scholarly journals A Survey of Automatic Software Vulnerability Detection, Program Repair, and Defect Prediction Techniques

2020 ◽  
Vol 2020 ◽  
pp. 1-16
Author(s):  
Zhidong Shen ◽  
Si Chen
Keyword(s):  
Deep Learning ◽  
Large Scale ◽  
Software Security ◽  
Security Requirements ◽  
Defect Prediction ◽  
Learning Technology ◽  
Vulnerability Detection ◽  
Software Vulnerability ◽  
Security Issues ◽  
Program Repair

Open source software has been widely used in various industries due to its openness and flexibility, but it also brings potential software security problems. Together with the large-scale increase in the number of software and the increase in complexity, the traditional manual methods to deal with these security issues are inefficient and cannot meet the current cyberspace security requirements. Therefore, it is an important research topic for researchers in the field of software security to develop more intelligent technologies to apply to potential security issues in software. The development of deep learning technology has brought new opportunities for the study of potential security issues in software, and researchers have successively proposed many automation methods. In this paper, these automation technologies are evaluated and analysed in detail from three aspects: software vulnerability detection, software program repair, and software defect prediction. At the same time, we point out some problems of these research methods, give corresponding solutions, and finally look forward to the application prospect of deep learning technology in automated software vulnerability detection, automated program repair, and automated defect prediction.

scholarly journals Research on Crop Leaf Disease Identification Method Based on LM-BP Neural Network

2019 ◽  
Vol 131 ◽  
pp. 01118
Author(s):  
Fan Tongke
Keyword(s):  
Neural Network ◽  
Feature Extraction ◽  
Deep Learning ◽  
Bp Neural Network ◽  
Extraction Method ◽  
Large Scale ◽  
Disease Diagnosis ◽  
Learning Technology ◽  
Feature Extraction Method ◽  
Disease Identification

Aiming at the problem of disease diagnosis of large-scale crops, this paper combines machine vision and deep learning technology to propose an algorithm for constructing disease recognition by LM_BP neural network. The images of multiple crop leaves are collected, and the collected pictures are cut by image cutting technology, and the data are obtained by the color distance feature extraction method. The data are input into the disease recognition model, the feature weights are set, and the model is repeatedly trained to obtain accurate results. In this model, the research on corn disease shows that the model is simple and easy to implement, and the data are highly reliable.

scholarly journals A Security Framework for Networked RFID

2012 ◽  
pp. 85-114 ◽  
Author(s):  
Harinda Sahadeva Fernando ◽  
Jemal H. Abawajy
Keyword(s):  
Conceptual Framework ◽  
Large Scale ◽  
Security Requirements ◽  
System Model ◽  
Security Framework ◽  
Threat Model ◽  
Counter Measures ◽  
Security Issues ◽  
Attack Model ◽  
Rfid Systems

In the last decade RFID technology has become a major contender for managing large scale logistics operations and generating and distributing the massive amount of data involved in such operations. One of the main obstacles to the widespread deployment and adoption of RFID systems is the security issues inherent in them. This is compounded by a noticeable lack of literature on how to identify the vulnerabilities of a RFID system and then effectively identify and develop counter measures to combat the threats posed by those vulnerabilities. In this chapter, the authors develop a conceptual framework for analysing the threats, attacks, and security requirements pertaining to networked RFID systems. The vulnerabilities of, and the threats to, the system are identified using the threat model. The security framework itself consists of two main concepts: (1) the attack model, which identifies and classifies the possible attacks, and (2) the system model, which identifies the security requirements. The framework gives readers a method with which to analyse the threats any given system faces. Those threats can then be used to identify the attacks possible on that system and get a better understanding of those attacks. It also allows the reader to easily identify all the security requirements of that system and identify how those requirements can be met.

scholarly journals Automatic Generalization of Residential Areas Based on “Paradigm” Theory and Big Data

