Vulnerabilities are a known problem in modern Open Source Software(OSS).Most developers often rely on third-party libraries to accelerate feature implementation.However,these libraries may contain vulnerabilities that...Vulnerabilities are a known problem in modern Open Source Software(OSS).Most developers often rely on third-party libraries to accelerate feature implementation.However,these libraries may contain vulnerabilities that attackers can exploit to propagate malicious code,posing security risks to dependent projects.Existing research addresses these challenges through Software Composition Analysis(SCA)for vulnerability detection and remediation.Nevertheless,current solutions may introduce additional issues,such as incompatibilities,dependency conflicts,and additional vulnerabilities.To address this,we propose Vulnerability Scan and Protection(VulnScanPro),a robust solution for detection and remediation vulnerabilities in Java projects.Specifically,VulnScanPro builds a finegrained method graph to identify unreachable methods.The method graph is mapped to the project’s dependency tree,constructing a comprehensive vulnerability propagation graph that identifies unreachable vulnerable APIs and dependencies.Based on this analysis,we propose three solutions for vulnerability remediation:(1)Removing unreachable vulnerable dependencies,thereby resolving security risks and reducing maintenance overhead.(2)Upgrading vulnerable dependencies to the closest non-vulnerable versions,while pinning the versions of transitive dependencies introduced by the vulnerable dependency,in order to mitigate compatibility issues and prevent the introduction of new vulnerabilities.(3)Eliminating unreachable vulnerable APIs,particularly when security patches are either incompatible or absent.Experimental results show that these solutions effectively mitigate vulnerabilities and enhance the overall security of the project.展开更多
This review examines human vulnerabilities in cybersecurity within Microfinance Institutions, analyzing their impact on organizational resilience. Focusing on social engineering, inadequate security training, and weak...This review examines human vulnerabilities in cybersecurity within Microfinance Institutions, analyzing their impact on organizational resilience. Focusing on social engineering, inadequate security training, and weak internal protocols, the study identifies key vulnerabilities exacerbating cyber threats to MFIs. A literature review using databases like IEEE Xplore and Google Scholar focused on studies from 2019 to 2023 addressing human factors in cybersecurity specific to MFIs. Analysis of 57 studies reveals that phishing and insider threats are predominant, with a 20% annual increase in phishing attempts. Employee susceptibility to these attacks is heightened by insufficient training, with entry-level employees showing the highest vulnerability rates. Further, only 35% of MFIs offer regular cybersecurity training, significantly impacting incident reduction. This paper recommends enhanced training frequency, robust internal controls, and a cybersecurity-aware culture to mitigate human-induced cyber risks in MFIs.展开更多
With the rapid proliferation of Internet ofThings(IoT)devices,ensuring their communication security has become increasingly important.Blockchain and smart contract technologies,with their decentralized nature,provide ...With the rapid proliferation of Internet ofThings(IoT)devices,ensuring their communication security has become increasingly important.Blockchain and smart contract technologies,with their decentralized nature,provide strong security guarantees for IoT.However,at the same time,smart contracts themselves face numerous security challenges,among which reentrancy vulnerabilities are particularly prominent.Existing detection tools for reentrancy vulnerabilities often suffer from high false positive and false negative rates due to their reliance on identifying patterns related to specific transfer functions.To address these limitations,this paper proposes a novel detection method that combines pattern matching with deep learning.Specifically,we carefully identify and define three common patterns of reentrancy vulnerabilities in smart contracts.Then,we extract key vulnerability features based on these patterns.Furthermore,we employ a Graph Attention Neural Network to extract graph embedding features from the contract graph,capturing the complex relationships between different components of the contract.Finally,we use an attention mechanism to fuse these two sets of feature information,enhancing the weights of effective information and suppressing irrelevant information,thereby significantly improving the accuracy and robustness of vulnerability detection.Experimental results demonstrate that our proposed method outperforms existing state-ofthe-art techniques,achieving a 3.88%improvement in accuracy compared to the latest vulnerability detection model AME(Attentive Multi-Encoder Network).This indicates that our method effectively reduces false positives and false negatives,significantly enhancing the security and reliability of smart contracts in the evolving IoT ecosystem.展开更多
Coral reefs worldwide are losing their species diversity and ecosystem function under threats from global warming and anthropogenic activities.In this study,we investigated the diversity and current state of scleracti...Coral reefs worldwide are losing their species diversity and ecosystem function under threats from global warming and anthropogenic activities.In this study,we investigated the diversity and current state of scleractinian corals surrounding the Qizhou Archipelago.A total of 87 species of scleractinian corals,belonging to 29 genera and 12 families,were found across ten survey sites.The family Merulinidae exhibited the highest species richness(39 species and 12 genera),followed by Acroporidae(15 species and 3genera).The living coral coverage was 16.9%±10.3%(mean±SD)and ranged from 4.6%to 35.1%,which varied significantly.Massive corals such as Porites lutea,Porites lobata,Montipora nodosa,and Favites abdita were dominant species.The recruitment rate of coral larvae was(1.20±0.97)ind/m^(2)(mean±SD).In addition,we constructed an ecological vulnerability assessment system and evaluated the ecological vulnerability of scleractinian corals surrounding the Qizhou Archipelago.The results showed that scleractinian corals at Gouluanpaoshi(GLPS)and Duifan(DF)were highly vulnerable,whereas those on other islands had low to medium vulnerability.In general,the scleractinian corals surrounding the Qizhou Archipelago show low to medium levels of ecological vulnerability.Identifying severely afflicted areas and developing effective methods to manage coral reefs in these regions are crucial.展开更多
The Gabes aquifer system,located in southeastern Tunisia,is a crucial resource for supporting local socio-economic activities.Due to its dual porosity structure,is particularly vulnerable to pollution.This study aims ...The Gabes aquifer system,located in southeastern Tunisia,is a crucial resource for supporting local socio-economic activities.Due to its dual porosity structure,is particularly vulnerable to pollution.This study aims to develop a hybrid model that combines the Fracture Aquifer Index(FAI)with the conventional GOD(Groundwater occurrence,Overall lithology,Depth to water table)method,to assess groundwater vulnerability in fractured aquifer.To develop the hybrid model,the classical GOD method was integrated with FAI to produce a single composite index.Each parameter within both GOD and FAI was scored,and a final index was calculated to delineate vulnerable areas.The results show that the study area can be classified into four vulnerability levels:Very low,low,moderate,and high,indicating that approximately 8%of the area exhibits very low vulnerability,29%has low vulnerability,25%falls into the moderate category,and 38%is considered highly vulnerable.The FAI-GOD model further incorporates fracture network characteristics.This refinement reduces the classification to three vulnerability classes:Low,medium,and high.The outcomes demonstrate that 46%of the area is highly vulnerable due to a dense concentration of fractures,while 17%represents an intermediate zone characterized by either shallow or deeper fractures.In contrast,37%corresponds to areas with lightly fractured rock,where the impact on vulnerability is minimal.Multivariate statistical analysis was employed using Principal Components Analysis(PCA)and Hierarchical Cluster Analysis(HCA)on 24 samples across six variables.The first three components account for over 76%of the total variance,reinforcing the significance of fracture dynamics in classifying vulnerability levels.The FAI-GOD model removes the very-low-vulnerability class and expands the spatial extent of low-and high-vulnerability zones,reflecting the dominant influence of fracture networks on aquifer sensitivity.While both indices use a five-class system,FAI-GOD redistributes vulnerability by eliminating very-low-vulnerability areas and amplifying low/high categories,highlighting the critical role of fractures.A strong correlation(R2=0.94)between the GOD and FAI-GOD indices,demonstrated through second-order polynomial regression,confirms the robustness of the FAI-GOD model in accurately predicting vulnerability to pollution.This model provides a useful framework for assessing the vulnerability of complex aquifers and serves as a decision-making tool for groundwater managers in similar areas.展开更多
