Abstract:When a software bug report is assigned to a developer for bug resolution, the developer needs to locate the bug in a source code file and make code changes correspondingly to resolve the software bug. In fact, most of time of the developer is spent on bug location in the whole process of bug resolution. This study proposes a method level fine-grained bug location approach, called MethodLocator, to improve the efficiency of software bug resolution. Firstly, it takes the vector representation of the bug report and the source code method body using the word vector (Word2Vec) and TF-IDF. Secondly, MethodLocator augments method body of each method based on similarities among all method bodies in the source code files. Thirdly, MethodLocator locates methods for change to resolve the bug based on similarities between the bug report and the augmented methods. Experimental results on four open source software projects as ArgoUML, Ant, Maven, and Kylin demonstrate that MethodLocator is better than state-of-the-art techniques in method level bug location.

Abstract:Currently, the results of static taint analysis cannot explain whether the application has privacy leaks directly (high false positives), which causes inconvenience to the detectors or users. Aiming at this problem, this study puts forward a new technique-multi-source binding taint analysis, which can determine whether multiple sets of sources occur in one execution precisely and efficiently. In terms of precision, the technique supports context sensitivity, flow sensitivity, and field sensitivity, and can precisely distinguish exclusive branches. In terms of efficiency, an efficient implementation method is provided to reduce high complexity (exponential level) to an analysis close to traditional method (initial overhead is 19.7%, further multi-analysis stage time is 0.3s). A prototype called MultiFlow is implemented, and it is applied to 2 116 benign Apps and 2 089 malicious Apps. Such results support the feasibility of multi-source technique for precision enhancement of privacy leak detection (reducing multi-source pairs by 41.1%). Also, these characteristics are used as a risk rank standard of the Apps to improve detection convenience. Finally, the potential application scenarios of the technology are explored.

Abstract:The model checking tool based on Alternating Projection Temporal Logic (APTL) is designed and implemented to improve the ability of expressing for linear temporal logic in this study. The supporting tool MCMAS_APTL is developed inspired by the method for symbolic model checking of APTL provided by Wang et al. The tool MCMAS_APTL could be used for verifying the properties of Multi-agent Systems (MASs) effectively. The detailed procedures of checking whether a MAS satisfies a property by MCMAS_APTL are given as follows. Firstly, describing the system IS with the Interpreted System Programming Language (ISPL) and specifying the property of the system by an APTL formula P. Then, symbolically representing the system IS and transforming the negation of P into normal form. Finally, calculating the set of states from which there is at least one existing path satisfying the negation of P. If the obtained state set contains an initial state, then the system does not satisfy the formula P; otherwise, the system satisfies the formula P. The details of implementing MCMAS_APTL are provided in this paper, and a robotic soccer game is presented to show how the model checker MCMAS_APTL works in practice.

Abstract:Automatic program repair technology can effectively reduce the cost of software maintenance, which is a hot topic of academic research in recent years. Specifications description of to be fixed program plays a vital role in the automatic program repair process, this article analyses the problems and technologies of automatic program repair from specifications point of view. According to whether the specifications to be repaired program is complete, the existing repair problems are divided into three kinds of problems to be repaired, such as incomplete specifications, complete specifications, and semi-complete specifications problems to be repaired. It is analyzed that the core problems, the relationship between problems and the logical relationship of technology under different assumptions based on three kinds of abstract problems. Also analyzed issues are high-precision patch generation, specifications completion and patch selection in incomplete specifications repair, and the specific problems and progress in memory leak, resource leak, concurrency errors include data competition, atomic violation, sequence violation and deadlock, configuration error and specific performance error in complete specifications repair. The various specific repair problems and research progress of the semi-complete specifications repair problem are collated. Finally, the opportunities and challenges faced by automatic program repair are analyzed.

Abstract:Fault localization is a process to determine the root causes of abnormal behavior of a faulty program. Most existing fault localization approaches usually utilize coverage information of test cases to identify a set of isolated statements responsible for a failure, but do not show how these statements act on each other to cause the failure. Thus, this study proposes Context-FL:An approach enhancing contexts for these existing localization approaches by constructing contexts for fault localization optimization. Specifically, Context-FL uses dynamic slicing technology to construct a context showing how data/control dependence propagates to cause the faulty output. Then, it adopts suspiciousness evaluation to distinguish the elements of the context in terms of the suspiciousness being faulty. Finally, Context-FL outputs the context with suspiciousness as the localization result. The empirical results show that the proposed approach significantly outperforms 8 state-of-the-art fault localization techniques.

