发布求助
文献互助 智能选刊 最新文献

2022 IEEE 29th Annual Software Technology Conference (STC)最新文献

筛选
英文 中文
Data Type Bugs Taxonomy: Integer Overflow, Juggling, and Pointer Arithmetics in Spotlight 数据类型错误分类:整数溢出,杂耍和指针算术在聚光灯下
2022 IEEE 29th Annual Software Technology Conference (STC) Pub Date : 2022-10-01 DOI: 10.1109/STC55697.2022.00035
Irena Bojanova, C. E. Galhardo, Sara Moshtari
{"title":"Data Type Bugs Taxonomy: Integer Overflow, Juggling, and Pointer Arithmetics in Spotlight","authors":"Irena Bojanova, C. E. Galhardo, Sara Moshtari","doi":"10.1109/STC55697.2022.00035","DOIUrl":"https://doi.org/10.1109/STC55697.2022.00035","url":null,"abstract":"In this work, we present an orthogonal classification of data type bugs, allowing precise structured descriptions of related software vulnerabilities. We utilize the Bugs Framework (BF) approach to define four language-independent classes that cover all possible kinds of data type bugs. In BF each class is a taxonomic category of a weakness type defined by sets of operations, cause$rightarrow$consequence relations, and attributes. A BF description of a bug or a weakness is an instance of a taxonomic BF class with one operation, one cause, one consequence, and their attributes. Any vulnerability then can be described as a chain of such instances and their consequence-cause transitions. With our newly developed classes Declaration Bugs, Name Resolution Bugs, Type Conversion Bugs, and Type Computation Bugs, we confirm that BF is a classification system that extends the Common Weakness Enumeration (CWE). The proposed classes allow clear communication about software bugs that relate to misuse of data types, and provide a structured way to precisely describe data type related vulnerabilities.","PeriodicalId":170123,"journal":{"name":"2022 IEEE 29th Annual Software Technology Conference (STC)","volume":"13 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121437016","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
Efficient Parameter Exploration of Simulation Studies 仿真研究的有效参数探索
2022 IEEE 29th Annual Software Technology Conference (STC) Pub Date : 2022-10-01 DOI: 10.1109/STC55697.2022.00034
Megan M. Olsen, M. Raunak
{"title":"Efficient Parameter Exploration of Simulation Studies","authors":"Megan M. Olsen, M. Raunak","doi":"10.1109/STC55697.2022.00034","DOIUrl":"https://doi.org/10.1109/STC55697.2022.00034","url":null,"abstract":"Simulation is a useful and effective way to analyze and study complex, real-world systems. It allows researchers, practitioners, and decision makers to make sense of the inner working of a system that involves many factors often resulting in some sort of emerging behavior. Scenarios such as the spread of a pandemic, the operations of an autonomous vehicle on busy streets, or the flow of patients in an emergency room can be studied with simulation models. Agent based modeling or ABM is a common modeling technique used in simulating and studying such complex systems. In these models, agents are individual autonomous entities that make decisions about their actions and interactions within the environment. The factors that influence the agent’s decision making process and thus drive the simulation outcome are commonly known as parameters. A typical agent-based simulation model will include many parameters, each with a potentially large set of values. The number of scenarios with different parameter value combinations grows exponentially and quickly becomes infeasible to test them all or even to explore a suitable subset of them. How does one then efficiently identify the parameter value combinations that matter for a particular simulation study? In addition, is it possible to train a machine learning model to predict the outcome of an agent-based model without running the agent-based model for all parameter value combinations?","PeriodicalId":170123,"journal":{"name":"2022 IEEE 29th Annual Software Technology Conference (STC)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131281119","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
On the Detection of Performance Regression Introducing Code Changes: Experience from the Git Project 性能回归检测引入代码变更:来自Git项目的经验
2022 IEEE 29th Annual Software Technology Conference (STC) Pub Date : 2022-10-01 DOI: 10.1109/STC55697.2022.00036
Deema Alshoaibi, Ikram Chaabane, Kevin Hannigan, Ali Ouni, Mohamed Wiem Mkaouer
