A Practical Black-box Attack on Source Code Authorship Identification Classifiers

Fuzzing is a systematic large-scale search for software vulnerabilities achieved by feeding a sequence of randomly mutated input files to the program of interest with the goal being to induce a crash. The information about inputs, software execution traces, and induced call stacks (crashes) can be used to pinpoint and fix errors in the code or exploited as a means to damage an adversary’s computer software. In black box fuzzing, the primary unit of information is the call stack: a list of nested function calls and line numbers that report what the code was executing at the time it crashed. The source code is not always available in practice, and in some situations even the function names are deliberately obfuscated (i.e., removed or given generic names). We define a topological object called the call-stack topology to capture the relationships between module names, function names and line numbers in a set of call stacks obtained via black-box fuzzing. In a proof-of-concept study, we show that structural properties of this object in combination with two elementary heuristics allow us to build a logistic regression model to predict the locations of distinct function names over a set of call stacks. We show that this model can extract function name locations with around 80% precision in data obtained from fuzzing studies of various linux programs. This has the potential to benefit software vulnerability experts by increasing their ability to read and compare call stacks more efficiently.

Download Full-text

Black-Box Testing : Analisis Kualitas Aplikasi Source Code Bank Programming

Jurnal JTIK (Jurnal Teknologi Informasi dan Komunikasi) ◽

10.35870/jtik.v5i1.148 ◽

2020 ◽

Vol 4 (2) ◽

pp. 1

Author(s):

Ismail Ismail ◽

Jalisal Efendi

Keyword(s):

Boundary Value ◽

Source Code ◽

Black Box ◽

Test Cases ◽

Value Analysis ◽

A Value ◽

Black Box Testing ◽

Support Software ◽

Further Development

The Source Code Bank Programming application that the researchers built uses Borland Delphi which functions to support software learning activities and as a reference for software developers, especially the Delphi programming language. In the process of developing Source Code Bank Programming is still in the prototype stage and further development is still being carried out so that it can be competitively competitive in the world. It is necessary to do various evaluations of the quality of the application in order to match the expectations of the user, one of which is to analyze the quality of the application using the Black-Box Testing method. Testing the Black-Box Source Code Bank Programming uses 3 methods, namely; 1) Graph-based testing, 2) Equivalence Partitioning, and 3) Boundary Value Analysis. The research results show that graph testing, equivalence partitioning, and boundary value analysis will be able to help the process of making test cases and make testing simpler, There are errors in testing and are included in the defect-list, the test results also show that the fulfillment of user needs for public users with a value 0.90, user registers/member with a value of 1.00, students with a value of 0.90, lecturers with a value of 0.82 and admin with a value of 0.84 are classified as good because the degree of value in each user module is greater than 0.8.

Download Full-text

Direct-Indirect Link Matrix

International Journal of Information Technology Project Management ◽

10.4018/ijitpm.2020100105 ◽

2020 ◽

Vol 11 (4) ◽

pp. 56-69

Author(s):

Saurabh Rawat ◽

Anushree Sah ◽

Ankur Dumka

Keyword(s):

Software Development ◽

Software Testing ◽

Source Code ◽

Black Box ◽

Test Cases ◽

Unit Testing ◽

Integration Testing ◽

Testing Technique ◽

Testing Unit ◽

Black Box Testing

Testing of software remains a fundamentally significant way to check that software behaves as required. Component-based software testing (CBST) is a crucial activity of component-based software development (CBSD) and is based on two crucial proportions: components testing by developers with the source code (e.g., system testing, integration testing, unit testing, etc.) and components testing by end users without source code (black box testing). This work proposes a black box testing technique that calculates the total number of interactions made by component-based software. This technique is helpful to identify the number of test cases for those components where availability of source code is questionable. On the basis of interaction among components, the authors draw a component-link graph and a direct-indirect-link matrix, which helps to calculate the number of interactions in component-based software.

