Intelligent penetration testing is of great significance for the improvement of the security of information systems,and the critical issue is the planning of penetration test paths.In view of the difficulty for attack...Intelligent penetration testing is of great significance for the improvement of the security of information systems,and the critical issue is the planning of penetration test paths.In view of the difficulty for attackers to obtain complete network information in realistic network scenarios,Reinforcement Learning(RL)is a promising solution to discover the optimal penetration path under incomplete information about the target network.Existing RL-based methods are challenged by the sizeable discrete action space,which leads to difficulties in the convergence.Moreover,most methods still rely on experts’knowledge.To address these issues,this paper proposes a penetration path planning method based on reinforcement learning with episodic memory.First,the penetration testing problem is formally described in terms of reinforcement learning.To speed up the training process without specific prior knowledge,the proposed algorithm introduces episodic memory to store experienced advantageous strategies for the first time.Furthermore,the method offers an exploration strategy based on episodic memory to guide the agents in learning.The design makes full use of historical experience to achieve the purpose of reducing blind exploration and improving planning efficiency.Ultimately,comparison experiments are carried out with the existing RL-based methods.The results reveal that the proposed method has better convergence performance.The running time is reduced by more than 20%.展开更多
In today’s era, where mobile devices have become an integral part of our daily lives, ensuring the security of mobile applications has become increasingly crucial. Mobile penetration testing, a specialized subfield w...In today’s era, where mobile devices have become an integral part of our daily lives, ensuring the security of mobile applications has become increasingly crucial. Mobile penetration testing, a specialized subfield within the realm of cybersecurity, plays a vital role in safeguarding mobile ecosystems against the ever-evolving landscape of threats. The ubiquity of mobile devices has made them a prime target for cybercriminals, and the data and functionality accessed through mobile applications make them valuable assets to protect. Mobile penetration testing is designed to identify vulnerabilities, weaknesses, and potential exploits within mobile applications and the devices themselves. Unlike traditional penetration testing, which often focuses on network and server security, mobile penetration testing zeroes in on the unique challenges posed by mobile platforms. Mobile penetration testing, a specialized field within cybersecurity, is an essential tool in the Cybersecurity specialists’ toolkit to protect mobile ecosystems from emerging threats. This article introduces mobile penetration testing, emphasizing its significance, including comprehensive learning labs for Android and iOS platforms, and highlighting how it distinctly differs from traditional penetration testing methodologies.展开更多
Suction foundations are generally installed with negative pressures to overcome the resistance of soils and complete the penetration,but excessive negative pressures are also avoided to cause seepage damages.In this p...Suction foundations are generally installed with negative pressures to overcome the resistance of soils and complete the penetration,but excessive negative pressures are also avoided to cause seepage damages.In this paper,the model test method was used to analyze the movement characteristics of multi-bucket foundations in the process of sinking in sand,and the common calculation methods of sinking resistances are verified.The critical negative pressure corresponding to the seepage failure of foundation was determined under the action of increasing negative pressure step by step and the characteristics of soil failure were studied.The calculation formula of critical suction in sand was verified in application,and according to the test results,the value of seepage coefficient was modified,which provides an example for the study of suction foundation in sand soils.展开更多
Fine-grained silt is widely distributed in the Huanghe River Delta(HRD)in China,and the sedimentary structure is complex,meaning that the clay content in the silt is variable.The piezocone penetration test(CPTu)is the...Fine-grained silt is widely distributed in the Huanghe River Delta(HRD)in China,and the sedimentary structure is complex,meaning that the clay content in the silt is variable.The piezocone penetration test(CPTu)is the most widely approved in situ test method.It can be used to invert soil properties and interpret soil behavior.To analyse the strength properties of surface sediments in the HRD,this paper evaluated the friction angle and its inversion formula through the CPTu penetration test and monotonic simple shear test and other soil unit experiments.The evaluation showed that the empirical formula proposed by Kulhawy and Mayne had better prediction and inversion effect.The HRD silts with clay contents of 9.2%,21.4%and 30.3%were selected as samples for the CPTu variable rate penetration test.The results show as follows.(1)The effects of the clay content on the tip resistance and the pore pressure of silt under different penetration rates were summarized.The tip resistance Q_t is strongly dependent on the clay content of the silt,the B_(q)value of the silt tends to 0 and is not significantly affected by the change of the CPTu penetration rate.(2)Five soil behavior type classification charts and three soil behavior type indexes based on CPTu data were evaluated.The results show that the soil behavior type classification chart based on soil behavior type index ISBT,the Robertson 2010 behavior type classification chart are more suitable for the silty soil in the HRD.展开更多
In Brazil and various regions globally, the initiation of landslides is frequently associated with rainfall;yet the spatial arrangement of geological structures and stratification considerably influences landslide occ...In Brazil and various regions globally, the initiation of landslides is frequently associated with rainfall;yet the spatial arrangement of geological structures and stratification considerably influences landslide occurrences. The multifaceted nature of these influences makes the surveillance of mass movements a highly intricate task, requiring an understanding of numerous interdependent variables. Recent years have seen an emergence in scholarly research aimed at integrating geophysical and geotechnical methodologies. The conjoint examination of geophysical and geotechnical data offers an enhanced perspective into subsurface structures. Within this work, a methodology is proposed for the synchronous analysis of electrical resistivity geophysical data and geotechnical data, specifically those extracted from the Light Dynamic Penetrometer (DPL) and Standard Penetration Test (SPT). This study involved a linear fitting process to correlate resistivity with N10/SPT N-values from DPL/SPT soundings, culminating in a 2D profile of N10/SPT N-values predicated on electrical profiles. The findings of this research furnish invaluable insights into slope stability by allowing for a two-dimensional representation of penetration resistance properties. Through the synthesis of geophysical and geotechnical data, this project aims to augment the comprehension of subsurface conditions, with potential implications for refining landslide risk evaluations. This endeavor offers insight into the formulation of more effective and precise slope management protocols and disaster prevention strategies.展开更多
