Home / Advanced Search

  • Title/Keywords

  • Author/Affliations

  • Journal

  • Article Type

  • Start Year

  • End Year

Update SearchingClear
  • Articles
  • Online
Search Results (53)
  • Open Access

    ARTICLE

    Consortium Chain Consensus Vulnerability and Chain Generation Mechanism

    Rui Qiao, Shi Dong*

    CMC-Computers, Materials & Continua, Vol.77, No.2, pp. 2505-2527, 2023, DOI:10.32604/cmc.2023.043476

    Abstract Effectively identifying and preventing the threat of Byzantine nodes to the security of distributed systems is a challenge in applying consortium chains. Therefore, this paper proposes a new consortium chain generation model, deeply analyzes the vulnerability of the consortium chain consensus based on the behavior of the nodes, and points out the effects of Byzantine node proportion and node state verification on the consensus process and system security. Furthermore, the normalized verification node aggregation index that represents the consensus ability of the consortium organization and the trust evaluation function of the verification node set is derived. When either of the… More >

  • Open Access

    ARTICLE

    GRATDet: Smart Contract Vulnerability Detector Based on Graph Representation and Transformer

    Peng Gong1,2,3, Wenzhong Yang2,3,*, Liejun Wang2,3, Fuyuan Wei2,3, KeZiErBieKe HaiLaTi2,3, Yuanyuan Liao2,3

    CMC-Computers, Materials & Continua, Vol.76, No.2, pp. 1439-1462, 2023, DOI:10.32604/cmc.2023.038878

    Abstract Smart contracts have led to more efficient development in finance and healthcare, but vulnerabilities in contracts pose high risks to their future applications. The current vulnerability detection methods for contracts are either based on fixed expert rules, which are inefficient, or rely on simplistic deep learning techniques that do not fully leverage contract semantic information. Therefore, there is ample room for improvement in terms of detection precision. To solve these problems, this paper proposes a vulnerability detector based on deep learning techniques, graph representation, and Transformer, called GRATDet. The method first performs swapping, insertion, and symbolization operations for contract functions,… More >

  • Open Access

    ARTICLE

    Machine Learning-Based Efficient Discovery of Software Vulnerability for Internet of Things

    So-Eun Jeon, Sun-Jin Lee, Il-Gu Lee*

    Intelligent Automation & Soft Computing, Vol.37, No.2, pp. 2407-2419, 2023, DOI:10.32604/iasc.2023.039937

    Abstract With the development of the 5th generation of mobile communication (5G) networks and artificial intelligence (AI) technologies, the use of the Internet of Things (IoT) has expanded throughout industry. Although IoT networks have improved industrial productivity and convenience, they are highly dependent on nonstandard protocol stacks and open-source-based, poorly validated software, resulting in several security vulnerabilities. However, conventional AI-based software vulnerability discovery technologies cannot be applied to IoT because they require excessive memory and computing power. This study developed a technique for optimizing training data size to detect software vulnerabilities rapidly while maintaining learning accuracy. Experimental results using a software… More >

  • Open Access

    ARTICLE

    Dis-NDVW: Distributed Network Asset Detection and Vulnerability Warning Platform

    Leilei Li1, Yansong Wang2, Dongjie Zhu2,*, Xiaofang Li3, Haiwen Du4, Yixuan Lu2, Rongning Qu3, Russell Higgs5

    CMC-Computers, Materials & Continua, Vol.76, No.1, pp. 771-791, 2023, DOI:10.32604/cmc.2023.038268

    Abstract With the rapid development of Internet technology, the issues of network asset detection and vulnerability warning have become hot topics of concern in the industry. However, most existing detection tools operate in a single-node mode and cannot parallelly process large-scale tasks, which cannot meet the current needs of the industry. To address the above issues, this paper proposes a distributed network asset detection and vulnerability warning platform (Dis-NDVW) based on distributed systems and multiple detection tools. Specifically, this paper proposes a distributed message subscription and publication system based on Zookeeper and Kafka, which endows Dis-NDVW with the ability to parallelly… More >

  • Open Access

    ARTICLE

    Étude de la vulnérabilité à la pollution du système phréatique du sahel de Sfax par les outils SIG

    Nadia Trabelsi, Imen Hentati, Ibtissem Triki, Moncef Zairi

    Revue Internationale de Géomatique, Vol.29, No.3, pp. 317-338, 2019, DOI:10.3166/rig.2019.00087

    Abstract The Sfax phreatic system is an important source of water supply. The latter is constantly threatened by nitric pollution. In order to protect this aquifer, a study of the intrinsic vulnerability has been carried out using the SI (Susceptibility Index) method. The model takes into consideration the various vulnerability criteria governing the process of contaminant transfer. These are geological, hydrogeological, land use, topography, and meteorological factors. In this study, a method derived from the SI model is presented (modified SI). The model is based on an approach that integrates hydrological modeling under Agriflux and GIS. Indeed, the use of GIS… More >

