发布求助
文献互助 智能选刊 最新文献

2023 IEEE/ACIS 21st International Conference on Software Engineering Research, Management and Applications (SERA)最新文献

筛选
英文 中文
Evaluating the Performance of Containerized Webservers against web servers on Virtual Machines using Bombardment and Siege 使用轰炸和围攻评估容器化web服务器对虚拟机上web服务器的性能
2023 IEEE/ACIS 21st International Conference on Software Engineering Research, Management and Applications (SERA) Pub Date : 2023-05-23 DOI: 10.1109/SERA57763.2023.10197818
Daniel Ukene, H. Wimmer, Jongyeop Kim
{"title":"Evaluating the Performance of Containerized Webservers against web servers on Virtual Machines using Bombardment and Siege","authors":"Daniel Ukene, H. Wimmer, Jongyeop Kim","doi":"10.1109/SERA57763.2023.10197818","DOIUrl":"https://doi.org/10.1109/SERA57763.2023.10197818","url":null,"abstract":"Containerization is becoming an increasingly common aspect of DevOps. Adding a container layer increases the complexity and could impact system performance. This study explores the performance differences of the Apache and Nginx web servers on Virtual Machines (VMs) and Docker Containers with official web server images from Docker Hub. A sandbox environment was created with both containerized and non-containerized versions of the web servers, and their performance was analyzed using line graphs. The results showed differences in performance between VMs and Docker Containers, with some variation from previous research due to the virtualization being done locally rather than on the cloud. This study would be advantageous for organizations with on-premises infrastructure due to security or governing regulations.","PeriodicalId":211080,"journal":{"name":"2023 IEEE/ACIS 21st International Conference on Software Engineering Research, Management and Applications (SERA)","volume":"35 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-05-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115992028","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
TIPICAL - Type Inference for Python In Critical Accuracy Level Python临界精度级别的典型类型推断
2023 IEEE/ACIS 21st International Conference on Software Engineering Research, Management and Applications (SERA) Pub Date : 2023-05-23 DOI: 10.1109/SERA57763.2023.10197800
Jonathan Elkobi, Bernd Gruner, Tim Sonnekalb, C. Brust
{"title":"TIPICAL - Type Inference for Python In Critical Accuracy Level","authors":"Jonathan Elkobi, Bernd Gruner, Tim Sonnekalb, C. Brust","doi":"10.1109/SERA57763.2023.10197800","DOIUrl":"https://doi.org/10.1109/SERA57763.2023.10197800","url":null,"abstract":"Type inference methods based on deep learning are becoming increasingly popular as they aim to compensate for the drawbacks of static and dynamic analysis approaches, such as high uncertainty. However, their practical application is still debatable due to several intrinsic issues such as code from different software domains will involve data types that are unknown to the type inference system.In order to overcome these problems and gain high-confidence predictions, we thus present TIPICAL, a method that combines deep similarity learning with novelty detection. We show that our method can better predict data types in high confidence by successfully filtering out unknown and inaccurate predicted data types and achieving higher F1 scores to the state-of-the-art type inference method Type4Py. Additionally, we investigate how different software domains and data type frequencies may affect the results of our method.","PeriodicalId":211080,"journal":{"name":"2023 IEEE/ACIS 21st International Conference on Software Engineering Research, Management and Applications (SERA)","volume":"9 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-05-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126282412","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Multi-level Adaptive Execution Tracing for Efficient Performance Analysis 用于高效性能分析的多级自适应执行跟踪
2023 IEEE/ACIS 21st International Conference on Software Engineering Research, Management and Applications (SERA) Pub Date : 2023-05-23 DOI: 10.1109/SERA57763.2023.10197790
Mohammed Adib Khan, Naser Ezzati-Jivan
{"title":"Multi-level Adaptive Execution Tracing for Efficient Performance Analysis","authors":"Mohammed Adib Khan, Naser Ezzati-Jivan","doi":"10.1109/SERA57763.2023.10197790","DOIUrl":"https://doi.org/10.1109/SERA57763.2023.10197790","url":null,"abstract":"Troubleshooting system performance issues is a challenging task that requires a deep understanding of various factors that may impact system performance. This process involves analyzing trace logs from the kernel and user space using tools such as ftrace, strace, DTrace, or LTTng. However, pre-set tracing instrumentation can lead to missing important data where not enough components of the system include observability coverage. Also, having too much coverage may result in unnecessary noise in the data, making it extremely difficult to debug. This paper proposes an adaptive instrumentation technique for execution tracing, which dynamically makes decisions not only for which components to trace but also when to trace, thus reducing the risk of missing important data related to the performance problem and increasing the accuracy of debugging by reducing unwanted noises. Our case study results show that the proposed method is capable of handling tracing instrumentation dynamically for both kernel and application levels while maintaining a low overhead.","PeriodicalId":211080,"journal":{"name":"2023 IEEE/ACIS 21st International Conference on Software Engineering Research, Management and Applications (SERA)","volume":"22 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-05-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121742684","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
