Global ETD Search

1	Cooperative Based Software Clustering on Dependency Graphs Ibrahim, Ahmed Fakhri 18 June 2014 (has links) The organization of software systems into subsystems is usually based on the constructs of packages or modules and has a major impact on the maintainability of the software. However, during software evolution, the organization of the system is subject to continual modification, which can cause it to drift away from the original design, often with the effect of reducing its quality. A number of techniques for evaluating a system's maintainability and for controlling the effort required to conduct maintenance activities involve software clustering. Software clustering refers to the partitioning of software system components into clusters in order to obtain both exterior and interior connectivity between these components. It helps maintainers enhance the quality of software modularization and improve its maintainability. Research in this area has produced numerous algorithms with a variety of methodologies and parameters. This thesis presents a novel ensemble approach that synthesizes a new solution from the outcomes of multiple constituent clustering algorithms. The main principle behind this approach derived from machine learning, as applied to document clustering, but it has been modified, both conceptually and empirically, for use in software clustering. The conceptual modifications include working with a variable number of clusters produced by the input algorithms and employing graph structures rather than feature vectors. The empirical modifications include experiments directed at the selection of the optimal cluster merging criteria. Case studies based on open source software systems show that establishing cooperation between leading state-of-the-art algorithms produces better clustering results compared with those achieved using only one of any of the algorithms considered. Software Engineering Cooperative Clustering Software Clustering Machine Learning Dependency Graphs
2	Metamorphic malware identification through Annotated Data Dependency Graphs' datasets indexing Aguilera, Luis Miguel Rojas, +55 92 982114961 23 March 2018 (has links) Submitted by Luis Miguel Rojas Aguilera (rojas@icomp.ufam.edu.br) on 2018-09-10T13:04:22Z No. of bitstreams: 2 license_rdf: 0 bytes, checksum: d41d8cd98f00b204e9800998ecf8427e (MD5) DissertacaoLuisRojasComFichaCatalograficaEFolhaAprovacao.pdf: 6768066 bytes, checksum: 5c26bd8a9fe369e787ba394d81fd07f3 (MD5) / Approved for entry into archive by Divisão de Documentação/BC Biblioteca Central (ddbc@ufam.edu.br) on 2018-09-10T18:13:42Z (GMT) No. of bitstreams: 2 license_rdf: 0 bytes, checksum: d41d8cd98f00b204e9800998ecf8427e (MD5) DissertacaoLuisRojasComFichaCatalograficaEFolhaAprovacao.pdf: 6768066 bytes, checksum: 5c26bd8a9fe369e787ba394d81fd07f3 (MD5) / Rejected by Divisão de Documentação/BC Biblioteca Central (ddbc@ufam.edu.br), reason: O Campo "Agência de Fomento" deve ser preenchido com o nome (ou sigla) da Agência de Fomento. on 2018-09-10T18:15:16Z (GMT) / Submitted by Luis Miguel Rojas Aguilera (rojas@icomp.ufam.edu.br) on 2018-09-10T18:57:05Z No. of bitstreams: 2 DissertacaoLuisRojasComFichaCatalograficaEFolhaAprovacao.pdf: 6768066 bytes, checksum: 5c26bd8a9fe369e787ba394d81fd07f3 (MD5) license_rdf: 0 bytes, checksum: d41d8cd98f00b204e9800998ecf8427e (MD5) / Approved for entry into archive by Secretaria PPGI (secretariappgi@icomp.ufam.edu.br) on 2018-09-10T20:49:15Z (GMT) No. of bitstreams: 2 DissertacaoLuisRojasComFichaCatalograficaEFolhaAprovacao.pdf: 6768066 bytes, checksum: 5c26bd8a9fe369e787ba394d81fd07f3 (MD5) license_rdf: 0 bytes, checksum: d41d8cd98f00b204e9800998ecf8427e (MD5) / Approved for entry into archive by Divisão de Documentação/BC Biblioteca Central (ddbc@ufam.edu.br) on 2018-09-11T14:07:43Z (GMT) No. of bitstreams: 2 DissertacaoLuisRojasComFichaCatalograficaEFolhaAprovacao.pdf: 6768066 bytes, checksum: 5c26bd8a9fe369e787ba394d81fd07f3 (MD5) license_rdf: 0 bytes, checksum: d41d8cd98f00b204e9800998ecf8427e (MD5) / Made available in DSpace on 2018-09-11T14:07:43Z (GMT). No. of bitstreams: 2 DissertacaoLuisRojasComFichaCatalograficaEFolhaAprovacao.pdf: 6768066 bytes, checksum: 5c26bd8a9fe369e787ba394d81fd07f3 (MD5) license_rdf: 0 bytes, checksum: d41d8cd98f00b204e9800998ecf8427e (MD5) Previous issue date: 2018-03-23 / CAPES - Coordenação de Aperfeiçoamento de Pessoal de Nível Superior / Code mutation and metamorphism have been successfully employed to create and proliferate new malware instances from existing malicious code. With such techniques, it is possible to modify a code’s structure without altering its original functions, so, new samples can be made that lack structural and behavioral patterns present in knowledge bases of malware identification systems, which hinders their detection. Previous research endeavors addressing metamorphic malware