Different abnormalities are commonly encountered in computer network systems.These types of abnormalities can lead to critical data losses or unauthorized access in the systems.Buffer overflow anomaly is a prominent i...Different abnormalities are commonly encountered in computer network systems.These types of abnormalities can lead to critical data losses or unauthorized access in the systems.Buffer overflow anomaly is a prominent issue among these abnormalities,posing a serious threat to network security.The primary objective of this study is to identify the potential risks of buffer overflow that can be caused by functions frequently used in the PHP programming language and to provide solutions to minimize these risks.Static code analyzers are used to detect security vulnerabilities,among which SonarQube stands out with its extensive library,flexible customization options,and reliability in the industry.In this context,a customized rule set aimed at automatically detecting buffer overflows has been developed on the SonarQube platform.The memoization optimization technique used while creating the customized rule set enhances the speed and efficiency of the code analysis process.As a result,the code analysis process is not repeatedly run for code snippets that have been analyzed before,significantly reducing processing time and resource utilization.In this study,a memoization-based rule set was utilized to detect critical security vulnerabilities that could lead to buffer overflow in source codes written in the PHP programming language.Thus,the analysis process is not repeatedly run for code snippets that have been analyzed before,leading to a significant reduction in processing time and resource utilization.In a case study conducted to assess the effectiveness of this method,a significant decrease in the source code analysis time was observed.展开更多
An inverse reduced-gravity model is used to simulate the deep South China Sea(SCS)circulation.A set of experiments are conducted using this model to study the influence of the Luzon overflow through the two inlets on ...An inverse reduced-gravity model is used to simulate the deep South China Sea(SCS)circulation.A set of experiments are conducted using this model to study the influence of the Luzon overflow through the two inlets on the deep circulation in the northern SCS.Model results suggest that the relative contribution of these inlets largely depends on the magnitude of the input transport of the overflow,but the northern inlet is more efficient than the southern inlet in driving the deep circulation in the northern SCS.When all of the Luzon overflow occurs through the northern inlet the deep circulation in the northern SCS is enhanced.Conversely,when all of the Luzon overflow occurs through the southern inlet the circulation in the northern SCS is weakened.A Lagrangian trajectory model is also developed and applied to these cases.The Lagrangian results indicate that the location of the Luzon overflow likely has impacts upon the sediment transport into the northern SCS.展开更多
On the basis of the latest version of a U.S. Navy generalized digital environment model (GDEM-V3.0) and World Ocean Atlas (WOA13), the hydraulic theory is revisited and applied to the Luzon Strait, providing a fre...On the basis of the latest version of a U.S. Navy generalized digital environment model (GDEM-V3.0) and World Ocean Atlas (WOA13), the hydraulic theory is revisited and applied to the Luzon Strait, providing a fresh look at the deepwater overflow there. The result reveals that: (1) the persistent density difference between two sides of the Luzon Strait sustains an all year round deepwater overflow from the western Pacific to the South China Sea (SCS); (2) the seasonal variability of the deepwater overflow is influenced not only by changes in the density difference between two sides of the Luzon Strait, but also by changes in its upstream layer thickness; (3) the deepwater overflow in the Luzon Strait shows a weak semiannual variability; (4) the seasonal mean circulation pattern in the SCS deep basin does not synchronously respond to the seasonality of the deepwater overflow in the Luzon Strait. Moreover, the deepwater overflow reaches its seasonal maximum in December (based on GDEM-V3.0) or in fall (October-December, based on the WOA13), accompanied by the lowest temperature of the year on the Pacific side of the Luzon Strait. The seasonal variability of the deepwater overflow is consistent with the existing longest (3.5 a) continuous observation along the major deepwater passage of the Luzon Strait.展开更多
In the field of Computer Science,software developers need to use a wide array of social collaborative platforms for learning and cooperating.The most popular ones are GitHub and Stack Overflow.Existing platforms only ...In the field of Computer Science,software developers need to use a wide array of social collaborative platforms for learning and cooperating.The most popular ones are GitHub and Stack Overflow.Existing platforms only support search queries to extract relevant repository information from GitHub,or questions and answers from Stack Overflow.This ignores the valuable coder-related part-who are the top experts(geek talents)in a specific area?This information is important to companies,open source projects,and to those who want to learn from an expert role model.Thus,how to find the right developers is quite a crucial yet challenging problem.Most of the current works mainly focus on recommending experts in a particular software engineering task and ignore the relationship between developers within different projects.In this paper,we propose a novel technique that automatically identifies geek talents from GitHub,Stack Overflow,and across both communities.The results show that our work performs well at recommending proper developers in diverse areas.展开更多
