Due to their superior properties, the interest in nanostructures is increasing today in engineering. This study presents a new two-noded curved finite element for analyzing the in-plane static behaviors of curved nano...Due to their superior properties, the interest in nanostructures is increasing today in engineering. This study presents a new two-noded curved finite element for analyzing the in-plane static behaviors of curved nanobeams. Opposite to traditional curved finite elements developed by using approximate interpolation functions, the proposed curved finite element is developed by using exact analytical solutions. Although this approach was first introduced for analyzing the mechanical behaviors of macro-scale curved beams by adopting the local theory of elasticity, the exact analytical expressions used in this study were obtained from the solutions of governing equations that were expressed via the differential form of the nonlocal theory of elasticity. Therefore, the effects of shear strain and axial extension included in the analytical formulation are also inherited by the curved finite element developed here. The rigidity matrix and the consistent force vector are developed for a circular finite element. To demonstrate the applicability of the method, static analyses of various curved nanobeams subjected to different boundary conditions and loading scenarios are performed, and the obtained results are compared with the exact analytical ones. The presented study provides an accurate and low computational cost method for researchers to investigate the in-plane static behavior of curved nanobeams.展开更多
Based on the method of reverberation ray matrix(MRRM), a reverberation matrix for planar framed structures composed of anisotropic Timoshenko(T) beam members containing completely hinged joints is developed for st...Based on the method of reverberation ray matrix(MRRM), a reverberation matrix for planar framed structures composed of anisotropic Timoshenko(T) beam members containing completely hinged joints is developed for static analysis of such structures.In the MRRM for dynamic analysis, amplitudes of arriving and departing waves for joints are chosen as unknown quantities. However, for the present case of static analysis, displacements and rotational angles at the ends of each beam member are directly considered as unknown quantities. The expressions for stiffness matrices for anisotropic beam members are developed. A corresponding reverberation matrix is derived analytically for exact and unified determination on the displacements and internal forces at both ends of each member and arbitrary cross sectional locations in the structure. Numerical examples are given and compared with the finite element method(FEM) results to validate the present model. The characteristic parameter analysis is performed to demonstrate accuracy of the present model with the T beam theory in contrast with errors in the usual model based on the Euler-Bernoulli(EB) beam theory. The resulting reverberation matrix can be used for exact calculation of anisotropic framed structures as well as for parameter analysis of geometrical and material properties of the framed structures.展开更多
I IntroductionSmartphones have become more complex in terms of functions and third-party applications, and this makes lhem a living space for malware. People store private information such as accounts and passwordson ...I IntroductionSmartphones have become more complex in terms of functions and third-party applications, and this makes lhem a living space for malware. People store private information such as accounts and passwordson their smartphones, the loss of which could have serious con- sequences.展开更多
Fuzzing is an effective technique to find security bugs in programs by quickly exploring the input space of programs.To further discover vulnerabilities hidden in deep execution paths,the hybrid fuzzing combines fuzzi...Fuzzing is an effective technique to find security bugs in programs by quickly exploring the input space of programs.To further discover vulnerabilities hidden in deep execution paths,the hybrid fuzzing combines fuzzing and concolic execution for going through complex branch conditions.In general,we observe that the execution path which comes across more and complex basic blocks may have a higher chance of containing a security bug.Based on this observation,we propose a hybrid fuzzing method assisted by static analysis for binary programs.The basic idea of our method is to prioritize seed inputs according to the complexity of their associated execution paths.For this purpose,we utilize static analysis to evaluate the complexity of each basic block and employ the hardware trace mechanism to dynamically extract the execution path for calculating the seed inputs’weights.The key advantage of our method is that our system can test binary programs efficiently by using the hardware trace and hybrid fuzzing.To evaluate the effectiveness of our method,we design and implement a prototype system,namely SHFuzz.The evaluation results show SHFuzz discovers more unique crashes on several real-world applications and the LAVA-M dataset when compared to the previous solutions.展开更多
A simple method is proposed, for incremental static analysis of a set of inter-colliding particles, simulating 2D flow. Within each step of proposed algorithm, the particles perform small displacements, proportional t...A simple method is proposed, for incremental static analysis of a set of inter-colliding particles, simulating 2D flow. Within each step of proposed algorithm, the particles perform small displacements, proportional to the out-of-balance forces, acting on them. Numerical experiments show that if the liquid is confined within boundaries of a set of inter-communicating vessels, then the proposed method converges to a final equilibrium state. This incremental static analysis approximates dynamic behavior with strong damping and can provide information, as a first approximation to 2D movement of a liquid. In the initial arrangement of particles, a rhombic element is proposed, which assures satisfactory incompressibility of the fluid. Based on the proposed algorithm, a simple and short computer program (a “pocket” program) has been developed, with only about 120 Fortran instructions. This program is first applied to an amount of liquid, contained in a single vessel. A coarse and refined discretization is tried. In final equilibrium state of liquid, the distribution on hydro-static pressure on vessel boundaries, obtained by proposed computational model, is found in satisfactory approximation with corresponding theoretical data. Then, an opening is formed, at the bottom of a vertical boundary of initial vessel, and the liquid is allowed to flow gradually to an adjacent vessel. Almost whole amount of liquid is transferred, from first to second vessel, except of few drops-particles, which remain, in equilibrium, at the bottom of initial vessel. In the final equilibrium state of liquid, in the second vessel, the free surface level of the liquid confirms that the proposed rhombing element assures a satisfactory incompressibility of the fluid.展开更多
