YANG Ke , HE Ye-Ping , MA Heng-Tai , WANG Xue-Fei
2018, 29(1):1-22. DOI: 10.13328/j.cnki.jos.005375
Abstract:The research of precise execution reachability analysis focuses on figuring out the reachability between program states. It tries to find witness inputs and the execution traces that pass through the setting-up target state of certain code location by performing necessary test and verification on executable files, source code and documentation. Precise execution reachability analysis has been applied to direct testing, bug reproduction, construction of proof of concepts of vulnerabilities, verification for result of static analysis and so on. This paper provides a survey of this area. First, the corresponding constraint solving problem of precise reachability analysis is cited. Next, existing typical methods and technical difficulties about bidirectional symbolic analysis and program induction, and some technical difficulties are discussed. Then, the applications of current precise reachability analysis are classified and summarized. Furthermore, the challenges on program analysis, program induction and constraint solving are provided. Last but not least, the possible solution and future research are suggested.
ZHAO Tian-Qi , ZHAO Hai-Yan , ZHANG Wei , JIN Zhi
2018, 29(1):23-41. DOI: 10.13328/j.cnki.jos.005323
Abstract:Self-Adaptation provides a promising approach to managing the complexity of modern software systems, and in particular, to enabling systems to continuously adapt themselves to uncertainty in the environment. In existing works, model-based self-adapatation is a type of widely used methods that extend the applicability of model-driven engineering techniques to the runtime environment to facilitate self-adaptation. By leveraging software models to manage the abundant information associated with runtime phenomena, model-based self-adaptation methods are able to avoid the complexity introduced by intertwining adaptation and application behaviors and therefore simplify the development of self-adaptive systems. This paper first lays out six research questions from existing studies concerning system models, environment models, relationship among models, and model-based adaptation planning methods. It then answers the research questions by investigating relevant studies. Finally, the paper offers some suggestions for future research.
LIU Jian , SU Pu-Rui , YANG Min , HE Liang , ZHANG Yuan , ZHU Xue-Yang , LIN Hui-Min
2018, 29(1):42-68. DOI: 10.13328/j.cnki.jos.005320
Abstract:The Internet has penetrated into all aspects of human society and has greatly promoted social progress. At the same time, various forms of cybercrimes and network theft occur frequently, bringing great harm to our society and national security. Cyber security has become a major concern to the public and the government. As a large number of Internet functionalities and applications are implemented by software, software plays a crucial role in cyber security research and practice. In fact, almost all cyberattacks were carried out by exploiting vulnerabilities in system software or application software. It is increasingly urgent to investigate the problems of software security in the new age. This paper reviews the state of the art of malware, software vulnerabilities and software security mechanism, and analyzes the new challenges and trends that the software ecosystem is currently facing.
ZHANG Xiao-Fang , FENG Yang , LIU Di , CHEN Zhen-Yu , XU Bao-Wen
2018, 29(1):69-88. DOI: 10.13328/j.cnki.jos.005377
Abstract:Crowdsourced software testing is an emerging testing method which has drawn extensive attention in both industrial and academic community. This paper systematically summarizes the academic literatures and industry practice in recent years. This article first summarizes the related literatures from the perspectives of the research topics including software testing, crowdsourcing test process, experimental subjects and scale of crowdsourcing. It also compares total of 20 widely used crowdsourced software testing commercial platforms, and discusses their task domains, subjects, open call forms and performance evaluation forms. Finally, the paper presents the future trends, issues and opportunities for crowdsourced software testing.