detection can be grouped into two categories: identification through code signature matching and detection based on models of classification. Matching code signatures presents lower false positive rates in comparison with models of classification, since such structures are resilient to the effects of metamorphism and allow better discrimination among instances, however, temporal complexity of matching algorithms prevents the application of such technique in real detection systems. On the other hand, detection based on classification models present less algorithmic complexity, however, a models’ generalization capacity is affected by the versatility of patterns that can be obtained by applying techniques of metamorphism. In order to overcome such limitations, this work presents methods for metamorphic malware identification through matching annotated data dependency graphs, extracted from known malwares and suspicious instances in the moment of analysis. To deal with comparison algorithms’ complexity, using these methods on real detection systems, the databases of graphs were indexed using machine learning algorithms, resulting in multiclass classification models that discriminated among malware families based on structural features of graphs. Experimental results, employing a prototype of the proposed methods from a database of 40,785 graphs extracted from 4,530 malware instances, presented detection times below 150 seconds for all instances, as well as higher average accuracy than 56 evaluated commercial malware detection systems. / A mutação de código e o metamorfismo têm sido empregados com sucesso para a criação e proliferação de novas instâncias de malware a partir de códigos maliciosos existentes. Com estas técnicas é possível modificar a estrutura de um código sem alterar as funcionalidades originais para obter novas instâncias que não se encaixam nos padrões estruturais e de comportamento presentes em bases de conhecimento dos sistemas de identificação de malware, dificultando assim a detecção. Pesquisas anteriores que abordam a detecção de malware metamórfico podem ser agrupadas em: identificação por meio do matching de assinaturas de código e detecção baseada em modelos de classificação. O matching de assinaturas de código tem apresentado taxas de falsos positivos inferiores às apresentadas pelos modelos de classificação, uma vez que estas estruturas são resilientes aos efeitos do metamorfismo e permitem melhor discriminação entre as instâncias. Entretanto a complexidade temporal dos algoritmos de comparação impedem a aplicação desta técnica em sistemas de detecção reais. Por outro lado, a detecção baseada em modelos de classificação apresenta menor complexidade algorítmica, porém a capacidade de generalização dos modelos se vê afetada pela versatilidade de padrões que podem ser obtidos por médio da aplicação de técnicas de metamorfismo. Para superar estas limitações, este trabalho apresenta uma metodologia para a identificação de malware metamórfico através da comparação de grafos de dependência de dados anotados extraídos de malwares conhecidos e de instâncias suspeitas no momento da análise. Para lidar com a complexidade dos algoritmos de comparação, permitindo assim a utilização da metodologia em sistemas de detecção reais, as bases de grafos são indexadas empregando algoritmos de aprendizagem de máquina, resultando em modelos de classificação multiclasse que discriminam entre famílias de malwares a partir das características estruturais dos grafos. Resultados experimentais, utilizando um protótipo da metodologia proposta sobre uma base composta por 40,785 grafos extraídos de 4,530 instâncias de malwares, mostraram tempos de detecção inferiores aos 150 segundos para processar todas as instâncias e de criação dos modelos inferiores aos 10 minutos, bem como acurácia média superior à maioria de 56 ferramentas comerciais de detecção de malware avaliadas. Code metamorphism Malware detection Graphs dataset indexing Data dependency graphs
3	The State of Software Diversity in the Software Supply Chain of Ethereum Clients Jönsson, Noak January 2022 (has links) The software supply chain constitutes all the resources needed to produce a software product. A large part of this is the use of open-source software packages.Although the use of open-source software makes it easier for vast numbers of developers to create new products, they all become susceptible to the same bugs or malicious code introduced in components outside of their control.Ethereum is a vast open-source blockchain network that aims to replace several functionalities provided by centralized institutions.Several software clients are independently developed in different programming languages to maintain the stability and security of this decentralized model.In this report, the software supply chains of the most popular Ethereum clients are cataloged and analyzed.The