Directed grey-box fuzzers specialize in testing specific target code. They have been applied to many security applications such as reproducing known crashes and detecting vulnerabilities caused by incomplete patches. However, existing directed favor the inputs discovering new code regardless whether newly uncovered is relevant or not. As a result, would extensively explore irrelevant suffer from low efficiency.In this paper, we distinguish program one that does not help trigger We present...

Weakly-typed languages such as PHP support loosely comparing two operands by implicitly converting their types and values. Such a language feature is widely used but can also pose severe security threats. In certain conditions, loose comparisons cause unexpected results, leading to authentication bypass other functionality problems.

Graph database systems (GDBs) have supported many important real-world applications such as social networks, logistics, and path planning. Meanwhile, logic bugs are also prevalent in GDBs, leading to incorrect results severe consequences. However, the largely cannot be revealed by prior solutions which unaware of graph native structures data. In this paper, we propose Gamera (Graph-aware metamorphic relations), a novel testing approach uncover unknown GDBs. We design three classes...

With the continuous development of mobile internet, smart terminal is now tightly integrated in information system. As extension traditional system, real-time problem data transfer for has become particularly important. In process based on Android platform, method pulling can keep synchronization between and server-side. Each to poll server see whether updated, which wastes a lot unnecessary network traffic mobile-phone battery. order overcome weakness method, we create an application using...

Symbolic execution has been widely applied in detecting vulnerabilities web applications. Modeling language-specific built-in functions is essential for symbolic execution. Since tend to be complicated and are typically implemented low-level languages, a common strategy manually translate them into the SMT-LIB language constraint solving. Such translation requires an excessive amount of human effort deep understandings function behaviors. Incorrect can invalidate final results. This problem...

PHP applications provide various interfaces for end-users to interact with on the Web. They thus are prone taint-style vulnerabilities such as SQL injection and cross-site scripting. For its high efficiency, static taint analysis is widely adopted detect before application deployment. Unfortunately, due complexity of language, implementing a precise difficult. The existing solutions suffer from both false positives negatives because their incomprehensive inter-procedural variety...

In view of the random retail price and retailer’s preference for risk aversion, we used mean-variance to describe uncertainty price. To study impacts both aversion on supply chain (SC) decision-making, constructed a SC game model based three different power structures, including Manufacturer Stackelberg (MS) game, Retailer (RS) Vertical Nash (VN) game. The results showed that weakened manufacturer’s production effort input, decreased enthusiasm ordering, damaged interests manufacturer...

At present, face recognition has been widely used, and in mobile devices a broad application prospect. We try to detect extract faces by extracting Haar-like features then put the images into Convolutional Neural Network (CNN) for training recognition. improve MobileNetV2, use ArcFace classification, test CNN classification program on Raspberry Pi 4B. The is based idea of transfer learning. extraction part network loads weight file, only fully connected layers are trained. Finally, accuracy...

Markdown compilers are widely used for translating plain text into formatted text, yet they suffer from performance bugs that cause degradation and resource exhaustion. Currently, there is little knowledge understanding about these in the wild. In this work, we first conduct a comprehensive study of known compilers. We identify ways handle language's context-sensitive features dominant root bugs. To detect unknown bugs, develop MdPerfFuzz, fuzzing framework with syntax-tree based mutation...

Against traditional collaborative filtering algorithm often face the problems of high sparsity and low recommendation accuracy, we propose convolution autoencoder CCAE, which replaces matrix decomposition training method in with method. First, input data drop sampling through layer downsampling to learn its efficient compression characteristics, then reconstruct deconvolution upsampling layer, calculate score ranking for recommendation. Experimental results show that CCAE achieves lower RMSE...

Bandwidth-sensitive applications rely on the accurate estimation of bottleneck bandwidth. The real-time bandwidth prediction enables application to cope with fluctuation and adjust transmission strategy improve Quality Experience (QoE) user. traditional model hardly considers characteristics in various scenarios, making it challenging achieve high accuracy. In this paper, we propose ALSTM model, which is based Long Short Term Memory (LSTM) recurrent neural network attention mechanism for...

Fuzzing has shown great promise in detecting vulnerabilities server-side web applications. In this work, we introduce an innovative software-based data cache mechanism that complements and improves all existing application fuzzing tools. Our key observation is a proportion of execution time (e.g., 50%) applications spent on fetching from two major sources: database network; our in-depth investigation reveals the same often repeatedly fetched across trials. We thus design new solution,...

Uterine fibroid (UF) represents the most frequent tumor in women, posing a significant risk for complications, such as miscarriage. Diagnostic accuracy may be affected by physician inexperience and fatigue. We propose deep learning model, combining MobileNetV2 convolutional generative adversarial networks (DCGAN), to support physicians identifying UF assessing its characteristics. Our model leverages superior data augmentation capabilities of DCGAN generate high-quality ultrasound images,...

Dynamic methods have shown great promise in validating vulnerabilities and generating Proof-of-Concept (PoC) exploits of Node.js applications. They typically rely on dictionaries or specifications to determine the values request parameters their relationships. However, they still struggle generate complex inputs from provided specifications.

In the various edge cloud devices within power system, a large amount of discrete data is generated, with most significant being image captured by each construction site. However, due to distance, privacy protection, transmission loss, and other issues, it difficult gather these together for use, resulting in waste valuable resources. Even if are collected, annotating them one challenging, leading limited training effectiveness model. As result, supervision electric operation sites still...

The problems of moving object detecting and tracking on UAV (Unmanned Aerial Vehicle) platforms in surveillance operations are addressed, a robust method for reliably foreground objects dynamically changing environment is proposed. Firstly, using the modified local feature detector SURF (Speeded Up Robust Features) which linear ordering defined set correspondences, PROSAC (Progressive Sample Consensus) algorithm exploits by similarity function to match detected key points consecutive frames...

A magnetostrictive force sensor that can be used to measure alternating load is presented.Iron-gallium alloy (Galfenol) as the sensing element.The was developed based on a closed structure.A finite element method employed optimally design size of excitation coil and flux path.Simulation results show density distribution clearly improved after optimization.Energy efficiency analysis shows energy proposed increased more than 5 times open structure sensor.To study behavior, discrete...