The way of intercepting Windows DLL functions against buffer overflow attacks is evaluated. It's produced at the expense of hooking vulnerable DLL functions by addition of check code. If the return address in the sta...The way of intercepting Windows DLL functions against buffer overflow attacks is evaluated. It's produced at the expense of hooking vulnerable DLL functions by addition of check code. If the return address in the stack belongs to a heap or stack page, the call is from illicit code and the program is terminated. The signature of malicious code is recorded, so it is possible for the next attack to be filtered out. The return-into-libc attacks are detected by comparing the entry address of DLL functions with the overwritten return address in the stack. The presented method interrupts the execution of malicious code and prevents the system from being hijacked when these intercepted DLL functions are invoked in the context of buffer overflow.展开更多
In periurban zones, urban wet weather discharges have been recognized as the most significant vector of pollution in aquatic environments. The discharge of this water without treatment into the aquatic environment cou...In periurban zones, urban wet weather discharges have been recognized as the most significant vector of pollution in aquatic environments. The discharge of this water without treatment into the aquatic environment could present an ecotoxicological risk for biocenosis. The aim of the INVASION project is to assess the potential ecotoxicological impact of a combined sewer overflow (CSO) on a peri-urban stream. A comparative study between upstream and downstream areas of the CSO allowed observing significant effects of this overflow on the river. We studied three layers of stream: surface water, benthic layer and hyporheic layer. To characterize the potential ecotoxicological risk of water and sediments, we used a battery of 4 bioassays: Daphnia magna, Vibrio fischeri, Brachionus calyciflorus and Heterocypris incongruens. In parallel, we measured the physico-chemical parameters: ammonium (NH4+), chromium (Cr), copper (Cu) and lead (Pb). An ecological risk is greatest for the hyporheic zone in downstream river, particularly for the solid phase. These results corroborated with the physico-chemical data obtained.展开更多
The paper provides an investigation and understanding of the significance of various wastewater flows on microplastics retainment and emission to the environment. WWTPs and sewer overflows as an important pathway of m...The paper provides an investigation and understanding of the significance of various wastewater flows on microplastics retainment and emission to the environment. WWTPs and sewer overflows as an important pathway of microplastics to the environment are assessed by considering the removal of microplastics in WWTPs with different treatment processes and several sewer overflow types and their contribution to microplastic loads to recipients. On the example of the Baltic Sea basin, presented results indicate a considerable discharge of microplastic from WWTPs despite the relatively good overall removal efficiency. Results show that the discharge of microplastics from sewer overflows can be in the same magnitude as from treated wastewater although the total flow is much lower than that of treated wastewater. Sewer overflow events frequently occur and are expected to increase due to climate change and urbanization, unless infrastructure is adapted. At the same time, sewer overflows are often neglected in conventional wastewater handling.展开更多
Number Systems are media for representing numbers;the popular ones being the Weighted Number Systems (WNS), which sometimes propagate carries during arithmetic computations. The other category, Un-Weighted Number Syst...Number Systems are media for representing numbers;the popular ones being the Weighted Number Systems (WNS), which sometimes propagate carries during arithmetic computations. The other category, Un-Weighted Number Systems, of which the Residue Number System (RNS) belongs, do not carry weights but have not yet found widespread usage in general purpose computing as a result of some challenges;one of the main challenges of RNS is overflow detection and correction. The presence of errors in calculated values due to such factors as overflow means that systems built on this number system will continue to fail until serious steps are taken to resolve the issue. In this paper, a scheme for detecting and correcting overflow during RNS addition is presented. The proposed scheme used mixed radix digits to evaluate the magnitude of the addends in order to detect the occurrence of overflow in their sum. The scheme also demonstrated a simplified technique of correcting the overflow in the event that it occurs. An analysis of the hardware requirements and speed limitations of the scheme showed that it performs considerably better in relation to similar state of art schemes.展开更多
Drill string will sustain large uplift force during the shut-in period after gas overflow in an ultra-deep well, and in serious case, it will run out of the wellhead. A calculation model of uplift force was establishe...Drill string will sustain large uplift force during the shut-in period after gas overflow in an ultra-deep well, and in serious case, it will run out of the wellhead. A calculation model of uplift force was established to analyze dynamic change characteristics of the uplift force of drill string during the shut-in period, and then a management procedure for the uplift risk during the shut-in period after gas overflow in the ultra-deep well was formed. Cross section method and pressure area method were used to analyze the force on drill string after shut-in of well, it was found that the source of uplift force was the "fictitious force" caused by the hydrostatic pressure in the well. When the fictitious force is in the opposite direction to the gravity, it is the uplift force. By adopting the theory of annular multiphase flow, considering the effects of wellbore afterflow and gas slippage, the dynamic change of the pressure and fluid in the wellbore and the uplift force of drill string during the shut-in period were analyzed. The magnitude and direction of uplift force are related to the length of drill string in the wellbore and shut-in time, and there is the risk of uplift of drill string when the length of drill string in the wellbore is smaller than the critical drill string length or the shut in time exceeds the critical shut in time. A set of treatment method and process to prevent the uplift of drill string is advanced during the shut-in period after overflow in the ultra-deep well, which makes the risk management of the drill string uplift in the ultra-deep well more rigorous and scientific.展开更多