dependency graphs of Ethereum clients developed in Go, Rust, and Java, are studied. These client are Geth, Prysm, OpenEthereum, Lighthouse, Besu, and Teku.To do so, their dependency graphs are transformed into a unified format.Quantitative metrics are used to depict the software supply chain of the blockchain.The results show a clear difference in the size of the software supply chain required for the execution layer and consensus layer of Ethereum.Varying degrees of software diversity are present in the studied ecosystem. For the Go clients, 97% of Geth dependencies also in the supply chain of Prysm.The Java clients Besu and Teku share 69% and 60% of their dependencies respectively.The Rust clients showing a much more notable amount of diversity, with only 43% and 35% of OpenEthereum and Lighthouse respective dependencies being shared. / Mjukvaruleverantörskedjan sammanfattar all resurser som behövs för att producera en mjukvaruprodukt. En stor del av detta är användningen av öppen källkod. Trots att användningen av öppen källkod tillåter snabb produktion av nya produkter, utsätter sig alla som använder den för potentiella bug- gar samt attacker som kan tillföras utanför deras kontroll. Ethere- um är ett stort blockkedje nätverk baserad på öppen källkod som försöker konkurrera med tjänster som tidigare endast erbjudits av centraliserade institutioner. Det finns flera implementationer av mjukvaran som implementerar Ethereum som alla utvecklas oberoende av varandra i olika programmerings språk för att öka stabiliteten och säkerheten av den decentraliserade modellen. I denna rapport studeras mjukvaruleverantörskedjorna av de mest populära klienterna som implementerar Ethereum. Dessa utveck- las i programmeringsspråken Go, Rust, och Java. Dom studerade klienterna är Geth, Prysm, OpenEthereum, Lighthouse, Besu, och Teku. För att genomföra studien transformeras klienternas mjuk- varuleverantörskedjor till ett standardiserat format. Kvantitiva mått används för att beskriva dessa leverantörskedjor. Resultaten visar en stor skillnad i storlek av leverantörskedjor för olika lager i Ethereum. Det visas att det finns en varierande mångfald av mjukvara baserat på de språk som klienter är utvecklade med. Leverantörskedjorna av Go klienter sammanfaller i princip fullt, medan de av Java klienter sammanfaller med en stor majoritet, och de av Rust klienter visar på mest mångfald i mjukvarupaket. / Kandidatexjobb i elektroteknik 2022, KTH, Stockholm Software Supply Chain Dependency Graphs Open Source Software Software Diversity Ethereum Blockchain Elektroteknik och elektronik
4	Relation Classification using Semantically-Enhanced Syntactic Dependency Paths : Combining Semantic and Syntactic Dependencies for Relation Classification using Long Short-Term Memory Networks Capshaw, Riley January 2018 (has links) Many approaches to solving tasks in the field of Natural Language Processing (NLP) use syntactic dependency trees (SDTs) as a feature to represent the latent nonlinear structure within sentences. Recently, work in parsing sentences to graph-based structures which encode semantic relationships between words—called semantic dependency graphs (SDGs)—has gained interest. This thesis seeks to explore the use of SDGs in place of and alongside SDTs within a relation classification system based on long short-term memory (LSTM) neural networks. Two methods for handling the information in these graphs are presented and compared between two SDG formalisms. Three new relation extraction system architectures have been created based on these methods and are compared to a recent state-of-the-art LSTM-based system, showing comparable results when semantic dependencies are used to enhance syntactic dependencies, but with significantly fewer training parameters. Natural language processing NLP computational linguistics syntactic dependency trees semantic dependency graphs relation classification relation extraction artificial intelligence machine learning deep learning neural networks long short-term memory LSTM
5	Abordagens heurísticas aplicadas ao Problema da Alocação Dinâmica de Espaços. Costa, Wagner Silva 12 August 2013 (has links) Made available in DSpace on 2015-05-14T12:36:37Z (GMT). No. of bitstreams: 1 ArquivoTotalWagner.pdf: 1537495 bytes, checksum: 24391c06b84eb789a63789d66472a304 (MD5) Previous issue date: 2013-08-12 / Coordenação de Aperfeiçoamento de Pessoal de Nível Superior / The Dynamic Allocation Problem Spaces (DSAP) is recent literature, and was inspired by the need to minimize the distances between requested resources for the execution of activities in nuclear power plants. There are similarities of the problem with projects in which the movement of resources generates costs for the final planning, or in cases where congestion of these resources is not advisable, as in large buildings or works in mining. It is necessary, the use of these approximation