Download Full-text

Source Code Authorship Identification Using Deep Neural Networks

Symmetry ◽

10.3390/sym12122044 ◽

2020 ◽

Vol 12 (12) ◽

pp. 2044 ◽

Cited By ~ 2

Author(s):

Anna Kurtukova ◽

Aleksandr Romanov ◽

Alexander Shelupanov

Keyword(s):

Software Engineering ◽

Programming Languages ◽

Language Processing ◽

Source Code ◽

Research Area ◽

The Public ◽

Common Basis ◽

Average Accuracy ◽

Authorship Identification ◽

Project Lifecycle

Many open-source projects are developed by the community and have a common basis. The more source code is open, the more the project is open to contributors. The possibility of accidental or deliberate use of someone else’s source code as a closed functionality in another project (even a commercial) is not excluded. This situation could create copyright disputes. Adding a plagiarism check to the project lifecycle during software engineering solves this problem. However, not all code samples for comparing can be found in the public domain. In this case, the methods of identifying the source code author can be useful. Therefore, identifying the source code author is an important problem in software engineering, and it is also a research area in symmetry. This article discusses the problem of identifying the source code author and modern methods of solving this problem. Based on the experience of researchers in the field of natural language processing (NLP), the authors propose their technique based on a hybrid neural network and demonstrate its results both for simple cases of determining the authorship of the code and for those complicated by obfuscation and using of coding standards. The results show that the author’s technique successfully solves the essential problems of analogs and can be effective even in cases where there are no obvious signs indicating authorship. The average accuracy obtained for all programming languages was 95% in the simple case and exceeded 80% in the complicated ones.

Download Full-text

Design and Realization of the Multi-Function Tower CraneBlock Box Based on ZigBee

Advanced Materials Research ◽

10.4028/www.scientific.net/amr.760-762.966 ◽

2013 ◽

Vol 760-762 ◽

pp. 966-972

Author(s):

Jian Feng Lu ◽

Ping Zhang ◽

Shu Qi Li ◽

Xu Yan ◽

Yong Tao Wang

Keyword(s):

Source Code ◽

Black Box ◽

Wireless Sensor ◽

Application Development ◽

System Parameters ◽

Module Design ◽

Tower Crane ◽

Actual Application ◽

Type Selection ◽

Development Tool

This paper introduces the design and realization of the Multi-function Tower Crane Black Box, completes the main hardware module design and type selection. With ZigBee, it constructing wireless sensor network to collect the communication among nodes and the communication between nodes and the gateway, the lower PC adopts the IAR to complete the chip CC2430 programming. The application development tool for the upper PC is C51RF - WSN - DA300, and it gives part of the source code. The system parameters acquisition is accurate, the operation is stable, and the actual application effect is good.

Download Full-text

Pengujian Black Box pada Aplikasi Perpustakaan Menggunakan Teknik Equivalence Partitions

Jurnal Teknologi Sistem Informasi dan Aplikasi ◽

10.32493/jtsi.v3i3.5343 ◽

2020 ◽

Vol 3 (3) ◽

pp. 150

Author(s):

Bayu Aji Priyaungga ◽

Dwi Bayu Aji ◽

Mukron Syahroni ◽

Nurul Tri Sukma Aji ◽

Aries Saifudin

Keyword(s):

Software Testing ◽

Source Code ◽

Black Box ◽

Test Results ◽

Black Box Testing ◽

System Errors ◽

Transaction Activities

The library application is used to help manage and document transaction activities in the library which include borrowing and repaying. Library applications must be free of errors, because if they contain errors can cause harm to providers, managers, or members of the library. To provide a guarantee that the library application is free from errors, testing needs to be done. Software testing is an activity aimed at finding and finding errors and bugs in an application, which aims to minimize the losses that occur due to system errors. In this study, the proposed library application testing is Black Box. Black Box Testing is a test based on the appearance (interface) and functions of the software itself and not from the source code of the program. Black Box Testing has several methods, one of which is Equivalence Partitions, the method we use for testing the software. Equivalence Partitions are methods that discuss valid or not entered into the software, and observe the accuracy of the input. So that the side of the error is known. The test results have proven that the library application that has been developed is error free and meets all the requirements set.

Download Full-text

TEKNIK PENGUJIAN PERANGKAT LUNAK DALAM EVALUASI SISTEM LAYANAN MANDIRI PEMANTAUAN HAJI PADA KEMENTERIAN AGAMA PROVINSI JAWA TENGAH

Simetris Jurnal Teknik Mesin Elektro dan Ilmu Komputer ◽

10.24176/simet.v9i2.2289 ◽

2018 ◽

Vol 9 (2) ◽

pp. 731-746

Author(s):

Danang Wahyu Utomo ◽

Defri Kurniawan ◽

Yani Parti Astuti

Keyword(s):