Abstract:As for multi-view datasets, direct integration of partition results of all views obtained by traditional single-view clustering approaches does not improve and even deteriorate the clustering performance since that it does not consider the inner relationship across views. To achieve good clustering performance for multi-view datasets, a multi-view clustering model is proposed, which not only considers the within-view clustering quality but also takes the cross-view collaborative learning into account. With respect to within-view partition, to capture more detailed information of cluster structures, a multi-medoid representative strategy is adopted; as for cross-view collaborative learning, it is assumed that a medoid of a cluster in one view is also a medoid of that cluster in another view. Based on the multi-view clustering model, a multi-view fuzzy clustering approach with a medoid invariant constraint (MFCMddI) is proposed in which the invariantan arbitrary medoid across each pair-wise views is guaranteed by maximizing the product of the corresponding prototype weightsin two views. The objective function of MFCMddI can be optimized by applying the Lagrangian multiplier method and KKT conditions. Extensive experiments on synthetic and real-life datasets show that MFCMddI outperforms the existing state-of-the-art multiview approaches in most cases.

Abstract:Recently, with the development of new technologies like virtual reality, Internet of Things, cloud computing, and so on, the user demand on network bandwidth increases sharply, and it is hard to meet user bandwidth demand by making use of single access technology. To solve the contradiction between users' increasing bandwidth demand and limited frequency resources, Internet end-to-end multipath transmission technologies are designed. Internet end-to-end multipath transmission protocols, like MPTCP (multipath TCP), mainly work at transport layer, and they can make use of existing multiple network cards (for example WiFi and 4G) to do concurrent transmission, the total transmission bandwidth and the adaptability to network variation are improved. Since the subflows of MPTCP can realize end-to-end reliable in order delivery based on TCP and its optimizations, research works related to multipath transmission focus on the intelligent coorperations among subflows, the coorperations mainly include subflow selection, data scheduling, coupled congestion control, and so on. Nevertheless, as the estimation of network status at transport layer may not reflect current link state accurately due to the variation of link and physical layer, heterogeneous network interfaces have different resource allocation schemes, different subflows may have partially overlapped paths, the upper application layer have different characteristics in deadline, frame importance, distortion rate, and so on. These will affect the performance of the intelligent coorpertaions among subflows, the advantage of multipath transfer can not be fully exploited by only making use of traditional transport layer information, the information at other layers should also be utilized. So in recent years, many research papers start to make use of physical, link, network, and application layer information to improve multipath transmission performance efficiently with cross layer cooperated optimization. This paper compares the research of multipath transfer optimization with cross layer information, analyzes the relationship between multipath transfer and the function of different layer, and the outlook of future research trends is provided in the end.

Abstract:Delay/Disruption Tolerant Networks (DTNs), which are based on an overlay protocol and the store-carry-forward paradigm, are considered as a promising solution to cope with the challenges imposed by space environment, such as long delay, intermittent connectivity, etc. Contact Graph Routing (CGR) is a dynamic routing algorithm which can compute routes by taking advantage of a priori knowledge of the space DTN topology. In this paper, the basic principles and algorithm procedures of the CGR are introduced, and the definitions of the associated terminologies and corresponding formulas are given, firstly. Then, the existing enhancements of the CGR are summarized in terms of routing loops avoidance, computational efficiency, routing accuracy, congestion control, opportunistic extension, and exception handling. Next, the representative real test experiments that have been conducted to evaluate the applicability of the DTN protocol stack and CGR, are outlined, and the performance differences between the CGR algorithm and the multi-layered satellite routing algorithm (MLSR) are evaluated by GEO/MEO/LEO satellite network simulation. Finally, the future developments of CGR are given, including the integration of CGR-extension block (CGR-EB) and cache-CGR (C-CGR), opportunistic CGR, CGR extension to large network, CGR-Quality of service (QoS) provision, enhancement of contact plan description method, etc.