{"title":"On the Detection of Performance Regression Introducing Code Changes: Experience from the Git Project","authors":"Deema Alshoaibi, Ikram Chaabane, Kevin Hannigan, Ali Ouni, Mohamed Wiem Mkaouer","doi":"10.1109/STC55697.2022.00036","DOIUrl":"https://doi.org/10.1109/STC55697.2022.00036","url":null,"abstract":"For many software applications, performance is a critical Non-Functional requirement. Different software testing techniques are associated with various types of software testing, often related to performance regressions. Detecting code changes responsible for performance regression, for a rapidly evolving software with an increasing number of daily commits, is becoming arduous due to performance tests being time-consuming. The expense of running performance benchmarks, for all committed changes, has evolved to the bottleneck of detecting performance regression. Therefore, a recent technique called Perphecy was proposed to help, with quickly identifying performance regression introducing code changes, supporting the selection of performance tests, and reducing their execution time. However, Perphecy was not thoroughly tested on a large system, and so, its performance is still unknown in a real-world scenario. In this paper, we perform an in-depth analysis of Perphecy’s ability to identify performance regression introducing code changes on the open-source Git project. Our work challenges the ability of the model to sustain its performance when increasing the sample under test from 201 commits, to 8596 commits. In addition to verifying the scalability of the previous findings, we also test the efficiency of the proposed approach against a wider variety of performance regression introducing code changes. We provide insights into its advantages, limitations, and practical value.","PeriodicalId":170123,"journal":{"name":"2022 IEEE 29th Annual Software Technology Conference (STC)","volume":"13 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114225384","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
Challenges and Peculiarities of Attack Detection in Virtual Power Plants : Towards an Advanced Persistent Threat Detection System 虚拟电厂攻击检测的挑战与特点:迈向先进的持续威胁检测系统
2022 IEEE 29th Annual Software Technology Conference (STC) Pub Date : 2022-10-01 DOI: 10.1109/STC55697.2022.00019
Robin Buchta, Felix Heine, Carsten Kleiner
{"title":"Challenges and Peculiarities of Attack Detection in Virtual Power Plants : Towards an Advanced Persistent Threat Detection System","authors":"Robin Buchta, Felix Heine, Carsten Kleiner","doi":"10.1109/STC55697.2022.00019","DOIUrl":"https://doi.org/10.1109/STC55697.2022.00019","url":null,"abstract":"Currently, there are no mission-capable systems that can successfully detect advanced persistent threats (APTs). These types of threats are hazardous in critical infrastructures (CIs). Due to the integration of operational technology (OT) and information communication technology (ICT), CI systems are particularly vulnerable to cyberattacks. In addition, power systems, in particular, are an attractive target for attackers, as they are responsible for the operation of modern infrastructures and are thus of great importance for modern warfare or even for strategic purposes of other criminal activities. Virtual power plants (VPPs) are a new implementation of power plants for energy management. The protection of virtual power plants against APTs is not yet sufficiently researched. This circumstance raises the research question - What might an APT detection system architecture for VPPs look like? Our methodology is based on intensive literature research to bundle knowledge from different sub-areas to solve a superordinate problem. After the literature review and domain analysis, a synthesis of new knowledge is provided in the presentation of a possible architecture. The in-depth proposal for a potential system architecture relies on the study of VPPs, APTs, and previous prevention mechanisms. The architecture is then evaluated for its effectiveness based on the challenges identified. The proposed architecture combines concepts such as defense-in-depth and breath with situation awareness, and the observe, orient, decide, and act loop. Furthermore, a combination of traditional detection methods with graph analysis in the architecture is targeted to meet the challenges and peculiarities of VPPs and APTs.","PeriodicalId":170123,"journal":{"name":"2022 IEEE 29th Annual Software Technology Conference (STC)","volume":"10 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122087887","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
Mobile System for Acquisition and Processing of Body Sounds 人体声音采集与处理移动系统
2022 IEEE 29th Annual Software Technology Conference (STC) Pub Date : 2022-10-01 DOI: 10.1109/STC55697.2022.00026
Ricardo Luiz Sponchiado, F. L. Bertotti, Robison Cris Brito