The article proposes an Equivalent Single Layer(ESL)formulation for the linear static analysis of arbitrarily-shaped shell structures subjected to general surface loads and boundary conditions.A parametrization of the...The article proposes an Equivalent Single Layer(ESL)formulation for the linear static analysis of arbitrarily-shaped shell structures subjected to general surface loads and boundary conditions.A parametrization of the physical domain is provided by employing a set of curvilinear principal coordinates.The generalized blendingmethodology accounts for a distortion of the structure so that disparate geometries can be considered.Each layer of the stacking sequence has an arbitrary orientation and is modelled as a generally anisotropic continuum.In addition,re-entrant auxetic three-dimensional honeycomb cells with soft-core behaviour are considered in the model.The unknown variables are described employing a generalized displacement field and pre-determined through-the-thickness functions assessed in a unified formulation.Then,a weak assessment of the structural problem accounts for shape functions defined with an isogeometric approach starting fromthe computational grid.Ageneralizedmethodology has been proposed to define two-dimensional distributions of static surface loads.In the same way,boundary conditions with three-dimensional features are implemented along the shell edges employing linear springs.The fundamental relations are obtained from the stationary configuration of the total potential energy,and they are numerically tackled by employing the Generalized Differential Quadrature(GDQ)method,accounting for nonuniform computational grids.In the post-processing stage,an equilibrium-based recovery procedure allows the determination of the three-dimensional dispersion of the kinematic and static quantities.Some case studies have been presented,and a successful benchmark of different structural responses has been performed with respect to various refined theories.展开更多
To detect security vulnerabilities in a web application,the security analyst must choose the best performance Security Analysis Static Tool(SAST)in terms of discovering the greatest number of security vulnerabilities ...To detect security vulnerabilities in a web application,the security analyst must choose the best performance Security Analysis Static Tool(SAST)in terms of discovering the greatest number of security vulnerabilities as possible.To compare static analysis tools for web applications,an adapted benchmark to the vulnerability categories included in the known standard Open Web Application Security Project(OWASP)Top Ten project is required.The information of the security effectiveness of a commercial static analysis tool is not usually a publicly accessible research and the state of the art on static security tool analyzers shows that the different design and implementation of those tools has different effectiveness rates in terms of security performance.Given the significant cost of commercial tools,this paper studies the performance of seven static tools using a new methodology proposal and a new benchmark designed for vulnerability categories included in the known standard OWASP Top Ten project.Thus,the practitioners will have more precise information to select the best tool using a benchmark adapted to the last versions of OWASP Top Ten project.The results of this work have been obtaining using widely acceptable metrics to classify them according to three different degree of web application criticality.展开更多
Static analysis presents significant challenges in alarm handling, where probabilistic models and alarm prioritization are essential methods for addressing these issues. These models prioritize alarms based on user fe...Static analysis presents significant challenges in alarm handling, where probabilistic models and alarm prioritization are essential methods for addressing these issues. These models prioritize alarms based on user feedback, thereby alleviating the burden on users to manually inspect alarms. However, they often encounter limitations related to efficiency and issues such as false generalization. While learning-based approaches have demonstrated promise, they typically incur high training costs and are constrained by the predefined structures of existing models. Moreover, the integration of large language models (LLMs) in static analysis has yet to reach its full potential, often resulting in lower accuracy rates in vulnerability identification. To tackle these challenges, we introduce BinLLM, a novel framework that harnesses the generalization capabilities of LLMs to enhance alarm probability models through rule learning. Our approach integrates LLM-derived abstract rules into the probabilistic model, using alarm paths and critical statements from static analysis. This integration enhances the model’s reasoning capabilities, improving its effectiveness in prioritizing genuine bugs while mitigating false generalizations. We evaluated BinLLM on a suite of C programs and observed 40.1% and 9.4% reduction in the number of checks required for alarm verification compared to two state-of-the-art baselines, Bingo and BayeSmith, respectively, underscoring the potential of combining LLMs with static analysis to improve alarm management.展开更多
