A5076091595- Advanced Malware Detection Techniques
- Software System Performance and Reliability
- Software Engineering Research
- Cloud Computing and Resource Management
- Digital and Cyber Forensics
- Electrocatalysts for Energy Conversion
- Advancements in Solid Oxide Fuel Cells
- IoT and Edge/Fog Computing
- Fuel Cells and Related Materials
- Software Testing and Debugging Techniques
- Parallel Computing and Optimization Techniques
- Topic Modeling
- Web Application Security Vulnerabilities
- Software-Defined Networks and 5G
- VLSI and Analog Circuit Testing
- Radiation Effects in Electronics
- Smart Grid and Power Systems
- Security and Verification in Computing
- Photonic and Optical Devices
- Advanced Data Storage Technologies
- Metal-Organic Frameworks: Synthesis and Applications
- Advanced Software Engineering Methodologies
- Advanced Decision-Making Techniques
- Virtual Reality Applications and Impacts
- Software Reliability and Analysis Research
Virginia Tech
2012-2024
Nanjing University of Aeronautics and Astronautics
2020-2024
Peking University
2017-2021
Meta (Israel)
2018
National University of Defense Technology
2010
University of Illinois Urbana-Champaign
1998
The Java platform provides various cryptographic APIs to facilitate secure coding. However, correctly using these is challenging for developers who lack cybersecurity training. Prior work shows that many misused and consequently introduced vulnerabilities into their software. To eliminate such vulnerabilities, people created tools detect and/or fix API misuses. it still unknown (1) how current are designed misuses, (2) effectively the locate (3) perceive usefulness of tools' outputs. For...
With the expanding application of Large Language Models (LLMs) in various domains, it becomes imperative to comprehensively investigate their unforeseen behaviors and consequent outcomes. In this study, we introduce systematically explore phenomenon “glitch tokens”, which are anomalous tokens produced by established tokenizers could potentially compromise models’ quality response. Specifically, experiment on seven top popular LLMs utilizing three distinct involving a totally 182,517 tokens....
The conventional software running on network devices, such as switches and routers, is typically vendor-supplied, proprietary closed-source; a result, it tends to contain extraneous features that single operator will not most likely fully utilize. Furthermore, cloud-scale data center networks often times have operational requirements may be well addressed by the switch vendors.
The Java libraries JCA and JSSE offer cryptographic APIs to facilitate secure coding. When developers misuse some of the APIs, their code becomes vulnerable cyber-attacks. To eliminate such vulnerabilities, people built tools detect security-API misuses via pattern matching. However, most do not (1) fix or (2) allow users extend tools' sets. overcome both limitations, we created Seader---an example-based approach repair misuses. Given an exemplar (insecure, secure) pair, Seader compares...
The past decades witnessed the fast and wide deployment of Internet. Internet has bred ubiquitous computing environment that is spanning cloud, edge, mobile devices, IoT. Software running over such a eating world. A recently emerging trend Internet-based software systems “ resource adaptive ,” i.e., should be robust intelligent enough to changes heterogeneous resources, both physical logical, provided by their environment. To keep pace trend, we argue some considerations taken into account...
Rust is a general-purpose programming language designed for performance and safety. Unrecoverable errors (e.g., Divide by Zero) in programs are critical, as they signal bad program states terminate abruptly. Previous work has contributed to utilizing KLEE, dynamic symbolic test engine, verify the would not panic. However, it difficult engineers who lack domain expertise write code correctly. Besides, effectiveness of KLEE finding panics production been evaluated. We created an approach,...
PDF HTML阅读 XML下载 导出引用 引用提醒 面向高可信软件的整数溢出错误的自动化测试 DOI: 作者: 作者单位: 作者简介: 通讯作者: 中图分类号: 基金项目: Supported by the National High-Tech Research and Development Plan of China under Grant No.2007AA010301 (国家高技术研究发展计划(863)); Basic Program No.2005CB321801 (国家重点基础研究发展计划(973)) High-Trusted-Software-Oriented Automatic Testing for Integer Overflow Bugs Author: Affiliation: Fund Project: 摘要 | 图/表 访问统计 参考文献 相似文献 引证文献 资源附件 文章评论 摘要:面向高可信软件提出了一种二进制级高危整数溢出错误的全自动测试方法(dynamic automatic integer-overflow detection...
A load balancer (LB) is a vital network function for cloud services to balance the amongst resources. Stateful software LBs that run on commodity servers provides flexibility, cost-efficiency, and packet consistency. However current designs have two main limitations: 1) states are stored as digests which may cause inconsistency due digest collisions; 2) data plane needs update every new connection, frequent updates hurt throughput In this work, we present stateful LB called Concury, first...
The prevalence of mobile platforms, especially the large market share Android, has promoted popularity applications (a.k.a. apps). In developing apps, logging acts as a crucial tool to help developers debug their app before publishing. this paper, we present an empirical study on how is used in current popular Android apps and reveal security risks deactivating log call instead removing its associated instructions. To end, propose static analysis scheme remove well those instructions that...
Based on domestic embedded multi-core operating system testing, this paper describes the characteristics of and existing test contents gives an effective software function performance method for application focus so as to provide references testing system.
Smart phone allows users to exchange instant messages, as well share videos, audio’s and images instead of relying on desktop or laptop. Consequently it increases the portability convenience for common users. Take China example, WeChat has become most universal Instant Messenger application in recently several years. In meantime, forensic technicians start pay attention data contained them. Furthermore, potential evidence could be concealed those devices they are generally supposed...
With the development of Internet, a large number computer applications have emerged, and quantity is still growing rapidly. These contain lot useful data functions, however, as most them are not available couldn't interact with each other, so functions difficult to shared reused, resulting in huge waste resources. In order solve this problem, secondary needed on basis source system. For example, it necessary collect from client or integrate their functions. Therefore, framework automatic...
In this paper, we propose a new Hardware Trojan Design. This design makes all HT trigger inputs have the same impact as functional on output signals. It is difficult to distinguish between and inputs. Simultaneously, will not be identified redundant approach can defeat existing detection methods which identify weakly-affecting across multiple sequential levels. The proposed has stealthiness general applicability.