Source Code ◽

Likert Scale ◽

User Acceptance ◽

Black Box ◽

Acceptance Testing ◽

Test Case ◽

Black Box Testing ◽

White Box Testing

Permasalahan sistem layanan haji tidak hanya fokus pada antrian panjang pendaftar haji, namun juga pada layanan pantauan keberangkatan dan pemulangan, rencana perjalanan haji, layanan kesehatan, dan penyediaan peta shalawat bagi jamaah. Kementerian Agama Provinsi Jawa Tengah telah mengembangkan prototipe sistem mandiri layanan haji yang berfokus pada pantauan keberangkatan dan pemulangan, rencana perjalanan haji, jamaah sakit dan wafat, dan peta shalawat. Pada pengembangan sebelumnya evaluasi dilakukan hanya menggunakan test case kebutuhan fungsional. Evaluasi hanya mengecek apakah kebutuhan fungsional sudah di tambahkan pada prototipe sistem; bagaimana progres pengembangannya. Pada penelitian ini, kami mengusulkan teknik pengujian perangkat lunak untuk mengevaluasi keseluruhan prototipe sistem yang terdiri dari white box testing, black box testing, dan user acceptance testing. Teknik pengujian diusulkan untuk mengetahui bug dan kesalahan – kesalahan yang terjadi pada internal dan eksternal sistem. Selain itu, kami melibatkan para petugas TPHD untuk mendapatkan hasil evaluasi berdasarkan kebutuhan pengguna. Pada pengujian white box diperoleh bahwa source code memiliki derajat kompleksitas yang rendah, artinya sistem tidak terlalu banyak memberikan alternatif halaman. Pada pengujian black box diperoleh bahwa secara umum masukan dan luaran sistem telah sesuai dengan hasil yang diharapkan. Fitur dan informasi yang disediakan tidak memberikan makna ganda dalam penggunaannya. Pada pengujian UAT, kami menggunakan kuesioner dengan likert scale skala 5. Hasilnya, para responden setuju (diatas 56%) bahwa secara keseluruhan sistem layanan haji dapat membantu petugas TPHD. Meskipun, masih terdapat beberapa kelemahan yaitu, sistem kurang responsive dan fungsionalitas sistem perlu diperbaiki.

Download Full-text

Sistem Informasi Jual Beli Rumah dengan Fitur Rekomendasi Harga Menggunakan Logika Fuzzy Tsukamoto

Jurnal Edukasi dan Penelitian Informatika (JEPIN) ◽

10.26418/jp.v5i3.33441 ◽

2019 ◽

Vol 5 (3) ◽

pp. 308

Author(s):

Fritz Raynold Napitupulu ◽

Muhammad Azhar Irwansyah ◽

Heri Priyanto

Keyword(s):

Source Code ◽

Data Bank ◽

Black Box ◽

Mean Absolute Percentage Error ◽

Percentage Error ◽

Modelling Language ◽

Unified Modelling Language ◽

Absolute Percentage Error

Kota Pontianak memiliki tingkat populasi yang cukup tinggi. Pertambahan penduduk yang terjadi baik secara alamiah maupun melalui proses perpindahan penduduk menyebabkan peningkatan pada kebutuhan rumah tinggal. Kemajuan teknologi yang sekarang semakin pesat terutama smartphone dan internet mendukung adanya pemetaan digital yang dapat diimplementasikan pada sistem berbasis website. Oleh karena itu, maka dibutuhkan sebuah sistem informasi penjualan dan pembelian rumah di Kota Pontianak. Sistem ini dapat mempermudah masyarakat dalam mengetahui lokasi rumah serta informasi rumah tersebut dan memberikan rekomendasi dalam menetapkan harga jual dari sebuah rumah dengan menggunakan metode Fuzzy Tsukamoto. Perancangan sistem dimulai dengan melakukan pengumpulan data rumah. Perancangan sistem informasi berbasis website menggunakan metode Unified Modelling Language (UML). Pada hasil pengujian black box semua aktivitas dapat berjalan lancar dan memiliki pesan kesalahan jika data yang di-input-kan kosong atau salah. Pengujian white box menunjukkan bahwa source code logika Fuzzy Tsukamoto sudah menjalankan seluruh keputusan logika dari sisi benar maupun salah dan hasil pengujian Mean Absolute Percentage error (MAPE) berdasarkan data developer rumah menghasilkan tingkat persentase penyimpangan sebesar 21,44% dan berdasarkan data Bank menghasilkan tingkat persentase penyimpangan sebesar 5,68%. Hasil tersebut menunjukkan bahwa tingkat rekomendasi harga jual rumah yang telah dilakukan pada 10 data rumah menggunakan metode Fuzzy Fsukamoto memiliki kinerja yang sangat baik.

Download Full-text