Soil liquefaction is one of the complex research topics in geotechnical engineering and engineering geology. Especially after the 1964 Niigata earthquake (Japan) induced many soil liquefaction incidents, a variety of ...Soil liquefaction is one of the complex research topics in geotechnical engineering and engineering geology. Especially after the 1964 Niigata earthquake (Japan) induced many soil liquefaction incidents, a variety of soil liquefaction studies were conducted and reported, including the liquefaction potential assessment methods utilizing the shear wave velocity (V<sub>s</sub>) or SPT-N profiles (SPT: standard penetration test). This study used the V<sub>s</sub> and SPT methods recommended by the National Center for Earthquake Engineering Research (NCEER) to examine which is more conservative according to the assessment results on 41 liquefiable soil layers at sites in two major cities in Taiwan. Statistical hypothesis testing was used to make the analysis more quantitative and objective. Based on three sets of hypothesis tests, it shows that the hypothesis—the SPT method is more conservative than the V<sub>s</sub> method—was not rejected on a 5% level of significance.展开更多
Mining penetration testing semantic knowledge hidden in vast amounts of raw penetration testing data is of vital importance for automated penetration testing.Associative rule mining,a data mining technique,has been st...Mining penetration testing semantic knowledge hidden in vast amounts of raw penetration testing data is of vital importance for automated penetration testing.Associative rule mining,a data mining technique,has been studied and explored for a long time.However,few studies have focused on knowledge discovery in the penetration testing area.The experimental result reveals that the long-tail distribution of penetration testing data nullifies the effectiveness of associative rule mining algorithms that are based on frequent pattern.To address this problem,a Bayesian inference based penetration semantic knowledge mining algorithm is proposed.First,a directed bipartite graph model,a kind of Bayesian network,is constructed to formalize penetration testing data.Then,we adopt the maximum likelihood estimate method to optimize the model parameters and decompose a large Bayesian network into smaller networks based on conditional independence of variables for improved solution efficiency.Finally,irrelevant variable elimination is adopted to extract penetration semantic knowledge from the conditional probability distribution of the model.The experimental results show that the proposed method can discover penetration semantic knowledge from raw penetration testing data effectively and efficiently.展开更多
Ground improvement has been used on many construction sites to densify granular materials, in other word, to improve soil properties and reduce potential settlement. This work presents a case study of ground improveme...Ground improvement has been used on many construction sites to densify granular materials, in other word, to improve soil properties and reduce potential settlement. This work presents a case study of ground improvement using rapid impact compaction (RIC). The research site comprises the construction of workshop and depots as part of railway development project at Batu Gajah-Ipoh, Malaysia. In-situ testing results show that the subsurface soil comprises mainly of sand and silty sand through the investigated depth extended to 10 m. Groundwater is approximately 0.5 m below the ground surface. Evaluation of improvement was based on the results of pre- and post-improvement cone penetration test (CPT). Interpretation software has been used to infer soil properties. Load test was conducted to estimate soil settlement. It is found that the technique succeeds in improving soil properties namely the relative density increases from 45% to 70%, the friction angle of soil is increased by an average of 3°, and the soil settlement is reduced by 50%: The technique succeeds in improving soil properties to approximately 5.0 m in depth depending on soil uniformity with depth.展开更多
Cone penetration test(CPT)is an appropriate technique for quickly determining the geotechnical properties of lunar soil,which is valuable for in situ lunar exploration.Utilizing a typical coupling method recently deve...Cone penetration test(CPT)is an appropriate technique for quickly determining the geotechnical properties of lunar soil,which is valuable for in situ lunar exploration.Utilizing a typical coupling method recently developed by the authors,a finite element method(FEM)-discrete element method(DEM)coupled model of CPTs is obtained.A series of CPTs in lunar soil are simulated to qualitatively reveal the flow of particles and the development of resistance throughout the penetration process.In addition,the effects of major factors,such as penetration velocity,penetration depth,cone tip angle,and the low gravity on the Moon surface are investigated.展开更多
In this study, th e least sq u are su p p o rt v ecto r m achine (LSSVM) alg o rith m w as applied to predicting th ebearing capacity o f b ored piles e m b ed d ed in sand an d m ixed soils. Pile g eo m etry an d c...In this study, th e least sq u are su p p o rt v ecto r m achine (LSSVM) alg o rith m w as applied to predicting th ebearing capacity o f b ored piles e m b ed d ed in sand an d m ixed soils. Pile g eo m etry an d cone p e n e tra tio nte s t (CPT) resu lts w ere used as in p u t variables for pred ictio n o f pile bearin g capacity. The d ata u se d w erecollected from th e existing litera tu re an d consisted o f 50 case records. The application o f LSSVM w ascarried o u t by dividing th e d ata into th re e se ts: a train in g se t for learning th e pro b lem an d obtain in g arelationship b e tw e e n in p u t variables an d pile bearin g capacity, and testin g an d validation sets forevaluation o f th e predictive an d g en eralization ability o f th e o b tain ed relationship. The predictions o f pilebearing capacity by LSSVM w ere evaluated by com paring w ith ex p erim en tal d ata an d w ith th o se bytrad itio n al CPT-based m eth o d s and th e gene ex pression pro g ram m in g (GEP) m odel. It w as found th a t th eLSSVM perform s w ell w ith coefficient o f d eterm in atio n , m ean, an d sta n d ard dev iatio n equivalent to 0.99,1.03, an d 0.08, respectively, for th e testin g set, an d 1, 1.04, an d 0.11, respectively, for th e v alidation set. Thelow values o f th e calculated m ean squared e rro r an d m ean ab so lu te e rro r indicated th a t th e LSSVM w asaccurate in p redicting th e pile bearing capacity. The results o f com parison also show ed th a t th e p roposedalg o rith m p red icted th e pile bearin g capacity m ore accurately th a n th e trad itio n al m eth o d s including th eGEP m odel.展开更多