Abstract:Due to the powerful storage and computing capability, wireless communication capability and abundant energy supply of vehicle nodes and roadside facilities, the vehicular ad-hoc network (VANET) can detect change of vehicle driving environment, evaluate dangerous road conditions and warn drivers, such as warning of accident sites, collision prevention at intersections, predict the reaction time of drivers, so as to provide technical support for safe driving and driving experience. However, data transmission in a VANET faces multiple challenges, such as unstable wireless channel quality, time-varying network topology, short lifetime of wireless links, limited bandwidth and large communication load. Therefore, how to transmit data timely and reliably to the "urban brain" has become a issue. Taking storage cost, packet loss penalty and transmission reward into account, In this paper, a hybrid flow scheduling strategy for VANETs is first proposed, which allocates transmission resources for data flows with different priorities; then, combined with link status, a data transmission strategy for joint optimization of hybrid flow scheduling and path selection is introduced to meet the requirement on delay for real-time data and improve reliability for non real-time at the same time. Simulation results and analysis demonstrate the performance of proposed strategies.

Abstract:Provable data possession is an important research field in cloud storage security.It allows the data owners remotely checking the integrity of their outsourced data without downloading all files.There have been many batch PDP schemes,but most of them did not consider the error location after the data of users were corrupted.A few batch PDP protocols can identify only the servers in which the corrupted data stored or the clients to which the corrupted data belongs.This study puts forward a method which utilizes location tags to help the third party auditor locating the error data quickly.Based on work by Zhou et al.,an error locating batch provable data possession scheme is proposed in multi-user and multi-cloud setting by using Merkle Hash tree to create data location tags.The proposed protocol can quickly locate the corrupted data owners and the servers where the error data stored after the batch verification fails.The proposed scheme is provably secure in random oracle model,and the performance analysis shows that the scheme has higher error locating ability and efficiency than other schemes that only have single location function.

Abstract:TCP/IP-based Internet is faced with severe challenges in scalability, mobility, security, and controllability, which makes it necessary to research the clean-slate architecture for Internet. Named Data Networking (NDN) leverages in-network caching and multipath transmission to support data name-based packet transmission, and conquers the aforementioned challenges faced by the conventional Internet. Considering the huge number and the significant diversity of hierarchical names used in NDN, the existing IP-based routing cannot be directly applied, and efficient hierarchical name-based routing mechanisms are desired to gurantee stable data transmission. Route aggregation is the core mechanism for FIB size reduction in the TCP/IP-based Internet. Hierarchical name-based route aggregation leverages router cooperation over the whole network to aggregate routes recursively, different from the existing researches for name-based route lookup optimization on a single router. To achieve effective hierarchical name-based route aggregation, identifier generation is focused on in route aggregation and utility evaluation of the aggregated routes. Ultimately, a hierarchical name-based route aggregation scheme is proposed, including two parts:(1) A novel combinable counting Bloom filter for representing aggregated route names compactly, namely, Compounded Counting Bloom Filter (CCBF); (2) A dynamic route aggregation scheme over the whole network for aggregating routes recursively according to their utility. To evaluate the performance of the proposed route aggregation scheme, extensive simulations are performed based on real network topology. Evaluation results show that the proposed scheme can significantly reduce FIB size and improve FIB lookup efficiency at the cost of small number of false positive lookup results. This work provides a foundation for practical NDN deployment.

Abstract:Yao's garbled circuit allows a client to outsource a function computation to a server with verifiablity. Unfortunately, the garbled circuit suffers from a one-time usage. The combination of fully homomorphic encryption (FHE) and garbled circuits enables the client and the server to reuse the garbled circuit with multiple inputs (Gennaro et al.). However, there still seems to be a long way to go for improving the efficiency of all known FHE schemes and it need much stronger security assumption. On the other hand, the construction is only proven to be secure in a weaker model where an adversary can not issue any number of verification queries to the client. Somewhat homomorphic encryption schemes, whose assumptions are much weaker than the FHE schemes, support a limited number of homomorphic operations. However, they can be much faster and more compact than the FHE schemes. In this work, a verifiable computation scheme is presented which can tolerate any number of malicious verification queries with additively homomorphic encryption. The proposed technique comes from the construction of re-randomizable garbled circuits in which the distribution of the original garbled circuit is computationally indistinguishable from the re-randomized garbled circuit. The proposed scheme is based on the decisional Diffie-Hellman (DDH) assumption. A technique solution is also given to construct cryptographic reverse firewalls, which is called reusable cryptographic reverse firewalls, using re-randomizable garbled circuits. Namely, the solution allows garbled circuits to be generated once and then securely re-randomized for many times on cryptographic reverse firewalls.

