8,484 research outputs found
DeepSQLi: Deep Semantic Learning for Testing SQL Injection
Security is unarguably the most serious concern for Web applications, to
which SQL injection (SQLi) attack is one of the most devastating attacks.
Automatically testing SQLi vulnerabilities is of ultimate importance, yet is
unfortunately far from trivial to implement. This is because the existence of a
huge, or potentially infinite, number of variants and semantic possibilities of
SQL leading to SQLi attacks on various Web applications. In this paper, we
propose a deep natural language processing based tool, dubbed DeepSQLi, to
generate test cases for detecting SQLi vulnerabilities. Through adopting deep
learning based neural language model and sequence of words prediction, DeepSQLi
is equipped with the ability to learn the semantic knowledge embedded in SQLi
attacks, allowing it to translate user inputs (or a test case) into a new test
case, which is semantically related and potentially more sophisticated.
Experiments are conducted to compare DeepSQLi with SQLmap, a state-of-the-art
SQLi testing automation tool, on six real-world Web applications that are of
different scales, characteristics and domains. Empirical results demonstrate
the effectiveness and the remarkable superiority of DeepSQLi over SQLmap, such
that more SQLi vulnerabilities can be identified by using a less number of test
cases, whilst running much faster
Digital Ecosystems: Ecosystem-Oriented Architectures
We view Digital Ecosystems to be the digital counterparts of biological
ecosystems. Here, we are concerned with the creation of these Digital
Ecosystems, exploiting the self-organising properties of biological ecosystems
to evolve high-level software applications. Therefore, we created the Digital
Ecosystem, a novel optimisation technique inspired by biological ecosystems,
where the optimisation works at two levels: a first optimisation, migration of
agents which are distributed in a decentralised peer-to-peer network, operating
continuously in time; this process feeds a second optimisation based on
evolutionary computing that operates locally on single peers and is aimed at
finding solutions to satisfy locally relevant constraints. The Digital
Ecosystem was then measured experimentally through simulations, with measures
originating from theoretical ecology, evaluating its likeness to biological
ecosystems. This included its responsiveness to requests for applications from
the user base, as a measure of the ecological succession (ecosystem maturity).
Overall, we have advanced the understanding of Digital Ecosystems, creating
Ecosystem-Oriented Architectures where the word ecosystem is more than just a
metaphor.Comment: 39 pages, 26 figures, journa
Using genetic algorithms to create meaningful poetic text
Work carried out when all authors were at the University of Edinburgh.Peer reviewedPostprin
Biology of Applied Digital Ecosystems
A primary motivation for our research in Digital Ecosystems is the desire to
exploit the self-organising properties of biological ecosystems. Ecosystems are
thought to be robust, scalable architectures that can automatically solve
complex, dynamic problems. However, the biological processes that contribute to
these properties have not been made explicit in Digital Ecosystems research.
Here, we discuss how biological properties contribute to the self-organising
features of biological ecosystems, including population dynamics, evolution, a
complex dynamic environment, and spatial distributions for generating local
interactions. The potential for exploiting these properties in artificial
systems is then considered. We suggest that several key features of biological
ecosystems have not been fully explored in existing digital ecosystems, and
discuss how mimicking these features may assist in developing robust, scalable
self-organising architectures. An example architecture, the Digital Ecosystem,
is considered in detail. The Digital Ecosystem is then measured experimentally
through simulations, with measures originating from theoretical ecology, to
confirm its likeness to a biological ecosystem. Including the responsiveness to
requests for applications from the user base, as a measure of the 'ecological
succession' (development).Comment: 9 pages, 4 figure, conferenc
Self-adaptive GA, quantitative semantic similarity measures and ontology-based text clustering
As the common clustering algorithms use vector space model (VSM) to represent document, the conceptual relationships between related terms which do not co-occur literally are ignored. A genetic algorithm-based clustering technique, named GA clustering, in conjunction with ontology is proposed in this article to overcome this problem. In general, the ontology measures can be partitioned into two categories: thesaurus-based methods and corpus-based methods. We take advantage of the hierarchical structure and the broad coverage taxonomy of Wordnet as the thesaurus-based ontology. However, the corpus-based method is rather complicated to handle in practical application. We propose a transformed latent semantic analysis (LSA) model as the corpus-based method in this paper. Moreover, two hybrid strategies, the combinations of the various similarity measures, are implemented in the clustering experiments. The results show that our GA clustering algorithm, in conjunction with the thesaurus-based and the LSA-based method, apparently outperforms that with other similarity measures. Moreover, the superiority of the GA clustering algorithm proposed over the commonly used k-means algorithm and the standard GA is demonstrated by the improvements of the clustering performance
Robustness estimation and optimisation for semantic web service composition with stochastic service failures
Service-oriented architecture (SOA) is a widely adopted software engineering paradigm that encourages modular and reusable applications. One popular application of SOA is web service composition, which aims to loosely couple web services to accommodate complex goals not achievable through any individual web service. Many approaches have been proposed to construct composite services with optimized Quality of Service (QoS), assuming that QoS of web services never changes. However, the constructed composite services may not perform well and may not be executable later due to its component services' failure. Therefore, it is important to build composite services that are robust to stochastic service failures. Two challenges of building robust composite services are to efficiently generate service composition with near-optimal quality in a large search space of available services and to accurately measure the robustness of composite services considering all possible failure scenarios. This article proposes a novel two-stage GA-based approach to robust web service composition with an adaptive evolutionary control and an efficient robustness measurement. This approach can generate robust composite service at the design phase, which can cope with stochastic service failures and maintain high quality at the time of execution. We have conducted experiments with benchmark datasets to evaluate the performance of our proposed approach. Our experiments show that our method can produce highly robust composite services, achieving outstanding performance consistently in the event of stochastic service failures, on service repositories with varying sizes
Quantifying the Impact of Parameter Tuning on Nature-Inspired Algorithms
The problem of parameterization is often central to the effective deployment
of nature-inspired algorithms. However, finding the optimal set of parameter
values for a combination of problem instance and solution method is highly
challenging, and few concrete guidelines exist on how and when such tuning may
be performed. Previous work tends to either focus on a specific algorithm or
use benchmark problems, and both of these restrictions limit the applicability
of any findings. Here, we examine a number of different algorithms, and study
them in a "problem agnostic" fashion (i.e., one that is not tied to specific
instances) by considering their performance on fitness landscapes with varying
characteristics. Using this approach, we make a number of observations on which
algorithms may (or may not) benefit from tuning, and in which specific
circumstances.Comment: 8 pages, 7 figures. Accepted at the European Conference on Artificial
Life (ECAL) 2013, Taormina, Ital
- ā¦