methods considered to be NP hard. For this, a new constructive heuristic is proposed using integer linear programming model based on activity streams that incorporate information from the graph of dependencies between activities, and then an application of the hybrid GRASP meta-heuristic is discussed. The computational results show that this approach is able to obtain high-quality solutions. / O Problema da Alocação Dinâmica de Espaços (PADE) foi inspirado na necessidade de otimização da distância percorrida por recursos requeridos para realização de atividades na ocorrência de desligamentos planejados em centrais de energia elétrica. Em geral, o problema apresenta aplicações potenciais em projetos nos quais movimentar um recurso é uma tarefa difícil ou cara, ou nos quais o congestionamento desses recursos é indesejável,como em atividades de mineração.Este problema é computacionalmente difícil de se resolvido, logo obter uma solução ótima para instâncias de elevadas dimensões justica o uso de métodos aproximativos. Este trabalho propõe a utilização da metaheurística GRASP para a resolução do PADE. Ciência da computação Modelagem em programa linear inteira Grafos de dependências modeling in integer linear programming dependency graphs issue of resource allocation GRASP
6	Formal verification of a synchronous data-flow compiler : from Signal to C Ngô, Van Chan 01 July 2014 (has links) (PDF) Synchronous languages such as Signal, Lustre and Esterel are dedicated to designing safety-critical systems. Their compilers are large and complicated programs that may be incorrect in some contexts, which might produce silently bad compiled code when compiling source programs. The bad compiled code can invalidate the safety properties that are guaranteed on the source programs by applying formal methods. Adopting the translation validation approach, this thesis aims at formally proving the correctness of the highly optimizing and industrial Signal compiler. The correctness proof represents both source program and compiled code in a common semantic framework, then formalizes a relation between the source program and its compiled code to express that the semantics of the source program are preserved in the compiled code. Formal verification Translation validation Validated Compiler Synchronous Programs Polychronous Models Embedded systems Safety-critical systems Deadlock detection Compilation Polychrony Dependency graphs SMT solving Value-graphs Graph rewriting
7	Formal verification of a synchronous data-flow compiler : from Signal to C / Vérification formelle d’un compilateur synchrone : de Signal vers C Ngô, Van Chan 01 July 2014 (has links) Les langages synchrones tels que Signal, Lustre et Esterel sont dédiés à la conception de systèmes critiques. Leurs compilateurs, qui sont de très gros programmes complexes, peuvent a priori se révéler incorrects dans certains situations, ce qui donnerait lieu alors à des résultats de compilation erronés non détectés. Ces codes fautifs peuvent invalider des propriétés de sûreté qui ont été prouvées en appliquant des méthodes formelles sur les programmes sources. En adoptant une approche de validation de la traduction, cette thèse vise à prouver formellement la correction d'un compilateur optimisé et industriel de Signal. La preuve de correction représente dans un cadre sémantique commun le programme source et le code compilé, et formalise une relation entre eux pour exprimer la préservation des sémantiques du programme source dans le code compilé. / Synchronous languages such as Signal, Lustre and Esterel are dedicated to designing safety-critical systems. Their compilers are large and complicated programs that may be incorrect in some contexts, which might produce silently bad compiled code when compiling source programs. The bad compiled code can invalidate the safety properties that are guaranteed on the source programs by applying formal methods. Adopting the translation validation approach, this thesis aims at formally proving the correctness of the highly optimizing and industrial Signal compiler. The correctness proof represents both source program and compiled code in a common semantic framework, then formalizes a relation between the source program and its compiled code to express that the semantics of the source program are preserved in the compiled code. Vérification formelle Validation de la traduction Compilateur validé Programmes synchrones Modèles polychrones Systèmes embarqués Systèmes critiques Détection des blocages Compilation Polychrony Graphiques de dépendance SMT solving Valeur-graphiques Graphique réécriture. Formal verification Translation validation Validated Compiler Synchronous Programs Polychronous Models Embedded systems Safety-critical systems Deadlock detection Compilation Polychrony Dependency graphs SMT solving Value-graphs Graph rewriting.

1

Page generated in 0.068 seconds