As artificial Intelligence(AI)continues to expand exponentially,particularly with the emergence of generative pre-trained transformers(GPT)based on a transformer’s architecture,which has revolutionized data processin...As artificial Intelligence(AI)continues to expand exponentially,particularly with the emergence of generative pre-trained transformers(GPT)based on a transformer’s architecture,which has revolutionized data processing and enabled significant improvements in various applications.This document seeks to investigate the security vulnerabilities detection in the source code using a range of large language models(LLM).Our primary objective is to evaluate the effectiveness of Static Application Security Testing(SAST)by applying various techniques such as prompt persona,structure outputs and zero-shot.To the selection of the LLMs(CodeLlama 7B,DeepSeek coder 7B,Gemini 1.5 Flash,Gemini 2.0 Flash,Mistral 7b Instruct,Phi 38b Mini 128K instruct,Qwen 2.5 coder,StartCoder 27B)with comparison and combination with Find Security Bugs.The evaluation method will involve using a selected dataset containing vulnerabilities,and the results to provide insights for different scenarios according to the software criticality(Business critical,non-critical,minimum effort,best effort)In detail,the main objectives of this study are to investigate if large language models outperform or exceed the capabilities of traditional static analysis tools,if the combining LLMs with Static Application Security Testing(SAST)tools lead to an improvement and the possibility that local machine learning models on a normal computer produce reliable results.Summarizing the most important conclusions of the research,it can be said that while it is true that the results have improved depending on the size of the LLM for business-critical software,the best results have been obtained by SAST analysis.This differs in“NonCritical,”“Best Effort,”and“Minimum Effort”scenarios,where the combination of LLM(Gemini)+SAST has obtained better results.展开更多
Background:Exposure to environmental vulnerability poses significant threats to adolescent suicidal ideation,while individual resilience can mitigate these adverse effects with notable gender commonalities and differe...Background:Exposure to environmental vulnerability poses significant threats to adolescent suicidal ideation,while individual resilience can mitigate these adverse effects with notable gender commonalities and differences.However,research examining how these factors co-configure at the individual level remains limited,particularly from a gender-specific perspective.Thus,the present study aims to adopt a person-centered analytic approach to identify gender-specific configurations of environmental vulnerability and individual resilience associated with suicidal ideation among Chinese adolescents.Methods:Data were collected from 2616 Chinese primary and secondary school students(aged 10–17;1223 girls).Participants completed validated scales measuring environmental vulnerability,individual resilience,and suicidal ideation.Latent profile analysis(LPA)was conducted separately by gender.Results:Gender differences were prominent:males exhibited higher resilience and lower suicidal ideation,while females reported higher environmental vulnerability and elevated levels of suicidal ideation.LPA identified three distinct profiles for males:Low Vulnerable–High Protective–Low Risk(LHL),Medium Vulnerable–Low Protective–Low Risk(MLL),and High Vulnerable–Low Protective–High Risk(HLH).Four profiles emerged for females:LHL,MLL,Medium Vulnerable–Low Protective–Medium Risk(MLM),and HLH.Crucially,within the HLH profile,males exhibited particularly deficient humor(η^(2)=0.19)and confidence(η^(2)=0.16),while females formed a distinct subgroup characterized by severe academic and family stressors(η^(2)=0.30–0.36).Conclusion:The study underscores developing gender-specific mental health interventions using a nuanced,person-centered approach that considers both environmental risk and individual resilience factors,which allows for targeted suicide prevention strategies addressing the unique needs of male and female adolescents.展开更多
Rheumatoid arthritis(RA)patients face significant psychological challenges alongside physical symptoms,necessitating a comprehensive understanding of how psychological vulnerability and adaptation patterns evolve thro...Rheumatoid arthritis(RA)patients face significant psychological challenges alongside physical symptoms,necessitating a comprehensive understanding of how psychological vulnerability and adaptation patterns evolve throughout the disease course.This review examined 95 studies(2000-2025)from PubMed,Web of Science,and CNKI databases including longitudinal cohorts,randomized controlled trials,and mixed-methods research,to characterize the complex interplay between biological,psychological,and social factors affecting RA patients’mental health.Findings revealed three distinct vulnerability trajectories(45%persistently low,30%fluctuating improvement,25%persistently high)and four adaptation stages,with critical intervention periods occurring 3-6 months postdiagnosis and during disease flares.Multiple factors significantly influence psychological outcomes,including gender(females showing 1.8-fold increased risk),age(younger patients experiencing 42%higher vulnerability),pain intensity,inflammatory markers,and neuroendocrine dysregulation(48%showing cortisol rhythm disruption).Early psychological intervention(within 3 months of diagnosis)demonstrated robust benefits,reducing depression incidence by 42%with effects persisting 24-36 months,while different modalities showed complementary advantages:Cognitive behavioral therapy for depression(Cohen’s d=0.68),mindfulness for pain acceptance(38%improvement),and peer support for meaning reconstruction(25.6%increase).These findings underscore the importance of integrating routine psychological assessment into standard RA care,developing stage-appropriate interventions,and advancing research toward personalized biopsychosocial approaches that address the dynamic psychological dimensions of the disease.展开更多
Global climate change is intensifying the impact of slope hazards,particularly rainfall-induced landslide hazards(RILH),on mountain road networks(MRNs).However,effective quantitative models for dynamically assessing M...Global climate change is intensifying the impact of slope hazards,particularly rainfall-induced landslide hazards(RILH),on mountain road networks(MRNs).However,effective quantitative models for dynamically assessing MRNs vulnerability under RILH disturbances are still lacking.To bridge this gap,this study develops a Cascading Failure Model for Rainfall-Induced Landslide Hazard(CFM-RILH).Validation via a case study of the GarzêTibetan Autonomous Prefecture Road Network(GTPRNs)reveals key characteristics of MRNs system vulnerability under RILH disturbances:(1)Under the disturbance effects of RILH,the vulnerability of the MRNs system follows a nonlinear phase transition law that intensifies with increasing disturbance intensity,exhibiting a distinct critical threshold.When the disturbance intensity exceeds this threshold,the system undergoes a global cascading failure phenomenon analogous to an“avalanche.”(2)Under RILH disturbances,the robustness of the MRNs system possesses a distinct safety boundary.Exceeding this boundary not only fails to improve hazard resistance but instead substantially elevates the risk of large-scale cascading failure.(3)Increasing network redundancy may be considered one of the primary engineering measures for enhancing MRNs resilience against such disturbances.Based on these findings,we propose a“Two-Stage Emergency Response and Hierarchical Fortification”strategy specifically to improve the resilience of GTPRNs impacted by RILH.The CFM-RILH model provides an effective tool for assessing road network vulnerability under such hazards.Furthermore,its modeling framework can also inform vulnerability assessment and resilience strategy development for road networks affected by other types of slope hazards.展开更多
