Cloud computing and edge computing brought more software,which also brought a new danger of malicious software attacks.Data synchronization mechanisms of software can further help reverse data modifications.Based on t...Cloud computing and edge computing brought more software,which also brought a new danger of malicious software attacks.Data synchronization mechanisms of software can further help reverse data modifications.Based on the mechanisms,attackers can cover themselves behind the network and modify data undetected.Related knowledge of software reverse engineering can be organized as rules to accelerate the attacks,when attackers intrude cloud server to access the source or binary codes.Therefore,we proposed a novel method to resist this kind of reverse engineering by breaking these rules.Our method is based on software obfuscations and encryptions to enhance the security of distributed software and cloud services in the 5G era.Our method is capable of(1)replacing theoriginal assembly codes of theprotectedprogramwithequivalent assembly instructions inan iteration way,(2)obfuscating the control flow of the protected program to confuse attackers meanwhile keeps the program producing the same outputs,(3)encrypting data to confuse attackers.In addition,the approach can periodically and automatically modify the protected software binary codes,and the binary codes of the protected software are encrypted to resist static analysis and dynamic analysis.Furthermore,a simplified virtual machine is implemented to make the protected codes unreadable to attackers.Cloud game is one of the specific scenarios which needs low latency and strong data consistency.Cheat engine,Ollydbg,and Interactive Disassembler Professional(IDA)are used prevalently for games.Our improved methods can protect the software from the most vulnerable aspects.The improved dynamic code swapping and the simplified virtual machine technologies for cloud games are the main innovations.We inductively learned that our methods have been working well according to the security mechanisms and time complexity analysis.Experiments show that hidden dangers can be eliminated with efficient methods:Execution time and file sizes of the target codes can be multiple times than that of the original program codes which depend on specific program functions.展开更多
Artificial intelligence(AI)has been a driving force for innovation and social progress in various domains(Pan,2017).However,most of its industrial applications have focused on the signal processing domain,which relies...Artificial intelligence(AI)has been a driving force for innovation and social progress in various domains(Pan,2017).However,most of its industrial applications have focused on the signal processing domain,which relies on data generated and collected by different sensors.展开更多
Machine learning(ML)techniques and algorithms have been successfully and widely used in various areas including software engineering tasks.Like other software projects,bugs are also common in ML projects and libraries...Machine learning(ML)techniques and algorithms have been successfully and widely used in various areas including software engineering tasks.Like other software projects,bugs are also common in ML projects and libraries.In order to more deeply understand the features related to bug fixing in ML projects,we conduct an empirical study with 939 bugs from five ML projects by manually examining the bug categories,fixing patterns,fixing scale,fixing duration,and types of maintenance.The results show that(1)there are commonly seven types of bugs in ML programs;(2)twelve fixing patterns are typically used to fix the bugs in ML programs;(3)68.80%of the patches belong to micro-scale-fix and small-scale-fix;(4)66.77%of the bugs in ML programs can be fixed within one month;(5)45.90%of the bug fixes belong to corrective activity from the perspective of software maintenance.Moreover,we perform a questionnaire survey and send them to developers or users of ML projects to validate the results in our empirical study.The results of our empirical study are basically consistent with the feedback from developers.The findings from the empirical study provide useful guidance and insights for developers and users to effectively detect and fix bugs in MLprojects.展开更多
基金supported by grants from Natural Science Foundation of Inner Mongolia Autonomous Region(No.2022MS06024)NSFC(No.61962040)+3 种基金Hainan Province Key R&D Program(ZDYF2022GXJS007,ZDYF2022GXJS010)Hainan Natural Science Foundation(620RC561)Hainan Province Higher Education and Teaching Reform Research Project(Hnjg2021ZD-3)Hainan Province Key Laboratory of Meteorological Disaster Prevention and Mitigation in the South China Sea,Open Fund Project(SCSF202210).