We launch P_(ARF)—a toolkit for adaptively tuning abstraction strategies of static program analyzers in a fully automated manner.P_(ARF) models various types of external parameters(encoding abstraction strategies)as ...We launch P_(ARF)—a toolkit for adaptively tuning abstraction strategies of static program analyzers in a fully automated manner.P_(ARF) models various types of external parameters(encoding abstraction strategies)as random variables subject to probability distributions over latticed parameter spaces.It incrementally refines the probability distributions based on accumulated intermediate results generated by repeatedly sampling and analyzing,thereby ultimately yielding a set of highly accurate abstraction strategies.P_(ARF) is implemented on top of F_(RAMA)-C/E_(VA)—an off-the-shelf open-source static analyzer for C programs.P_(ARF) provides a web-based user interface facilitating the intuitive configuration of static analyzers and visualization of dynamic distribution refinement of the abstraction strategies.It further supports the identification of dominant parameters in F_(RAMA)-C/E_(VA) analysis.Benchmark experiments and a case study demonstrate the competitive performance of P_(ARF) for analyzing complex,large-scale real-world programs.展开更多
In recent decades,control performance monitoring(CPM)has experienced remarkable progress in research and industrial applications.While CPM research has been investigated using various benchmarks,the historical data be...In recent decades,control performance monitoring(CPM)has experienced remarkable progress in research and industrial applications.While CPM research has been investigated using various benchmarks,the historical data benchmark(HIS)has garnered the most attention due to its practicality and effectiveness.However,existing CPM reviews usually focus on the theoretical benchmark,and there is a lack of an in-depth review that thoroughly explores HIS-based methods.In this article,a comprehensive overview of HIS-based CPM is provided.First,we provide a novel static-dynamic perspective on data-level manifestations of control performance underlying typical controller capacities including regulation and servo:static and dynamic properties.The static property portrays time-independent variability in system output,and the dynamic property describes temporal behavior driven by closed-loop feedback.Accordingly,existing HIS-based CPM approaches and their intrinsic motivations are classified and analyzed from these two perspectives.Specifically,two mainstream solutions for CPM methods are summarized,including static analysis and dynamic analysis,which match data-driven techniques with actual controlling behavior.Furthermore,this paper also points out various opportunities and challenges faced in CPM for modern industry and provides promising directions in the context of artificial intelligence for inspiring future research.展开更多
Mobile device manufacturers are rapidly producing miscellaneous Android versions worldwide. Simultaneously, cyber criminals are executing malicious actions, such as tracking user activities, stealing personal data, an...Mobile device manufacturers are rapidly producing miscellaneous Android versions worldwide. Simultaneously, cyber criminals are executing malicious actions, such as tracking user activities, stealing personal data, and committing bank fraud. These criminals gain numerous benefits as too many people use Android for their daily routines, including important communications. With this in mind, security practitioners have conducted static and dynamic analyses to identify malware. This study used static analysis because of its overall code coverage, low resource consumption, and rapid processing. However, static analysis requires a minimum number of features to efficiently classify malware. Therefore, we used genetic search(GS), which is a search based on a genetic algorithm(GA), to select the features among 106 strings. To evaluate the best features determined by GS, we used five machine learning classifiers, namely, Na?ve Bayes(NB), functional trees(FT), J48, random forest(RF), and multilayer perceptron(MLP). Among these classifiers, FT gave the highest accuracy(95%) and true positive rate(TPR)(96.7%) with the use of only six features.展开更多
Static analysis is an efficient approach for software assurance. It is indicated that its most effective usage is to perform analysis in an interactive way through the software development process, which has a high pe...Static analysis is an efficient approach for software assurance. It is indicated that its most effective usage is to perform analysis in an interactive way through the software development process, which has a high performance requirement. This paper concentrates on rule-based static analysis tools and proposes an optimized rule-checking algorithm. Our technique improves the performance of static analysis tools by filtering vulnerability rules in terms of characteristic objects before checking source files. Since a source file always contains vulnerabilities of a small part of rules rather than all, our approach may achieve better performance. To investigate our technique's feasibility and effectiveness, we implemented it in an open source static analysis tool called PMD and used it to conduct experiments. Experimental results show that our approach can obtain an average performance promotion of 28.7% compared with the original PMD. While our approach is effective and precise in detecting vulnerabilities, there is no side effect.展开更多
In the present study,the static and dynamic analyses of elliptical functionally graded sandwich(FGS)plates are investigated.The constituent materials of the sandwich plates are ceramic and metal so that the core is ma...In the present study,the static and dynamic analyses of elliptical functionally graded sandwich(FGS)plates are investigated.The constituent materials of the sandwich plates are ceramic and metal so that the core is made of pure metal,while the face sheets consist of a combination of metal and ceramic according to a four-parameter power-law distribution.Different material profiles such as classic,symmetric,and asymmetric can be obtained using the applied generalized power-law distribution relation.The analysis is performed based on the classical laminated plate theory(CLPT)and the Ritz method.The effects of four parameters in the material distribution relation as well as different geometric parameters on the deflection and natural frequencies of elliptical FGS plates are studied.The results of this study show that with a proper distribution of materials,the optimal static and dynamic behavior can be achieved.The results also indicate that the generalized power-law distribution has significant effects on the natural frequencies of elliptical FGS plates.For example,although the frequency parameter of a plate with ceramic face sheets is more than the one with metal face sheets,the use of larger amounts of ceramic does not necessarily increase the natural frequency of the structure.展开更多