  • Open Access

    ARTICLE

    Vulnerability Detection of Ethereum Smart Contract Based on SolBERT-BiGRU-Attention Hybrid Neural Model

    Guangxia Xu1,*, Lei Liu2, Jingnan Dong3

    CMES-Computer Modeling in Engineering & Sciences, Vol.137, No.1, pp. 903-922, 2023, DOI:10.32604/cmes.2023.026627

    Abstract In recent years, with the great success of pre-trained language models, the pre-trained BERT model has been gradually applied to the field of source code understanding. However, the time cost of training a language model from zero is very high, and how to transfer the pre-trained language model to the field of smart contract vulnerability detection is a hot research direction at present. In this paper, we propose a hybrid model to detect common vulnerabilities in smart contracts based on a lightweight pre-trained language model BERT and connected to a bidirectional gate recurrent unit model. The downstream neural network adopts… More >

  • Open Access

    ARTICLE

    SMINER: Detecting Unrestricted and Misimplemented Behaviors of Software Systems Based on Unit Test Cases

    Kyungmin Sim, Jeong Hyun Yi, Haehyun Cho*

    CMC-Computers, Materials & Continua, Vol.75, No.2, pp. 3257-3274, 2023, DOI:10.32604/cmc.2023.036695

    Abstract Despite the advances in automated vulnerability detection approaches, security vulnerabilities caused by design flaws in software systems are continuously appearing in real-world systems. Such security design flaws can bring unrestricted and misimplemented behaviors of a system and can lead to fatal vulnerabilities such as remote code execution or sensitive data leakage. Therefore, it is an essential task to discover unrestricted and misimplemented behaviors of a system. However, it is a daunting task for security experts to discover such vulnerabilities in advance because it is time-consuming and error-prone to analyze the whole code in detail. Also, most of the existing vulnerability… More >

  • Open Access

    ARTICLE

    Adaptive Emulation Framework for Multi-Architecture IoT Firmware Testing

    Jihyeon Yu1, Juhwan Kim1, Youngwoo Lee1, Fayozbek Rustamov2, Joobeom Yun1,*

    CMC-Computers, Materials & Continua, Vol.75, No.2, pp. 3291-3315, 2023, DOI:10.32604/cmc.2023.035835

    Abstract Internet of things (IoT) devices are being increasingly used in numerous areas. However, the low priority on security and various IoT types have made these devices vulnerable to attacks. To prevent this, recent studies have analyzed firmware in an emulation environment that does not require actual devices and is efficient for repeated experiments. However, these studies focused only on major firmware architectures and rarely considered exotic firmware. In addition, because of the diversity of firmware, the emulation success rate is not high in terms of large-scale analyses. In this study, we propose the adaptive emulation framework for multi-architecture (AEMA). In… More >

  • Open Access

    ARTICLE

    Critical Relation Path Aggregation-Based Industrial Control Component Exploitable Vulnerability Reasoning

    Zibo Wang1,3, Chaobin Huo2, Yaofang Zhang1,3, Shengtao Cheng1,3, Yilu Chen1,3, Xiaojie Wei5, Chao Li4, Bailing Wang1,3,*

    CMC-Computers, Materials & Continua, Vol.75, No.2, pp. 2957-2979, 2023, DOI:10.32604/cmc.2023.035694

    Abstract With the growing discovery of exposed vulnerabilities in the Industrial Control Components (ICCs), identification of the exploitable ones is urgent for Industrial Control System (ICS) administrators to proactively forecast potential threats. However, it is not a trivial task due to the complexity of the multi-source heterogeneous data and the lack of automatic analysis methods. To address these challenges, we propose an exploitability reasoning method based on the ICC-Vulnerability Knowledge Graph (KG) in which relation paths contain abundant potential evidence to support the reasoning. The reasoning task in this work refers to determining whether a specific relation is valid between an… More >

  • Open Access

    ARTICLE

    Formal Verification Platform as a Service: WebAssembly Vulnerability Detection Application

    LiangJun Deng1, Hang Lei1, Zheng Yang1, WeiZhong Qian1,*, XiaoYu Li1, Hao Wu2, Sihao Deng3, RuChao Sha1, WeiDong Deng4

    Computer Systems Science and Engineering, Vol.45, No.2, pp. 2155-2170, 2023, DOI:10.32604/csse.2023.027680

    Abstract In order to realize a general-purpose automatic formal verification platform based on WebAssembly technology as a web service (FVPS), which aims to provide an automated report of vulnerability detections, this work builds a Hyperledger Fabric blockchain runtime model. It proposes an optimized methodology of the functional equivalent translation from source program languages to formal languages. This methodology utilizes an external application programming interface (API) table to replace the source codes in compilation, thereby pruning the part of housekeeping codes to ease code inflation. Code inflation is a significant metric in formal language translation. Namely, minor code inflation enhances verification scale… More >

Displaying 1-10 on page 1 of 53. Per Page