文摘Different abnormalities are commonly encountered in computer network systems.These types of abnormalities can lead to critical data losses or unauthorized access in the systems.Buffer overflow anomaly is a prominent issue among these abnormalities,posing a serious threat to network security.The primary objective of this study is to identify the potential risks of buffer overflow that can be caused by functions frequently used in the PHP programming language and to provide solutions to minimize these risks.Static code analyzers are used to detect security vulnerabilities,among which SonarQube stands out with its extensive library,flexible customization options,and reliability in the industry.In this context,a customized rule set aimed at automatically detecting buffer overflows has been developed on the SonarQube platform.The memoization optimization technique used while creating the customized rule set enhances the speed and efficiency of the code analysis process.As a result,the code analysis process is not repeatedly run for code snippets that have been analyzed before,significantly reducing processing time and resource utilization.In this study,a memoization-based rule set was utilized to detect critical security vulnerabilities that could lead to buffer overflow in source codes written in the PHP programming language.Thus,the analysis process is not repeatedly run for code snippets that have been analyzed before,leading to a significant reduction in processing time and resource utilization.In a case study conducted to assess the effectiveness of this method,a significant decrease in the source code analysis time was observed.
基金The Foundation of China Ocean Mineral Resources R&D Association under contract No.DY135-E2-2-02the National Natural Science Foundation of China under contract Nos 9142820641976028 and 41806019。
文摘An inverse reduced-gravity model is used to simulate the deep South China Sea(SCS)circulation.A set of experiments are conducted using this model to study the influence of the Luzon overflow through the two inlets on the deep circulation in the northern SCS.Model results suggest that the relative contribution of these inlets largely depends on the magnitude of the input transport of the overflow,but the northern inlet is more efficient than the southern inlet in driving the deep circulation in the northern SCS.When all of the Luzon overflow occurs through the northern inlet the deep circulation in the northern SCS is enhanced.Conversely,when all of the Luzon overflow occurs through the southern inlet the circulation in the northern SCS is weakened.A Lagrangian trajectory model is also developed and applied to these cases.The Lagrangian results indicate that the location of the Luzon overflow likely has impacts upon the sediment transport into the northern SCS.
基金The National Natural Science Foundation of China(NSFC)-Shandong Joint Fund for Marine Science Research Centers of China under contract No.U1606405the National Basic Research Program(973 Program) of China under contract No.2011CB403502+2 种基金the National High Technology Research and Development Program(863 Program) of China under contract No.2013AA09A506the National Program on Global Change and Air-Sea Interaction under contract Nos GASI-IPOVAI-01-02 and GASI-03-01-01-04the National Natural Science Foundation of China under contract No.41606040
文摘On the basis of the latest version of a U.S. Navy generalized digital environment model (GDEM-V3.0) and World Ocean Atlas (WOA13), the hydraulic theory is revisited and applied to the Luzon Strait, providing a fresh look at the deepwater overflow there. The result reveals that: (1) the persistent density difference between two sides of the Luzon Strait sustains an all year round deepwater overflow from the western Pacific to the South China Sea (SCS); (2) the seasonal variability of the deepwater overflow is influenced not only by changes in the density difference between two sides of the Luzon Strait, but also by changes in its upstream layer thickness; (3) the deepwater overflow in the Luzon Strait shows a weak semiannual variability; (4) the seasonal mean circulation pattern in the SCS deep basin does not synchronously respond to the seasonality of the deepwater overflow in the Luzon Strait. Moreover, the deepwater overflow reaches its seasonal maximum in December (based on GDEM-V3.0) or in fall (October-December, based on the WOA13), accompanied by the lowest temperature of the year on the Pacific side of the Luzon Strait. The seasonal variability of the deepwater overflow is consistent with the existing longest (3.5 a) continuous observation along the major deepwater passage of the Luzon Strait.
基金Project(2018-YFB1004202)supported by the National Key R&D Program of ChinaProject(61702534)supported by the National Natural Science Foundation of China
文摘In the field of Computer Science,software developers need to use a wide array of social collaborative platforms for learning and cooperating.The most popular ones are GitHub and Stack Overflow.Existing platforms only support search queries to extract relevant repository information from GitHub,or questions and answers from Stack Overflow.This ignores the valuable coder-related part-who are the top experts(geek talents)in a specific area?This information is important to companies,open source projects,and to those who want to learn from an expert role model.Thus,how to find the right developers is quite a crucial yet challenging problem.Most of the current works mainly focus on recommending experts in a particular software engineering task and ignore the relationship between developers within different projects.In this paper,we propose a novel technique that automatically identifies geek talents from GitHub,Stack Overflow,and across both communities.The results show that our work performs well at recommending proper developers in diverse areas.
