Home / Advanced Search

  • Title/Keywords

  • Author/Affliations

  • Journal

  • Article Type

  • Start Year

  • End Year

Update SearchingClear
  • Articles
  • Online
Search Results (6)
  • Open Access

    ARTICLE

    A New Framework for Software Vulnerability Detection Based on an Advanced Computing

    Bui Van Cong1, Cho Do Xuan2,*

    CMC-Computers, Materials & Continua, Vol.79, No.3, pp. 3699-3723, 2024, DOI:10.32604/cmc.2024.050019 - 20 June 2024

    Abstract The detection of software vulnerabilities written in C and C++ languages takes a lot of attention and interest today. This paper proposes a new framework called DrCSE to improve software vulnerability detection. It uses an intelligent computation technique based on the combination of two methods: Rebalancing data and representation learning to analyze and evaluate the code property graph (CPG) of the source code for detecting abnormal behavior of software vulnerabilities. To do that, DrCSE performs a combination of 3 main processing techniques: (i) building the source code feature profiles, (ii) rebalancing data, and (iii) contrastive… More >

  • Open Access

    ARTICLE

    GRATDet: Smart Contract Vulnerability Detector Based on Graph Representation and Transformer

    Peng Gong1,2,3, Wenzhong Yang2,3,*, Liejun Wang2,3, Fuyuan Wei2,3, KeZiErBieKe HaiLaTi2,3, Yuanyuan Liao2,3

    CMC-Computers, Materials & Continua, Vol.76, No.2, pp. 1439-1462, 2023, DOI:10.32604/cmc.2023.038878 - 30 August 2023

    Abstract Smart contracts have led to more efficient development in finance and healthcare, but vulnerabilities in contracts pose high risks to their future applications. The current vulnerability detection methods for contracts are either based on fixed expert rules, which are inefficient, or rely on simplistic deep learning techniques that do not fully leverage contract semantic information. Therefore, there is ample room for improvement in terms of detection precision. To solve these problems, this paper proposes a vulnerability detector based on deep learning techniques, graph representation, and Transformer, called GRATDet. The method first performs swapping, insertion, and symbolization… More >

  • Open Access

    REVIEW

    Open-Source Codes of Topology Optimization: A Summary for Beginners to Start Their Research

    Yingjun Wang1,*, Xinqing Li1, Kai Long2, Peng Wei3

    CMES-Computer Modeling in Engineering & Sciences, Vol.137, No.1, pp. 1-34, 2023, DOI:10.32604/cmes.2023.027603 - 23 April 2023

    Abstract Topology optimization (TO), a numerical technique to find the optimal material layout with a given design domain, has attracted interest from researchers in the field of structural optimization in recent years. For beginners, opensource codes are undoubtedly the best alternative to learning TO, which can elaborate the implementation of a method in detail and easily engage more people to employ and extend the method. In this paper, we present a summary of various open-source codes and related literature on TO methods, including solid isotropic material with penalization (SIMP), evolutionary method, level set method (LSM), moving More > Graphic Abstract

    Open-Source Codes of Topology Optimization: A Summary for Beginners to Start Their Research

  • Open Access

    ARTICLE

    DLBT: Deep Learning-Based Transformer to Generate Pseudo-Code from Source Code

    Walaa Gad1,*, Anas Alokla1, Waleed Nazih2, Mustafa Aref1, Abdel-badeeh Salem1

    CMC-Computers, Materials & Continua, Vol.70, No.2, pp. 3117-3132, 2022, DOI:10.32604/cmc.2022.019884 - 27 September 2021

    Abstract Understanding the content of the source code and its regular expression is very difficult when they are written in an unfamiliar language. Pseudo-code explains and describes the content of the code without using syntax or programming language technologies. However, writing Pseudo-code to each code instruction is laborious. Recently, neural machine translation is used to generate textual descriptions for the source code. In this paper, a novel deep learning-based transformer (DLBT) model is proposed for automatic Pseudo-code generation from the source code. The proposed model uses deep learning which is based on Neural Machine Translation (NMT)… More >

  • Open Access

    ARTICLE

    Combinatorial Method with Static Analysis for Source Code Security in Web Applications

    Juan Ramón Bermejo Higuera1, Javier Bermejo Higuera1, Juan Antonio Sicilia Montalvo1, Tomás Sureda Riera2, Christopher I. Argyros3, Á. Alberto Magreñán4,*

    CMES-Computer Modeling in Engineering & Sciences, Vol.129, No.2, pp. 541-565, 2021, DOI:10.32604/cmes.2021.017213 - 08 October 2021

    Abstract Security weaknesses in web applications deployed in cloud architectures can seriously affect its data confidentiality and integrity. The construction of the procedure utilized in the static analysis tools of source code security differs and therefore each tool finds a different number of each weakness type for which it is designed. To utilize the possible synergies different static analysis tools may process, this work uses a new method to combine several source codes aiming to investigate how to increase the performance of security weakness detection while reducing the number of false positives. Specifically, five static analysis More >

  • Open Access

    ARTICLE

    Automatic Mining of Security-Sensitive Functions from Source Code

    Lin Chen1,2, Chunfang Yang1,2,*, Fenlin Liu1,2, Daofu Gong1,2, Shichang Ding3

    CMC-Computers, Materials & Continua, Vol.56, No.2, pp. 199-210, 2018, DOI:10.3970/cmc.2018.02574

    Abstract When dealing with the large-scale program, many automatic vulnerability mining techniques encounter such problems as path explosion, state explosion, and low efficiency. Decomposition of large-scale programs based on safety-sensitive functions helps solve the above problems. And manual identification of security-sensitive functions is a tedious task, especially for the large-scale program. This study proposes a method to mine security-sensitive functions the arguments of which need to be checked before they are called. Two argument-checking identification algorithms are proposed based on the analysis of two implementations of argument checking. Based on these algorithms, security-sensitive functions are detected More >

Displaying 1-10 on page 1 of 6. Per Page