Worst-input mutation approach to web services vulnerability testing based on SOAP messages

The growing popularity and application of Web services have led to an increase in attention to the vulnerability of software based on these services. Vulnerability testing examines the trustworthiness, and reduces the security risks of software systems, however such testing of Web services has become increasing challenging due to the cross-platform and heterogeneous characteristics of their deployment. This paper proposes a worst-input mutation approach for testing Web service vulnerability based on SOAP (Simple Object Access Protocol) messages. Based on characteristics of the SOAP messages, the proposed approach uses the farthest neighbor concept to guide generation of the test suite. The test case generation algorithm is presented, and a prototype Web service vulnerability testing tool described. The tool was applied to the testing of Web services on the Internet, with experimental results indicating that the proposed approach, which found more vulnerability faults than other related approaches, is both practical and effective

A Quantitative Assessment Approach to COTS Component Security

The vulnerability of software components hinders the development of component technology. An effective assessment approach to component security level can promote the development of component technology. Thus, the current paper proposes a quantitative assessment approach to COTS (commercial-off-the-shelf) component security. The steps of interface fault injection and the assessment framework are given based on the internal factors of the tested component. The quantitative assessment algorithm and formula of component security level are also presented. The experiment results show that the approach not only can detect component security vulnerabilities effectively but also quantitatively assess the component security level. The score of component security can be accurately calculated, which represents the security level of the tested component

Large expert-curated database for benchmarking document similarity detection in biomedical literature search

Document recommendation systems for locating relevant literature have mostly relied on methods developed a decade ago. This is largely due to the lack of a large offline gold-standard benchmark of relevant documents that cover a variety of research fields such that newly developed literature search techniques can be compared, improved and translated into practice. To overcome this bottleneck, we have established the RElevant LIterature SearcH consortium consisting of more than 1500 scientists from 84 countries, who have collectively annotated the relevance of over 180 000 PubMed-listed articles with regard to their respective seed (input) article/s. The majority of annotations were contributed by highly experienced, original authors of the seed articles. The collected data cover 76% of all unique PubMed Medical Subject Headings descriptors. No systematic biases were observed across different experience levels, research fields or time spent on annotations. More importantly, annotations of the same document pairs contributed by different scientists were highly concordant. We further show that the three representative baseline methods used to generate recommended articles for evaluation (Okapi Best Matching 25, Term Frequency-Inverse Document Frequency and PubMed Related Articles) had similar overall performances. Additionally, we found that these methods each tend to produce distinct collections of recommended articles, suggesting that a hybrid method may be required to completely capture all relevant articles. The established database server located at https://relishdb.ict.griffith.edu.au is freely available for the downloading of annotation data and the blind testing of new methods. We expect that this benchmark will be useful for stimulating the development of new powerful techniques for title and title/abstract-based search engines for relevant articles in biomedical research.Peer reviewe

A Comprehensive Algorithm for Evaluating Node Influences in Social Networks Based on Preference Analysis and Random Walk

In the era of big data, social network has become an important reflection of human communications and interactions on the Internet. Identifying the influential spreaders in networks plays a crucial role in various areas, such as disease outbreak, virus propagation, and public opinion controlling. Based on the three basic centrality measures, a comprehensive algorithm named PARW-Rank for evaluating node influences has been proposed by applying preference relation analysis and random walk technique. For each basic measure, the preference relation between every node pair in a network is analyzed to construct the partial preference graph (PPG). Then, the comprehensive preference graph (CPG) is generated by combining the preference relations with respect to three basic measures. Finally, the ranking of nodes is determined by conducting random walk on the CPG. Furthermore, five public social networks are used for comparative analysis. The experimental results show that our PARW-Rank algorithm can achieve the higher precision and better stability than the existing methods with a single centrality measure

Search-based QoS ranking prediction for web services in cloud environments

Unlike traditional quality of service (QoS) value prediction, QoS ranking prediction examines the order of services under consideration for a particular user. To address this NP-Complete problem, greedy strategy-based solutions, such as CloudRank algorithm, have been widely adopted. However, they can only produce locally approximate solutions. In this paper, we propose a search-based prediction framework to address the QoS ranking problem. The traditional particle swarm optimization (PSO) algorithm has been adapted to optimize the order of services according to their QoS records. In real situations, QoS records for a given consumer are often incomplete, so the related data from close neighbour users is often used to determine preference relations among services. In order to filter the neighbours for a specific user, we present an improved method for measuring the similarity between two users by considering the occurrence probability of service pairs. Based on the similarity computation, the top- neighbours are selected to provide QoS information support for evaluation of the service ranking. A fitness function for an ordered service sequence is defined to guide search algorithm to find high-quality ranking results, and some additional strategies, such as initial solution selection and trap escaping, are also presented. To validate the effectiveness of our proposed solution, experimental studies have been performed on real-world QoS data, the results from which show that our PSO-based approach has a better ranking for services than that computed by the existing CloudRank algorithm, and that the improvement is statistically significant, in most cases

A Smart Semipartitioned Real-Time Scheduling Strategy for Mixed-Criticality Systems in 6G-Based Edge Computing

With the rapid growth of 6G communication and smart sensor technology, the Internet of Things (IoT) has attracted much attention now. In the 6G-based IoT applications on the multiprocessor platform, the partitioned scheduling has been widely applied. However, these partitioned scheduling approaches could cause system resource waste and uneven workload among processors. In this paper, a smart semipartitioned scheduling strategy (SSPS) was proposed for mixed-criticality systems (MCS) in 6G-based edge computing. Besides tasks’ acceptance rate and weighted schedulability, QoS is considered in SSPS to improve the service quality of the system. The SSPS allocates tasks into each processor, and some tasks can migrate to other processors as soon as possible. By comparing with the several existing algorithms, the experimental results show that the SSPS achieves the best in the schedulability and QoS of the system