Machine Learning-Based Efficient Discovery of Software Vulnerability for Internet of Things

With the development of the 5th generation of mobile communi-cation(5G)networks and artificial intelligence(AI)technologies,the use of the Internet of Things(IoT)has expanded throughout industry.Although IoT networks have improved industrial productivity and convenience,they are highly dependent on nonstandard protocol stacks and open-source-based,poorly validated software,resulting in several security vulnerabilities.How-ever,conventional AI-based software vulnerability discovery technologies cannot be applied to IoT because they require excessive memory and com-puting power.This study developed a technique for optimizing training data size to detect software vulnerabilities rapidly while maintaining learning accuracy.Experimental results using a software vulnerability classification dataset showed that different optimal data sizes did not affect the learning performance of the learning models.Moreover,the minimal data size required to train a model without performance degradation could be determined in advance.For example,the random forest model saved 85.18%of memory and improved latency by 97.82%while maintaining a learning accuracy similar to that achieved when using 100%of data,despite using only 1%.

Data and Ensemble Machine Learning Fusion Based Intelligent Software Defect Prediction System

The software engineering field has long focused on creating high-quality software despite limited resources.Detecting defects before the testing stage of software development can enable quality assurance engineers to con-centrate on problematic modules rather than all the modules.This approach can enhance the quality of the final product while lowering development costs.Identifying defective modules early on can allow for early corrections and ensure the timely delivery of a high-quality product that satisfies customers and instills greater confidence in the development team.This process is known as software defect prediction,and it can improve end-product quality while reducing the cost of testing and maintenance.This study proposes a software defect prediction system that utilizes data fusion,feature selection,and ensemble machine learning fusion techniques.A novel filter-based metric selection technique is proposed in the framework to select the optimum features.A three-step nested approach is presented for predicting defective modules to achieve high accuracy.In the first step,three supervised machine learning techniques,including Decision Tree,Support Vector Machines,and Naïve Bayes,are used to detect faulty modules.The second step involves integrating the predictive accuracy of these classification techniques through three ensemble machine-learning methods:Bagging,Voting,and Stacking.Finally,in the third step,a fuzzy logic technique is employed to integrate the predictive accuracy of the ensemble machine learning techniques.The experiments are performed on a fused software defect dataset to ensure that the developed fused ensemble model can perform effectively on diverse datasets.Five NASA datasets are integrated to create the fused dataset:MW1,PC1,PC3,PC4,and CM1.According to the results,the proposed system exhibited superior performance to other advanced techniques for predicting software defects,achieving a remarkable accuracy rate of 92.08%.

A Practice Guide of Software Aging Prediction in a Web Server Based on Machine Learning

In the past two decades, software aging has been studied by both academic and industry communities. Many scholars focused on analytical methods or time series to model software aging process. While machine learning has been shown as a very promising technique in application to forecast software state: normal or aging. In this paper, we proposed a method which can give practice guide to forecast software aging using machine learning algorithm. Firstly, we collected data from a running commercial web server and preprocessed these data. Secondly, feature selection algorithm was applied to find a subset of model parameters set. Thirdly, time series model was used to predict values of selected parameters in advance. Fourthly, some machine learning algorithms were used to model software aging process and to predict software aging. Fifthly, we used sensitivity analysis to analyze how heavily outcomes changed following input variables change. In the last, we applied our method to an IIS web server. Through analysis of the experiment results, we find that our proposed method can predict software aging in the early stage of system development life cycle.