DING Shi-Fei , ZHANG Jian , ZHANG Xie-Kai , AN Yue-Xuan
2018, 29(1):89-108. DOI: 10.13328/j.cnki.jos.005319
Abstract:Twin support vector machines have drawn extensive attention for their simple model, high training speed and good performance. The initial twin support vector machine is designed for binary classification. However, multi class classification problems are also common in practice. In recent years, researchers have devoted themselves to the study of multi class twin support vector machines. Various mulit class twin support vector machines have been proposed. The study of multi class twin support vector machines has made great progress. This paper aims to review the development of multi class twin support vector machines, classify and analyze them with the respect to the basic theories and geometric meanings. According to the structures, the paper divides the machines into the following groups:"one-versus-all" strategy based multi class twin support vector machines, "one-versus-one" strategy based multi class twin support vector machines, binary tree based multi class twin support vector machines, "one-versus-one-versus-rest" strategy based multi class twin support vector machines, and "all-versus-one" strategy based multi class twin support vector machines. Although the training processes of direct acyclic graph based multi class twin support vector machines are much similar with that of "one-versus-one" based approachs, the decision processes have their own characteristics and disadvantages, and therefore they are divided into a separate group. This paper analyzes and summarizes the ideas and theories of different multi class twin support vector machines, and presents experimental results to compare the performances. This review can make it easy for novices to understand the essential differences and help to choose the suitable multi class twin support vector machine for a practical problem.
KANG Liang-Yi , WANG Jian-Fei , LIU Jie , YE Dan
2018, 29(1):109-130. DOI: 10.13328/j.cnki.jos.005376
Abstract:Machine learning problems can be viewed as optimization-centric programs, and the optimization algorithm is an important tool to solve the objective function. In the era of big data, in order to speed up the training process, it is essential to design parallel and distributed optimization algorithms by multi-core computing and distributed computing technologies. In recent years, there are a lot of research works in this field, and some algorithms have been widely applied on machine learning platforms. In this paper, five common optimization algorithms, including gradient descent algorithm, second order optimization algorithm, proximal gradient algorithm, coordinate descent algorithm and alternating direction method of multiplier, are studied. Each type of algorithm is analyzed from the view of parallel and distributed respectively, and algorithms of the same type are compared by their model type, input data characteristic, algorithm evaluation and parallel communication mode. In addition, the implementations and applications of the optimization algorithm on representative scalable machine learning platforms are analyzed. Meanwhile, all the optimization algorithms introduced in this paper are categorized by a hierarchical classification diagram, which can be used as a tool to select the appropriate optimization algorithm according to the objective function type, and also to cross explore how to apply optimization algorithms to the new objective function type. Finally, the problems of the existing optimization algorithms are discussed, and the possible solutions and the future research directions are proposed.
ZHU Tao , GUO Jin-Wei , ZHOU Huan , ZHOU Xuan , ZHOU Ao-Ying
2018, 29(1):131-149. DOI: 10.13328/j.cnki.jos.005433
Abstract:The rapid growth of data and workload makes centralized database systems less and less favorable to today's applications. A distributed database system can scale out dynamically to satisfy the business development. As a result, it has gained much more attention from applications. Since the needs for distributed DB became apparent, an increasing number of products have emerged and been adopted by the Web. However, due to the complexity of distributed DB systems, their designers have to trade off among several desired properties, resulting in dramatic difference in their designs and advantages. To the best of public knowledge, no one has performed a comprehensive analysis on the design space and the tradeoff choices of modern distributed DB systems. After reviewing and understanding a significant number of real world DB products, this study believe that a distributed DB system can be generally described using three dimensions-operational consistency, transactional consistency and availability. While these dimensions are not new, their concepts are somehow blurred in the literature. This paper clarifies the three concepts in the context of database, based on which can draw a sensible landscape of the existing products and technologies. The paper also provides an analysis of the relationship among the three dimensions, intending to help developers make right choice when designing new distributed DB systems.