A novel method for the static analysis of structures with interval parameters under uncertain loads is proposed, which overcomes the inherent conservatism introduced by the conventional interval analysis due to ignori...A novel method for the static analysis of structures with interval parameters under uncertain loads is proposed, which overcomes the inherent conservatism introduced by the conventional interval analysis due to ignoring the dependency phenomenon. Instead of capturing the extremum of the structural static responses in the entire space spanned by uncertain parameters, their lower and upper bounds are calculated at the minimal and maximal point vectors obtained dimension by dimension with respect to uncertain parameters based on the Legend orthogonal polynomial approximation, overcoming the potential engineering insignificance caused by the optimization strategy. After performing its theoretical analysis, both the accuracy and applicability of the proposed method are verified.展开更多
The Android platform is the most popular mobile operating system.With the increase of the number of Android users,a lot of security issues have occurred.In order to detect the malicious behaviors for the installed And...The Android platform is the most popular mobile operating system.With the increase of the number of Android users,a lot of security issues have occurred.In order to detect the malicious behaviors for the installed Android Apps,in this paper,we propose an Android malware detecting scheme by integrating static and dynamic analysis methods.We use Androguard and Droid Box to extract the features,and then remove the irrelevant features.Then we employ the support vector machine(SVM) to classify the Android malware and benignware.From the result of our proposed scheme,the proposed integrated static and dynamic analysis scheme with SVM can effectively detect the Android malware.展开更多
A finite element analysis, including static and buckling analysis is presented for several notable concrete spherical shells around the world. Also, the structural optimization study of these shells was performed for ...A finite element analysis, including static and buckling analysis is presented for several notable concrete spherical shells around the world. Also, the structural optimization study of these shells was performed for thickness distribution and structure shape to reduce overall tensile stress, deflection and reinforcements. The finite element analysis using Sofistik software shows that a distributed concrete thickness reduces shell stresses, deflections and reinforcements. A geometrically non-linear analysis of these structures with and without imperfections was also performed. To take into account the possible plastification of the material an analysis with non-linear material was performed simultaneously with the geometrically non-linear analysis. This helps in developing an understanding of the structural behaviour and helps to identify all potential failure causes using failure analysis.展开更多
In recent years,the rapid development of computer software has led to numerous security problems,particularly software vulnerabilities.These flaws can cause significant harm to users’privacy and property.Current secu...In recent years,the rapid development of computer software has led to numerous security problems,particularly software vulnerabilities.These flaws can cause significant harm to users’privacy and property.Current security defect detection technology relies on manual or professional reasoning,leading to missed detection and high false detection rates.Artificial intelligence technology has led to the development of neural network models based on machine learning or deep learning to intelligently mine holes,reducing missed alarms and false alarms.So,this project aims to study Java source code defect detection methods for defects like null pointer reference exception,XSS(Transform),and Structured Query Language(SQL)injection.Also,the project uses open-source Javalang to translate the Java source code,conducts a deep search on the AST to obtain the empty syntax feature library,and converts the Java source code into a dependency graph.The feature vector is then used as the learning target for the neural network.Four types of Convolutional Neural Networks(CNN),Long Short-Term Memory(LSTM),Bi-directional Long Short-Term Memory(BiLSTM),and Attention Mechanism+Bidirectional LSTM,are used to investigate various code defects,including blank pointer reference exception,XSS,and SQL injection defects.Experimental results show that the attention mechanism in two-dimensional BLSTM is the most effective for object recognition,verifying the correctness of the method.展开更多
KK tubular joints are used to build jacket-type offshore structures. These joints are mostly made up of structural steel. These joints can withstand yield, buckling, and lateral loads depending on the structure’s des...KK tubular joints are used to build jacket-type offshore structures. These joints are mostly made up of structural steel. These joints can withstand yield, buckling, and lateral loads depending on the structure’s design and environment. In this study, the Finite Element Model of the KK-type tubular joint has been created, and analysis has been performed under static loading using the Static Structural analysis system of ANSYS 19.2 commercial software and structural mechanics module of COMSOL Multiphysics. The KK tubular model is analyzed under compressive load conditions, and the resulting stress, strain, and deformation values are tabulated in both graphical and tabular form. This study includes a comparison of the outcomes from both commercial software. The results highlight that maximum stress, strain, and deformation values decrease as joint thickness increases. This study holds significant relevance in advancing the understanding of tubular KK joints and their response to compressive loading. The insights derived from the analysis have the potential to contribute to the development of more robust and reliable tubular KK joints in various engineering and structural applications. .展开更多