Security Monitoring and Management for the Network Services in the Orchestration of SDN-NFV Environment Using Machine Learning Techniques

Software Defined Network(SDN)and Network Function Virtualization(NFV)technology promote several benefits to network operators,including reduced maintenance costs,increased network operational performance,simplified network lifecycle,and policies management.Network vulnerabilities try to modify services provided by Network Function Virtualization MANagement and Orchestration(NFV MANO),and malicious attacks in different scenarios disrupt the NFV Orchestrator(NFVO)and Virtualized Infrastructure Manager(VIM)lifecycle management related to network services or individual Virtualized Network Function(VNF).This paper proposes an anomaly detection mechanism that monitors threats in NFV MANO and manages promptly and adaptively to implement and handle security functions in order to enhance the quality of experience for end users.An anomaly detector investigates these identified risks and provides secure network services.It enables virtual network security functions and identifies anomalies in Kubernetes(a cloud-based platform).For training and testing purpose of the proposed approach,an intrusion-containing dataset is used that hold multiple malicious activities like a Smurf,Neptune,Teardrop,Pod,Land,IPsweep,etc.,categorized as Probing(Prob),Denial of Service(DoS),User to Root(U2R),and Remote to User(R2L)attacks.An anomaly detector is anticipated with the capabilities of a Machine Learning(ML)technique,making use of supervised learning techniques like Logistic Regression(LR),Support Vector Machine(SVM),Random Forest(RF),Naïve Bayes(NB),and Extreme Gradient Boosting(XGBoost).The proposed framework has been evaluated by deploying the identified ML algorithm on a Jupyter notebook in Kubeflow to simulate Kubernetes for validation purposes.RF classifier has shown better outcomes(99.90%accuracy)than other classifiers in detecting anomalies/intrusions in the containerized environment.

Development and Analysis of a Machine Learning Based Software for Assisting Online Classes during COVID-19

Amid the Covid-19 widespread, it has been challenging for educational institutions to conduct online classes, facing multiples challenges. This paper provides an insight into different approaches in facing those challenges which includes conducting a fair online class for students. It is tough for an instructor to keep track of their students at the same time because it is difficult to screen if any of the understudies within the class are not present, mindful, or drowsing. This paper discusses a possible solution, something new that can offer support to instructors seeing things from a more significant point of view. The solution is a facial analysis computer program that can let instructors know which students are attentive and who is not. There’s a green and red square box for face detection, for which Instructors can watch by seeing a green box on those mindful students conjointly, a red box on those who are not mindful at all. This paper finds that the program can automatically give attendance by analyzing data from face detection. It has other features for which the teacher can also know if any student leaves the class early. In this paper, model design, performance analysis, and online class assistant aspects of the program have been discussed.

Software Defect Prediction Using Supervised Machine Learning and Ensemble Techniques: A Comparative Study

An essential objective of software development is to locate and fix defects ahead of schedule that could be expected under diverse circumstances. Many software development activities are performed by individuals, which may lead to different software bugs over the development to occur, causing disappointments in the not-so-distant future. Thus, the prediction of software defects in the first stages has become a primary interest in the field of software engineering. Various software defect prediction (SDP) approaches that rely on software metrics have been proposed in the last two decades. Bagging, support vector machines (SVM), decision tree (DS), and random forest (RF) classifiers are known to perform well to predict defects. This paper studies and compares these supervised machine learning and ensemble classifiers on 10 NASA datasets. The experimental results showed that, in the majority of cases, RF was the best performing classifier compared to the others.

A Tutorial on Federated Learning from Theory to Practice:Foundations,Software Frameworks,Exemplary Use Cases,and Selected Trends

When data privacy is imposed as a necessity,Federated learning(FL)emerges as a relevant artificial intelligence field for developing machine learning(ML)models in a distributed and decentralized environment.FL allows ML models to be trained on local devices without any need for centralized data transfer,thereby reducing both the exposure of sensitive data and the possibility of data interception by malicious third parties.This paradigm has gained momentum in the last few years,spurred by the plethora of real-world applications that have leveraged its ability to improve the efficiency of distributed learning and to accommodate numerous participants with their data sources.By virtue of FL,models can be learned from all such distributed data sources while preserving data privacy.The aim of this paper is to provide a practical tutorial on FL,including a short methodology and a systematic analysis of existing software frameworks.Furthermore,our tutorial provides exemplary cases of study from three complementary perspectives:i)Foundations of FL,describing the main components of FL,from key elements to FL categories;ii)Implementation guidelines and exemplary cases of study,by systematically examining the functionalities provided by existing software frameworks for FL deployment,devising a methodology to design a FL scenario,and providing exemplary cases of study with source code for different ML approaches;and iii)Trends,shortly reviewing a non-exhaustive list of research directions that are under active investigation in the current FL landscape.The ultimate purpose of this work is to establish itself as a referential work for researchers,developers,and data scientists willing to explore the capabilities of FL in practical applications.