In the context of modern software development characterized by increasing complexity and compressed development cycles,traditional static vulnerability detection methods face prominent challenges including high false ...In the context of modern software development characterized by increasing complexity and compressed development cycles,traditional static vulnerability detection methods face prominent challenges including high false positive rates and missed detections of complex logic due to their over-reliance on rule templates.This paper proposes a Syntax-Aware Hierarchical Attention Network(SAHAN)model,which achieves high-precision vulnerability detection through grammar-rule-driven multi-granularity code slicing and hierarchical semantic fusion mechanisms.The SAHAN model first generates Syntax Independent Units(SIUs),which slices the code based on Abstract Syntax Tree(AST)and predefined grammar rules,retaining vulnerability-sensitive contexts.Following this,through a hierarchical attention mechanism,the local syntax-aware layer encodes fine-grained patterns within SIUs,while the global semantic correlation layer captures vulnerability chains across SIUs,achieving synergistic modeling of syntax and semantics.Experiments show that on benchmark datasets like QEMU,SAHAN significantly improves detection performance by 4.8%to 13.1%on average compared to baseline models such as Devign and VulDeePecker.展开更多
Background Frailty is common and significantly impacts prognosis in heart failure(HF). The Vulnerable Elders Survey-13(VES-13), widely used in oncogeriatrics and public health, remains unexplored as a frailty screenin...Background Frailty is common and significantly impacts prognosis in heart failure(HF). The Vulnerable Elders Survey-13(VES-13), widely used in oncogeriatrics and public health, remains unexplored as a frailty screening tool in HF outpatients. In this study, we prospectively evaluated VES-13 against a multimodal screening assessment in detecting frailty and predicting individual risk of adverse prognosis.Methods Frailty was assessed at the initial visit using both a multimodal approach, incorporating Barthel Index, Older American Resources and Services scale, Pfeiffer Test, abbreviated Geriatric Depression Scale, age > 85 years, lacking support systems,and VES-13. Patients scoring ≥ 3 on VES-13 or meeting at least one multimodal criterion were classified as frail. Endpoints included all-cause mortality, a composite of death or HF hospitalization, and recurrent HF hospitalizations.Results A total of 301 patients were evaluated. VES-13 identified 40.2% as frail and the multimodal assessment 33.2%. In Cox regression analyses, frailty identified by VES-13 showed greater prognostic significance than the multimodal assessment for allcause mortality(HR = 3.70 [2.15–6.33], P < 0.001 vs. 2.40 [1.46–4.0], P = 0.001) and the composite endpoint(HR = 3.13 [2.02–4.84], P< 0.001 vs. 1.96 [1.28–2.99], P = 0.002). Recurrent HF hospitalizations were four times more frequent in VES-13 frail patients while two times in those identified as frail by the multimodal assessment. Additionally, stratifying patients by VES-13 tertiles provided robust risk differentiation.Conclusions VES-13, a simple frailty tool, outperformed a comprehensive multimodal assessment and could be easily integrated into routine HF care, highlighting its clinical utility in identifying patients at risk for poor outcomes.展开更多
Ethernet-based Passive Optical Network(EPON) is considered a very promising solution for the first mile problem of the next generation networks.Due to its particular characteristic of shared media structure,EPON suffe...Ethernet-based Passive Optical Network(EPON) is considered a very promising solution for the first mile problem of the next generation networks.Due to its particular characteristic of shared media structure,EPON suffers many security vulnerabilities. Communication security must be guaranteed when EPON is applied in practice.This paper gives a general introduction to the EPON system,analyzes the potential threats and attacks pertaining to the EPON system,and presents effective countermea-sures against these threats and attacks with emphasis on the authentication protocols and key distribution.展开更多
The present study focuses on the impacts of extreme drought and flooding situations in Amazonia, using level/discharge data from some rivers in the Amazon region as indicators of impacts. The last 10 years have featur...The present study focuses on the impacts of extreme drought and flooding situations in Amazonia, using level/discharge data from some rivers in the Amazon region as indicators of impacts. The last 10 years have featured various “once in a century” droughts and floods in the Amazon basin, which have affected human and natural systems in the region. We assess a history of such hazards based on river data, and discuss some of the observed impacts in terms of vulnerability of human and natural systems, as well as some of adaptation strategies implemented by regional and local governments to cope with them. A critical perspective of mitigation of drought and flood policies in Amazonia suggests that they have been mostly ineffective in reducing vulnerability for the majority of the population, constituting, perhaps, examples of maladaptation via the undermining of resilience.展开更多
In recent years, web security has been viewed in the context of securing the web application layer from attacks by unauthorized users. The vulnerabilities existing in the web application layer have been attributed eit...In recent years, web security has been viewed in the context of securing the web application layer from attacks by unauthorized users. The vulnerabilities existing in the web application layer have been attributed either to using an inappropriate software development model to guide the development process, or the use of a software development model that does not consider security as a key factor. Therefore, this systematic literature review is conducted to investigate the various security vulnerabilities used to secure the web application layer, the security approaches or techniques used in the process, the stages in the software development in which the approaches or techniques are emphasized, and the tools and mechanisms used to detect vulnerabilities. The study extracted 519 publications from respectable scientific sources, i.e. the IEEE Computer Society, ACM Digital Library, Science Direct, Springer Link. After detailed review process, only 56 key primary studies were considered for this review based on defined inclusion and exclusion criteria. From the review, it appears that no one software is referred to as a standard or preferred software product for web application development. In our SLR, we have performed a deep analysis on web application security vulnerabilities detection methods which help us to identify the scope of SLR for comprehensively investigation in the future research. Further in this SLR considering OWASP Top 10 web application vulnerabilities discovered in 2012, we will attempt to categories the accessible vulnerabilities. OWASP is major source to construct and validate web security processes and standards.展开更多
To detect security vulnerabilities in a web application,the security analyst must choose the best performance Security Analysis Static Tool(SAST)in terms of discovering the greatest number of security vulnerabilities ...To detect security vulnerabilities in a web application,the security analyst must choose the best performance Security Analysis Static Tool(SAST)in terms of discovering the greatest number of security vulnerabilities as possible.To compare static analysis tools for web applications,an adapted benchmark to the vulnerability categories included in the known standard Open Web Application Security Project(OWASP)Top Ten project is required.The information of the security effectiveness of a commercial static analysis tool is not usually a publicly accessible research and the state of the art on static security tool analyzers shows that the different design and implementation of those tools has different effectiveness rates in terms of security performance.Given the significant cost of commercial tools,this paper studies the performance of seven static tools using a new methodology proposal and a new benchmark designed for vulnerability categories included in the known standard OWASP Top Ten project.Thus,the practitioners will have more precise information to select the best tool using a benchmark adapted to the last versions of OWASP Top Ten project.The results of this work have been obtaining using widely acceptable metrics to classify them according to three different degree of web application criticality.展开更多