Objective To study mechanics characteristics of two cooperative reconfigurable planetary robots when they get across an obstacle, and to find out the relationship between the maximum height of a stair with the configu...Objective To study mechanics characteristics of two cooperative reconfigurable planetary robots when they get across an obstacle, and to find out the relationship between the maximum height of a stair with the configuration of the two-robot, and to find some restrictions of kinematics for the cooperation. Methods Multirobot cooperation theory is used in the whole study process. Inverse kinematics of the robot is used to form a desired configuration in the cooperation process. Static equations are established to analyze the relations between the friction factor, the configuration of robots and the maximum height of a stair. Kinematics analysis is used to find the restrictions of the two collaborative robots in position, velocity and acceleration. Results 3D simulation shows that the two cooperative robots can climb up a stair under the condition of a certain height and a certain friction factor between robot wheel and the surface of the stair. Following the restrictions of kinematics, the climbing mission is fulfilled successfully and smoothly. Conclusion The maximum height of a stair, which the two cooperative robots can climb up, is involved in the configuration of robots, friction factor between the stair and the robots. The most strict restriction of the friction factor does not appear in the horizontal position. In any case, the maximum height is smaller than half of the distance between the centroid of robot1 with the centroid of robot2. However, the height can be higher than the radius of one robot wheel, which profit from the collaboration.展开更多
A macro-model of a reinforced concrete (RC) shear wall is developed for static inelastic analysis.The model is composed of RC column elements and RC membrane elements.The column elements are used to model the boundary...A macro-model of a reinforced concrete (RC) shear wall is developed for static inelastic analysis.The model is composed of RC column elements and RC membrane elements.The column elements are used to model the boundary zone and the membrane elements are used to model the wall panel.Various types of constitutive relationships of concrete could be adopted for the two kinds of elements.To perform analysis,the wall is divided into layers along its height.Two adjacent layers are connected with a rigid beam.There are only three unknown displacement components for each layer.A method called single degree of freedom compensation is adopted to solve the peak value of the capacity curve.The post-peak stage analysis is performed using a forced iteration approach.The macro-model developed in the study and the complete process analysis methodology are verified by the experimental and static inelastic analytical results of four RC shear wall specimens.展开更多
基金supported by Scientific Research Projects Department of Istanbul Technical University.Project Number:MGA-2018-41546.Grant receiver:E.T.
文摘Due to their superior properties, the interest in nanostructures is increasing today in engineering. This study presents a new two-noded curved finite element for analyzing the in-plane static behaviors of curved nanobeams. Opposite to traditional curved finite elements developed by using approximate interpolation functions, the proposed curved finite element is developed by using exact analytical solutions. Although this approach was first introduced for analyzing the mechanical behaviors of macro-scale curved beams by adopting the local theory of elasticity, the exact analytical expressions used in this study were obtained from the solutions of governing equations that were expressed via the differential form of the nonlocal theory of elasticity. Therefore, the effects of shear strain and axial extension included in the analytical formulation are also inherited by the curved finite element developed here. The rigidity matrix and the consistent force vector are developed for a circular finite element. To demonstrate the applicability of the method, static analyses of various curved nanobeams subjected to different boundary conditions and loading scenarios are performed, and the obtained results are compared with the exact analytical ones. The presented study provides an accurate and low computational cost method for researchers to investigate the in-plane static behavior of curved nanobeams.
基金Project supported by the Program for New Century Excellent Talents in Universities(NCET)by the Ministry of Education of China(No.NCET-04-0373)
文摘Based on the method of reverberation ray matrix(MRRM), a reverberation matrix for planar framed structures composed of anisotropic Timoshenko(T) beam members containing completely hinged joints is developed for static analysis of such structures.In the MRRM for dynamic analysis, amplitudes of arriving and departing waves for joints are chosen as unknown quantities. However, for the present case of static analysis, displacements and rotational angles at the ends of each beam member are directly considered as unknown quantities. The expressions for stiffness matrices for anisotropic beam members are developed. A corresponding reverberation matrix is derived analytically for exact and unified determination on the displacements and internal forces at both ends of each member and arbitrary cross sectional locations in the structure. Numerical examples are given and compared with the finite element method(FEM) results to validate the present model. The characteristic parameter analysis is performed to demonstrate accuracy of the present model with the T beam theory in contrast with errors in the usual model based on the Euler-Bernoulli(EB) beam theory. The resulting reverberation matrix can be used for exact calculation of anisotropic framed structures as well as for parameter analysis of geometrical and material properties of the framed structures.
基金supported in part by the Fundamental Research Funds for the Central Universities of China (Grant No.WK0110000007)the Specialized Research Fund for the Doctoral Program of Higher Education of China (Grant No.20113402120026)+2 种基金the Natural Science Foundation of Anhui Province,China (Grant No. 1208085QF112)the Foundation for Young Talents in College of Anhui Province,China (GrantNo.2012SQRL001ZD)the Research Fund of ZTE Corpo ration
文摘I IntroductionSmartphones have become more complex in terms of functions and third-party applications, and this makes lhem a living space for malware. People store private information such as accounts and passwordson their smartphones, the loss of which could have serious con- sequences.