文摘Cloud computing and edge computing brought more software,which also brought a new danger of malicious software attacks.Data synchronization mechanisms of software can further help reverse data modifications.Based on the mechanisms,attackers can cover themselves behind the network and modify data undetected.Related knowledge of software reverse engineering can be organized as rules to accelerate the attacks,when attackers intrude cloud server to access the source or binary codes.Therefore,we proposed a novel method to resist this kind of reverse engineering by breaking these rules.Our method is based on software obfuscations and encryptions to enhance the security of distributed software and cloud services in the 5G era.Our method is capable of(1)replacing theoriginal assembly codes of theprotectedprogramwithequivalent assembly instructions inan iteration way,(2)obfuscating the control flow of the protected program to confuse attackers meanwhile keeps the program producing the same outputs,(3)encrypting data to confuse attackers.In addition,the approach can periodically and automatically modify the protected software binary codes,and the binary codes of the protected software are encrypted to resist static analysis and dynamic analysis.Furthermore,a simplified virtual machine is implemented to make the protected codes unreadable to attackers.Cloud game is one of the specific scenarios which needs low latency and strong data consistency.Cheat engine,Ollydbg,and Interactive Disassembler Professional(IDA)are used prevalently for games.Our improved methods can protect the software from the most vulnerable aspects.The improved dynamic code swapping and the simplified virtual machine technologies for cloud games are the main innovations.We inductively learned that our methods have been working well according to the security mechanisms and time complexity analysis.Experiments show that hidden dangers can be eliminated with efficient methods:Execution time and file sizes of the target codes can be multiple times than that of the original program codes which depend on specific program functions.
基金Project supported by the Hainan Provincial Key R&D Program of China(Nos.ZDYF2022GXJS007 and ZDYF2022GXJS010)the Hainan Provincial Natural Science Foundation of China(No.620RC561)+1 种基金the Hainan Provincial Higher Education and Teaching Reform Research Project of China(No.Hnjg2021ZD-3)the Open Fund Project of the Hainan Provincial Key Laboratory of Meteorological Disaster Prevention and Mitigation in the South China Sea,China(No.SCSF202210)。
文摘Artificial intelligence(AI)has been a driving force for innovation and social progress in various domains(Pan,2017).However,most of its industrial applications have focused on the signal processing domain,which relies on data generated and collected by different sensors.
基金This work was supported partially by the National Natural Science Foundation of China(Grant Nos.61872312,61972335,61472344,61611540347,61402396 and 61662021)partially by the Open Funds of State Key Laboratory for Novel Software Technology of Nanjing University(KFKT2020B15 and KFKT2020B16)+3 种基金partially by the Jiangsu“333”Project,partially by the Six Talent Peaks Project in Jiangsu Province(RJFW-053)partially by the Natural Science Foundation of Jiangsu(BK20181353)partially by the Yangzhou city-Yangzhou University Science and Technology Cooperation Fund Project(YZU201803),by the CERNET Innovation Project(NGII20180607)partially by the Yangzhou University Top-level Talents Support Program(2019).
文摘Machine learning(ML)techniques and algorithms have been successfully and widely used in various areas including software engineering tasks.Like other software projects,bugs are also common in ML projects and libraries.In order to more deeply understand the features related to bug fixing in ML projects,we conduct an empirical study with 939 bugs from five ML projects by manually examining the bug categories,fixing patterns,fixing scale,fixing duration,and types of maintenance.The results show that(1)there are commonly seven types of bugs in ML programs;(2)twelve fixing patterns are typically used to fix the bugs in ML programs;(3)68.80%of the patches belong to micro-scale-fix and small-scale-fix;(4)66.77%of the bugs in ML programs can be fixed within one month;(5)45.90%of the bug fixes belong to corrective activity from the perspective of software maintenance.Moreover,we perform a questionnaire survey and send them to developers or users of ML projects to validate the results in our empirical study.The results of our empirical study are basically consistent with the feedback from developers.The findings from the empirical study provide useful guidance and insights for developers and users to effectively detect and fix bugs in MLprojects.