The Ethiopian Electric Power(EEP) has been operating and managing the national interconnected power system with dispersed and geographically isolated generators, a complex transmission system and loads. In recent year...The Ethiopian Electric Power(EEP) has been operating and managing the national interconnected power system with dispersed and geographically isolated generators, a complex transmission system and loads. In recent years, with an increasing load demand due to rural electrification and industrialization, the Ethiopian power system has faced more frequent, widely spread and long lasting blackouts. To slash the occurrence of such incidents, identifying the system vulnerabilities is the first step in this direction. In this paper, the vulnerability assessment is performed using indices called active power performance index(PIp) and voltage performance index(PIv). These indices provide a direct means of comparing the relative severity of the different line outages on the system loads and voltage profiles. Accordingly, it is found that the most severe line outages are those lines that interconnect the high load centered(Addis Ababa and Central regions) with the rest of the regional power systems. In addition, the most vulnerable buses of the network in respect of voltage limit violations are mainly found at the high load centers.展开更多
Cyberattacks on the Industrial Control System(ICS)have recently been increasing,made more intelligent by advancing technologies.As such,cybersecurity for such systems is attracting attention.As a core element of contr...Cyberattacks on the Industrial Control System(ICS)have recently been increasing,made more intelligent by advancing technologies.As such,cybersecurity for such systems is attracting attention.As a core element of control devices,the Programmable Logic Controller(PLC)in an ICS carries out on-site control over the ICS.A cyberattack on the PLC will cause damages on the overall ICS,with Stuxnet and Duqu as the most representative cases.Thus,cybersecurity for PLCs is considered essential,and many researchers carry out a variety of analyses on the vulnerabilities of PLCs as part of preemptive efforts against attacks.In this study,a vulnerability analysis was conducted on the XGB PLC.Security vulnerabilities were identified by analyzing the network protocols and memory structure of PLCs and were utilized to launch replay attack,memory modulation attack,and FTP/Web service account theft for the verification of the results.Based on the results,the attacks were proven to be able to cause the PLC to malfunction and disable it,and the identified vulnerabilities were defined.展开更多
Excessive unplanned urban growth leads to many vulnerabilities and impacts on urban environments to varying degrees. However, the majority of the extant literature focuses on the problems related to location and socio...Excessive unplanned urban growth leads to many vulnerabilities and impacts on urban environments to varying degrees. However, the majority of the extant literature focuses on the problems related to location and socioeconomic conditions, rather than vulnerability processes and related environmental degradation. This paper analyzes the scope of urban vulnerabilities for five rapidly urbanizing and highly-congested cities in the Kathmandu Valley, Nepal. First, the historic context of the Valley’s uncontrolled urbanization sets the scene. Second, the optic is narrowed to focus upon the geographical features of the resultant urbanized Valley landscape that includes spatial arrangements and of houses, population densities, road networks, vehicular densities, garbage problems, and available open spaces. Additionally, seismic vulnerabilities in the urban areas are also considering in this examination. Third, three-dimensional visualizations of selected urban locations are presented to differentiate between vulnerable and relatively safe locations. The intent of this research is to contribute to the methodological understanding of human/hazards interactions in rapidly urbanizing cities of the Third World, which share similar socioeconomic conditions and environmental con-texts.展开更多
Smart contracts running on public blockchains are permissionless and decentralized,attracting both developers and malicious participants.Ethereum,the world’s largest decentralized application platform on which more t...Smart contracts running on public blockchains are permissionless and decentralized,attracting both developers and malicious participants.Ethereum,the world’s largest decentralized application platform on which more than 40 million smart contracts are running,is frequently challenged by smart contract vulnerabilities.What’s worse,since the homogeneity of a wide range of smart contracts and the increase in inter-contract dependencies,a vulnerability in a certain smart contract could affect a large number of other contracts in Ethereum.However,little is known about how vulnerable contracts affect other on-chain contracts and which contracts can be affected.Thus,we first present the contract dependency graph(CDG)to perform a vulnerability analysis for Ethereum smart contracts,where CDG characterizes inter-contract dependencies formed by DELEGATECALL-type internal transaction in Ethereum.Then,three generic definitions of security violations against CDG are given for finding respective potential victim contracts affected by different types of vulnerable contracts.Further,we construct the CDG with 195,247 smart contracts active in the latest blocks of the Ethereum and verify the above security violations against CDG by detecting three representative known vulnerabilities.Compared to previous large-scale vulnerability analysis,our analysis scheme marks potential victim contracts that can be affected by different types of vulnerable contracts,and identify their possible risks based on the type of security violation actually occurring.The analysis results show that the proportion of potential victim contracts reaches 14.7%,far more than that of corresponding vulnerable contracts(less than 0.02%)in CDG.展开更多
A closer look to the state of affairs of the elderly in Indonesia has disclosed the fact that the Indonesian elderly facing what this paper is coined as "multiple vulnerabilities." On the one hand, Indonesian demogr...A closer look to the state of affairs of the elderly in Indonesia has disclosed the fact that the Indonesian elderly facing what this paper is coined as "multiple vulnerabilities." On the one hand, Indonesian demographic is showing that the Indonesian people are getting old. The fertility rate has significantly decreased since 1970 when the total fertility rate decreases from 5.0 to 2.1 in 2025. This alone gives rise to various problems of the elderly, among whom are the dependency ratio, aging index, potential support ratio, and the feminization of aging. These problems show the level of vulnerability of the Indonesian elderly. From the perspective of the dependency ratio, for example, the number of people under the age of 15 and above 65 who depend on the labor force (15-64 years) has increased since 1970, from 7.0 to 29.0 in 2050. Again, this shows the high level of vulnerability of Indonesian elderly given that the dependency ratio itself has influenced on health care, living arrangements and family support, and so on. Aside from that, the economic burden will be very visible in the workforce. On the other hand, the policies on the elderly are still far from maximum realization. Law on the Welfare of the Elderly (13/1998) has recommended that every hospital must have geriatrics and gerontology section, yet only 8 hospitals fulfill the requirement. The situation is worsened due to the lack of adequate medical staff at the health center, which can serve elderly patients in a professional and humane way. Again, this brings forth the other side of the state of the elderly in Indonesia, which indicates the high level of their vulnerability. In this paper I will analyze the state of vulnerability of the elderly people in Indonesia from the perspective of ethics of vulnerability and personalism. I consider these two approaches as representing all ethical discussion about the ethical treatment of the elderly due to their characters of valuing the elderly as persons with dignity. Thus, this paper will show that the elderly in Indonesia is in danger of not being treated humanely.展开更多
基金supported by the National Natural Science Foundation of China(Grant No.62141210)the Fundamental Research Funds for the Central Universities(Grant No.N2217005)+1 种基金Open Fund of State Key Lab.for Novel Software Technology,Nanjing University(KFKT2021B01)111 Project(B16009).
