Software vulnerabilities pose significant risks to computer systems,impacting our daily lives,productivity,and even our health.Identifying and addressing security vulnerabilities in a timely manner is crucial to preve...Software vulnerabilities pose significant risks to computer systems,impacting our daily lives,productivity,and even our health.Identifying and addressing security vulnerabilities in a timely manner is crucial to prevent hacking and data breaches.Unfortunately,current vulnerability identification methods,including classical and deep learning-based approaches,exhibit critical drawbacks that prevent them from meeting the demands of the contemporary software industry.To tackle these issues,we present JFinder,a novel architecture for Java vulnerability identification that leverages quad self-attention and pre-training mechanisms to combine structural information and semantic representations.Experimental results demonstrate that JFinder outperforms all baseline methods,achieving an accuracy of 0.97 on the CWE dataset and an F1 score of 0.84 on the PROMISE dataset.Furthermore,a case study reveals that JFinder can accurately identify four cases of vulnerabilities after patching.展开更多
In order to reduce the occurrence or expansion of accidents and maintain safety in distribution networks,it is essential to find out the vulnerable points for the power system in time.In this paper,a vulnerable point ...In order to reduce the occurrence or expansion of accidents and maintain safety in distribution networks,it is essential to find out the vulnerable points for the power system in time.In this paper,a vulnerable point identification method based on heterogeneous interdependent(HI)node theory and risk theory is proposed.Compared with the methods based on betweenness theory,the method based on HI nodes theory can deal with the shortcomings of the power flow shortest path,and consider the direct and indirect relationship of nodes.It is more suitable for identifying vulnerable points in a realistic power system.First,according to the analysis of heterogenous interdependent networks,the HI nodes are defined and used to evaluate the utility coupling value of each node.Then an identification indicator,which combines the utility coupling value and the risk indicators,is utilized to evaluate the vulnerability of each node.Results show that the proposed method is a suitable one to find the vulnerable points and better than betweennessbased methods for a distribution network.展开更多
基金supported by the National Key R&D Program of China(2019YFB2102600)the National Natural Science Foundation of China(62002067)+1 种基金the Guangzhou Youth Talent of Science(QT20220101174)the Project of Philosophy and Social Science Planning of GuangDong(GD21YGL16).
文摘Software vulnerabilities pose significant risks to computer systems,impacting our daily lives,productivity,and even our health.Identifying and addressing security vulnerabilities in a timely manner is crucial to prevent hacking and data breaches.Unfortunately,current vulnerability identification methods,including classical and deep learning-based approaches,exhibit critical drawbacks that prevent them from meeting the demands of the contemporary software industry.To tackle these issues,we present JFinder,a novel architecture for Java vulnerability identification that leverages quad self-attention and pre-training mechanisms to combine structural information and semantic representations.Experimental results demonstrate that JFinder outperforms all baseline methods,achieving an accuracy of 0.97 on the CWE dataset and an F1 score of 0.84 on the PROMISE dataset.Furthermore,a case study reveals that JFinder can accurately identify four cases of vulnerabilities after patching.
基金This work was supported in part by the Science and Technology Project of SGCC“Research on Key Technology of High Reliability Distribution Network in Xiongan New Area”(PDB17201800056)。
文摘In order to reduce the occurrence or expansion of accidents and maintain safety in distribution networks,it is essential to find out the vulnerable points for the power system in time.In this paper,a vulnerable point identification method based on heterogeneous interdependent(HI)node theory and risk theory is proposed.Compared with the methods based on betweenness theory,the method based on HI nodes theory can deal with the shortcomings of the power flow shortest path,and consider the direct and indirect relationship of nodes.It is more suitable for identifying vulnerable points in a realistic power system.First,according to the analysis of heterogenous interdependent networks,the HI nodes are defined and used to evaluate the utility coupling value of each node.Then an identification indicator,which combines the utility coupling value and the risk indicators,is utilized to evaluate the vulnerability of each node.Results show that the proposed method is a suitable one to find the vulnerable points and better than betweennessbased methods for a distribution network.
