Approximate Analyzing of Labeled Transition Systems

As the most important formal semantic model, labeled transition systems are widely used, which can describe the general concurrent systems or control systems without disturbance. However, under normal circumstance, transition systems are complex and difficult to use due to large amount of calculation and the state space explosion problems. In order to overcome these problems, approximate equivalent labeled transition systems are proposed by means of incomplete low-up matrix decomposition factorization. This technique can reduce the complexity of computation and calculate under the allowing errors. As for continuous-time linear systems, we develop a modeling method of approximated transition system based on the approximate solution of matrix, which provides a facility for approximately formal semantic modeling for linear systems and to effectively analyze errors. An example of application in the context of linear systems without disturbances is studied

InviCloak: An End-to-End Approach to Privacy and Performance in Web Content Distribution

In today's web ecosystem, a website that uses a Content Delivery Network (CDN) shares its Transport Layer Security (TLS) private key or session key with the CDN. In this paper, we present the design and implementation of InviCloak, a system that protects the confidentiality and integrity of a user and a website's private communications without changing TLS or upgrading a CDN. InviCloak builds a lightweight but secure and practical key distribution mechanism using the existing DNS infrastructure to distribute a new public key associated with a website's domain name. A web client and a website can use the new key pair to build an encryption channel inside TLS. InviCloak accommodates the current web ecosystem. A website can deploy InviCloak unilaterally without a client's involvement to prevent a passive attacker inside a CDN from eavesdropping on their communications. If a client also installs InviCloak's browser extension, the client and the website can achieve end-to-end confidential and untampered communications in the presence of an active attacker inside a CDN. Our evaluation shows that InviCloak increases the median page load times (PLTs) of realistic web pages from 2.0s to 2.1s, which is smaller than the median PLTs (2.8s) of a state-of-the-art TEE-based solution

Gitor: Scalable Code Clone Detection by Building Global Sample Graph

Code clone detection is about finding out similar code fragments, which has drawn much attention in software engineering since it is important for software maintenance and evolution. Researchers have proposed many techniques and tools for source code clone detection, but current detection methods concentrate on analyzing or processing code samples individually without exploring the underlying connections among code samples. In this paper, we propose Gitor to capture the underlying connections among different code samples. Specifically, given a source code database, we first tokenize all code samples to extract the pre-defined individual information. After obtaining all samples individual information, we leverage them to build a large global sample graph where each node is a code sample or a type of individual information. Then we apply a node embedding technique on the global sample graph to extract all the samples vector representations. After collecting all code samples vectors, we can simply compare the similarity between any two samples to detect possible clone pairs. More importantly, since the obtained vector of a sample is from a global sample graph, we can combine it with its own code features to improve the code clone detection performance. To demonstrate the effectiveness of Gitor, we evaluate it on a widely used dataset namely BigCloneBench. Our experimental results show that Gitor has higher accuracy in terms of code clone detection and excellent execution time for inputs of various sizes compared to existing state-of-the-art tools. Moreover, we also evaluate the combination of Gitor with other traditional vector-based clone detection methods, the results show that the use of Gitor enables them detect more code clones with higher F1.Comment: 12 pages, 5 figure

Obfuscation-resilient Android Malware Analysis Based on Contrastive Learning

Due to its open-source nature, Android operating system has been the main target of attackers to exploit. Malware creators always perform different code obfuscations on their apps to hide malicious activities. Features extracted from these obfuscated samples through program analysis contain many useless and disguised features, which leads to many false negatives. To address the issue, in this paper, we demonstrate that obfuscation-resilient malware analysis can be achieved through contrastive learning. We take the Android malware classification as an example to demonstrate our analysis. The key insight behind our analysis is that contrastive learning can be used to reduce the difference introduced by obfuscation while amplifying the difference between malware and benign apps (or other types of malware). Based on the proposed analysis, we design a system that can achieve robust and interpretable classification of Android malware. To achieve robust classification, we perform contrastive learning on malware samples to learn an encoder that can automatically extract robust features from malware samples. To achieve interpretable classification, we transform the function call graph of a sample into an image by centrality analysis. Then the corresponding heatmaps are obtained by visualization techniques. These heatmaps can help users understand why the malware is classified as this family. We implement IFDroid and perform extensive evaluations on two widely used datasets. Experimental results show that IFDroid is superior to state-of-the-art Android malware familial classification systems. Moreover, IFDroid is capable of maintaining 98.2% true positive rate on classifying 8,112 obfuscated malware samples