文摘Vulnerabilities are a known problem in modern Open Source Software(OSS).Most developers often rely on third-party libraries to accelerate feature implementation.However,these libraries may contain vulnerabilities that attackers can exploit to propagate malicious code,posing security risks to dependent projects.Existing research addresses these challenges through Software Composition Analysis(SCA)for vulnerability detection and remediation.Nevertheless,current solutions may introduce additional issues,such as incompatibilities,dependency conflicts,and additional vulnerabilities.To address this,we propose Vulnerability Scan and Protection(VulnScanPro),a robust solution for detection and remediation vulnerabilities in Java projects.Specifically,VulnScanPro builds a finegrained method graph to identify unreachable methods.The method graph is mapped to the project’s dependency tree,constructing a comprehensive vulnerability propagation graph that identifies unreachable vulnerable APIs and dependencies.Based on this analysis,we propose three solutions for vulnerability remediation:(1)Removing unreachable vulnerable dependencies,thereby resolving security risks and reducing maintenance overhead.(2)Upgrading vulnerable dependencies to the closest non-vulnerable versions,while pinning the versions of transitive dependencies introduced by the vulnerable dependency,in order to mitigate compatibility issues and prevent the introduction of new vulnerabilities.(3)Eliminating unreachable vulnerable APIs,particularly when security patches are either incompatible or absent.Experimental results show that these solutions effectively mitigate vulnerabilities and enhance the overall security of the project.
文摘This review examines human vulnerabilities in cybersecurity within Microfinance Institutions, analyzing their impact on organizational resilience. Focusing on social engineering, inadequate security training, and weak internal protocols, the study identifies key vulnerabilities exacerbating cyber threats to MFIs. A literature review using databases like IEEE Xplore and Google Scholar focused on studies from 2019 to 2023 addressing human factors in cybersecurity specific to MFIs. Analysis of 57 studies reveals that phishing and insider threats are predominant, with a 20% annual increase in phishing attempts. Employee susceptibility to these attacks is heightened by insufficient training, with entry-level employees showing the highest vulnerability rates. Further, only 35% of MFIs offer regular cybersecurity training, significantly impacting incident reduction. This paper recommends enhanced training frequency, robust internal controls, and a cybersecurity-aware culture to mitigate human-induced cyber risks in MFIs.
基金supported by theHigher Education Research Project of Jilin Province:JGJX24C118the National Defense Basic Scientific Research Program of China(No.JCKY2023602C026).
文摘With the rapid proliferation of Internet ofThings(IoT)devices,ensuring their communication security has become increasingly important.Blockchain and smart contract technologies,with their decentralized nature,provide strong security guarantees for IoT.However,at the same time,smart contracts themselves face numerous security challenges,among which reentrancy vulnerabilities are particularly prominent.Existing detection tools for reentrancy vulnerabilities often suffer from high false positive and false negative rates due to their reliance on identifying patterns related to specific transfer functions.To address these limitations,this paper proposes a novel detection method that combines pattern matching with deep learning.Specifically,we carefully identify and define three common patterns of reentrancy vulnerabilities in smart contracts.Then,we extract key vulnerability features based on these patterns.Furthermore,we employ a Graph Attention Neural Network to extract graph embedding features from the contract graph,capturing the complex relationships between different components of the contract.Finally,we use an attention mechanism to fuse these two sets of feature information,enhancing the weights of effective information and suppressing irrelevant information,thereby significantly improving the accuracy and robustness of vulnerability detection.Experimental results demonstrate that our proposed method outperforms existing state-ofthe-art techniques,achieving a 3.88%improvement in accuracy compared to the latest vulnerability detection model AME(Attentive Multi-Encoder Network).This indicates that our method effectively reduces false positives and false negatives,significantly enhancing the security and reliability of smart contracts in the evolving IoT ecosystem.
基金funded by the Scientific Research Foundation of Third Institute of Oceanography,Ministry of Natural Resources(Nos.2022024 and 2020006)the National Natural Science Foundation of China(No.42106143)。
文摘Coral reefs worldwide are losing their species diversity and ecosystem function under threats from global warming and anthropogenic activities.In this study,we investigated the diversity and current state of scleractinian corals surrounding the Qizhou Archipelago.A total of 87 species of scleractinian corals,belonging to 29 genera and 12 families,were found across ten survey sites.The family Merulinidae exhibited the highest species richness(39 species and 12 genera),followed by Acroporidae(15 species and 3genera).The living coral coverage was 16.9%±10.3%(mean±SD)and ranged from 4.6%to 35.1%,which varied significantly.Massive corals such as Porites lutea,Porites lobata,Montipora nodosa,and Favites abdita were dominant species.The recruitment rate of coral larvae was(1.20±0.97)ind/m^(2)(mean±SD).In addition,we constructed an ecological vulnerability assessment system and evaluated the ecological vulnerability of scleractinian corals surrounding the Qizhou Archipelago.The results showed that scleractinian corals at Gouluanpaoshi(GLPS)and Duifan(DF)were highly vulnerable,whereas those on other islands had low to medium vulnerability.In general,the scleractinian corals surrounding the Qizhou Archipelago show low to medium levels of ecological vulnerability.Identifying severely afflicted areas and developing effective methods to manage coral reefs in these regions are crucial.