2021 ◽  
Author(s):  
Tianlin Duo ◽  
Peng Zhang
Keyword(s):  
Big Data ◽  
Deep Learning ◽  
Large Scale ◽  
Information Science ◽  
Residential Area ◽  
Learning Technology ◽  
Residential Areas ◽  
Area Selection ◽  
Cartographic Generalization ◽  
Map Data

“Paradigm” theory is an important ideological and practical tool for scientific research. The research means and methods of Geographic Information Science follow the laws of four paradigms. Automatic cartographic generalization is not only the key link of map making, but also a recognized difficult and hot issue. Based on large-scale map data and deep learning technology, an automatic cartographic generalization problem-solving model is proposed in this paper. According to the key and difficult problems faced by residential area selection and simplification, residential area selection models and simplification models based on big data and deep learning are constructed respectively, which provides new ideas and schemes to solve the key and difficult problems of residential area selection and simplification.

A New Approach to Locate Software Vulnerabilities Using Code Metrics

2020 ◽  
Vol 8 (3) ◽  
pp. 82-95
Author(s):  
Mohammed Zagane ◽  
Mustapha Kamel Abdi ◽  
Mamdouh Alenezi
Keyword(s):  
Software Security ◽  
Software Components ◽  
Vulnerability Detection ◽  
Machine Learning Technique ◽  
New Approach ◽  
Software Vulnerabilities ◽  
Security Issues ◽  
Class Function ◽  
Learning Technique ◽  
Code Metrics

Automatic vulnerabilities prediction assists developers and minimizes resources allocated to fix software security issues. These costs can be minimized even more if the exact location of vulnerability is correctly indicated. In this study, the authors propose a new approach to using code metrics in vulnerability detection. The strength part of the proposed approach lies in using code metrics not to simply quantify characteristics of software components at a coarse granularity (package, file, class, function) such as complexity, coupling, etc., which is the approach commonly used in previous studies, but to quantify extracted pieces of code that hint presence of vulnerabilities at a fine granularity (few lines of code). Obtained results show that code metrics can be used with a machine learning technique not only to indicate vulnerable components wish was the aim of previous approaches but also to detect and locate vulnerabilities with very good accuracy.

scholarly journals An adaptive authentication and authorization model for service oriented enterprise computing

2021 ◽  
Vol 49 (1) ◽  
Author(s):  
Mohamed Ibrahim ◽  
◽  
Beer Mohamed ◽  
Mohd Fadzil Hassan ◽  
◽  
...  
Keyword(s):  
Large Scale ◽  
Service Oriented Architecture ◽  
Security Requirements ◽  
Coarse Grained ◽  
Security Model ◽  
Loosely Coupled ◽  
Security Issues ◽  
Authentication And Authorization ◽  
Service Oriented ◽  
The Web

Service oriented enterprise computing is an integration architectural style aimed to expose and consume coarse grained and fine grained modularization of business functionalities as services that are being deployed in the loosely coupled organizational environment. The web service is the implementation technology of service oriented architecture (SOA) where it is built on the existing networking and web interfacing standards as it has to use the web as a medium of communication and does not have any specialized in-built layer for security. The majority of the vendor security products in the market need specialized hardware/software components, eventually, they break the standards and principles of service oriented architecture. The traditional way of problem solving is not effective for developing security solutions for service oriented computing, as its boundaries keep expanding beyond a single organiza-tional environment due to the advent of communication and business technologies such as the Internet of Things (IoT), hyper-personalization, and edge computing. Hence, it is a mandatory entity in this digital age of enterprise computing to have a specialized authentication and authorization solution exclusively for addressing the existing security gaps in SOA in an adaptive way forward approach. In this paper, the security gaps in the existing Identity and Access Management (IDAM) solutions for service oriented enterprise computing are analyzed, and a novel intelligent security engine which is packed with extended authentication and authorization solution model for service consumption is presented. The authentication and authorization security requirements are considered as cross cutting concerns of SOA implementation and the solution is constructed as Aspect-Oriented Programming (AOP) advices, which enables the solution can be attached as a ‘plug & play’ component without changing the underlying source code of the service implementation. For Proof-of-Concept (PoC), the proposed authentication and authorization security model is tested in a large scale service oriented enterprise computing environment and the results have been analyzed statistically. It is evident from the results that the proposed security model addresses security issues comparatively better than existing security solutions.