基金the National Key Research and Development Program of China under Grant No.2016QY07X1404National Natural Science Foundation of China(NSFC)under Grant No.61602035 and 61772078+1 种基金Beijing Science and Technology Project under Grant No.Z191100007119010,CCF-NSFOCUS Kun-Peng Scientific Research FoundationOpen Found of Key Laboratory of Network Assessment Technology,Institute of Information Engineering,Chinese Academy of Sciences.
文摘Fuzzing is an effective technique to find security bugs in programs by quickly exploring the input space of programs.To further discover vulnerabilities hidden in deep execution paths,the hybrid fuzzing combines fuzzing and concolic execution for going through complex branch conditions.In general,we observe that the execution path which comes across more and complex basic blocks may have a higher chance of containing a security bug.Based on this observation,we propose a hybrid fuzzing method assisted by static analysis for binary programs.The basic idea of our method is to prioritize seed inputs according to the complexity of their associated execution paths.For this purpose,we utilize static analysis to evaluate the complexity of each basic block and employ the hardware trace mechanism to dynamically extract the execution path for calculating the seed inputs’weights.The key advantage of our method is that our system can test binary programs efficiently by using the hardware trace and hybrid fuzzing.To evaluate the effectiveness of our method,we design and implement a prototype system,namely SHFuzz.The evaluation results show SHFuzz discovers more unique crashes on several real-world applications and the LAVA-M dataset when compared to the previous solutions.
文摘A simple method is proposed, for incremental static analysis of a set of inter-colliding particles, simulating 2D flow. Within each step of proposed algorithm, the particles perform small displacements, proportional to the out-of-balance forces, acting on them. Numerical experiments show that if the liquid is confined within boundaries of a set of inter-communicating vessels, then the proposed method converges to a final equilibrium state. This incremental static analysis approximates dynamic behavior with strong damping and can provide information, as a first approximation to 2D movement of a liquid. In the initial arrangement of particles, a rhombic element is proposed, which assures satisfactory incompressibility of the fluid. Based on the proposed algorithm, a simple and short computer program (a “pocket” program) has been developed, with only about 120 Fortran instructions. This program is first applied to an amount of liquid, contained in a single vessel. A coarse and refined discretization is tried. In final equilibrium state of liquid, the distribution on hydro-static pressure on vessel boundaries, obtained by proposed computational model, is found in satisfactory approximation with corresponding theoretical data. Then, an opening is formed, at the bottom of a vertical boundary of initial vessel, and the liquid is allowed to flow gradually to an adjacent vessel. Almost whole amount of liquid is transferred, from first to second vessel, except of few drops-particles, which remain, in equilibrium, at the bottom of initial vessel. In the final equilibrium state of liquid, in the second vessel, the free surface level of the liquid confirms that the proposed rhombing element assures a satisfactory incompressibility of the fluid.
文摘The article proposes an Equivalent Single Layer(ESL)formulation for the linear static analysis of arbitrarily-shaped shell structures subjected to general surface loads and boundary conditions.A parametrization of the physical domain is provided by employing a set of curvilinear principal coordinates.The generalized blendingmethodology accounts for a distortion of the structure so that disparate geometries can be considered.Each layer of the stacking sequence has an arbitrary orientation and is modelled as a generally anisotropic continuum.In addition,re-entrant auxetic three-dimensional honeycomb cells with soft-core behaviour are considered in the model.The unknown variables are described employing a generalized displacement field and pre-determined through-the-thickness functions assessed in a unified formulation.Then,a weak assessment of the structural problem accounts for shape functions defined with an isogeometric approach starting fromthe computational grid.Ageneralizedmethodology has been proposed to define two-dimensional distributions of static surface loads.In the same way,boundary conditions with three-dimensional features are implemented along the shell edges employing linear springs.The fundamental relations are obtained from the stationary configuration of the total potential energy,and they are numerically tackled by employing the Generalized Differential Quadrature(GDQ)method,accounting for nonuniform computational grids.In the post-processing stage,an equilibrium-based recovery procedure allows the determination of the three-dimensional dispersion of the kinematic and static quantities.Some case studies have been presented,and a successful benchmark of different structural responses has been performed with respect to various refined theories.
文摘To detect security vulnerabilities in a web application,the security analyst must choose the best performance Security Analysis Static Tool(SAST)in terms of discovering the greatest number of security vulnerabilities as possible.To compare static analysis tools for web applications,an adapted benchmark to the vulnerability categories included in the known standard Open Web Application Security Project(OWASP)Top Ten project is required.The information of the security effectiveness of a commercial static analysis tool is not usually a publicly accessible research and the state of the art on static security tool analyzers shows that the different design and implementation of those tools has different effectiveness rates in terms of security performance.Given the significant cost of commercial tools,this paper studies the performance of seven static tools using a new methodology proposal and a new benchmark designed for vulnerability categories included in the known standard OWASP Top Ten project.Thus,the practitioners will have more precise information to select the best tool using a benchmark adapted to the last versions of OWASP Top Ten project.The results of this work have been obtaining using widely acceptable metrics to classify them according to three different degree of web application criticality.