Characterizing spatial distribution of soil liquefaction potential is critical for assessing liquefactionrelated hazards(e.g.building damages caused by liquefaction-induced differential settlement).However,in engineer...Characterizing spatial distribution of soil liquefaction potential is critical for assessing liquefactionrelated hazards(e.g.building damages caused by liquefaction-induced differential settlement).However,in engineering practice,soil liquefaction potential is usually measured at limited locations in a specific site using in situ tests,e.g.cone penetration tests(CPTs),due to the restrictions of time,cost and access to subsurface space.In these cases,liquefaction potential of soil at untested locations requires to be interpreted from limited measured data points using proper interpolation method,leading to remarkable statistical uncertainty in liquefaction assessment.This underlines an important question of how to optimize the locations of CPT soundings and determine the minimum number of CPTs for achieving a target reliability level of liquefaction assessment.To tackle this issue,this study proposes a smart sampling strategy for determining the minimum number of CPTs and their optimal locations in a selfadaptive and data-driven manner.The proposed sampling strategy leverages on information entropy and Bayesian compressive sampling(BCS).Both simulated and real CPT data are used to demonstrate the proposed method.Illustrative examples indicate that the proposed method can adaptively and sequentially select the required number and optimal locations of CPTs.展开更多
Interpretation of electric cone penetration test(CPT) based pore water pressure measurement(CPTu) is well established for soils with behavior that follows classical soil mechanics. The literature on the interpretation...Interpretation of electric cone penetration test(CPT) based pore water pressure measurement(CPTu) is well established for soils with behavior that follows classical soil mechanics. The literature on the interpretation of these tests performed on unsaturated tropical soils is limited, and little is known about the influence of soil suction on in situ test data. In this context, the CPT data are presented and discussed to illustrate the seasonal variability in an unsaturated tropical soil site. The test data show that soil suction significantly influenced CPT data up to a depth of 4 m at the study site. It shows the importance of considering seasonal variability in unsaturated soil sites caused by soil suction, which was related to water content through a soil-water retention curve(SWRC). It is also important to consider this aspect in the interpretation of CPT data from these soils.展开更多
Piezocone penetration test(CPTu),the preferred in-situ tool for submarine investigation,is significant for soil classification and soil depth profile prediction,which can be used to predict soil types and states.Howev...Piezocone penetration test(CPTu),the preferred in-situ tool for submarine investigation,is significant for soil classification and soil depth profile prediction,which can be used to predict soil types and states.However,the accuracy of these methods needs to be validated for local conditions.To distinguish and evaluate the properties of the shallow surface sediments in Chengdao area of the Yellow River Delta,seabed CPTu tests were carried out at ten stations in this area.Nine soil classification methods based on CPTu data are applied for soil classification.The results of classification are compared with the in-situ sampling to determine whether the method can provide sufficient resolution.The methods presented by Robertson(based on soil behavior type index Ic),Olsen and Mitchell are the more consistent and compatible ones compared with other methods.Considering that silt soils have potential to liquefy under storm tide or other adverse conditions,this paper is able to screen soil classification methods suitable for the Chengdao area and help identify the areas where liquefaction or submarine landslide may occur through CPTu investigation.展开更多
Aiming to improve the Structured Query Language( SQL) injection penetration test accuracy through the formalismguided test case generation,an attack purpose based attack tree model of SQL injection is proposed,and the...Aiming to improve the Structured Query Language( SQL) injection penetration test accuracy through the formalismguided test case generation,an attack purpose based attack tree model of SQL injection is proposed,and then under the guidance of this model, the formal descriptions for the SQL injection vulnerability feature and SQL injection attack inputs are established. Moreover,according to new coverage criteria,these models are instantiated and the executable test cases are generated.Experiments show that compared with the random enumerated test case used in other works,the test case generated by our method can detect the SQL injection vulnerability more effectively. Therefore,the false negative is reduced and the test accuracy is improved.展开更多
Cone penetration testing (CPT) is a cost effective and popular tool for geotechnical site characterization. CPT consists of pushing at a constant rate an electronic penetrometer into penetrable soils and recording con...Cone penetration testing (CPT) is a cost effective and popular tool for geotechnical site characterization. CPT consists of pushing at a constant rate an electronic penetrometer into penetrable soils and recording cone bearing (q<sub>c</sub>), sleeve friction (f<sub>c</sub>) and dynamic pore pressure (u) with depth. The measured q<sub>c</sub>, f<sub>s</sub> and u values are utilized to estimate soil type and associated soil properties. A popular method to estimate soil type from CPT measurements is the Soil Behavior Type (SBT) chart. The SBT plots cone resistance vs friction ratio, R<sub>f</sub> [where: R<sub>f</sub> = (f<sub>s</sub>/q<sub>c</sub>)100%]. There are distortions in the CPT measurements which can result in erroneous SBT plots. Cone bearing measurements at a specific depth are blurred or averaged due to q<sub>c</sub> values being strongly influenced by soils within 10 to 30 cone diameters from the cone tip. The q<sub>c</sub>HMM algorithm was developed to address the q<sub>c</sub> blurring/averaging limitation. This paper describes the distortions which occur when obtaining sleeve friction measurements which can in association with q<sub>c</sub> blurring result in significant errors in the calculated R<sub>f</sub> values. This paper outlines a novel and highly effective algorithm for obtaining accurate sleeve friction and friction ratio estimates. The f<sub>c</sub> optimal filter estimation technique is referred to as the OSFE-IFM algorithm. The mathematical details of the OSFE-IFM algorithm are outlined in this paper along with the results from a challenging test bed simulation. The test bed simulation demonstrates that the OSFE-IFM algorithm derives accurate estimates of sleeve friction from measured values. Optimal estimates of cone bearing and sleeve friction result in accurate R<sub>f</sub> values and subsequent accurate estimates of soil behavior type.展开更多
