorado USA Institute for Network Sciences and Cyberspace Tsinghua University Beijing China School of Computer Science and Technology Huazhong University of Science and Technology Wuhan China

ISBN: (数字)9798400702174

ISBN: (纸本)9798350382143

Software vulnerabilities are a major cyber threat and it is important to detect them. One important approach to detecting vulnerabilities is to use deep learning while treating a program function as a whole, known as function-level vulnerability detectors. However, the limitation of this approach is not understood. In this paper, we investigate its limitation in detecting one class of vulnerabilities known as inter-procedural vulnerabilities, where the to-be-patched statements and the vulnerability-triggering statements belong to different functions. For this purpose, we create the first Inter -Procedural Vulnerability Dataset (InterPVD) based on C/C++ open-source software, and we propose a tool dubbed VulTrigger for identifying vulnerability-triggering statements across functions. Experimental results show that VulTrigger can effectively identify vulnerability-triggering statements and inter-procedural vulnerabilities. Our findings include: (i) inter-procedural vulnerabilities are prevalent with an average of 2.8 inter-procedural layers; and (ii) function-level vulner-ability detectors are much less effective in detecting to-be-patched functions of inter-procedural vulnerabilities than detecting their counterparts of intra-procedural vulnerabilities.

关键词： Deep learning Detectors Open source software Software engineering

来源：评论

学校读者我要写书评

暂无评论

On the Effectiveness of Function-Level Vulnerability Detectors for Inter-Procedural Vulnerabilities

arXiv

引用

arXiv 2024年

作者： Li, Zhen Wang, Ning Zou, Deqing Li, Yating Zhang, Ruqian Xu, Shouhuai Zhang, Chao Jin, Hai School of Cyber Science and Engineering Huazhong University of Science and Technology Wuhan China Department of Computer Science University of Colorado Colorado Springs Colorado SpringsCO United States Institute for Network Sciences and Cyberspace Tsinghua University Beijing China School of Computer Science and Technology Huazhong University of Science and Technology Wuhan China National Engineering Research Center for Big Data Technology and System Services Computing Technology and System Lab Hubei Key Laboratory of Distributed System Security Hubei Engineering Research Center on Big Data Security Cluster and Grid Computing Lab China JinYinHu Laboratory Wuhan China

Software vulnerabilities are a major cyber threat and it is important to detect them. One important approach to detecting vulnerabilities is to use deep learning while treating a program function as a whole, known as function-level vulnerability detectors. However, the limitation of this approach is not understood. In this paper, we investigate its limitation in detecting one class of vulnerabilities known as inter-procedural vulnerabilities, where the to-be-patched statements and the vulnerability-triggering statements belong to different functions. For this purpose, we create the first Inter-Procedural Vulnerability Dataset (InterPVD) based on C/C++ open-source software, and we propose a tool dubbed VulTrigger for identifying vulnerability-triggering statements across functions. Experimental results show that VulTrigger can effectively identify vulnerability-triggering statements and inter-procedural vulnerabilities. Our findings include: (i) inter-procedural vulnerabilities are prevalent with an average of 2.8 inter-procedural layers;and (ii) function-level vulnerability detectors are much less effective in detecting to-be-patched functions of inter-procedural vulnerabilities than detecting their counterparts of intra-procedural vulnerabilities. Copyright © 2024, The Authors. All rights reserved.

关键词： Open source software

来源：评论

学校读者我要写书评

暂无评论

arXiv

引用

arXiv 2024年

作者： Ren, Yingying Li, Qiuli Guo, Yangyang Pedrycz, Witold Xing, Lining Liu, Anfeng Song, Yanjie School of Computer Electronics and Information Guangxi University Nanning China Guangxi Key Laboratory of Multimedia Communications and Network Technology China Key Laboratory of Parallel Distributed and Intelligent Computing Guangxi University China School of Systems Science Beijing Jiaotong University Beijing China Department of Electrical and Computer Engineering University of Alberta Edmonton Canada Systems Research Institute Polish Academy of Sciences Poland Faculty of Engineering and Natural Sciences Department of Computer Engineering Sariyer Istanbul Turkey School of Electronic Engineering Xidian University Xian China School of Electronic Engineering Central South University Changsha China National Engineering Research Center of Maritime Navigation System Dalian Maritime University Dalian China

With the rapid development of the satellite industry, the information transmission network based on communication satellites has gradually become a major and important part of the future satellite ground integration network. However, the low transmission efficiency of the satellite data relay back mission has become a problem that is currently constraining the construction of the system and needs to be solved urgently. Effectively planning the task of satellite ground networking by reasonably scheduling resources is crucial for the efficient transmission of task data. In this paper, we hope to provide a task execution scheme that maximizes the profit of the networking task for satellite ground network planning considering feeding mode (SGNPFM). To solve the SGNPFM problem, a mixed-integer planning model with the objective of maximizing the gain of the link-building task is constructed, which considers various constraints of the satellite in the feed-switching mode. Based on the problem characteristics, we propose a distance similarity-based genetic optimization algorithm (DSGA), which considers the state characteristics between the tasks and introduces a weighted Euclidean distance method to determine the similarity between the tasks. To obtain more high-quality solutions, different similarity evaluation methods are designed to assist the algorithm in intelligently screening individuals. The DSGAalso uses an adaptive crossover strategy based on similarity mechanism, which guides the algorithm to achieve efficient population search. In addition, a task scheduling algorithm considering the feed-switching mode is designed for decoding the algorithm to generate a highquality scheme. The results of simulation experiments show that the DSGA can effectively solve the SGNPFM problem. Compared to other algorithms, the proposed algorithm not only obtains higher quality planning schemes but also has faster algorithm convergence speed. The proposed algorithm improves data trans

