Fuzzing JavaScript Environment APIs with Interdependent Function Calls

Bug prediction aims at finding source code elements in a software system that are likely to contain defects. Being aware of the most error-prone parts of the program, one can efficiently allocate the limited amount of testing and code review resources. Therefore, bug prediction can support software maintenance and evolution to a great extent. In this paper, we propose a function level JavaScript bug prediction model based on static source code metrics with the addition of a hybrid (static and dynamic) code analysis based metric of the number of incoming and outgoing function calls (HNII and HNOI). Our motivation for this is that JavaScript is a highly dynamic scripting language for which static code analysis might be very imprecise; therefore, using a purely static source code features for bug prediction might not be enough. Based on a study where we extracted 824 buggy and 1943 non-buggy functions from the publicly available BugsJS dataset for the ESLint JavaScript project, we can confirm the positive impact of hybrid code metrics on the prediction performance of the ML models. Depending on the ML algorithm, applied hyper-parameters, and target measures we consider, hybrid invocation metrics bring a 2–10% increase in model performances (i.e., precision, recall, F-measure). Interestingly, replacing static NOI and NII metrics with their hybrid counterparts HNOI and HNII in itself improves model performances; however, using them all together yields the best results.

Download Full-text

Lightweight extension of an execution environment for safer function calls in Solidity/Ethereum Virtual Machine smart contracts

2021 IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER) ◽

10.1109/saner50967.2021.00087 ◽

2021 ◽

Author(s):

Sooyeon Lee ◽

Eun-Sun Cho

Keyword(s):

Virtual Machine ◽

Smart Contracts ◽

Function Calls ◽

Execution Environment

Download Full-text

Checking type safety of foreign function calls

ACM Transactions on Programming Languages and Systems ◽

10.1145/1377492.1377493 ◽

2008 ◽

Vol 30 (4) ◽

pp. 1-63 ◽

Cited By ~ 14

Author(s):

Michael Furr ◽

Jeffrey S. Foster

Keyword(s):

Type Safety ◽

Function Calls

Download Full-text

Improving the FLORIS wind plant model for compatibility with gradient-based optimization

Wind Engineering ◽

10.1177/0309524x17722000 ◽

2017 ◽

Vol 41 (5) ◽

pp. 313-329 ◽

Cited By ~ 13

Author(s):

Jared J Thomas ◽

Pieter MO Gebraad ◽

Andrew Ning

Keyword(s):

Steady State ◽

Wind Turbine ◽

Case Studies ◽

Wind Farm ◽

Optimization Problems ◽

Algorithmic Differentiation ◽

Function Calls ◽

Gradient Based ◽

Wake Model ◽

Yaw Angle

The FLORIS (FLOw Redirection and Induction in Steady-state) model, a parametric wind turbine wake model that predicts steady-state wake characteristics based on wind turbine position and yaw angle, was developed for optimization of control settings and turbine locations. This article provides details on changes made to the FLORIS model to make the model more suitable for gradient-based optimization. Changes to the FLORIS model were made to remove discontinuities and add curvature to regions of non-physical zero gradient. Exact gradients for the FLORIS model were obtained using algorithmic differentiation. A set of three case studies demonstrate that using exact gradients with gradient-based optimization reduces the number of function calls by several orders of magnitude. The case studies also show that adding curvature improves convergence behavior, allowing gradient-based optimization algorithms used with the FLORIS model to more reliably find better solutions to wind farm optimization problems.