Cone penetration testing (CPT) is an extensively utilized and cost effective tool for geotechnical site characterization. CPT consists of pushing at a constant rate an electronic cone into penetrable soils and recordi...Cone penetration testing (CPT) is an extensively utilized and cost effective tool for geotechnical site characterization. CPT consists of pushing at a constant rate an electronic cone into penetrable soils and recording the resistance to the cone tip (q<sub>c</sub> value). The measured q<sub>c</sub> values (after correction for the pore water pressure) are utilized to estimate soil type and associated soil properties based predominantly on empirical correlations. The most common cone tips have associated areas of 10 cm<sup>2</sup> and 15 cm<sup>2</sup>. Investigators also utilized significantly larger cone tips (33 cm<sup>2</sup> and 40 cm<sup>2</sup>) so that gravelly soils can be penetrated. Small cone tips (2 cm<sup>2</sup> and 5 cm<sup>2</sup>) are utilized for shallow soil investigations. The cone tip resistance measured at a particular depth is affected by the values above and below the depth of interest which results in a smoothing or blurring of the true bearing values. Extensive work has been carried out in mathematically modelling the smoothing function which results in the blurred cone bearing measurements. This paper outlines a technique which facilitates estimating the dominant parameters of the cone smoothing function from processing real cone bearing data sets. This cone calibration technique is referred to as the so-called CPSPE algorithm. The mathematical details of the CPSPE algorithm are outlined in this paper along with the results from a challenging test bed simulation.展开更多
The methodology of predicting pile shaft skin ultimate friction has been studied in a systematic way. In the light of that, the analysis of the pile shaft resistance for bored and cast in situ piles in cohesive soil...The methodology of predicting pile shaft skin ultimate friction has been studied in a systematic way. In the light of that, the analysis of the pile shaft resistance for bored and cast in situ piles in cohesive soils was carried out thoroughly in the basis of field performance data of 10 fully instrumented large diameter bored piles (LDBPs) used as the bridge foundation. The undrained strength index μ in term of cohesive soils was brought forward in allusion to the cohesive soils in the consistence plastic state, and can effectively combine the friction angle and the cohesion of cohesive soils in undrained condition. And that the classical ' α method' was modified much in effect to predict the pile shaft skin friction of LDBPs in cohesive soils. Furthermore, the approach of standard penetration test (SPT) N value used to estimate the pile shaft skin ultimate friction was analyzed, and the calculating formulae were established for LDBPs in clay and silt clay respectively.展开更多
Cone penetration testing (CPT) is a widely used geotechnical engineering </span><i><span style="font-family:Verdana;">in-situ</span></i><span style="font-family:Verdana;...Cone penetration testing (CPT) is a widely used geotechnical engineering </span><i><span style="font-family:Verdana;">in-situ</span></i><span style="font-family:Verdana;"> test for mapping soil profiles and assessing soil properties. In CPT, a cone on the end of a series of rods is pushed into the ground at a constant rate and resistance to the cone tip is measured (</span><i><span style="font-family:Verdana;">q</span><sub><span style="font-family:Verdana;">m</span></sub></i><span style="font-family:Verdana;">). The </span><i><span style="font-family:Verdana;">q</span><sub><span style="font-family:Verdana;">m</span></sub></i><span style="font-family:Verdana;"> values are utilized to characterize the soil profile. Unfortunately, the measured cone tip resistance </span></span><span style="font-family:Verdana;">is</span><span style="font-family:""><span style="font-family:Verdana;"> blurred and/or averaged which can result in the distortion of the soil profile characterization and the inability to identify thin layers. This paper outlines a novel and highly effective algorithm for obtaining cone bearing estimates </span><i><span style="font-family:Verdana;">q</span><sub><span style="font-family:Verdana;">t</span></sub></i><span style="font-family:Verdana;"> from averaged or smoothed </span><i><span style="font-family:Verdana;">q</span><sub><span style="font-family:Verdana;">m</span></sub></i><span style="font-family:Verdana;"> measurements. This </span><i><span style="font-family:Verdana;">q</span><sub><span style="font-family:Verdana;">t</span></sub></i><span style="font-family:Verdana;"> optimal filter estimation technique is referred to as the </span><i><span style="font-family:Verdana;">q</span><sub><span style="font-family:Verdana;">t</span></sub><span style="font-family:Verdana;">HMM-IFM</span></i><span style="font-family:Verdana;"> algorithm and it implements a hybrid hidden Markov model and iterative forward modelling technique. The mathematical details of the </span><i><span style="font-family:Verdana;">q</span><sub><span style="font-family:Verdana;">t</span></sub><span style="font-family:Verdana;">HMM-IFM</span></i><span style="font-family:Verdana;"> algorithm are outline</span><span style="font-family:Verdana;">d in this paper along with the results from challenging test</span></span><span style="font-family:""> </span><span style="font-family:Verdana;">bed. The test</span><span style="font-family:""> </span><span style="font-family:Verdana;">b</span><span style="font-family:""><span style="font-family:Verdana;">ed simulations have demonstrated that the </span><i><span style="font-family:Verdana;">q</span><sub><span style="font-family:Verdana;">t</span></sub><span style="font-family:Verdana;">HMM-IFM</span></i><span style="font-family:Verdana;"> algorithm can derive accurate </span><i><span style="font-family:Verdana;">q</span><sub><span style="font-family:Verdana;">t</span></sub></i><span style="font-family:Verdana;"> values from challenging averaged </span><i><span style="font-family:Verdana;">q</span><sub><span style="font-family:Verdana;">m</span></sub></i><span style="font-family:Verdana;"> profiles. This allows for greater soil resolution and the identification and quantification of thin layers in a soil profile.展开更多
Many organizations,to save costs,are moving to the Bring Your Own Mobile Device(BYOD)model and adopting applications built by third-parties at an unprecedented rate.Our research examines software assurance methodologi...Many organizations,to save costs,are moving to the Bring Your Own Mobile Device(BYOD)model and adopting applications built by third-parties at an unprecedented rate.Our research examines software assurance methodologies specifically focusing on security analysis coverage of the program analysis for mobile malware detection,mitigation,and prevention.This research focuses on secure software development of Android applications by developing knowledge graphs for threats reported by the Open Web Application Security Project(OWASP).OWASP maintains lists of the top ten security threats to web and mobile applications.We develop knowledge graphs based on the two most recent top ten threat years and show how the knowledge graph relationships can be discovered in mobile application source code.We analyze 200+healthcare applications from GitHub to gain an understanding of their software assurance of their developed software for one of the OWASP top ten mobile threats,the threat of“Insecure Data Storage.”We find that many of the applications are storing personally identifying information(PII)in potentially vulnerable places leaving users exposed to higher risks for the loss of their sensitive data.展开更多