文摘The Gabes aquifer system,located in southeastern Tunisia,is a crucial resource for supporting local socio-economic activities.Due to its dual porosity structure,is particularly vulnerable to pollution.This study aims to develop a hybrid model that combines the Fracture Aquifer Index(FAI)with the conventional GOD(Groundwater occurrence,Overall lithology,Depth to water table)method,to assess groundwater vulnerability in fractured aquifer.To develop the hybrid model,the classical GOD method was integrated with FAI to produce a single composite index.Each parameter within both GOD and FAI was scored,and a final index was calculated to delineate vulnerable areas.The results show that the study area can be classified into four vulnerability levels:Very low,low,moderate,and high,indicating that approximately 8%of the area exhibits very low vulnerability,29%has low vulnerability,25%falls into the moderate category,and 38%is considered highly vulnerable.The FAI-GOD model further incorporates fracture network characteristics.This refinement reduces the classification to three vulnerability classes:Low,medium,and high.The outcomes demonstrate that 46%of the area is highly vulnerable due to a dense concentration of fractures,while 17%represents an intermediate zone characterized by either shallow or deeper fractures.In contrast,37%corresponds to areas with lightly fractured rock,where the impact on vulnerability is minimal.Multivariate statistical analysis was employed using Principal Components Analysis(PCA)and Hierarchical Cluster Analysis(HCA)on 24 samples across six variables.The first three components account for over 76%of the total variance,reinforcing the significance of fracture dynamics in classifying vulnerability levels.The FAI-GOD model removes the very-low-vulnerability class and expands the spatial extent of low-and high-vulnerability zones,reflecting the dominant influence of fracture networks on aquifer sensitivity.While both indices use a five-class system,FAI-GOD redistributes vulnerability by eliminating very-low-vulnerability areas and amplifying low/high categories,highlighting the critical role of fractures.A strong correlation(R2=0.94)between the GOD and FAI-GOD indices,demonstrated through second-order polynomial regression,confirms the robustness of the FAI-GOD model in accurately predicting vulnerability to pollution.This model provides a useful framework for assessing the vulnerability of complex aquifers and serves as a decision-making tool for groundwater managers in similar areas.
文摘As artificial Intelligence(AI)continues to expand exponentially,particularly with the emergence of generative pre-trained transformers(GPT)based on a transformer’s architecture,which has revolutionized data processing and enabled significant improvements in various applications.This document seeks to investigate the security vulnerabilities detection in the source code using a range of large language models(LLM).Our primary objective is to evaluate the effectiveness of Static Application Security Testing(SAST)by applying various techniques such as prompt persona,structure outputs and zero-shot.To the selection of the LLMs(CodeLlama 7B,DeepSeek coder 7B,Gemini 1.5 Flash,Gemini 2.0 Flash,Mistral 7b Instruct,Phi 38b Mini 128K instruct,Qwen 2.5 coder,StartCoder 27B)with comparison and combination with Find Security Bugs.The evaluation method will involve using a selected dataset containing vulnerabilities,and the results to provide insights for different scenarios according to the software criticality(Business critical,non-critical,minimum effort,best effort)In detail,the main objectives of this study are to investigate if large language models outperform or exceed the capabilities of traditional static analysis tools,if the combining LLMs with Static Application Security Testing(SAST)tools lead to an improvement and the possibility that local machine learning models on a normal computer produce reliable results.Summarizing the most important conclusions of the research,it can be said that while it is true that the results have improved depending on the size of the LLM for business-critical software,the best results have been obtained by SAST analysis.This differs in“NonCritical,”“Best Effort,”and“Minimum Effort”scenarios,where the combination of LLM(Gemini)+SAST has obtained better results.
基金supported by the Major Planning Project of Philosophy and Social Science of Guangdong Province(GD23ZD17)the Humanities and Social Sciences Program of the Ministry of Education(23YJA190006)+3 种基金the Ministry of Education(MOE)Major Project of Philosophy and Social Sciences Research(2025JZDZ024)the MOE Project of the Key Research Institute of Humanities and Social Sciences in Universities(22JJD190008)a grant from the Research Center for Brain Cognition and Human Development of Guangdong(2024B0303390003)the Psychological Services and Counseling Base for the Happy Guangzhou Project.
文摘Background:Exposure to environmental vulnerability poses significant threats to adolescent suicidal ideation,while individual resilience can mitigate these adverse effects with notable gender commonalities and differences.However,research examining how these factors co-configure at the individual level remains limited,particularly from a gender-specific perspective.Thus,the present study aims to adopt a person-centered analytic approach to identify gender-specific configurations of environmental vulnerability and individual resilience associated with suicidal ideation among Chinese adolescents.Methods:Data were collected from 2616 Chinese primary and secondary school students(aged 10–17;1223 girls).Participants completed validated scales measuring environmental vulnerability,individual resilience,and suicidal ideation.Latent profile analysis(LPA)was conducted separately by gender.Results:Gender differences were prominent:males exhibited higher resilience and lower suicidal ideation,while females reported higher environmental vulnerability and elevated levels of suicidal ideation.LPA identified three distinct profiles for males:Low Vulnerable–High Protective–Low Risk(LHL),Medium Vulnerable–Low Protective–Low Risk(MLL),and High Vulnerable–Low Protective–High Risk(HLH).Four profiles emerged for females:LHL,MLL,Medium Vulnerable–Low Protective–Medium Risk(MLM),and HLH.Crucially,within the HLH profile,males exhibited particularly deficient humor(η^(2)=0.19)and confidence(η^(2)=0.16),while females formed a distinct subgroup characterized by severe academic and family stressors(η^(2)=0.30–0.36).Conclusion:The study underscores developing gender-specific mental health interventions using a nuanced,person-centered approach that considers both environmental risk and individual resilience factors,which allows for targeted suicide prevention strategies addressing the unique needs of male and female adolescents.
基金Supported by Chongqing Health Commission and Chongqing Science and Technology Bureau,No.2023MSXM182。
文摘Rheumatoid arthritis(RA)patients face significant psychological challenges alongside physical symptoms,necessitating a comprehensive understanding of how psychological vulnerability and adaptation patterns evolve throughout the disease course.This review examined 95 studies(2000-2025)from PubMed,Web of Science,and CNKI databases including longitudinal cohorts,randomized controlled trials,and mixed-methods research,to characterize the complex interplay between biological,psychological,and social factors affecting RA patients’mental health.Findings revealed three distinct vulnerability trajectories(45%persistently low,30%fluctuating improvement,25%persistently high)and four adaptation stages,with critical intervention periods occurring 3-6 months postdiagnosis and during disease flares.Multiple factors significantly influence psychological outcomes,including gender(females showing 1.8-fold increased risk),age(younger patients experiencing 42%higher vulnerability),pain intensity,inflammatory markers,and neuroendocrine dysregulation(48%showing cortisol rhythm disruption).Early psychological intervention(within 3 months of diagnosis)demonstrated robust benefits,reducing depression incidence by 42%with effects persisting 24-36 months,while different modalities showed complementary advantages:Cognitive behavioral therapy for depression(Cohen’s d=0.68),mindfulness for pain acceptance(38%improvement),and peer support for meaning reconstruction(25.6%increase).These findings underscore the importance of integrating routine psychological assessment into standard RA care,developing stage-appropriate interventions,and advancing research toward personalized biopsychosocial approaches that address the dynamic psychological dimensions of the disease.