QIAN Wei-Ning , SHAO Qi-Feng , ZHU Yan-Chao , JIN Che-Qing , ZHOU Ao-Ying
2018, 29(1):150-159. DOI: 10.13328/j.cnki.jos.005434
Abstract:As a supporting technology of Bitcoin for decentralized ledger management, blockchain has gain much attention in financial domain. Blockchain achieves trusted data management in not fully trusted computation environments. It has the advantage of decentralization, immutability, strong consistency and integrity, however, also suffers from poor performance with high latency and low throughput. With ever growing Internet technology and applications, the success of blockchain technology in cryptocurrency may shed light on the research of new trusted data management theories, technologies and systems. This paper introduces the blockchain related technologies, including distributed consensus, smart contract and data provenance, from the perspective of trusted data management. The requirements and research challenges of trusted data management are also analyzed.
ZHANG Shao-Jun , LAN Ju-Long , HU Yu-Xiang , JIANG Yi-Ming
2018, 29(1):160-175. DOI: 10.13328/j.cnki.jos.005316
Abstract:Software-defined networking (SDN) is an emerging paradigm that decouples control and data plane. The control plane advocates a centralized approach of network control, which provides both flexibility and high efficiency, but suffers from serious scalability problems. The state-of-art works on the scalability of control plane in SDN is surveyed in this paper. First, the factors that influence the scalability of control plane are analyzed, and some approaches for improvement are revealed accordingly. Next, current researches and solutions are introduced from the following 4 aspects:Cache optimization on data plane, high-performance controller, distributed control plane and control resource allocation optimization. Finally, a brief summary of current technology is provided along with a discussion on future research directions.
JIA Yi-Hao , REN Gang , LIU Ying
2018, 29(1):176-195. DOI: 10.13328/j.cnki.jos.005318
Abstract:The current Internet is based on the destination address forwarding in which the source address remains unverified. However, one of the root causes of Internet security problems is the untrustworthy source address. As the Internet plays an increasingly important role in political and economic fields, the security of the Inter-domain Internet becomes more crucial. For instance, the US Department of Homeland Security (DHS) has included the Inter-domain routing security in the national strategy of US information security. In recent years, innovation and evolution of the Internet are significantly undermined by the IP spoofing based distributed denial of service attacks, most of which are Inter-domain and transnational. Therefore, the Inter-domain source address validation becomes extremely important for Internet security. Although there are many techniques proposed in the relevant fields, none of them are appropriate for large-scale deployment. This paper reviews the existing research and standard progress of Inter-domain source address validation technology. First, the reasons and consequences of the lack of source address security are analyzed, and the significance of source address validation is illustrated by examining the progress of the technical standardization. Next, the advantages and disadvantages of various existing important source address validation methods are summarized. Then, the difficulties and challenges faced by the current Inter-domain source address validation technology are discussed. Finally, the prospective research directions and design principles are proposed as a reference for potential future works.
LI Ji-Rui , LI Xiao-Yong , GAO Ya-Li , GAO Yun-Quan , FANG Bin-Xing
2018, 29(1):196-224. DOI: 10.13328/j.cnki.jos.005373
Abstract:With the in-depth researches of new technologies or methods such as 5G, software defined networking (SDN), named data networks (NDN), and mobile edge computing or fog computing, Internet of Things (IoT) applications undergo further advancement. In an environment of variety of application scenarios, high quality of service and universal participation of objects, data forwarding models based on traditional wireless sensor networks (WSN) that is the subset of IoT cannot fully adapt to meet the needs. Therefore, in order to guarantee the successive of IoT services, it is the most basic problem and research interest to develop data forwarding mechanism more suitable for IoT. First, in this paper, the architecture of IoT and the key problems of data forwarding in IoT are analyzed. Second, a number of representative studies of data forwarding for IoT are classified. Then, for the chosen typical data forwarding models in different IoT scenarios, their mathematic methods, merits and shortcomings are reviewed along with a comparison of the models in many aspects. Finally, the research problems are analyzed in detail and some future development directions are suggested. In summary, this study shows that the emergence of the new technologies, such as 5G, brings the opportunities and challenges for the research of data forwarding model in IoT. Thus, the key emphasis in future work will be the theoretical research of the model and method of energy-efficient of data forwarding in IoT in providing a solid foundation for the practical applications.