关键词： Profitability

来源：评论

学校读者我要写书评

暂无评论

Threshold signature scheme based on non-interactive Diffie-Hellman signature

Threshold signature scheme based on non-interactive Diffie-H...

引用

1st International Conference on networking and distributed computing, ICNDC 2010

作者： Wang, Xiuqun Huang, Lican Key Laboratory for Information System Security Ministry of Education Tsinghua University and Beijing Certification Authority Beijing China Institute of Network and Distributed Computing Zhejiang Sci-Tech University Hangzhou China

ISBN: (纸本)9780769542072

We present a threshold signature based on non-interactive Diffie-Hellman signature. It works in asynchronous communication system and can tolerate Byzantine faults with optimal resiliencen ≥ 3t + 1, where n is the number of the participants and t is the number of the fault participants. The security of this scheme bases on discrete logarithm intractability assumption. We give the security analysis of our proposed threshold signature scheme. © 2010 IEEE.

关键词： Authentication

来源：评论

学校读者我要写书评

暂无评论

Threshold Signature Scheme Based on Non-internative Diffie-Hellman Signature

Threshold Signature Scheme Based on Non-internative Diffie-H...

引用

International Conference on networking and distributed computing (ICNDC)

作者： Xiuqun Wang Lican Huang Key Laboratory of Information System Security Ministry of Education Tsinghua University Beijing China Institute of Network and Distributed Computing Zhejiang Science and Technology University Hangzhou China

We present a threshold signature based on non-internative Diffie-Hellman signature. It works in asynchronous communication system and can tolerate Byzantine faults with optimal resilience n ≥ = 3t + 1, where n is the number of the participants and t is the number of the fault participants. The security of this scheme bases on discrete logarithm intractability assumption. We give the security analysis of our proposed threshold signature scheme.

关键词： Polynomials Protocols Public key Interpolation Robustness

来源：评论

学校读者我要写书评

暂无评论

A Lightweight execution framework for massive independent tasks

A Lightweight execution framework for massive independent ta...

引用

2008 Workshop on Many-Task computing on Grids and Supercomputers, MTAGS 2008

作者： Hui, Li Huashan, Yu Xiaoming, Li Shenzhen Graduate School of Peking University Shenzhen Guangdong 518055 P.R. China Institute of Network Computing and Distributed System Peking University Beijing 100871 P.R. China State Key Laboratory of Advanced Optical Communication and Network Peking University Beijing 100871 P.R. China

ISBN: (纸本)9781424428724

This paper presents a lightweight framework for executing many independent tasks efficiently on grids of heterogeneous computational nodes. It dynamically groups tasks of different granularities and dispatches the groups onto distributed computational resources concurrently. Three strategies have been devised to improve the efficiency of computation and resource utilization. One strategy is to pack up to thousands of tasks into one request. Another is to share the effort in resource discovery and allocation among requests by separating resource allocations from request submissions. The third strategy is to pack variable numbers of tasks into different requests, where the task number is a function of the destination resource's computability. This framework has been implemented in Gracie, a computational grid software platform developed by Peking University, and used for executing bioinformatics tasks. We describe its architecture, evaluate its strategies, and compare its performance with GRAM. Analyzing the experiment results, we found that Gracie outperforms GRAM significantly for execution of sets of small tasks, which is aligned with the intuitive advantage of our approaches built in Gracie.

关键词： Resource management distributed computing Grid computing Bioinformatics Processor scheduling Computer networks Optical computing Supercomputers Parallel processing Laboratories

来源：评论

学校读者我要写书评

暂无评论

建议与咨询留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

时间限定

文献类型

馆藏选择

核心期刊

语言

文献类型

帮助

文字说明：

检索规则说明：

检索范例：

分类表

所选分类

限定检索结果

文献类型

馆藏范围

日期分布

学科分类号

主题

机构

作者

语言

请选择保存的检索档案：

请选择收藏分类：

通借通还

建议与咨询 留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

时间限定

文献类型

馆藏选择

核心期刊

语言

文献类型

帮助

文字说明：

检索规则说明：

检索范例：

分类表

所选分类

限定检索结果

文献类型

馆藏范围

日期分布

学科分类号

主题

机构

作者

语言

请选择保存的检索档案： 新增检索档案 确定 取消

请选择收藏分类： 新增自定义分类 确定 取消

通借通还

建议与咨询留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

请选择保存的检索档案：

请选择收藏分类：