文摘Intelligent penetration testing is of great significance for the improvement of the security of information systems,and the critical issue is the planning of penetration test paths.In view of the difficulty for attackers to obtain complete network information in realistic network scenarios,Reinforcement Learning(RL)is a promising solution to discover the optimal penetration path under incomplete information about the target network.Existing RL-based methods are challenged by the sizeable discrete action space,which leads to difficulties in the convergence.Moreover,most methods still rely on experts’knowledge.To address these issues,this paper proposes a penetration path planning method based on reinforcement learning with episodic memory.First,the penetration testing problem is formally described in terms of reinforcement learning.To speed up the training process without specific prior knowledge,the proposed algorithm introduces episodic memory to store experienced advantageous strategies for the first time.Furthermore,the method offers an exploration strategy based on episodic memory to guide the agents in learning.The design makes full use of historical experience to achieve the purpose of reducing blind exploration and improving planning efficiency.Ultimately,comparison experiments are carried out with the existing RL-based methods.The results reveal that the proposed method has better convergence performance.The running time is reduced by more than 20%.
文摘In today’s era, where mobile devices have become an integral part of our daily lives, ensuring the security of mobile applications has become increasingly crucial. Mobile penetration testing, a specialized subfield within the realm of cybersecurity, plays a vital role in safeguarding mobile ecosystems against the ever-evolving landscape of threats. The ubiquity of mobile devices has made them a prime target for cybercriminals, and the data and functionality accessed through mobile applications make them valuable assets to protect. Mobile penetration testing is designed to identify vulnerabilities, weaknesses, and potential exploits within mobile applications and the devices themselves. Unlike traditional penetration testing, which often focuses on network and server security, mobile penetration testing zeroes in on the unique challenges posed by mobile platforms. Mobile penetration testing, a specialized field within cybersecurity, is an essential tool in the Cybersecurity specialists’ toolkit to protect mobile ecosystems from emerging threats. This article introduces mobile penetration testing, emphasizing its significance, including comprehensive learning labs for Android and iOS platforms, and highlighting how it distinctly differs from traditional penetration testing methodologies.
基金The authors would like to acknowledge the support from the National Natural Science Foundation of China(No.52171274).
文摘Suction foundations are generally installed with negative pressures to overcome the resistance of soils and complete the penetration,but excessive negative pressures are also avoided to cause seepage damages.In this paper,the model test method was used to analyze the movement characteristics of multi-bucket foundations in the process of sinking in sand,and the common calculation methods of sinking resistances are verified.The critical negative pressure corresponding to the seepage failure of foundation was determined under the action of increasing negative pressure step by step and the characteristics of soil failure were studied.The calculation formula of critical suction in sand was verified in application,and according to the test results,the value of seepage coefficient was modified,which provides an example for the study of suction foundation in sand soils.
基金The National Natural Science Foundation of China under contract No.U2006213。
文摘Fine-grained silt is widely distributed in the Huanghe River Delta(HRD)in China,and the sedimentary structure is complex,meaning that the clay content in the silt is variable.The piezocone penetration test(CPTu)is the most widely approved in situ test method.It can be used to invert soil properties and interpret soil behavior.To analyse the strength properties of surface sediments in the HRD,this paper evaluated the friction angle and its inversion formula through the CPTu penetration test and monotonic simple shear test and other soil unit experiments.The evaluation showed that the empirical formula proposed by Kulhawy and Mayne had better prediction and inversion effect.The HRD silts with clay contents of 9.2%,21.4%and 30.3%were selected as samples for the CPTu variable rate penetration test.The results show as follows.(1)The effects of the clay content on the tip resistance and the pore pressure of silt under different penetration rates were summarized.The tip resistance Q_t is strongly dependent on the clay content of the silt,the B_(q)value of the silt tends to 0 and is not significantly affected by the change of the CPTu penetration rate.(2)Five soil behavior type classification charts and three soil behavior type indexes based on CPTu data were evaluated.The results show that the soil behavior type classification chart based on soil behavior type index ISBT,the Robertson 2010 behavior type classification chart are more suitable for the silty soil in the HRD.
文摘In Brazil and various regions globally, the initiation of landslides is frequently associated with rainfall;yet the spatial arrangement of geological structures and stratification considerably influences landslide occurrences. The multifaceted nature of these influences makes the surveillance of mass movements a highly intricate task, requiring an understanding of numerous interdependent variables. Recent years have seen an emergence in scholarly research aimed at integrating geophysical and geotechnical methodologies. The conjoint examination of geophysical and geotechnical data offers an enhanced perspective into subsurface structures. Within this work, a methodology is proposed for the synchronous analysis of electrical resistivity geophysical data and geotechnical data, specifically those extracted from the Light Dynamic Penetrometer (DPL) and Standard Penetration Test (SPT). This study involved a linear fitting process to correlate resistivity with N10/SPT N-values from DPL/SPT soundings, culminating in a 2D profile of N10/SPT N-values predicated on electrical profiles. The findings of this research furnish invaluable insights into slope stability by allowing for a two-dimensional representation of penetration resistance properties. Through the synthesis of geophysical and geotechnical data, this project aims to augment the comprehension of subsurface conditions, with potential implications for refining landslide risk evaluations. This endeavor offers insight into the formulation of more effective and precise slope management protocols and disaster prevention strategies.