scholarly journals Smart Contract Vulnerability Detection: From Pure Neural Network to Interpretable Graph Feature and Expert Pattern Fusion

2021 ◽  
Author(s):  
Zhenguang Liu ◽  
Peng Qian ◽  
Xiang Wang ◽  
Lei Zhu ◽  
Qinming He ◽  
...  
Keyword(s):  
Deep Learning ◽  
Expert Knowledge ◽  
Source Code ◽  
Smart Contracts ◽  
Learning Approaches ◽  
Vulnerability Detection ◽  
Security Issues ◽  
The Past ◽  
Smart Contract ◽  
Local Expert

Smart contracts hold digital coins worth billions of dollars, their security issues have drawn extensive attention in the past years. Towards smart contract vulnerability detection, conventional methods heavily rely on fixed expert rules, leading to low accuracy and poor scalability. Recent deep learning approaches alleviate this issue but fail to encode useful expert knowledge. In this paper, we explore combining deep learning with expert patterns in an explainable fashion. Specifically, we develop automatic tools to extract expert patterns from the source code. We then cast the code into a semantic graph to extract deep graph features. Thereafter, the global graph feature and local expert patterns are fused to cooperate and approach the final prediction, while yielding their interpretable weights. Experiments are conducted on all available smart contracts with source code in two platforms, Ethereum and VNT Chain. Empirically, our system significantly outperforms state-of-the-art methods. Our code is released.

scholarly journals Machine learning and big scientific data

2020 ◽  
Vol 378 (2166) ◽  
pp. 20190054 ◽  
Author(s):  
Tony Hey ◽  
Keith Butler ◽  
Sam Jackson ◽  
Jeyarajan Thiyagalingam
Keyword(s):  
Machine Learning ◽  
Deep Learning ◽  
Language Processing ◽  
High Performance ◽  
Large Scale ◽  
Materials Science ◽  
Numerical Algorithms ◽  
Scientific Data ◽  
Learning Technology ◽  
Challenges And Opportunities

This paper reviews some of the challenges posed by the huge growth of experimental data generated by the new generation of large-scale experiments at UK national facilities at the Rutherford Appleton Laboratory (RAL) site at Harwell near Oxford. Such ‘Big Scientific Data’ comes from the Diamond Light Source and Electron Microscopy Facilities, the ISIS Neutron and Muon Facility and the UK's Central Laser Facility. Increasingly, scientists are now required to use advanced machine learning and other AI technologies both to automate parts of the data pipeline and to help find new scientific discoveries in the analysis of their data. For commercially important applications, such as object recognition, natural language processing and automatic translation, deep learning has made dramatic breakthroughs. Google's DeepMind has now used the deep learning technology to develop their AlphaFold tool to make predictions for protein folding. Remarkably, it has been able to achieve some spectacular results for this specific scientific problem. Can deep learning be similarly transformative for other scientific problems? After a brief review of some initial applications of machine learning at the RAL, we focus on challenges and opportunities for AI in advancing materials science. Finally, we discuss the importance of developing some realistic machine learning benchmarks using Big Scientific Data coming from several different scientific domains. We conclude with some initial examples of our ‘scientific machine learning’ benchmark suite and of the research challenges these benchmarks will enable. This article is part of a discussion meeting issue ‘Numerical algorithms for high-performance computational science’.

scholarly journals An Effective Cloud Detection Method for Gaofen-5 Images via Deep Learning

