To overcome the scaling and performance limitations, the Directed Acyclic Graph (DAG) is utilized as the underlying storage model of blockchain systems, which enables concurrent transaction processing and confirmation...
To overcome the scaling and performance limitations, the Directed Acyclic Graph (DAG) is utilized as the underlying storage model of blockchain systems, which enables concurrent transaction processing and confirmation. However, accompanied by high performance, DAG-based blockchains still suffer from the severe challenge of constrained storage scalability, i.e., expensive storage overhead. Based on an in-depth analysis of the data, we discover that the root cause of storage overhead stems from the considerable data redundancy in the DAG-based blockchains. In this paper, we propose GeckoDAG, a lightweight DAG-based blockchain, whose design consists of two steps. First, we abstract a storage model named Basic from the existing DAG-based blockchain systems, which offers both high performance and security. On top of Basic, we then devise GeckoDAG, which merges previous transactions into Transaction Union (TU) and reduces the data redundancy in TU, thus lowering the storage overhead. To evaluate our design, we implement a prototype of GeckoDAG and conduct various experiments on it. The experimental results demonstrate that GeckoDAG can offer storage scalability while maintaining the security and efficiency of DAG-based blockchains.
Due to the convenience and popularity of Web applications, they have become a prime target for attackers. As the main programming language for Web applications, many methods have been proposed for detecting malicious ...
Due to the convenience and popularity of Web applications, they have become a prime target for attackers. As the main programming language for Web applications, many methods have been proposed for detecting malicious JavaScript, among which static analysis-based methods play an important role because of their high effectiveness and efficiency. However, obfuscation techniques are commonly used in JavaScript, which makes the features extracted by static analysis contain many useless and disguised features, leading to many false positives and false negatives in detection results. In this paper, we propose a novel method to find out the essential features related to the semantics of JavaScript code. Specifically, we develop JS-Revealer, a robust, effective, scalable, and interpretable detector for malicious JavaScript. To test the capabilities of JSRevealer, we conduct comparative experiments with four other state-of-the-art malicious JavaScript detection tools. The experimental results show that JSRevealer has an average F1 of 84.8% on the data obfuscated by different obfuscators, which is 21.6%, 22.3%, 18.7%, and 22.9% higher than the tools CUJO, ZOZZLE, JAST, and JSTAP, respectively. Moreover, the detection results of JSRevealer can be interpreted, which can provide meaningful insights for further security research.
Segment Anything Model (SAM) has recently gained much attention for its outstanding generalization to unseen data and tasks. Despite its promising prospect, the vulnerabilities of SAM, especially to universal adversar...
详细信息
Processing-in-memory (PIM) is promising to solve the well-known data movement challenge by performing in-situ computations near the data. Leveraging PIM features is pretty profitable to boost the energy efficiency of ...
详细信息
Processing-in-memory (PIM) is promising to solve the well-known data movement challenge by performing in-situ computations near the data. Leveraging PIM features is pretty profitable to boost the energy efficiency of applications. Early studies mainly focus on improving the programmability for computation offloading on PIM architectures. They lack a comprehensive analysis of computation locality and hence fail to accelerate a wide variety of applications. In this paper, we present a general-purpose instruction-level offloading technique for near-DRAM PIM architectures, namely IOTPIM, to exploit PIM features comprehensively. IOTPIM is novel with two technical advances: 1) a new instruction offloading policy that fully considers the locality of the whole on-chip cache hierarchy, and 2) an offloading performance benefit prediction model that directly predicts offloading performance benefits of an instruction based on the input dataset characterizes, preserving low analysis overheads. The evaluation demonstrates that IOTPIM can be applied to accelerate a wide variety of applications, including graph processing, machine learning, and image processing. IOT-PIM outperforms the state-of-the-art PIM offloading techniques by 1.28×-1.51× while ensuring offloading accuracy as high as 91.89% on average.
Deep neural networks (DNNs) have been widely adopted for various mobile inference tasks, yet their ever-increasing computational demands are hindering their deployment on resource-constrained mobile devices. Hybrid de...
详细信息
As software engineering advances and the code demand rises, the prevalence of code clones has increased. This phenomenon poses risks like vulnerability propagation, underscoring the growing importance of code clone de...