A Community Detection and Graph Neural Network Based Link Prediction Approach for Scientific Literature

This study presents a novel approach that synergizes community detection algorithms with various Graph Neural Network (GNN) models to bolster link prediction in scientific literature networks. By integrating the Louvain community detection algorithm into our GNN frameworks, we consistently enhance performance across all models tested. For example, integrating Louvain with the GAT model resulted in an AUC score increase from 0.777 to 0.823, exemplifying the typical improvements observed. Similar gains are noted when Louvain is paired with other GNN architectures, confirming the robustness and effectiveness of incorporating community-level insights. This consistent uplift in performance reflected in our extensive experimentation on bipartite graphs of scientific collaborations and citations highlights the synergistic potential of combining community detection with GNNs to overcome common link prediction challenges such as scalability and resolution limits. Our findings advocate for the integration of community structures as a significant step forward in the predictive accuracy of network science models, offering a comprehensive understanding of scientific collaboration patterns through the lens of advanced machine learning techniques

Approximate Equivalence of the Hybrid Automata with Taylor Theory

Hybrid automaton is a formal model for precisely describing a hybrid system in which the computational processes interact with the physical ones. The reachability analysis of the polynomial hybrid automaton is decidable, which makes the Taylor approximation of a hybrid automaton applicable and valuable. In this paper, we studied the simulation relation among the hybrid automaton and its Taylor approximation, as well as the approximate equivalence relation. We also proved that the Taylor approximation simulates its original hybrid automaton, and similar hybrid automata could be compared quantitatively, for example, the approximate equivalence we proposed in the paper

Automata-Based Analysis of Stage Suspended Boom Systems

A stage suspended boom system is an automatic steeve system orchestrated by the PLC (programmable logic controller). Security and fault-recovering are two important properties. In this paper, we analyze and verify the boom system formally. We adopt the hybrid automaton to model the boom system. The forward reachability is used to verify the properties with the reachable states. We also present a case study to illustrate the feasibility of the proposed verification

Towards Understanding the Capability of Large Language Models on Code Clone Detection: A Survey

Code cloning, the duplication of code fragments, is common in software development. While some reuse aids productivity, excessive cloning hurts maintainability and introduces bugs. Hence, automatic code clone detection is vital. Meanwhile, large language models (LLMs) possess diverse code-related knowledge, making them versatile for various software engineering challenges. However, LLMs' performance in code clone detection is unclear and needs more study for accurate assessment. In this paper, we provide the first comprehensive evaluation of LLMs for clone detection, covering different clone types, languages, and prompts. We find advanced LLMs excel in detecting complex semantic clones, surpassing existing methods. Adding intermediate reasoning steps via chain-of-thought prompts noticeably enhances performance. Additionally, representing code as vector embeddings, especially with text encoders, effectively aids clone detection.Lastly, the ability of LLMs to detect code clones differs among various programming languages. Our study suggests that LLMs have potential for clone detection due to their language capabilities, offering insights for developing robust LLM-based methods to enhance software engineering.Comment: 13 pages, 3 figure

Long-term effects of different hypoglycemic drugs on carotid intima-media thickness progression: a systematic review and network meta-analysis

ObjectiveThe progression of carotid intima-media thickness (cIMT) can partially predict the occurrence of future cardiovascular events. This network meta-analysis compared the effects of 14 antidiabetic drugs (acarbose, alogliptin, exenatide, glibenclamide, glimepiride, ipragliflozin, metformin, nateglinide, pioglitazone, rosiglitazone, sitagliptin, tofoglifozin, troglitazone, voglibose) on the progression of cIMT.MethodPubMed, EMBASE, Cochrane Library, and Web of Science were searched to screen all clinical trials of treatment of cIMT with hypoglycemic agents before March 1, 2024. The differences in the changes in cIMT between the treatment group and control group were evaluated.ResultAfter screening 8395 citations, 25 studies (6675 patients) were included. The results indicated that exenatide had the best efficacy in slowing down cIMT progress, and exenatide [MD=-0.13,95%CI (-0.25, -0.01)], alogliptin [MD=-0.08,95%CI (-0.13, -0.02)] and metformin [MD=-0.05, 95%CI (-0.09, -0.02)] are more effective than placebo.ConclusionLong-term treatment of exenatide, alogliptin, and metformin may be more effective than other hypoglycemic drugs in slowing the progression of cIMT.Systematic Review Registrationhttps://www.crd.york.ac.uk/PROSPERO/, identifier CRD42024519474