Abstract:Humans have ability to quickly select a subset of the visual input and allocate processing resources to those visually important regions. In computer vision community, understanding and emulating such attention mechanism of the human visual system has attracted much attention from the researchers and shown a wide range of applications. More recently, with the ever increasing computational power and availability of large-scale saliency datasets, deep learning has become a popular tool for modeling visual attention. This review includes the recent advances in visual attention modeling, including fixation prediction and salient object detection. It also discusses popular visual attention benchmarks and various evaluation metrics. The emphasis of this review is both on the deep learning based studies and the represented non-deep learning models. Extensive experiments are also performed on various benchmarks for evaluating the performance of those visual attention models. In the end, the review highlights current research trends and provides insight into the future direction.

Abstract:Recent years, applying Deep Learning (DL) into Image Semantic Segmentation (ISS) has been widely used due to its state-of-the-art performances and high-quality results. This paper systematically reviews the contribution of DL to the field of ISS. Different methods of ISS based on DL (ISSbDL) are summarized. These methods are divided into ISS based on the Regional Classification (ISSbRC) and ISS based on the Pixel Classification (ISSbPC) according to the image segmentation characteristics and segmentation granularity. Then, the methods of ISSbPC are surveyed from two points of view:ISS based on Fully Supervised Learning (ISSbFSL) and ISS based on Weakly Supervised Learning (ISSbWSL). The representative algorithms of each method are introduced and analyzed, as well as the basic workflow, framework, advantages and disadvantages of these methods are detailedly analyzed and compared. In addition, the related experiments of ISS are analyzed and summarized, and the common data sets and performance evaluation indexes in ISS experiments are introduced. Finally, possible research directions and trends are given and analyzed.

Abstract:Face-spoofing detection based on deep convolutional neural networks has achieved good performance in recent years. However, deep neural networks are vulnerable to adversarial examples, which will reduce the safety of the face based application systems. Therefore, it is necessary to analyze the mechanism of generating the adversarial examples, so that the face-spoofing detection algorithms will be more robust. Compared with the general classification problems, face-spoofing detection has the smaller inter-class distance, and the perturbation is difficulty to assign. Motivated by the above, this study proposes an approach to generate the adversarial examples for face-spoofing detection by combining the minimum perturbation dimensions and visual concentration. In the proposed approach, perturbation is concentrated on a few pixels in a single component, and the intervals between pixels are constrained-according to the visual concentration. With such constraints, the generated adversarial examples can be perceived by human with low probability. The adversarial examples generated from the proposed approach can defraud the deep neural networks based classifier with only 1.36% changed pixels on average. Furthermore, human vision perception rate of the proposed approach decreases about 20% compared with DeepFool.

Abstract:Safety-critical systems detect external events, match the targeted event patterns, and give timely responding actions; otherwise catastrophic results will be incurred. With the increasing demand for intelligence in the safety-critical systems, applying rule-based reasoning to these systems has become an inevitable trend. Besides, rule scheduling is the key to assure hard real-time constraints within rule-based reasoning solutions. In this study, a solution to the multi-core rule scheduling problem, named GBRRS (graph-based real-time rule scheduling), was proposed. With the real-time rule reasoning process analyzed, how rules in safety-critical systems can be modeled as tasks using the graph mapping is described first, and the graph-based end-to-end reasoning task model, E2ERTG, is proposed. Then, a multi-core scheduling algorithm, GBRRS, is presented to guarantee each rule's deadline via the control of the reasoning task's deadline. Simulation-based experiments have been conducted to evaluate the performance of GBRRS. The result shows that GBRRS remains a rule success ratio above 80% even with relatively high workload of the rule set and is superior to DM-EDF by average 13%~15% in terms of rule success ratio.