LSTM-AE for Anomaly Detection on Multivariate Telemetry Data 基于多变量遥测数据的LSTM-AE异常检测
2023 IEEE/ACIS 21st International Conference on Software Engineering Research, Management and Applications (SERA) Pub Date : 2023-05-23 DOI: 10.1109/SERA57763.2023.10197673
Anes Abdennebi, Alp Tunçay, Cemal Yilmaz, Anil Koyuncu, Oktay Gungor
{"title":"LSTM-AE for Anomaly Detection on Multivariate Telemetry Data","authors":"Anes Abdennebi, Alp Tunçay, Cemal Yilmaz, Anil Koyuncu, Oktay Gungor","doi":"10.1109/SERA57763.2023.10197673","DOIUrl":"https://doi.org/10.1109/SERA57763.2023.10197673","url":null,"abstract":"Organizations and companies that collect data generated by sales, transactions, client/server communications, IoT nodes, devices, engines, or any other data generating/exchanging source, need to analyze this data to reveal insights about the running activities on their systems. Since streaming data has multivariate variables bearing dependencies among each other that extend temporally (to previous time steps).Long-Short Term Memory (LSTM) is a variant of the Recurrent Neural Networks capable of learning long-term dependencies using previous timesteps of sequence-shape data. The LSTM model is a valid option to apply to our data for offline anomaly detection and help foresee future system incidents. Anything that negatively affects the system and the services provided via this system is considered an incident.Moreover, the raw input data might be noisy and improper for the model, leading to misleading predictions. A wiser choice is to use an LSTM Autoencoder (LSTM-AE) specialized for extracting meaningful features of the examined data and looking back several steps to preserve temporal dependencies.In our work, we developed two LSTM-AE models. We evaluated them in an industrial setup at Koçfinans (a finance company operating in Turkey), where they have a distributed system of several nodes running dozens of microservices. The outcome of this study shows that our trained LSTM-AE models succeeded in identifying the atypical behavior of offline data with high accuracies. Furthermore, after deploying the models, we identified the system failing at the exact times for the previous two reported failures. While after deployment, it launched cautions preceding the actual failure by a week, proving efficiency on online data. Our models achieved 99.7% accuracy and 89.1% as F1-score. Moreover, it shows potential in finding the proper LSTM-AE model architecture when time series data with temporal dependency property is fed to the model.","PeriodicalId":211080,"journal":{"name":"2023 IEEE/ACIS 21st International Conference on Software Engineering Research, Management and Applications (SERA)","volume":"30 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-05-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121952596","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Calibrating Cybersecurity Experiments: Evaluating Coverage Analysis for Fuzzing Benchmarks 校准网络安全实验:评估模糊基准的覆盖分析
2023 IEEE/ACIS 21st International Conference on Software Engineering Research, Management and Applications (SERA) Pub Date : 2023-05-23 DOI: 10.1109/SERA57763.2023.10197736
J. Alves-Foss, Aditi Pokharel, Ronisha Shigdel, Jia Song
{"title":"Calibrating Cybersecurity Experiments: Evaluating Coverage Analysis for Fuzzing Benchmarks","authors":"J. Alves-Foss, Aditi Pokharel, Ronisha Shigdel, Jia Song","doi":"10.1109/SERA57763.2023.10197736","DOIUrl":"https://doi.org/10.1109/SERA57763.2023.10197736","url":null,"abstract":"Computer science experimentation, whether it be for safety, reliability or cybersecurity, is an important part of scientific advancement. Evaluation of relative merits of various experiments typically requires well-calibrated benchmarks that can be used to measure the experimental results. This paper reviews current trends in using benchmarks in fuzzing experimental research for cybersecurity, specifically with metrics related to coverage analysis. Strengths and weaknesses of the current techniques are evaluated and suggestions for improving the current approaches are proposed. The end goal is to convince researchers that benchmarks for experimentation must be well documented, archived and calibrated so that the community knows how well the tools and techniques perform with respect to the possible maximum in the benchmark.","PeriodicalId":211080,"journal":{"name":"2023 IEEE/ACIS 21st International Conference on Software Engineering Research, Management and Applications (SERA)","volume":"27 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-05-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127737427","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Customer Segmentation Using Credit Card Data Analysis 利用信用卡数据分析进行客户细分