Machine Learning Empowered Security Management and Quality of Service Provision in SDN-NFV Environment

With the rising demand for data access,network service providers face the challenge of growing their capital and operating costs while at the same time enhancing network capacity and meeting the increased demand for access.To increase efficacy of Software Defined Network(SDN)and Network Function Virtualization(NFV)framework,we need to eradicate network security configuration errors that may create vulnerabilities to affect overall efficiency,reduce network performance,and increase maintenance cost.The existing frameworks lack in security,and computer systems face few abnormalities,which prompts the need for different recognition and mitigation methods to keep the system in the operational state proactively.The fundamental concept behind SDN-NFV is the encroachment from specific resource execution to the programming-based structure.This research is around the combination of SDN and NFV for rational decision making to control and monitor traffic in the virtualized environment.The combination is often seen as an extra burden in terms of resources usage in a heterogeneous network environment,but as well as it provides the solution for critical problems specially regarding massive network traffic issues.The attacks have been expanding step by step;therefore,it is hard to recognize and protect by conventional methods.To overcome these issues,there must be an autonomous system to recognize and characterize the network traffic’s abnormal conduct if there is any.Only four types of assaults,including HTTP Flood,UDP Flood,Smurf Flood,and SiDDoS Flood,are considered in the identified dataset,to optimize the stability of the SDN-NFVenvironment and security management,through several machine learning based characterization techniques like Support Vector Machine(SVM),K-Nearest Neighbors(KNN),Logistic Regression(LR)and Isolation Forest(IF).Python is used for simulation purposes,including several valuable utilities like the mine package,the open-source Python ML libraries Scikit-learn,NumPy,SciPy,Matplotlib.Few Flood assaults and Structured Query Language(SQL)injections anomalies are validated and effectively-identified through the anticipated procedure.The classification results are promising and show that overall accuracy lies between 87%to 95%for SVM,LR,KNN,and IF classifiers in the scrutiny of traffic,whether the network traffic is normal or anomalous in the SDN-NFV environment.

Project Assessment in Offshore Software Maintenance Outsourcing Using Deep Extreme Learning Machines

Software maintenance is the process of fixing,modifying,and improving software deliverables after they are delivered to the client.Clients can benefit from offshore software maintenance outsourcing(OSMO)in different ways,including time savings,cost savings,and improving the software quality and value.One of the hardest challenges for the OSMO vendor is to choose a suitable project among several clients’projects.The goal of the current study is to recommend a machine learning-based decision support system that OSMO vendors can utilize to forecast or assess the project of OSMO clients.The projects belong to OSMO vendors,having offices in developing countries while providing services to developed countries.In the current study,Extreme Learning Machine’s(ELM’s)variant called Deep Extreme Learning Machines(DELMs)is used.A novel dataset consisting of 195 projects data is proposed to train the model and to evaluate the overall efficiency of the proposed model.The proposed DELM’s based model evaluations achieved 90.017%training accuracy having a value with 1.412×10^(-3) Root Mean Square Error(RMSE)and 85.772%testing accuracy with 1.569×10^(-3) RMSE with five DELMs hidden layers.The results express that the suggested model has gained a notable recognition rate in comparison to any previous studies.The current study also concludes DELMs as the most applicable and useful technique for OSMO client’s project assessment.