Download Full-text

AN EVOLUTIONARY ALGORITHM FOR FAST INTENSITY BASED IMAGE MATCHING BETWEEN OPTICAL AND SAR SATELLITE IMAGERY

ISPRS Annals of Photogrammetry Remote Sensing and Spatial Information Sciences ◽

10.5194/isprs-annals-iv-3-83-2018 ◽

2018 ◽

Vol IV-3 ◽

pp. 83-90 ◽

Cited By ~ 1

Author(s):

Peter Fischer ◽

Philipp Schuegraf ◽

Nina Merkle ◽

Tobias Storch

Keyword(s):

Evolutionary Algorithm ◽

Satellite Imagery ◽

Image Matching ◽

Optimal Solution ◽

Search Problem ◽

Computational Costs ◽

Radar Sensors ◽

Function Calls ◽

Point Detection ◽

Very High

This paper presents a hybrid evolutionary algorithm for fast intensity based matching between satellite imagery from SAR and very high-resolution (VHR) optical sensor systems. The precise and accurate co-registration of image time series and images of different sensors is a key task in multi-sensor image processing scenarios. The necessary preprocessing step of image matching and tie-point detection is divided into a search problem and a similarity measurement. Within this paper we evaluate the use of an evolutionary search strategy for establishing the spatial correspondence between satellite imagery of optical and radar sensors. The aim of the proposed algorithm is to decrease the computational costs during the search process by formulating the search as an optimization problem. Based upon the canonical evolutionary algorithm, the proposed algorithm is adapted for SAR/optical imagery intensity based matching. Extensions are drawn using techniques like hybridization (e.g. local search) and others to lower the number of objective function calls and refine the result. The algorithm significantely decreases the computational costs whilst finding the optimal solution in a reliable way.

Download Full-text

End-to-end automated cache-timing attack driven by Machine Learning

10.29007/nwj8 ◽

2019 ◽

Cited By ~ 1

Author(s):

Sebastien Carré ◽

Victor Dyseryn ◽

Adrien Facon ◽

Sylvain Guilley ◽

Thomas Perianin

Keyword(s):

Neural Network ◽

Language Processing ◽

Relevant Information ◽

Security Threats ◽

Cache Memories ◽

Function Calls ◽

Timing Data ◽

Timing Attack ◽

End To End ◽

Timing Attacks

Cache timing attacks are serious security threats that exploit cache memories to steal secret information.We believe that the identification of a sequence of operations from a set of cache-timing data measurements is not a trivial step when building an attack. We present a recurrent neural network model able to automatically retrieve a sequence of function calls from cache-timings. Inspired from natural language processing, our model is able to learn on partially labelled data. We use the model to unfold an end-to-end automated attack on OpenSSL ECDSA on the secp256k1 curve. Contrary to most research, we did not need human processing of the traces to retrieve relevant information.

Download Full-text

Multi-Objective Robust Optimization Under Interval Uncertainty Using Online Approximation and Constraint Cuts

Journal of Mechanical Design ◽

10.1115/1.4003918 ◽

2011 ◽

Vol 133 (6) ◽

Cited By ~ 26

Author(s):

W. Hu ◽

M. Li ◽

S. Azarm ◽

A. Almansoori

Keyword(s):

Optimization Problem ◽

Optimization Problems ◽

Computational Effort ◽

Interval Uncertainty ◽

Test Results ◽

Robust Solution ◽

Multi Objective ◽

Function Calls ◽

Level Problem ◽

Upper Level

Many engineering optimization problems are multi-objective, constrained and have uncertainty in their inputs. For such problems it is desirable to obtain solutions that are multi-objectively optimum and robust. A robust solution is one that as a result of input uncertainty has variations in its objective and constraint functions which are within an acceptable range. This paper presents a new approximation-assisted MORO (AA-MORO) technique with interval uncertainty. The technique is a significant improvement, in terms of computational effort, over previously reported MORO techniques. AA-MORO includes an upper-level problem that solves a multi-objective optimization problem whose feasible domain is iteratively restricted by constraint cuts determined by a lower-level optimization problem. AA-MORO also includes an online approximation wherein optimal solutions from the upper- and lower-level optimization problems are used to iteratively improve an approximation to the objective and constraint functions. Several examples are used to test the proposed technique. The test results show that the proposed AA-MORO reasonably approximates solutions obtained from previous MORO approaches while its computational effort, in terms of the number of function calls, is significantly reduced compared to the previous approaches.

Download Full-text