文摘Soil liquefaction is one of the complex research topics in geotechnical engineering and engineering geology. Especially after the 1964 Niigata earthquake (Japan) induced many soil liquefaction incidents, a variety of soil liquefaction studies were conducted and reported, including the liquefaction potential assessment methods utilizing the shear wave velocity (V<sub>s</sub>) or SPT-N profiles (SPT: standard penetration test). This study used the V<sub>s</sub> and SPT methods recommended by the National Center for Earthquake Engineering Research (NCEER) to examine which is more conservative according to the assessment results on 41 liquefiable soil layers at sites in two major cities in Taiwan. Statistical hypothesis testing was used to make the analysis more quantitative and objective. Based on three sets of hypothesis tests, it shows that the hypothesis—the SPT method is more conservative than the V<sub>s</sub> method—was not rejected on a 5% level of significance.
基金the National Natural Science Foundation of China No.61502528.
文摘Mining penetration testing semantic knowledge hidden in vast amounts of raw penetration testing data is of vital importance for automated penetration testing.Associative rule mining,a data mining technique,has been studied and explored for a long time.However,few studies have focused on knowledge discovery in the penetration testing area.The experimental result reveals that the long-tail distribution of penetration testing data nullifies the effectiveness of associative rule mining algorithms that are based on frequent pattern.To address this problem,a Bayesian inference based penetration semantic knowledge mining algorithm is proposed.First,a directed bipartite graph model,a kind of Bayesian network,is constructed to formalize penetration testing data.Then,we adopt the maximum likelihood estimate method to optimize the model parameters and decompose a large Bayesian network into smaller networks based on conditional independence of variables for improved solution efficiency.Finally,irrelevant variable elimination is adopted to extract penetration semantic knowledge from the conditional probability distribution of the model.The experimental results show that the proposed method can discover penetration semantic knowledge from raw penetration testing data effectively and efficiently.
基金Projects(RG148/12AET,RG086/10AET) supported by the UMRG,MalaysiaProject(PS05812010B) supported by the Post Graduate Research Fund,Malaysia
文摘Ground improvement has been used on many construction sites to densify granular materials, in other word, to improve soil properties and reduce potential settlement. This work presents a case study of ground improvement using rapid impact compaction (RIC). The research site comprises the construction of workshop and depots as part of railway development project at Batu Gajah-Ipoh, Malaysia. In-situ testing results show that the subsurface soil comprises mainly of sand and silty sand through the investigated depth extended to 10 m. Groundwater is approximately 0.5 m below the ground surface. Evaluation of improvement was based on the results of pre- and post-improvement cone penetration test (CPT). Interpretation software has been used to infer soil properties. Load test was conducted to estimate soil settlement. It is found that the technique succeeds in improving soil properties namely the relative density increases from 45% to 70%, the friction angle of soil is increased by an average of 3°, and the soil settlement is reduced by 50%: The technique succeeds in improving soil properties to approximately 5.0 m in depth depending on soil uniformity with depth.
基金Project(51278451) supported by the National Natural Science Foundation of ChinaProject(LZ12E09001) supported by the Zhejiang Natural Science Foundation,China
文摘Cone penetration test(CPT)is an appropriate technique for quickly determining the geotechnical properties of lunar soil,which is valuable for in situ lunar exploration.Utilizing a typical coupling method recently developed by the authors,a finite element method(FEM)-discrete element method(DEM)coupled model of CPTs is obtained.A series of CPTs in lunar soil are simulated to qualitatively reveal the flow of particles and the development of resistance throughout the penetration process.In addition,the effects of major factors,such as penetration velocity,penetration depth,cone tip angle,and the low gravity on the Moon surface are investigated.
文摘In this study, th e least sq u are su p p o rt v ecto r m achine (LSSVM) alg o rith m w as applied to predicting th ebearing capacity o f b ored piles e m b ed d ed in sand an d m ixed soils. Pile g eo m etry an d cone p e n e tra tio nte s t (CPT) resu lts w ere used as in p u t variables for pred ictio n o f pile bearin g capacity. The d ata u se d w erecollected from th e existing litera tu re an d consisted o f 50 case records. The application o f LSSVM w ascarried o u t by dividing th e d ata into th re e se ts: a train in g se t for learning th e pro b lem an d obtain in g arelationship b e tw e e n in p u t variables an d pile bearin g capacity, and testin g an d validation sets forevaluation o f th e predictive an d g en eralization ability o f th e o b tain ed relationship. The predictions o f pilebearing capacity by LSSVM w ere evaluated by com paring w ith ex p erim en tal d ata an d w ith th o se bytrad itio n al CPT-based m eth o d s and th e gene ex pression pro g ram m in g (GEP) m odel. It w as found th a t th eLSSVM perform s w ell w ith coefficient o f d eterm in atio n , m ean, an d sta n d ard dev iatio n equivalent to 0.99,1.03, an d 0.08, respectively, for th e testin g set, an d 1, 1.04, an d 0.11, respectively, for th e v alidation set. Thelow values o f th e calculated m ean squared e rro r an d m ean ab so lu te e rro r indicated th a t th e LSSVM w asaccurate in p redicting th e pile bearing capacity. The results o f com parison also show ed th a t th e p roposedalg o rith m p red icted th e pile bearin g capacity m ore accurately th a n th e trad itio n al m eth o d s including th eGEP m odel.