Detecting Design Patterns in Object-Oriented Program Source Code by Using Metrics and Machine Learning

Detecting well-known design patterns in object-oriented program source code can help maintainers understand the design of a program. Through the detection, the understandability, maintainability, and reusability of object-oriented programs can be improved. There are automated detection techniques;however, many existing techniques are based on static analysis and use strict conditions composed on class structure data. Hence, it is difficult for them to detect and distinguish design patterns in which the class structures are similar. Moreover, it is difficult for them to deal with diversity in design pattern applications. To solve these problems in existing techniques, we propose a design pattern detection technique using source code metrics and machine learning. Our technique judges candidates for the roles that compose design patterns by using machine learning and measurements of several metrics, and it detects design patterns by analyzing the relations between candidates. It suppresses false negatives and distinguishes patterns in which the class structures are similar. As a result of experimental evaluations with a set of programs, we confirmed that our technique is more accurate than two conventional techniques.

Automatic Semantic Analysis of Software Requirements Through Machine Learning and Ontology Approach

Nowadays,software requirements are still mainly analyzed manually,which has many drawbacks(such as a large amount of labor consumption,inefficiency,and even inaccuracy of the results).The problems are even worse in domain analysis scenarios because a large number of requirements from many users need to be analyzed.In this sense,automatic analysis of software requirements can bring benefits to software companies.For this purpose,we proposed an approach to automatically analyze software requirement specifications(SRSs) and extract the semantic information.In this approach,a machine learning and ontology based semantic role labeling(SRL) method was used.First of all,some common verbs were calculated from SRS documents in the E-commerce domain,and then semantic frames were designed for those verbs.Based on the frames,sentences from SRSs were selected and labeled manually,and the labeled sentences were used as training examples in the machine learning stage.Besides the training examples labeled with semantic roles,external ontology knowledge was used to relieve the data sparsity problem and obtain reliable results.Based on the Sem Cor and Word Net corpus,the senses of nouns and verbs were identified in a sequential manner through the K-nearest neighbor approach.Then the senses of the verbs were used to identify the frame types.After that,we trained the SRL labeling classifier with the maximum entropy method,in which we added some new features based on word sense,such as the hypernyms and hyponyms of the word senses in the ontology.Experimental results show that this new approach for automatic functional requirements analysis is effective.

Availability Analysis of Application Servers Using Software Rejuvenation and Virtualization

Demands on software reliability and availability have increased tremendously due to the nature of present day applications. We focus on the aspect of software for the high availability of application servers since the unavailability of servers more often originates from software faults rather than hardware faults. The software rejuvenation technique has been widely used to avoid the occurrence of unplanned failures, mainly due to the phenomena of software aging or caused by transient failures. In this paper, first we present a new way of using the virtual machine based software rejuvenation named VMSR to offer high availability for application server systems. Second we model a single physical server which is used to host multiple virtual machines （VMs） with the VMSR framework using stochastic modeling and evaluate it through both numerical analysis and SHARPE （Symbolic Hierarchical Automated Reliability and Performance Evaluator） tool simulation. This VMSR model is very general and can capture application server characteristics, failure behavior, and performability measures. Our results demonstrate that VMSR approach is a practical way to ensure uninterrupted availability and to optimize performance for aging applications.

Three Dimensional Metal-Surface Processing Parameter Generation Through Machine Learning-Based Nonlinear Mapping

The accuracy and efficiency of three-dimensional(3D)surface forming,which directly affects the cycle and quality of production,is important in manufacturing.In practice,given the uncertainty of metal plate springback,an error exists between the actual plate and the target surface,which creates a nonlinear mapping from computer aided design models to bending surfaces.Technicians need to reconfigure parameters and process a surface multiple times to delicately control springback,which greatly wastes human and material resources.This study aims to address the springback control problem to improve the efficiency and accuracy of sheet metal forming.A basic computation approach is proposed based on the DeepFit model to calculate the springback value in 3D surface bending.To address the sample data shortage problem,we put forward an advanced approach by combining a deep learning model with case-based reasoning(CBR).Next,a multi-model fused bending parameter generation framework is devised to implement the advanced springback computation approach through surface data preprocessing,CBR-based model matching,convolution neural network-based machining surface generation,and bending parameter generation with a series of model transformations.Moreover,the proposed approaches and the framework are verified by considering saddle surface processing as an example.Overall,this study provides a new idea to improve the accuracy and efficiency of surface processing.

