66 research outputs found

    Backdooring Neural Code Search

    Full text link
    Reusing off-the-shelf code snippets from online repositories is a common practice, which significantly enhances the productivity of software developers. To find desired code snippets, developers resort to code search engines through natural language queries. Neural code search models are hence behind many such engines. These models are based on deep learning and gain substantial attention due to their impressive performance. However, the security aspect of these models is rarely studied. Particularly, an adversary can inject a backdoor in neural code search models, which return buggy or even vulnerable code with security/privacy issues. This may impact the downstream software (e.g., stock trading systems and autonomous driving) and cause financial loss and/or life-threatening incidents. In this paper, we demonstrate such attacks are feasible and can be quite stealthy. By simply modifying one variable/function name, the attacker can make buggy/vulnerable code rank in the top 11%. Our attack BADCODE features a special trigger generation and injection procedure, making the attack more effective and stealthy. The evaluation is conducted on two neural code search models and the results show our attack outperforms baselines by 60%. Our user study demonstrates that our attack is more stealthy than the baseline by two times based on the F1 score

    Coverage Goal Selector for Combining Multiple Criteria in Search-Based Unit Test Generation

    Full text link
    Unit testing is critical to the software development process, ensuring the correctness of basic programming units in a program (e.g., a method). Search-based software testing (SBST) is an automated approach to generating test cases. SBST generates test cases with genetic algorithms by specifying the coverage criterion (e.g., branch coverage). However, a good test suite must have different properties, which cannot be captured using an individual coverage criterion. Therefore, the state-of-the-art approach combines multiple criteria to generate test cases. Since combining multiple coverage criteria brings multiple objectives for optimization, it hurts the test suites' coverage for certain criteria compared with using the single criterion. To cope with this problem, we propose a novel approach named \textbf{smart selection}. Based on the coverage correlations among criteria and the subsumption relationships among coverage goals, smart selection selects a subset of coverage goals to reduce the number of optimization objectives and avoid missing any properties of all criteria. We conduct experiments to evaluate smart selection on 400400 Java classes with three state-of-the-art genetic algorithms under the 22-minute budget. On average, smart selection outperforms combining all goals on 65.1%65.1\% of the classes having significant differences between the two approaches. Secondly, we conduct experiments to verify our assumptions about coverage criteria relationships. Furthermore, we experiment with different budgets of 55, 88, and 1010 minutes, confirming the advantage of smart selection over combining all goals.Comment: arXiv admin note: substantial text overlap with arXiv:2208.0409

    Investigating Multi-cancer Biomarkers and Their Cross-predictability in the Expression Profiles of Multiple Cancer Types

    Get PDF
    Microarray technology has been widely applied to the analysis of many malignancies, however, integrative analyses across multiple studies are rarely investigated. In this study we performed a meta-analysis on the expression profiles of four published studies analyzing organ donor, benign tissues adjacent to tumor and tumor tissues from liver, prostate, lung and bladder samples. We identified 99 distinct multi-cancer biomarkers in the comparison of all three tissues in liver and prostate and 44 in the comparison of normal versus tumor in liver, prostate and lung. The bladder samples appeared to have a different list of biomarkers from the other three cancer types. The identified multi-cancer biomarkers achieved high accuracy similar to using whole genome in the within-cancer-type prediction. They also performed superior than the one using whole genome in inter-cancer-type prediction. To test the validity of the multi-cancer biomarkers, 23 independent prostate cancer samples were evaluated and 96% accuracy was achieved in inter-study prediction from the original prostate, liver and lung cancer data sets respectively. The result suggests that the compact lists of multi-cancer biomarkers are important in cancer development and represent the common signatures of malignancies of multiple cancer types. Pathway analysis revealed important tumorogenesis functional categories

    A retrospective analysis for investigating the relationship between FIGO stage IVA/IVB and cytoreductive surgery with prognosis in epithelial ovarian cancer

    Get PDF
    ObjectiveTo investigate the effect of primary debulking surgery (PDS), NACT followed by interval debulking surgery (NACT-IDS), and chemotherapy alone on the prognosis of FIGO stage IV epithelial ovarian cancer (EOC) with different metastatic patterns.MethodsWe retrospectively analyzed 133 cases of FIGO stage IV EOC with pleural effusion (stage IVA), parenchymal metastases (stage IVB), or extra-abdominal lymph node metastases (stage IVB) at our Hospital between January 2014 and July 2021.ResultsAmong 133 cases with stage IV disease, 16.5% (n=22) presented with pleural effusion, 46.6% (n=62) with parenchymal metastases, and 36.9% (n=49) with extra-abdominal lymph node metastases. Regardless of the metastatic patterns, the 90.2% (n=120) of cases who underwent PDS/NACT-IDS exhibited a significantly superior overall survival (OS) compared to the 9.8% cases (n=13) who received chemotherapy alone (32 vs 17 months, p=0.000). The cohort was further stratified into 58 cases (48.3%) with R0, 41 cases (34.2%) with R1, and 21 cases (17.5%) with R2. The median OS of cases with R0 was significantly better than that of cases with R1/R2 (74 vs 27 months, p=0.000). There was no significant difference in median OS between PDS and NACT-IDS (43 vs 31 months, p=0.676), as well as between FIGO IVA and IVB (35 vs 31 months, p=0.582). Additionally, the metastatic patterns and the number of neoadjuvant chemotherapy cycles (≤4 or >4) did not demonstrate any prognostic significance for median OS (p=0.820 and 33 vs 26 months, p=0.280, respectively).ConclusionRegardless of FIGO IVA and IVB stages or metastatic patterns, patients diagnosed with stage IV EOC may benefit from cytoreductive surgery with abdominal R0, compared with chemotherapy alone