THE METHOD OF ACCESS ISOLATION IN OBJECT-ORIENTED SOFTWARE SYSTEM by A. F. Chipiga, A. A. Ereschenko, L. A. Alpeeva

“…During the software system's designing and development process it is suggested to define the basic access distinction rules between the objects of corresponding classes directly in the source code when defining the classes themselves and the classes' inheritance hierarchy. …”
Get full text

A WEB-APPLICATION QUALITY EVALUATION METHOD BASED ON VULNERABILITY DETECTION by D. E. Onoshko, V. V. Bakhtizin

“…This article introduces a method of web-application quality evaluation based on static analysis of the source code. A model for SQL-injection vulnerability detection and a web-application quality model based on the results of vulnerability detection that extends the ISO/IEC 25010 quality model are described.…”
Get full text

Enhancing smart contract security using a code representation and GAN based methodology by Dileep Kumar Murala, Samia Loucif, K. Vara Prasada Rao, Habib Hamam

“…Synthesizing contract vector data using GANs alleviates data scarcity and facilitates source code acquisition for training our detection system. …”
Get full text

An enhanced approach for automatic annotation of error codes based on Seq2edit by Jian Wang, Tao Lin, Rongsen Zhao, Huiling Zhao

“…Experimental results show that this method can fully utilize the contextual information of the source code during the automatic annotation process, leading to a significant improvement in annotation accuracy.…”
Get full text

A Fuzzing Tool Based on Automated Grammar Detection by Jia Song, Jim Alves-Foss

“…Fuzzing is a security testing technique that finds vulnerabilities automatically without accessing the source code. We built a fuzzer, called JIMA-Fuzzing, which is an effective fuzzing tool that utilizes grammar detected from sample input. …”
Get full text

Improving Performance Of Hmm-based Asr For Gsm-efr Speech Coding by Lallouani Bouchakour, Mohamed Debyeche

“… The Global System for Mobile (GSM) environment includes three main problems for Automatic Speech Recognition (ASR) systems: noisy scenarios, source coding distortion and transmission errors. The second, source coding distortion must be explicitly addressed. …”
Get full text

Code generation system based on MDA and convolutional neural networks by Gabriel Vargas-Monroy, Daissi-Bibiana Gonzalez-Roldan, Carlos Enrique Montenegro-Marín, Alejandro-Paolo Daza-Corredor, Daniel-David Leal-Lara, Daniel-David Leal-Lara

“…The implementation of image recognition, text analysis, and neural network construction yields promising outcomes in generating source code from diagrams. Despite some challenges related to hardware limitations during the training of the neural network, the system successfully interprets the diagrams and produces artifacts using the MDA approach. …”
Get full text

Bytecode-based approach for Ethereum smart contract classification by Dan LIN, Kaixin LIN, Jiajing WU, Zibin ZHENG

“…In recent years, blockchain technology has been widely used and concerned in many fields, including finance, medical care and government affairs.However, due to the immutability of smart contracts and the particularity of the operating environment, various security issues occur frequently.On the one hand, the code security problems of contract developers when writing contracts, on the other hand, there are many high-risk smart contracts in Ethereum, and ordinary users are easily attracted by the high returns provided by high-risk contracts, but they have no way to know the risks of the contracts.However, the research on smart contract security mainly focuses on code security, and there is relatively little research on the identification of contract functions.If the smart contract function can be accurately classified, it will help people better understand the behavior of smart contracts, while ensuring the ecological security of smart contracts and reducing or recovering user losses.Existing smart contract classification methods often rely on the analysis of the source code of smart contracts, but contracts released on Ethereum only mandate the deployment of bytecode, and only a very small number of contracts publish their source code.Therefore, an Ethereum smart contract classification method based on bytecode was proposed.Collect the Ethereum smart contract bytecode and the corresponding category label, and then extract the opcode frequency characteristics and control flow graph characteristics.The characteristic importance is analyzed experimentally to obtain the appropriate graph vector dimension and optimal classification model, and finally the multi-classification task of smart contract in five categories of exchange, finance, gambling, game and high risk is experimentally verified, and the F1 score of the XGBoost classifier reaches 0.913 8.Experimental results show that the algorithm can better complete the classification task of Ethereum smart contracts, and can be applied to the prediction of smart contract categories in reality.…”
Get full text

Evaluating and Securing Text-Based Java Code through Static Code Analysis by Jeong Yang, Young Lee, Amanda Fernandez, Joshua Sanchez

“…The resources include the methods of source code analysis and relevant tools, categorized bugs detected in the code, and compliant code examples with fixing the bugs. …”
Get full text

Spglib: a software library for crystal symmetry search by Atsushi Togo, Kohei Shinohara, Isao Tanaka