基金supported by the National Natural Science Foundation of China(Nos.U20B2048 and 62471301)。
文摘Static analysis presents significant challenges in alarm handling, where probabilistic models and alarm prioritization are essential methods for addressing these issues. These models prioritize alarms based on user feedback, thereby alleviating the burden on users to manually inspect alarms. However, they often encounter limitations related to efficiency and issues such as false generalization. While learning-based approaches have demonstrated promise, they typically incur high training costs and are constrained by the predefined structures of existing models. Moreover, the integration of large language models (LLMs) in static analysis has yet to reach its full potential, often resulting in lower accuracy rates in vulnerability identification. To tackle these challenges, we introduce BinLLM, a novel framework that harnesses the generalization capabilities of LLMs to enhance alarm probability models through rule learning. Our approach integrates LLM-derived abstract rules into the probabilistic model, using alarm paths and critical statements from static analysis. This integration enhances the model’s reasoning capabilities, improving its effectiveness in prioritizing genuine bugs while mitigating false generalizations. We evaluated BinLLM on a suite of C programs and observed 40.1% and 9.4% reduction in the number of checks required for alarm verification compared to two state-of-the-art baselines, Bingo and BayeSmith, respectively, underscoring the potential of combining LLMs with static analysis to improve alarm management.
基金supported by the Zhejiang Provincial Natural Science Foundation Major Program under Grant No.LD24F020013the CCF-Huawei Populus Grove Fund under Grant No.CCF-HuaweiFM202301+1 种基金the Fundamental Research Funds for the Central Universities of China under Grant No.226-2024-00140the Zhejiang University Education Foundation's Qizhen Talent Program.
文摘We launch P_(ARF)—a toolkit for adaptively tuning abstraction strategies of static program analyzers in a fully automated manner.P_(ARF) models various types of external parameters(encoding abstraction strategies)as random variables subject to probability distributions over latticed parameter spaces.It incrementally refines the probability distributions based on accumulated intermediate results generated by repeatedly sampling and analyzing,thereby ultimately yielding a set of highly accurate abstraction strategies.P_(ARF) is implemented on top of F_(RAMA)-C/E_(VA)—an off-the-shelf open-source static analyzer for C programs.P_(ARF) provides a web-based user interface facilitating the intuitive configuration of static analyzers and visualization of dynamic distribution refinement of the abstraction strategies.It further supports the identification of dominant parameters in F_(RAMA)-C/E_(VA) analysis.Benchmark experiments and a case study demonstrate the competitive performance of P_(ARF) for analyzing complex,large-scale real-world programs.
基金supported in part by the National Natural Science Foundation of China(62125306)Zhejiang Key Research and Development Project(2024C01163)the State Key Laboratory of Industrial Control Technology,China(ICT2024A06)
文摘In recent decades,control performance monitoring(CPM)has experienced remarkable progress in research and industrial applications.While CPM research has been investigated using various benchmarks,the historical data benchmark(HIS)has garnered the most attention due to its practicality and effectiveness.However,existing CPM reviews usually focus on the theoretical benchmark,and there is a lack of an in-depth review that thoroughly explores HIS-based methods.In this article,a comprehensive overview of HIS-based CPM is provided.First,we provide a novel static-dynamic perspective on data-level manifestations of control performance underlying typical controller capacities including regulation and servo:static and dynamic properties.The static property portrays time-independent variability in system output,and the dynamic property describes temporal behavior driven by closed-loop feedback.Accordingly,existing HIS-based CPM approaches and their intrinsic motivations are classified and analyzed from these two perspectives.Specifically,two mainstream solutions for CPM methods are summarized,including static analysis and dynamic analysis,which match data-driven techniques with actual controlling behavior.Furthermore,this paper also points out various opportunities and challenges faced in CPM for modern industry and provides promising directions in the context of artificial intelligence for inspiring future research.
基金supported by the Ministry of Science,Technology and Innovation of Malaysia,under the Grant e Science Fund(No.01-01-03-SF0914)
文摘Mobile device manufacturers are rapidly producing miscellaneous Android versions worldwide. Simultaneously, cyber criminals are executing malicious actions, such as tracking user activities, stealing personal data, and committing bank fraud. These criminals gain numerous benefits as too many people use Android for their daily routines, including important communications. With this in mind, security practitioners have conducted static and dynamic analyses to identify malware. This study used static analysis because of its overall code coverage, low resource consumption, and rapid processing. However, static analysis requires a minimum number of features to efficiently classify malware. Therefore, we used genetic search(GS), which is a search based on a genetic algorithm(GA), to select the features among 106 strings. To evaluate the best features determined by GS, we used five machine learning classifiers, namely, Na?ve Bayes(NB), functional trees(FT), J48, random forest(RF), and multilayer perceptron(MLP). Among these classifiers, FT gave the highest accuracy(95%) and true positive rate(TPR)(96.7%) with the use of only six features.