Study on Preventive Software Rejuvenation Policy for Two Kinds of Bugs

A new preventive software rejuvenation policy is proposed in this paper. This technique is implemented when additive consumption of physical memory has reached some level. Using the theory of cumulative damage process, two models are given for two kinds of bugs. For the first model, aging-related bug is considered only and consumption of physical memory could be known by tests made at periodic times, optimal preventive rejuvenation policy is analytically derived and numerical example is given. As an extended preventive software rejuvenation policy, Heisenbug and aging-related bug are considered meanwhile in the second model.

Neural network based approach for time to crash prediction to cope with software aging

Recent studies have shown that software is one of the main reasons for computer systems unavailability. A growing ac- cumulation of software errors with time causes a phenomenon called software aging. This phenomenon can result in system per- formance degradation and eventually system hang/crash. To cope with software aging, software rejuvenation has been proposed. Software rejuvenation is a proactive technique which leads to re- moving the accumulated software errors by stopping the system, cleaning up its internal state, and resuming its normal operation. One of the main challenges of software rejuvenation is accurately predicting the time to crash due to aging factors such as me- mory leaks. In this paper, different machine learning techniques are compared to accurately predict the software time to crash un- der different aging scenarios. Finally, by comparing the accuracy of different techniques, it can be concluded that the multilayer per- ceptron neural network has the highest prediction accuracy among all techniques studied.

Software Defect Prediction Harnessing on Multi 1-Dimensional Convolutional Neural Network Structure

Developing successful software with no defects is one of the main goals of software projects.In order to provide a software project with the anticipated software quality,the prediction of software defects plays a vital role.Machine learning,and particularly deep learning,have been advocated for predicting software defects,however both suffer from inadequate accuracy,overfitting,and complicated structure.In this paper,we aim to address such issues in predicting software defects.We propose a novel structure of 1-Dimensional Convolutional Neural Network(1D-CNN),a deep learning architecture to extract useful knowledge,identifying and modelling the knowledge in the data sequence,reduce overfitting,and finally,predict whether the units of code are defects prone.We design large-scale empirical studies to reveal the proposed model’s effectiveness by comparing four established traditional machine learning baseline models and four state-of-the-art baselines in software defect prediction based on the NASA datasets.The experimental results demonstrate that in terms of f-measure,an optimal and modest 1DCNN with a dropout layer outperforms baseline and state-of-the-art models by 66.79%and 23.88%,respectively,in ways that minimize overfitting and improving prediction performance for software defects.According to the results,1D-CNN seems to be successful in predicting software defects and may be applied and adopted for a practical problem in software engineering.This,in turn,could lead to saving software development resources and producing more reliable software.

Slope stability prediction based on a long short-term memory neural network:comparisons with convolutional neural networks,support vector machines and random forest models

The numerical simulation and slope stability prediction are the focus of slope disaster research.Recently,machine learning models are commonly used in the slope stability prediction.However,these machine learning models have some problems,such as poor nonlinear performance,local optimum and incomplete factors feature extraction.These issues can affect the accuracy of slope stability prediction.Therefore,a deep learning algorithm called Long short-term memory(LSTM)has been innovatively proposed to predict slope stability.Taking the Ganzhou City in China as the study area,the landslide inventory and their characteristics of geotechnical parameters,slope height and slope angle are analyzed.Based on these characteristics,typical soil slopes are constructed using the Geo-Studio software.Five control factors affecting slope stability,including slope height,slope angle,internal friction angle,cohesion and volumetric weight,are selected to form different slope and construct model input variables.Then,the limit equilibrium method is used to calculate the stability coefficients of these typical soil slopes under different control factors.Each slope stability coefficient and its corresponding control factors is a slope sample.As a result,a total of 2160 training samples and 450 testing samples are constructed.These sample sets are imported into LSTM for modelling and compared with the support vector machine(SVM),random forest(RF)and convo-lutional neural network(CNN).The results show that the LSTM overcomes the problem that the commonly used machine learning models have difficulty extracting global features.Furthermore,LSTM has a better prediction performance for slope stability compared to SVM,RF and CNN models.