{"title":"Mobile System for Acquisition and Processing of Body Sounds","authors":"Ricardo Luiz Sponchiado, F. L. Bertotti, Robison Cris Brito","doi":"10.1109/STC55697.2022.00026","DOIUrl":"https://doi.org/10.1109/STC55697.2022.00026","url":null,"abstract":"This paper presents the development of the prototype of a digital stethoscope using a smartphone. Initially, it presents the importance of Biomedical Engineering in medical solutions and key concepts of listening to body sounds, focusing on understanding the acquisition processes of cardiac, pulmonary, and gastrointestinal signals. The main methods of digital signal filtering are discussed through the digital signal processing approach, which is the focus of this work. It also mentions the application of mobile computing in the medical field. With an understanding of these concepts, we developed an external device and an Android operating system app capable of acquiring and filtering body signals, resulting in a prototype of a digital stethoscope. The process of developing the data acquisition system and the results of tests conducted are also presented, providing a final discussion about the importance of smartphone features in medical practice, besides possible improvements to the current project.","PeriodicalId":170123,"journal":{"name":"2022 IEEE 29th Annual Software Technology Conference (STC)","volume":"25 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124478876","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Extracting Micro Service Dependencies Using Log Analysis 使用日志分析提取微服务依赖
2022 IEEE 29th Annual Software Technology Conference (STC) Pub Date : 2022-10-01 DOI: 10.1109/STC55697.2022.00020
Andres Osamu Rodriguez Ishida, K. Kontogiannis, C. Brealey
{"title":"Extracting Micro Service Dependencies Using Log Analysis","authors":"Andres Osamu Rodriguez Ishida, K. Kontogiannis, C. Brealey","doi":"10.1109/STC55697.2022.00020","DOIUrl":"https://doi.org/10.1109/STC55697.2022.00020","url":null,"abstract":"Microservice architecture is an architectural style that supports the design and implementation of very scalable systems by distributing complex functionality to highly granular components. These highly granular components are referred to as microservices and can be dynamically deployed on Docker containers. These microservice architecture systems are very extensible since new microservices can be added or replaced as the system evolves. In such highly granular architectures, a major challenge that arises is how to quickly identify whether any changes in the system’s structure violates any policies or design constraints. Examples of policies and design constraints include whether a microservice can call or pass data to another microservice, and whether data handled by one microservice can be stored in a specific database. In order to perform such type of analysis a model that denotes call and data dependencies between microservices must be constructed. In this paper, we present a technique that is based on log analysis and probabilistic reasoning to yield a labeled, typed, directed multigraph that represents call and data exchanges between microservices in a given deployment. This dependency graph can serve as input to analysis engines to be used for identifying design and policy violations as the system evolves or being updated. The proposed dependency graph creation approach has been applied to a medium size open source microservice system with very promising results.","PeriodicalId":170123,"journal":{"name":"2022 IEEE 29th Annual Software Technology Conference (STC)","volume":"51 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124591066","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Project Features That Make Machine-Learning Based Fault Proneness Analysis Successful 使基于机器学习的故障倾向分析成功的项目特征
2022 IEEE 29th Annual Software Technology Conference (STC) Pub Date : 2022-10-01 DOI: 10.1109/STC55697.2022.00018
Marios Grigoriou, K. Kontogiannis
{"title":"Project Features That Make Machine-Learning Based Fault Proneness Analysis Successful","authors":"Marios Grigoriou, K. Kontogiannis","doi":"10.1109/STC55697.2022.00018","DOIUrl":"https://doi.org/10.1109/STC55697.2022.00018","url":null,"abstract":"Over the past years, we have witnessed the extensive use of various software fault proneness prediction techniques utilizing machine learning. These techniques use data from multiple sources representing various facets of the software systems being investigated. In spite of the complexity and performance of all such techniques and approaches proposed by the research community, we cannot yet expertly reason on the features which may render a software system a good or bad candidate for their application. In this paper, we build on the corpus of established machine learning approaches, and we perform an evaluation of system-wide process metrics versus the results acquired by the indiscriminate application of a published best set of classifiers. More specifically, we analyze the fault proneness prediction results obtained by applying a combination of the best classifiers and file features to 207 open source projects in order to identify which project features make a system suitable for Machine Learning based fault proneness analysis or not. Based on this analysis, we propose a meta-evaluator of the overall nature of a system that can be used to gauge in advance the performance that can be expected when applying the selected technique in terms of the key performance measures namely: Accuracy, Fl-measure, Precision, Recall and ROC-AUC.","PeriodicalId":170123,"journal":{"name":"2022 IEEE 29th Annual Software Technology Conference (STC)","volume":"58 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116541931","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Bootstrapping IoT authentication using aggregated local knowledge and novel self-contained triangulation methodologies 使用聚合的本地知识和新颖的自包含三角测量方法引导物联网身份验证