基金supported by grants from the Research Grant Council of Hong Kong Special Administrative Region,China(Project Nos.CityU 11202121 and CityU 11213119).
文摘Characterizing spatial distribution of soil liquefaction potential is critical for assessing liquefactionrelated hazards(e.g.building damages caused by liquefaction-induced differential settlement).However,in engineering practice,soil liquefaction potential is usually measured at limited locations in a specific site using in situ tests,e.g.cone penetration tests(CPTs),due to the restrictions of time,cost and access to subsurface space.In these cases,liquefaction potential of soil at untested locations requires to be interpreted from limited measured data points using proper interpolation method,leading to remarkable statistical uncertainty in liquefaction assessment.This underlines an important question of how to optimize the locations of CPT soundings and determine the minimum number of CPTs for achieving a target reliability level of liquefaction assessment.To tackle this issue,this study proposes a smart sampling strategy for determining the minimum number of CPTs and their optimal locations in a selfadaptive and data-driven manner.The proposed sampling strategy leverages on information entropy and Bayesian compressive sampling(BCS).Both simulated and real CPT data are used to demonstrate the proposed method.Illustrative examples indicate that the proposed method can adaptively and sequentially select the required number and optimal locations of CPTs.
基金the S?o Paulo Research Foundation (FAPESP) (Grant Nos. 2010/50680-3, 2011/09031-0, 2014/23767-8 and 2015/ 17260-0)the National Council for Scientific and Technological Development (CNPq) (Grant Nos. 310867/2012-6 and 446424/ 2014-5) for supporting their research
文摘Interpretation of electric cone penetration test(CPT) based pore water pressure measurement(CPTu) is well established for soils with behavior that follows classical soil mechanics. The literature on the interpretation of these tests performed on unsaturated tropical soils is limited, and little is known about the influence of soil suction on in situ test data. In this context, the CPT data are presented and discussed to illustrate the seasonal variability in an unsaturated tropical soil site. The test data show that soil suction significantly influenced CPT data up to a depth of 4 m at the study site. It shows the importance of considering seasonal variability in unsaturated soil sites caused by soil suction, which was related to water content through a soil-water retention curve(SWRC). It is also important to consider this aspect in the interpretation of CPT data from these soils.
基金The National Natural Science Foundation of China under contract Nos U2006213 and 41672272the Fundamental Research Funds for the Central Universities under contract No.201962011。
文摘Piezocone penetration test(CPTu),the preferred in-situ tool for submarine investigation,is significant for soil classification and soil depth profile prediction,which can be used to predict soil types and states.However,the accuracy of these methods needs to be validated for local conditions.To distinguish and evaluate the properties of the shallow surface sediments in Chengdao area of the Yellow River Delta,seabed CPTu tests were carried out at ten stations in this area.Nine soil classification methods based on CPTu data are applied for soil classification.The results of classification are compared with the in-situ sampling to determine whether the method can provide sufficient resolution.The methods presented by Robertson(based on soil behavior type index Ic),Olsen and Mitchell are the more consistent and compatible ones compared with other methods.Considering that silt soils have potential to liquefy under storm tide or other adverse conditions,this paper is able to screen soil classification methods suitable for the Chengdao area and help identify the areas where liquefaction or submarine landslide may occur through CPTu investigation.
基金National Natural Science Foundation of China(No.51274150)Tianjin Major Project of Application Foundation and Advanced Technology,China(No.12JCZDJC27800)
文摘Aiming to improve the Structured Query Language( SQL) injection penetration test accuracy through the formalismguided test case generation,an attack purpose based attack tree model of SQL injection is proposed,and then under the guidance of this model, the formal descriptions for the SQL injection vulnerability feature and SQL injection attack inputs are established. Moreover,according to new coverage criteria,these models are instantiated and the executable test cases are generated.Experiments show that compared with the random enumerated test case used in other works,the test case generated by our method can detect the SQL injection vulnerability more effectively. Therefore,the false negative is reduced and the test accuracy is improved.
文摘Cone penetration testing (CPT) is a cost effective and popular tool for geotechnical site characterization. CPT consists of pushing at a constant rate an electronic penetrometer into penetrable soils and recording cone bearing (q<sub>c</sub>), sleeve friction (f<sub>c</sub>) and dynamic pore pressure (u) with depth. The measured q<sub>c</sub>, f<sub>s</sub> and u values are utilized to estimate soil type and associated soil properties. A popular method to estimate soil type from CPT measurements is the Soil Behavior Type (SBT) chart. The SBT plots cone resistance vs friction ratio, R<sub>f</sub> [where: R<sub>f</sub> = (f<sub>s</sub>/q<sub>c</sub>)100%]. There are distortions in the CPT measurements which can result in erroneous SBT plots. Cone bearing measurements at a specific depth are blurred or averaged due to q<sub>c</sub> values being strongly influenced by soils within 10 to 30 cone diameters from the cone tip. The q<sub>c</sub>HMM algorithm was developed to address the q<sub>c</sub> blurring/averaging limitation. This paper describes the distortions which occur when obtaining sleeve friction measurements which can in association with q<sub>c</sub> blurring result in significant errors in the calculated R<sub>f</sub> values. This paper outlines a novel and highly effective algorithm for obtaining accurate sleeve friction and friction ratio estimates. The f<sub>c</sub> optimal filter estimation technique is referred to as the OSFE-IFM algorithm. The mathematical details of the OSFE-IFM algorithm are outlined in this paper along with the results from a challenging test bed simulation. The test bed simulation demonstrates that the OSFE-IFM algorithm derives accurate estimates of sleeve friction from measured values. Optimal estimates of cone bearing and sleeve friction result in accurate R<sub>f</sub> values and subsequent accurate estimates of soil behavior type.