详细信息
ISBN:
(数字)9798400702174
ISBN:
(纸本)9798350382143
As software engineering advances and the code demand rises, the prevalence of code clones has increased. This phenomenon poses risks like vulnerability propagation, underscoring the growing importance of code clone detection techniques. While numerous code clone detection methods have been proposed, they often fall short in real-world code environments. They either struggle to identify code clones effectively or demand substantial time and computational resources to handle complex clones. This paper introduces a code clone detection method namely Toma using tokens and machine learning. Specifically, we extract token type sequences and employ six similarity calculation methods to generate feature vectors. These vectors are then input into a trained machine learning model for classification. To evaluate the effectiveness and scalability of Toma, we conduct experiments on the widely used BigCloneBench dataset. Results show that our tool outperforms token-based code clone detectors and most tree-based clone detectors, demonstrating high effectiveness and significant time savings.
Software systems often encounter various errors or exceptions in practice, and thus proper error handling code is essential to ensure the reliability of software systems. Unfortunately, error handling code is often bu...
详细信息
ISBN:
(数字)9798350330663
ISBN:
(纸本)9798350330670
Software systems often encounter various errors or exceptions in practice, and thus proper error handling code is essential to ensure the reliability of software systems. Unfortunately, error handling code is often bug-prone, while sufficiently testing them is challenging as such code often cannot be triggered under normal conditions. Motivated by this, recent studies have proposed to leverage software fault injection (SFI) based fuzzing to discover potential bugs in complicated error handling code. Despite the promising results achieved, their effectiveness and efficiency are still compromised in practice due to the huge search space of error sites, inadequate fuzzing guidance, and the overhead induced by context-sensitive SFI. To achieve effective and efficient testing of error handling code, this study presents AFL-FI, which first utilizes a similarity-based method to identify suspicious error sites, and then incorporates the idea of error site coverage to guide the fuzzing process. Finally, the design of lightweight context-sensitive SFI enables AFL-FI to execute test cases efficiently. We evaluate AFL-FI on eight large-scale open-source projects, and the results show that it can outperform existing state-of-the-art fuzzing tools significantly in terms of branch code coverage. More importantly, AFL-FI has discovered 13 previously unknown bugs, and all of them have been confirmed while 12 of them have been fixed. Besides, our evaluation also demonstrates that all the key designs of AFL- F I are effective that contribute significantly to its overall performance.
Existing streaming graph processing systems typically adopt two phases of refinement and recomputation to ensure the correctness of the incremental computation. However, severe redundant memory accesses exist due to t...
详细信息
ISBN:
(纸本)9781665454452
Existing streaming graph processing systems typically adopt two phases of refinement and recomputation to ensure the correctness of the incremental computation. However, severe redundant memory accesses exist due to the unnecessary synchronization among independent edge updates. In this paper, we present GraphFly, a high-performance asynchronous streaming graph processing system based on dependency-flows. GraphFly features three key designs: 1) Dependency trees (D-trees), which helps quickly identify independent graph updates with low cost; 2) Dependency-flow based processing model, which exploits the space-time dependent co-scheduling for cache efficiency; 3) Specialized graph data layout, which further reduces memory accesses. We evaluate GraphFly, and the results show that GraphFly significantly outperforms state-of-the-art systems KickStarter and GraphBolt by 5.81× and 1.78× on average, respectively. Also, GraphFly scales well with different sizes of update batch and compute resources.
In the medical realm, the pivotal role of pathological Whole Slide Images (WSIs) in detecting cancer, tracking disease progression, and evaluating treatment efficacy is indisputable. Nevertheless, the identification a...
In the medical realm, the pivotal role of pathological Whole Slide Images (WSIs) in detecting cancer, tracking disease progression, and evaluating treatment efficacy is indisputable. Nevertheless, the identification and quantification of lesion areas in these gigapixel WSIs present a significant challenge due to their substantial size and the intricate details of lesions. To address these issues, we developed a novel multi-resolution and multi-scale cross fusion network (M 2 CF-Net), adept at managing large-scale pathological WSIs and capturing both fine details and context. Our model particularly focuses on segmenting local lymphocyte infiltration lesions in pathological WSIs of patients diagnosed with primary Sjogren's syndrome. By employing a patch-based training approach and combining interconnected elements via a multi-scale fusion technique, we enhance our model's capacity to detect and analyze structures and features in minor salivary gland section WSIs. Extensive experiments and ablation studies conducted on real-world clinical datasets affirm our model's superior accuracy in identifying lymphocyte-infiltrated regions over state-of-the-art models, with a performance improvement of up to 4.32% in terms of the Dice Similarity Coefficient.
Vulnerability detection is crucial for ensuring the security and reliability of software systems. Recently, Graph Neural Networks (GNNs) have emerged as a prominent code embedding approach for vulnerability detection,...
详细信息
暂无评论