2022 IEEE 29th Annual Software Technology Conference (STC) Pub Date : 2022-10-01 DOI: 10.1109/STC55697.2022.00022
C. Autry, A. W. Roscoe, Mykhailo Magal
{"title":"Bootstrapping IoT authentication using aggregated local knowledge and novel self-contained triangulation methodologies","authors":"C. Autry, A. W. Roscoe, Mykhailo Magal","doi":"10.1109/STC55697.2022.00022","DOIUrl":"https://doi.org/10.1109/STC55697.2022.00022","url":null,"abstract":"We discuss the theoretical model underlying 2BPA (two-band peer authentication), a practical alternative to conventional authentication of entities and data in IoT. In essence this involves assembling a virtual map of authentication assets in the network, typically leading to many paths of confirmation between any pair of entities. This map is continuously updated, confirmed and evaluated. The value of authentication along multiple disjoint paths becomes very clear. We discover that if an attacker wants to make an honest node falsely believe she has authenticated another then the length of the authentication paths is of little importance.","PeriodicalId":170123,"journal":{"name":"2022 IEEE 29th Annual Software Technology Conference (STC)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129906664","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
DeepFarm: AI-Driven Management of Farm Production using Explainable Causality DeepFarm:使用可解释的因果关系的人工智能驱动的农业生产管理
2022 IEEE 29th Annual Software Technology Conference (STC) Pub Date : 2022-10-01 DOI: 10.1109/STC55697.2022.00013
Yingjie Wang, Jaganmohan Chandrasekaran, Flora Haberkorn, Yan Dong, M. Gopinath, Feras A. Batarseh
{"title":"DeepFarm: AI-Driven Management of Farm Production using Explainable Causality","authors":"Yingjie Wang, Jaganmohan Chandrasekaran, Flora Haberkorn, Yan Dong, M. Gopinath, Feras A. Batarseh","doi":"10.1109/STC55697.2022.00013","DOIUrl":"https://doi.org/10.1109/STC55697.2022.00013","url":null,"abstract":"American agriculture has been afflicted by numerous outlier events in the past decade, such as several natural disasters, cyber-attacks, trade wars, and a global pandemic. Such unprecedented black-swans have created outcome uncertainties throughout the food supply chain, starting at the farm level for agricultural producers and aggregating at the consumption level for households and international trade flows. The primary drivers behind the shocks in agricultural productivity include strong weather-related events, transitory transportation disruptions, shipping delays, and policy shifts. This paper presents DeepFarm, an Artificial Intelligence (AI)-enabled framework to measure and manage uncertainties while evaluating multiple cause-effect scenarios in agricultural farm production. We deploy Deep Learning (DL) models to predict the impact of crop yield during outlier events such as extreme weather events and cyber-attacks. Additionally, we use a causal inference-based approach to quantity the impact of such events affecting the critical phases of farm production. Models are developed; experiments are performed; the results are recorded, evaluated, and discussed. Our results suggest that DeepFarm can effectively forecast and quantity the impact of outlier events on crop yield across different regions in the US.","PeriodicalId":170123,"journal":{"name":"2022 IEEE 29th Annual Software Technology Conference (STC)","volume":"90 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132118960","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
A Practical Approach To A Holistic Digital Twin 全面数字孪生的实用方法
2022 IEEE 29th Annual Software Technology Conference (STC) Pub Date : 2022-10-01 DOI: 10.1109/stc55697.2022.00030
Michael Ford, Damian Glover, Lubna Dajani
{"title":"A Practical Approach To A Holistic Digital Twin","authors":"Michael Ford, Damian Glover, Lubna Dajani","doi":"10.1109/stc55697.2022.00030","DOIUrl":"https://doi.org/10.1109/stc55697.2022.00030","url":null,"abstract":"In February 2021 IPC, the global association for the electronics industry, published IPC- 2551, an interoperable framework for creation of holistic product digital twins incorporating critical design, production, and supply-chain data. Here we describe how the IPC-2551 standard works in combination with W3C standards Decentralized Identifiers (DIDs) and Verifiable Credentials (VCs) to enable secure, interoperable, privacy-preserving information exchanges between participants in any manufacturing ecosystem.","PeriodicalId":170123,"journal":{"name":"2022 IEEE 29th Annual Software Technology Conference (STC)","volume":"38 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123699323","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信