文摘Cone penetration testing (CPT) is an extensively utilized and cost effective tool for geotechnical site characterization. CPT consists of pushing at a constant rate an electronic cone into penetrable soils and recording the resistance to the cone tip (q<sub>c</sub> value). The measured q<sub>c</sub> values (after correction for the pore water pressure) are utilized to estimate soil type and associated soil properties based predominantly on empirical correlations. The most common cone tips have associated areas of 10 cm<sup>2</sup> and 15 cm<sup>2</sup>. Investigators also utilized significantly larger cone tips (33 cm<sup>2</sup> and 40 cm<sup>2</sup>) so that gravelly soils can be penetrated. Small cone tips (2 cm<sup>2</sup> and 5 cm<sup>2</sup>) are utilized for shallow soil investigations. The cone tip resistance measured at a particular depth is affected by the values above and below the depth of interest which results in a smoothing or blurring of the true bearing values. Extensive work has been carried out in mathematically modelling the smoothing function which results in the blurred cone bearing measurements. This paper outlines a technique which facilitates estimating the dominant parameters of the cone smoothing function from processing real cone bearing data sets. This cone calibration technique is referred to as the so-called CPSPE algorithm. The mathematical details of the CPSPE algorithm are outlined in this paper along with the results from a challenging test bed simulation.
文摘The methodology of predicting pile shaft skin ultimate friction has been studied in a systematic way. In the light of that, the analysis of the pile shaft resistance for bored and cast in situ piles in cohesive soils was carried out thoroughly in the basis of field performance data of 10 fully instrumented large diameter bored piles (LDBPs) used as the bridge foundation. The undrained strength index μ in term of cohesive soils was brought forward in allusion to the cohesive soils in the consistence plastic state, and can effectively combine the friction angle and the cohesion of cohesive soils in undrained condition. And that the classical ' α method' was modified much in effect to predict the pile shaft skin friction of LDBPs in cohesive soils. Furthermore, the approach of standard penetration test (SPT) N value used to estimate the pile shaft skin ultimate friction was analyzed, and the calculating formulae were established for LDBPs in clay and silt clay respectively.
文摘Cone penetration testing (CPT) is a widely used geotechnical engineering </span><i><span style="font-family:Verdana;">in-situ</span></i><span style="font-family:Verdana;"> test for mapping soil profiles and assessing soil properties. In CPT, a cone on the end of a series of rods is pushed into the ground at a constant rate and resistance to the cone tip is measured (</span><i><span style="font-family:Verdana;">q</span><sub><span style="font-family:Verdana;">m</span></sub></i><span style="font-family:Verdana;">). The </span><i><span style="font-family:Verdana;">q</span><sub><span style="font-family:Verdana;">m</span></sub></i><span style="font-family:Verdana;"> values are utilized to characterize the soil profile. Unfortunately, the measured cone tip resistance </span></span><span style="font-family:Verdana;">is</span><span style="font-family:""><span style="font-family:Verdana;"> blurred and/or averaged which can result in the distortion of the soil profile characterization and the inability to identify thin layers. This paper outlines a novel and highly effective algorithm for obtaining cone bearing estimates </span><i><span style="font-family:Verdana;">q</span><sub><span style="font-family:Verdana;">t</span></sub></i><span style="font-family:Verdana;"> from averaged or smoothed </span><i><span style="font-family:Verdana;">q</span><sub><span style="font-family:Verdana;">m</span></sub></i><span style="font-family:Verdana;"> measurements. This </span><i><span style="font-family:Verdana;">q</span><sub><span style="font-family:Verdana;">t</span></sub></i><span style="font-family:Verdana;"> optimal filter estimation technique is referred to as the </span><i><span style="font-family:Verdana;">q</span><sub><span style="font-family:Verdana;">t</span></sub><span style="font-family:Verdana;">HMM-IFM</span></i><span style="font-family:Verdana;"> algorithm and it implements a hybrid hidden Markov model and iterative forward modelling technique. The mathematical details of the </span><i><span style="font-family:Verdana;">q</span><sub><span style="font-family:Verdana;">t</span></sub><span style="font-family:Verdana;">HMM-IFM</span></i><span style="font-family:Verdana;"> algorithm are outline</span><span style="font-family:Verdana;">d in this paper along with the results from challenging test</span></span><span style="font-family:""> </span><span style="font-family:Verdana;">bed. The test</span><span style="font-family:""> </span><span style="font-family:Verdana;">b</span><span style="font-family:""><span style="font-family:Verdana;">ed simulations have demonstrated that the </span><i><span style="font-family:Verdana;">q</span><sub><span style="font-family:Verdana;">t</span></sub><span style="font-family:Verdana;">HMM-IFM</span></i><span style="font-family:Verdana;"> algorithm can derive accurate </span><i><span style="font-family:Verdana;">q</span><sub><span style="font-family:Verdana;">t</span></sub></i><span style="font-family:Verdana;"> values from challenging averaged </span><i><span style="font-family:Verdana;">q</span><sub><span style="font-family:Verdana;">m</span></sub></i><span style="font-family:Verdana;"> profiles. This allows for greater soil resolution and the identification and quantification of thin layers in a soil profile.
文摘Many organizations,to save costs,are moving to the Bring Your Own Mobile Device(BYOD)model and adopting applications built by third-parties at an unprecedented rate.Our research examines software assurance methodologies specifically focusing on security analysis coverage of the program analysis for mobile malware detection,mitigation,and prevention.This research focuses on secure software development of Android applications by developing knowledge graphs for threats reported by the Open Web Application Security Project(OWASP).OWASP maintains lists of the top ten security threats to web and mobile applications.We develop knowledge graphs based on the two most recent top ten threat years and show how the knowledge graph relationships can be discovered in mobile application source code.We analyze 200+healthcare applications from GitHub to gain an understanding of their software assurance of their developed software for one of the OWASP top ten mobile threats,the threat of“Insecure Data Storage.”We find that many of the applications are storing personally identifying information(PII)in potentially vulnerable places leaving users exposed to higher risks for the loss of their sensitive data.