2020 ◽  
Vol 12 (13) ◽  
pp. 2106 ◽  
Author(s):  
Junchuan Yu ◽  
Yichuan Li ◽  
Xiangxiang Zheng ◽  
Yufeng Zhong ◽  
Peng He
Keyword(s):  
Deep Learning ◽  
Large Scale ◽  
Feature Fusion ◽  
Detection Methods ◽  
Learning Technology ◽  
Cloud Detection ◽  
Learning Capability ◽  
Quantitative Remote Sensing ◽  
Recent Developments ◽  
Speed Up

Recent developments in hyperspectral satellites have dramatically promoted the wide application of large-scale quantitative remote sensing. As an essential part of preprocessing, cloud detection is of great significance for subsequent quantitative analysis. For Gaofen-5 (GF-5) data producers, the daily cloud detection of hundreds of scenes is a challenging task. Traditional cloud detection methods cannot meet the strict demands of large-scale data production, especially for GF-5 satellites, which have massive data volumes. Deep learning technology, however, is able to perform cloud detection efficiently for massive repositories of satellite data and can even dramatically speed up processing by utilizing thumbnails. Inspired by the outstanding learning capability of convolutional neural networks (CNNs) for feature extraction, we propose a new dual-branch CNN architecture for cloud segmentation for GF-5 preview RGB images, termed a multiscale fusion gated network (MFGNet), which introduces pyramid pooling attention and spatial attention to extract both shallow and deep information. In addition, a new gated multilevel feature fusion module is also employed to fuse features at different depths and scales to generate pixelwise cloud segmentation results. The proposed model is extensively trained on hundreds of globally distributed GF-5 satellite images and compared with current mainstream CNN-based detection networks. The experimental results indicate that our proposed method has a higher F1 score (0.94) and fewer parameters (7.83 M) than the compared methods.

scholarly journals Analysis of Security Issues and Countermeasures for the Industrial Internet of Things

2021 ◽  
Vol 11 (20) ◽  
pp. 9393
Author(s):  
Shantanu Pal ◽  
Zahra Jadidi
Keyword(s):  
Internet Of Things ◽  
Large Scale ◽  
Security Analysis ◽  
Cyber Attacks ◽  
Security Requirements ◽  
Future Research ◽  
The Internet ◽  
Industrial Internet Of Things ◽  
Security Issues ◽  
Industrial Internet

Industrial Internet of Things (IIoT) can be seen as an extension of the Internet of Things (IoT) services and applications to industry with the inclusion of Industry 4.0 that provides automation, reliability, and control in production and manufacturing. IIoT has tremendous potential to accelerate industry automation in many areas, including transportation, manufacturing, automobile, marketing, to name a few places. When the benefits of IIoT are visible, the development of large-scale IIoT systems faces various security challenges resulting in many large-scale cyber-attacks, including fraudulent transactions or damage to critical infrastructure. Moreover, a large number of connected devices over the Internet and resource limitations of the devices (e.g., battery, memory, and processing capability) further pose challenges to the system. The IIoT inherits the insecurities of the traditional communication and networking technologies; however, the IIoT requires further effort to customize the available security solutions with more focus on critical industrial control systems. Several proposals discuss the issue of security, privacy, and trust in IIoT systems, but comprehensive literature considering the several aspects (e.g., users, devices, applications, cascading services, or the emergence of resources) of an IIoT system is missing in the present state of the art IIoT research. In other words, the need for considering a vision for securing an IIoT system with broader security analysis and its potential countermeasures is missing in recent times. To address this issue, in this paper, we provide a comparative analysis of the available security issues present in an IIoT system. We identify a list of security issues comprising logical, technological, and architectural points of view and consider the different IIoT security requirements. We also discuss the available IIoT architectures to examine these security concerns in a systematic way. We show how the functioning of different layers of an IIoT architecture is affected by various security issues and report a list of potential countermeasures against them. This study also presents a list of future research directions towards the development of a large-scale, secure, and trustworthy IIoT system. The study helps understand the various security issues by indicating various threats and attacks present in an IIoT system.

Sign in / Sign up

Export Citation Format

Share Document