基金financially supported by the National Key R&D Program of China(2024YFE0111900)The National Natural Science Foundation of China(U2468214,52378370,52278372)+1 种基金The National Ten Thousand Talent Program for Young Top-notch Talents(2022QB04978)The Science and Technology Program of Hebei Province(2023HBQZYCSB004)。
文摘Global climate change is intensifying the impact of slope hazards,particularly rainfall-induced landslide hazards(RILH),on mountain road networks(MRNs).However,effective quantitative models for dynamically assessing MRNs vulnerability under RILH disturbances are still lacking.To bridge this gap,this study develops a Cascading Failure Model for Rainfall-Induced Landslide Hazard(CFM-RILH).Validation via a case study of the GarzêTibetan Autonomous Prefecture Road Network(GTPRNs)reveals key characteristics of MRNs system vulnerability under RILH disturbances:(1)Under the disturbance effects of RILH,the vulnerability of the MRNs system follows a nonlinear phase transition law that intensifies with increasing disturbance intensity,exhibiting a distinct critical threshold.When the disturbance intensity exceeds this threshold,the system undergoes a global cascading failure phenomenon analogous to an“avalanche.”(2)Under RILH disturbances,the robustness of the MRNs system possesses a distinct safety boundary.Exceeding this boundary not only fails to improve hazard resistance but instead substantially elevates the risk of large-scale cascading failure.(3)Increasing network redundancy may be considered one of the primary engineering measures for enhancing MRNs resilience against such disturbances.Based on these findings,we propose a“Two-Stage Emergency Response and Hierarchical Fortification”strategy specifically to improve the resilience of GTPRNs impacted by RILH.The CFM-RILH model provides an effective tool for assessing road network vulnerability under such hazards.Furthermore,its modeling framework can also inform vulnerability assessment and resilience strategy development for road networks affected by other types of slope hazards.
基金supported by the research start-up funds for invited doctor of Lanzhou University of Technology under Grant 14/062402。
文摘In the context of modern software development characterized by increasing complexity and compressed development cycles,traditional static vulnerability detection methods face prominent challenges including high false positive rates and missed detections of complex logic due to their over-reliance on rule templates.This paper proposes a Syntax-Aware Hierarchical Attention Network(SAHAN)model,which achieves high-precision vulnerability detection through grammar-rule-driven multi-granularity code slicing and hierarchical semantic fusion mechanisms.The SAHAN model first generates Syntax Independent Units(SIUs),which slices the code based on Abstract Syntax Tree(AST)and predefined grammar rules,retaining vulnerability-sensitive contexts.Following this,through a hierarchical attention mechanism,the local syntax-aware layer encodes fine-grained patterns within SIUs,while the global semantic correlation layer captures vulnerability chains across SIUs,achieving synergistic modeling of syntax and semantics.Experiments show that on benchmark datasets like QEMU,SAHAN significantly improves detection performance by 4.8%to 13.1%on average compared to baseline models such as Devign and VulDeePecker.
文摘Background Frailty is common and significantly impacts prognosis in heart failure(HF). The Vulnerable Elders Survey-13(VES-13), widely used in oncogeriatrics and public health, remains unexplored as a frailty screening tool in HF outpatients. In this study, we prospectively evaluated VES-13 against a multimodal screening assessment in detecting frailty and predicting individual risk of adverse prognosis.Methods Frailty was assessed at the initial visit using both a multimodal approach, incorporating Barthel Index, Older American Resources and Services scale, Pfeiffer Test, abbreviated Geriatric Depression Scale, age > 85 years, lacking support systems,and VES-13. Patients scoring ≥ 3 on VES-13 or meeting at least one multimodal criterion were classified as frail. Endpoints included all-cause mortality, a composite of death or HF hospitalization, and recurrent HF hospitalizations.Results A total of 301 patients were evaluated. VES-13 identified 40.2% as frail and the multimodal assessment 33.2%. In Cox regression analyses, frailty identified by VES-13 showed greater prognostic significance than the multimodal assessment for allcause mortality(HR = 3.70 [2.15–6.33], P < 0.001 vs. 2.40 [1.46–4.0], P = 0.001) and the composite endpoint(HR = 3.13 [2.02–4.84], P< 0.001 vs. 1.96 [1.28–2.99], P = 0.002). Recurrent HF hospitalizations were four times more frequent in VES-13 frail patients while two times in those identified as frail by the multimodal assessment. Additionally, stratifying patients by VES-13 tertiles provided robust risk differentiation.Conclusions VES-13, a simple frailty tool, outperformed a comprehensive multimodal assessment and could be easily integrated into routine HF care, highlighting its clinical utility in identifying patients at risk for poor outcomes.
文摘Ethernet-based Passive Optical Network(EPON) is considered a very promising solution for the first mile problem of the next generation networks.Due to its particular characteristic of shared media structure,EPON suffers many security vulnerabilities. Communication security must be guaranteed when EPON is applied in practice.This paper gives a general introduction to the EPON system,analyzes the potential threats and attacks pertaining to the EPON system,and presents effective countermea-sures against these threats and attacks with emphasis on the authentication protocols and key distribution.
文摘The present study focuses on the impacts of extreme drought and flooding situations in Amazonia, using level/discharge data from some rivers in the Amazon region as indicators of impacts. The last 10 years have featured various “once in a century” droughts and floods in the Amazon basin, which have affected human and natural systems in the region. We assess a history of such hazards based on river data, and discuss some of the observed impacts in terms of vulnerability of human and natural systems, as well as some of adaptation strategies implemented by regional and local governments to cope with them. A critical perspective of mitigation of drought and flood policies in Amazonia suggests that they have been mostly ineffective in reducing vulnerability for the majority of the population, constituting, perhaps, examples of maladaptation via the undermining of resilience.
文摘In recent years, web security has been viewed in the context of securing the web application layer from attacks by unauthorized users. The vulnerabilities existing in the web application layer have been attributed either to using an inappropriate software development model to guide the development process, or the use of a software development model that does not consider security as a key factor. Therefore, this systematic literature review is conducted to investigate the various security vulnerabilities used to secure the web application layer, the security approaches or techniques used in the process, the stages in the software development in which the approaches or techniques are emphasized, and the tools and mechanisms used to detect vulnerabilities. The study extracted 519 publications from respectable scientific sources, i.e. the IEEE Computer Society, ACM Digital Library, Science Direct, Springer Link. After detailed review process, only 56 key primary studies were considered for this review based on defined inclusion and exclusion criteria. From the review, it appears that no one software is referred to as a standard or preferred software product for web application development. In our SLR, we have performed a deep analysis on web application security vulnerabilities detection methods which help us to identify the scope of SLR for comprehensively investigation in the future research. Further in this SLR considering OWASP Top 10 web application vulnerabilities discovered in 2012, we will attempt to categories the accessible vulnerabilities. OWASP is major source to construct and validate web security processes and standards.