文摘The way of intercepting Windows DLL functions against buffer overflow attacks is evaluated. It's produced at the expense of hooking vulnerable DLL functions by addition of check code. If the return address in the stack belongs to a heap or stack page, the call is from illicit code and the program is terminated. The signature of malicious code is recorded, so it is possible for the next attack to be filtered out. The return-into-libc attacks are detected by comparing the entry address of DLL functions with the overwritten return address in the stack. The presented method interrupts the execution of malicious code and prevents the system from being hijacked when these intercepted DLL functions are invoked in the context of buffer overflow.
文摘In periurban zones, urban wet weather discharges have been recognized as the most significant vector of pollution in aquatic environments. The discharge of this water without treatment into the aquatic environment could present an ecotoxicological risk for biocenosis. The aim of the INVASION project is to assess the potential ecotoxicological impact of a combined sewer overflow (CSO) on a peri-urban stream. A comparative study between upstream and downstream areas of the CSO allowed observing significant effects of this overflow on the river. We studied three layers of stream: surface water, benthic layer and hyporheic layer. To characterize the potential ecotoxicological risk of water and sediments, we used a battery of 4 bioassays: Daphnia magna, Vibrio fischeri, Brachionus calyciflorus and Heterocypris incongruens. In parallel, we measured the physico-chemical parameters: ammonium (NH4+), chromium (Cr), copper (Cu) and lead (Pb). An ecological risk is greatest for the hyporheic zone in downstream river, particularly for the solid phase. These results corroborated with the physico-chemical data obtained.
文摘The paper provides an investigation and understanding of the significance of various wastewater flows on microplastics retainment and emission to the environment. WWTPs and sewer overflows as an important pathway of microplastics to the environment are assessed by considering the removal of microplastics in WWTPs with different treatment processes and several sewer overflow types and their contribution to microplastic loads to recipients. On the example of the Baltic Sea basin, presented results indicate a considerable discharge of microplastic from WWTPs despite the relatively good overall removal efficiency. Results show that the discharge of microplastics from sewer overflows can be in the same magnitude as from treated wastewater although the total flow is much lower than that of treated wastewater. Sewer overflow events frequently occur and are expected to increase due to climate change and urbanization, unless infrastructure is adapted. At the same time, sewer overflows are often neglected in conventional wastewater handling.
文摘Number Systems are media for representing numbers;the popular ones being the Weighted Number Systems (WNS), which sometimes propagate carries during arithmetic computations. The other category, Un-Weighted Number Systems, of which the Residue Number System (RNS) belongs, do not carry weights but have not yet found widespread usage in general purpose computing as a result of some challenges;one of the main challenges of RNS is overflow detection and correction. The presence of errors in calculated values due to such factors as overflow means that systems built on this number system will continue to fail until serious steps are taken to resolve the issue. In this paper, a scheme for detecting and correcting overflow during RNS addition is presented. The proposed scheme used mixed radix digits to evaluate the magnitude of the addends in order to detect the occurrence of overflow in their sum. The scheme also demonstrated a simplified technique of correcting the overflow in the event that it occurs. An analysis of the hardware requirements and speed limitations of the scheme showed that it performs considerably better in relation to similar state of art schemes.
基金Supported by China National Science and Technology Major Project(2016ZX05020-006)
文摘Drill string will sustain large uplift force during the shut-in period after gas overflow in an ultra-deep well, and in serious case, it will run out of the wellhead. A calculation model of uplift force was established to analyze dynamic change characteristics of the uplift force of drill string during the shut-in period, and then a management procedure for the uplift risk during the shut-in period after gas overflow in the ultra-deep well was formed. Cross section method and pressure area method were used to analyze the force on drill string after shut-in of well, it was found that the source of uplift force was the "fictitious force" caused by the hydrostatic pressure in the well. When the fictitious force is in the opposite direction to the gravity, it is the uplift force. By adopting the theory of annular multiphase flow, considering the effects of wellbore afterflow and gas slippage, the dynamic change of the pressure and fluid in the wellbore and the uplift force of drill string during the shut-in period were analyzed. The magnitude and direction of uplift force are related to the length of drill string in the wellbore and shut-in time, and there is the risk of uplift of drill string when the length of drill string in the wellbore is smaller than the critical drill string length or the shut in time exceeds the critical shut in time. A set of treatment method and process to prevent the uplift of drill string is advanced during the shut-in period after overflow in the ultra-deep well, which makes the risk management of the drill string uplift in the ultra-deep well more rigorous and scientific.