“…An iterative algorithm is employed to robustly identify space group types, tolerating a certain amount of distortion in the crystal structures. The source code is distributed under the 3-Clause BSD License, a permissive open-source software license. …”
Get full text

GDBMiner: Mining Precise Input Grammars on (Almost) Any System by Eisele, Max, Hägele, Johannes, Huth, Christopher, Zeller, Andreas

“…However, current grammar mining tools place huge demands on the source code they are applied on, or are too imprecise, both preventing adoption in industrial practice. …”
Get full text

Simulation of Shock-to-Detonation Transition by OpenFOAM by Thien Xuan Dinh, Masatake Yoshida, Shuichi Ishikura

“…In addition, it is a cost-effective simulation, since the code was developed on open-source code, so massive computation can then be run without license costs.…”
Get full text

SECURITY ASSESSMENT OF MOODLE-BASED DISTANCE LEARNING SYSTEM COMPONENTS USING STATIC ANALYSIS TOOLS by Vladislav K. Kuchmin, Grigory O. Krylov

“…The article presents a methodological approach to assessing the security of software components within the Moodle-based distance learning system using automated static source code analysis methods. The increasing importance of securing educational information systems is emphasized in light of the widespread adoption of LMS platforms that process personal and service-related data of participants in the educational process, including assessment results. …”
Get full text

Software diversification method based on binary rewriting by Benwei HE, Yunfei GUO, Yawen WANG, Qingfeng WANG, Hongchao HU

“…Software diversity is an effective defense against code-reuse attacks, but most existing software diversification technologies are based on source code.Obtaining program source code may be difficult, while binary files are challenging to disassemble accurately and distinguish between code pointers and data constants.This makes binary file diversification difficult to generate high levels of randomization entropy, and easily compromised by attackers.To overcome these challenges, a binary file oriented software diversification method was proposed based on static binary rewriting technology, namely instruction offset randomization.This method inserted NOP instructions of varying byte lengths before program instructions with a certain probability, reducing the number of unintended gadgets in the program and randomly offsetting the original instruction address.This disrupts the program’s original memory layout and increases the cost of code-reuse attacks.At the same time, an optimization strategy based on hot code was designed for this method.The execution times of basic blocks in binary files were obtained by dynamic pile insertion, so as to adjust the NOP instruction insertion probability in each basic block.The higher the execution frequency, the fewer NOP instructions were inserted into the basic block, which can ensure lower performance overhead and produce higher randomization entropy.In the experimental part, the SPEC benchmark program was used to test the optimized method from the aspects of performance overhead, gadget survival rate and file size.The results show that a 15% insertion probability achieves the best effect, with an average gadget survival rate of less than 1.49%, increasing attackers’ difficulty in reusing the same gadget attack chain.Furthermore, only a 4.1% operation overhead and 7.7% space overhead are added, maintaining high levels of security.…”
Get full text

Methods for analyzing the impact of software changes on objective functions and safety functions by A. А. Legkodumov, B. N. Kozeyev, V. V. Belikov, A. V. Korolkov

“…In addition to searching for vulnerable code sections, it is important to evaluate the effectiveness of the control flow comparison method in the analysis of source code when transferred to another code base.…”
Get full text

Software Development Process Considerations in GNSS-Denied Navigation Project for Drones by Sebastian Rutkowski, Cezary Szczepański

“…The process was implemented in an environment where software developers were oriented to developing a source code only and who showed great reluctance to follow any formal process. …”
Get full text

TSTA: thread and SIMD-based trapezoidal pairwise/multiple sequence-alignment method by Peiyu Zong, Wenpeng Deng, Jian Liu, Jue Ruan

“…Availability and implementation Source codes are available at https://github.com/bxskdh/TSTA. …”
Get full text

SCUP-HPC: System for Constructing and Utilizing Provenance on High-Performance Computing Systems by Yuta Namiki, Takeo Hosomi, Hideyuki Tanushi, Akihiro Yamashita, Susumu Date

“…To ensure the reproducibility on an HPC system, the provenance must describe the following relationships: 1) executed programs and the corresponding job definition submitted to a workload manager, 2) the program and its source code, and 3) the program and its input/output files. …”
Get full text

Tree Slicing in Clone Detection: Syntactic Analysis Made (Semi)-Semantic by Marat Akhin, Vladimir Itsykson

“…A lot of different clone detection approaches have been proposed over the years to deal with this problem, but almost all of them do not consider semantic properties of the source code. We propose to reinforce traditional tree-based clone detection algorithms by using additional information about variable slices. …”
Get full text

The Effectiveness of Large Language Models in Transforming Unstructured Text to Standardized Formats by William Brach, Kristian Kostal, Michal Ries

“…For further information, source code, and associated resources, please refer to the source code repository (<uri>https://github.com/fiit-ba/text-to-cooklang</uri>).…”
Get full text