Intelligent Resource Allocations for Software-Defined Mission-Critical IoT Services

Heterogeneous Internet of Things(IoT)applications generate a diversity of novelty applications and services in next-generation networks(NGN),which is essential to guarantee end-to-end(E2E)communication resources for both control plane(CP)and data plane(DP).Likewise,the heterogeneous 5th generation(5G)communication applications,including Mobile Broadband Communications(MBBC),massive Machine-Type Commutation(mMTC),and ultra-reliable low latency communications(URLLC),obligate to perform intelligent Quality-of-Service(QoS)Class Identifier(QCI),while the CP entities will be suffered from the complicated massive HIOT applications.Moreover,the existing management and orchestration(MANO)models are inappropriate for resource utilization and allocation in large-scale and complicated network environments.To cope with the issues mentioned above,this paper presents an adopted software-defined mobile edge computing(SDMEC)with a lightweight machine learning(ML)algorithm,namely support vector machine(SVM),to enable intelligent MANO for real-time and resource-constraints IoT applications which require lightweight computation models.Furthermore,the SVM algorithm plays an essential role in performing QCI classification.Moreover,the software-defined networking(SDN)controller allocates and configures priority resources according to the SVM classification outcomes.Thus,the complementary of SVM and SDMEC conducts intelligent resource MANO for massive QCI environments and meets the perspectives of mission-critical communication with resource constraint applications.Based on the E2E experimentation metrics,the proposed scheme shows remarkable outperformance in key performance indicator(KPI)QoS,including communication reliability,latency,and communication throughput over the various powerful reference methods.

Can We Predict the Change in Code in a Software Product Line Project?

Software programs are always prone to change for several reasons. In a software product line, the change is more often as many software units are carried from one release to another. Also, other new files are added to the reused files. In this work, we explore the possibility of building a model that can predict files with a high chance of experiencing the change from one release to another. Knowing the files that are likely to face a change is vital because it will help to improve the planning, managing resources, and reducing the cost. This also helps to improve the software process, which should lead to better software quality. Also, we explore how different learners perform in this context, and if the learning improves as the software evolved. Predicting change from a release to the next release was successful using logistic regression, J48, and random forest with accuracy and precision scored between 72% to 100%, recall scored between 74% to 100%, and F-score scored between 80% to 100%. We also found that there was no clear evidence regarding if the prediction performance will ever improve as the project evolved.

Fault Prediction with Static Software Metrics in Evolving Software: A Case Study in Apache Ant

Software testing is an integral part of software development. Not only that testing exists in each software iteration cycle, but it also consumes a considerable amount of resources. While resources such as machinery and manpower are often restricted, it is crucial to decide where and how much effort to put into testing. One way to address this problem is to identify which components of the subject under the test are more error-prone and thus demand more testing efforts. Recent development in machine learning techniques shows promising potential to predict faults in different components of a software system. This work conducts an empirical study to explore the feasibility of using static software metrics to predict software faults. We apply four machine learning techniques to construct fault prediction models from the PROMISE data set and evaluate the effectiveness of using static software metrics to build fault prediction models in four continuous versions of Apache Ant. The empirical results show that the combined software metrics generate the least misclassification errors. The fault prediction results vary significantly among different machine learning techniques and data set. Overall, fault prediction models built with the support vector machine (SVM) have the lowest misclassification errors.