2023 IEEE/ACIS 21st International Conference on Software Engineering Research, Management and Applications (SERA) Pub Date : 2023-05-23 DOI: 10.1109/SERA57763.2023.10197704
S. Raj, Santanu Roy, Surajit Jana, Soumyadip Roy, Takaaki Goto, S. Sen
{"title":"Customer Segmentation Using Credit Card Data Analysis","authors":"S. Raj, Santanu Roy, Surajit Jana, Soumyadip Roy, Takaaki Goto, S. Sen","doi":"10.1109/SERA57763.2023.10197704","DOIUrl":"https://doi.org/10.1109/SERA57763.2023.10197704","url":null,"abstract":"Customer segmentation is a separation of a market into multiple distinct groups of consumers who share the similar characteristics. Segmentation of market is an effective way to define and meet Customer needs and also to identify the future business plan. Unsupervised machine learning algorithms are suitable to analyze and identify the possible set of customers when the labeled data about the customers are no available. In this research work the spending of different customers who have credit cards are analyzed to segment them into different clusters and also to plan further business improvements based on the different characteristics of these identified clusters.","PeriodicalId":211080,"journal":{"name":"2023 IEEE/ACIS 21st International Conference on Software Engineering Research, Management and Applications (SERA)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-05-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129964775","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Commit Message Can Help: Security Patch Detection in Open Source Software via Transformer 提交消息可以帮助:安全补丁检测在开放源码软件通过变压器
2023 IEEE/ACIS 21st International Conference on Software Engineering Research, Management and Applications (SERA) Pub Date : 2023-05-23 DOI: 10.1109/SERA57763.2023.10197730
Fei Zuo, Xin Zhang, Yuqi Song, J. Rhee, Jicheng Fu
{"title":"Commit Message Can Help: Security Patch Detection in Open Source Software via Transformer","authors":"Fei Zuo, Xin Zhang, Yuqi Song, J. Rhee, Jicheng Fu","doi":"10.1109/SERA57763.2023.10197730","DOIUrl":"https://doi.org/10.1109/SERA57763.2023.10197730","url":null,"abstract":"As open source software is widely used, the vulnerabilities contained therein are also rapidly propagated to a large number of innocent applications. Even worse, many vulnerabilities in open-source projects are secretly fixed, which leads to affected software being unaware and thus exposed to risks. For the purpose of protecting deployed software, designing an effective patch classification system becomes more of a need than an option. To this end, some researchers take advantage of the recent advancements in natural language processing to learn both commit messages and code changes. However, they often incur high false positive rates. Not only that, existing works cannot yet answer how much the textual description (such as commit messages) alone can influence the final triage. In this paper, we propose a Transformer based patch classifier, which does not use any code changes as inputs. Surprisingly, the extensive experiment shows the proposed approach can significantly outperform other state-of-the-art work with a high precision of 93.0% and low false positive rate. Therefore, our research further confirms the critical importance of well-crafted commit messages for the later software maintenance. Finally, our case study also identifies 48 silent security patches, which can benefit those affected software.","PeriodicalId":211080,"journal":{"name":"2023 IEEE/ACIS 21st International Conference on Software Engineering Research, Management and Applications (SERA)","volume":"24 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-05-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132087638","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
3 B (Block Byte Bit) Cipher Algorithm for Secure Socket Layer 安全套接字层的B(块字节位)密码算法
2023 IEEE/ACIS 21st International Conference on Software Engineering Research, Management and Applications (SERA) Pub Date : 2023-05-23 DOI: 10.1109/SERA57763.2023.10197799
Y. Geum