文摘To detect security vulnerabilities in a web application,the security analyst must choose the best performance Security Analysis Static Tool(SAST)in terms of discovering the greatest number of security vulnerabilities as possible.To compare static analysis tools for web applications,an adapted benchmark to the vulnerability categories included in the known standard Open Web Application Security Project(OWASP)Top Ten project is required.The information of the security effectiveness of a commercial static analysis tool is not usually a publicly accessible research and the state of the art on static security tool analyzers shows that the different design and implementation of those tools has different effectiveness rates in terms of security performance.Given the significant cost of commercial tools,this paper studies the performance of seven static tools using a new methodology proposal and a new benchmark designed for vulnerability categories included in the known standard OWASP Top Ten project.Thus,the practitioners will have more precise information to select the best tool using a benchmark adapted to the last versions of OWASP Top Ten project.The results of this work have been obtaining using widely acceptable metrics to classify them according to three different degree of web application criticality.
文摘The Ethiopian Electric Power(EEP) has been operating and managing the national interconnected power system with dispersed and geographically isolated generators, a complex transmission system and loads. In recent years, with an increasing load demand due to rural electrification and industrialization, the Ethiopian power system has faced more frequent, widely spread and long lasting blackouts. To slash the occurrence of such incidents, identifying the system vulnerabilities is the first step in this direction. In this paper, the vulnerability assessment is performed using indices called active power performance index(PIp) and voltage performance index(PIv). These indices provide a direct means of comparing the relative severity of the different line outages on the system loads and voltage profiles. Accordingly, it is found that the most severe line outages are those lines that interconnect the high load centered(Addis Ababa and Central regions) with the rest of the regional power systems. In addition, the most vulnerable buses of the network in respect of voltage limit violations are mainly found at the high load centers.
基金This work was supported by the National Research Foundation of Korea(NRF)grant funded by the Korea government(MSIT:Ministry of Science and ICT)(Nos.NRF-2016M2A8A4952280 and NRF-2020R1A2C1012187).
文摘Cyberattacks on the Industrial Control System(ICS)have recently been increasing,made more intelligent by advancing technologies.As such,cybersecurity for such systems is attracting attention.As a core element of control devices,the Programmable Logic Controller(PLC)in an ICS carries out on-site control over the ICS.A cyberattack on the PLC will cause damages on the overall ICS,with Stuxnet and Duqu as the most representative cases.Thus,cybersecurity for PLCs is considered essential,and many researchers carry out a variety of analyses on the vulnerabilities of PLCs as part of preemptive efforts against attacks.In this study,a vulnerability analysis was conducted on the XGB PLC.Security vulnerabilities were identified by analyzing the network protocols and memory structure of PLCs and were utilized to launch replay attack,memory modulation attack,and FTP/Web service account theft for the verification of the results.Based on the results,the attacks were proven to be able to cause the PLC to malfunction and disable it,and the identified vulnerabilities were defined.
文摘Excessive unplanned urban growth leads to many vulnerabilities and impacts on urban environments to varying degrees. However, the majority of the extant literature focuses on the problems related to location and socioeconomic conditions, rather than vulnerability processes and related environmental degradation. This paper analyzes the scope of urban vulnerabilities for five rapidly urbanizing and highly-congested cities in the Kathmandu Valley, Nepal. First, the historic context of the Valley’s uncontrolled urbanization sets the scene. Second, the optic is narrowed to focus upon the geographical features of the resultant urbanized Valley landscape that includes spatial arrangements and of houses, population densities, road networks, vehicular densities, garbage problems, and available open spaces. Additionally, seismic vulnerabilities in the urban areas are also considering in this examination. Third, three-dimensional visualizations of selected urban locations are presented to differentiate between vulnerable and relatively safe locations. The intent of this research is to contribute to the methodological understanding of human/hazards interactions in rapidly urbanizing cities of the Third World, which share similar socioeconomic conditions and environmental con-texts.
基金supported by the Key R and D Programs of Zhejiang Province under Grant No.2022C01018the Natural Science Foundation of Zhejiang Province under Grant No.LQ20F020019.
文摘Smart contracts running on public blockchains are permissionless and decentralized,attracting both developers and malicious participants.Ethereum,the world’s largest decentralized application platform on which more than 40 million smart contracts are running,is frequently challenged by smart contract vulnerabilities.What’s worse,since the homogeneity of a wide range of smart contracts and the increase in inter-contract dependencies,a vulnerability in a certain smart contract could affect a large number of other contracts in Ethereum.However,little is known about how vulnerable contracts affect other on-chain contracts and which contracts can be affected.Thus,we first present the contract dependency graph(CDG)to perform a vulnerability analysis for Ethereum smart contracts,where CDG characterizes inter-contract dependencies formed by DELEGATECALL-type internal transaction in Ethereum.Then,three generic definitions of security violations against CDG are given for finding respective potential victim contracts affected by different types of vulnerable contracts.Further,we construct the CDG with 195,247 smart contracts active in the latest blocks of the Ethereum and verify the above security violations against CDG by detecting three representative known vulnerabilities.Compared to previous large-scale vulnerability analysis,our analysis scheme marks potential victim contracts that can be affected by different types of vulnerable contracts,and identify their possible risks based on the type of security violation actually occurring.The analysis results show that the proportion of potential victim contracts reaches 14.7%,far more than that of corresponding vulnerable contracts(less than 0.02%)in CDG.
文摘A closer look to the state of affairs of the elderly in Indonesia has disclosed the fact that the Indonesian elderly facing what this paper is coined as "multiple vulnerabilities." On the one hand, Indonesian demographic is showing that the Indonesian people are getting old. The fertility rate has significantly decreased since 1970 when the total fertility rate decreases from 5.0 to 2.1 in 2025. This alone gives rise to various problems of the elderly, among whom are the dependency ratio, aging index, potential support ratio, and the feminization of aging. These problems show the level of vulnerability of the Indonesian elderly. From the perspective of the dependency ratio, for example, the number of people under the age of 15 and above 65 who depend on the labor force (15-64 years) has increased since 1970, from 7.0 to 29.0 in 2050. Again, this shows the high level of vulnerability of Indonesian elderly given that the dependency ratio itself has influenced on health care, living arrangements and family support, and so on. Aside from that, the economic burden will be very visible in the workforce. On the other hand, the policies on the elderly are still far from maximum realization. Law on the Welfare of the Elderly (13/1998) has recommended that every hospital must have geriatrics and gerontology section, yet only 8 hospitals fulfill the requirement. The situation is worsened due to the lack of adequate medical staff at the health center, which can serve elderly patients in a professional and humane way. Again, this brings forth the other side of the state of the elderly in Indonesia, which indicates the high level of their vulnerability. In this paper I will analyze the state of vulnerability of the elderly people in Indonesia from the perspective of ethics of vulnerability and personalism. I consider these two approaches as representing all ethical discussion about the ethical treatment of the elderly due to their characters of valuing the elderly as persons with dignity. Thus, this paper will show that the elderly in Indonesia is in danger of not being treated humanely.