{"title":"3 B (Block Byte Bit) Cipher Algorithm for Secure Socket Layer","authors":"Y. Geum","doi":"10.1109/SERA57763.2023.10197799","DOIUrl":"https://doi.org/10.1109/SERA57763.2023.10197799","url":null,"abstract":"This paper proposes an ECSSL(Elliptic Curve Secure Socket Layer) protocol that provides more securities and faster processing speed than an existing SSL(Secure Socket Layer) protocol. An ECSSL protocol consists of ECC(Elliptic Curve Cryptography), ThreeB(Block Byte Bit Cipher) algorithm to prevent from being eavesdropped, HMAC(Hash Message Authentication Code) algorithm to create digital signature using a shared secret key. In particular, as ThreeB uses byte exchange by using random technique. and bit-xor operation, compared with DES using fixed index table, the security and processing time of it are improved much better.","PeriodicalId":211080,"journal":{"name":"2023 IEEE/ACIS 21st International Conference on Software Engineering Research, Management and Applications (SERA)","volume":"9 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-05-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125725257","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Operation Management Method of Software Defined Perimeter for Promoting Zero-Trust Model 推广零信任模型的软件定义周界运行管理方法
2023 IEEE/ACIS 21st International Conference on Software Engineering Research, Management and Applications (SERA) Pub Date : 2023-05-23 DOI: 10.1109/SERA57763.2023.10197716
S. Tanimoto, Sogen Hori, Hiroyuki Sato, Atsushi Kanai
{"title":"Operation Management Method of Software Defined Perimeter for Promoting Zero-Trust Model","authors":"S. Tanimoto, Sogen Hori, Hiroyuki Sato, Atsushi Kanai","doi":"10.1109/SERA57763.2023.10197716","DOIUrl":"https://doi.org/10.1109/SERA57763.2023.10197716","url":null,"abstract":"Telework has been on the rise since the advent of COVID-19, and concerns have arisen about issues such as information leakage due to internal fraud. The zero-trust model is attracting attention as a countermeasure. This model reduces risk by constantly performing authentication and authorization, thus leading to improved security levels and safer operation. However, currently less than 40% of the companies in Japan have introduced zero trust into their security policies, mainly due to the lack of specific guidelines for operational management. We have therefore developed a security policy (service authorization conditions) for the software defined perimeter (SDP) zero-trust model as a universal operational management method to promote zero-trust implementation. Specifically, we simplify the time/place/occasion (TPO) conditions of users as T (inside/outside working hours), P (inside/outside the company, telework), and O (with/without visitors), resulting in 12 patterns, and for each of these TPO conditions, we propose detailed new service authorization conditions for SDP. The results of qualitative evaluation demonstrated the effectiveness of the proposed method. Our findings will contribute to the introduction of the zero-trust model and pave the way for safer and more secure corporate networks.","PeriodicalId":211080,"journal":{"name":"2023 IEEE/ACIS 21st International Conference on Software Engineering Research, Management and Applications (SERA)","volume":"15 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-05-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122233897","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Evaluating Code Metrics in GitHub Repositories Related to Fake News and Misinformation 评估与假新闻和错误信息相关的GitHub存储库中的代码度量
2023 IEEE/ACIS 21st International Conference on Software Engineering Research, Management and Applications (SERA) Pub Date : 2023-04-26 DOI: 10.1109/SERA57763.2023.10197739
Jason Duran, M. Sakib, Nasir U. Eisty, Francesca Spezzano
{"title":"Evaluating Code Metrics in GitHub Repositories Related to Fake News and Misinformation","authors":"Jason Duran, M. Sakib, Nasir U. Eisty, Francesca Spezzano","doi":"10.1109/SERA57763.2023.10197739","DOIUrl":"https://doi.org/10.1109/SERA57763.2023.10197739","url":null,"abstract":"The surge of research on fake news and misinformation in the aftermath of the 2016 election has led to a significant increase in publicly available source code repositories. Our study aims to systematically analyze and evaluate the most relevant repositories and their Python source code in this area to improve awareness, quality, and understanding of these resources within the research community. Additionally, our work aims to measure the quality and complexity metrics of these repositories and identify their fundamental features to aid researchers in advancing the field’s knowledge in understanding and preventing the spread of misinformation on social media. As a result, we found that more popular fake news repositories and associated papers with higher citation counts tend to have more maintainable code measures, more complex code paths, a larger number of lines of code, a higher Halstead effort, and fewer comments. Utilizing these findings to devise efficient research and coding techniques to combat fake news, we can strive towards building a more knowledgeable and well-informed society.","PeriodicalId":211080,"journal":{"name":"2023 IEEE/ACIS 21st International Conference on Software Engineering Research, Management and Applications (SERA)","volume":"2013 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-04-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127308314","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信