基金Project supported by the National High-Tech R&D Program(863)of China(No.2013AA12A202)the National Natural Science Foundation of China(Nos.61172173,41501505,and 61502205)+1 种基金the Natural Science Foundation of Hubei Province,China(No.2014CFB779)the Youths Science Foundation of Wuhan Institute of Technology(No.K201546)
文摘Static analysis is an efficient approach for software assurance. It is indicated that its most effective usage is to perform analysis in an interactive way through the software development process, which has a high performance requirement. This paper concentrates on rule-based static analysis tools and proposes an optimized rule-checking algorithm. Our technique improves the performance of static analysis tools by filtering vulnerability rules in terms of characteristic objects before checking source files. Since a source file always contains vulnerabilities of a small part of rules rather than all, our approach may achieve better performance. To investigate our technique's feasibility and effectiveness, we implemented it in an open source static analysis tool called PMD and used it to conduct experiments. Experimental results show that our approach can obtain an average performance promotion of 28.7% compared with the original PMD. While our approach is effective and precise in detecting vulnerabilities, there is no side effect.
文摘In the present study,the static and dynamic analyses of elliptical functionally graded sandwich(FGS)plates are investigated.The constituent materials of the sandwich plates are ceramic and metal so that the core is made of pure metal,while the face sheets consist of a combination of metal and ceramic according to a four-parameter power-law distribution.Different material profiles such as classic,symmetric,and asymmetric can be obtained using the applied generalized power-law distribution relation.The analysis is performed based on the classical laminated plate theory(CLPT)and the Ritz method.The effects of four parameters in the material distribution relation as well as different geometric parameters on the deflection and natural frequencies of elliptical FGS plates are studied.The results of this study show that with a proper distribution of materials,the optimal static and dynamic behavior can be achieved.The results also indicate that the generalized power-law distribution has significant effects on the natural frequencies of elliptical FGS plates.For example,although the frequency parameter of a plate with ceramic face sheets is more than the one with metal face sheets,the use of larger amounts of ceramic does not necessarily increase the natural frequency of the structure.
基金supported by the Defense Industrial Technology Development Program(Grant Nos.A2120110001 and B2120110011)‘111’ Project(Grant No.B07009)the National Natural Science Foundation of China(Grant Nos.90816024 and 10876100)
文摘A novel method for the static analysis of structures with interval parameters under uncertain loads is proposed, which overcomes the inherent conservatism introduced by the conventional interval analysis due to ignoring the dependency phenomenon. Instead of capturing the extremum of the structural static responses in the entire space spanned by uncertain parameters, their lower and upper bounds are calculated at the minimal and maximal point vectors obtained dimension by dimension with respect to uncertain parameters based on the Legend orthogonal polynomial approximation, overcoming the potential engineering insignificance caused by the optimization strategy. After performing its theoretical analysis, both the accuracy and applicability of the proposed method are verified.
基金partially supported by MOST under Grant No.105-2221-E-327-036
文摘The Android platform is the most popular mobile operating system.With the increase of the number of Android users,a lot of security issues have occurred.In order to detect the malicious behaviors for the installed Android Apps,in this paper,we propose an Android malware detecting scheme by integrating static and dynamic analysis methods.We use Androguard and Droid Box to extract the features,and then remove the irrelevant features.Then we employ the support vector machine(SVM) to classify the Android malware and benignware.From the result of our proposed scheme,the proposed integrated static and dynamic analysis scheme with SVM can effectively detect the Android malware.
文摘A finite element analysis, including static and buckling analysis is presented for several notable concrete spherical shells around the world. Also, the structural optimization study of these shells was performed for thickness distribution and structure shape to reduce overall tensile stress, deflection and reinforcements. The finite element analysis using Sofistik software shows that a distributed concrete thickness reduces shell stresses, deflections and reinforcements. A geometrically non-linear analysis of these structures with and without imperfections was also performed. To take into account the possible plastification of the material an analysis with non-linear material was performed simultaneously with the geometrically non-linear analysis. This helps in developing an understanding of the structural behaviour and helps to identify all potential failure causes using failure analysis.
基金This work is supported by the Provincial Key Science and Technology Special Project of Henan(No.221100240100)。
文摘In recent years,the rapid development of computer software has led to numerous security problems,particularly software vulnerabilities.These flaws can cause significant harm to users’privacy and property.Current security defect detection technology relies on manual or professional reasoning,leading to missed detection and high false detection rates.Artificial intelligence technology has led to the development of neural network models based on machine learning or deep learning to intelligently mine holes,reducing missed alarms and false alarms.So,this project aims to study Java source code defect detection methods for defects like null pointer reference exception,XSS(Transform),and Structured Query Language(SQL)injection.Also,the project uses open-source Javalang to translate the Java source code,conducts a deep search on the AST to obtain the empty syntax feature library,and converts the Java source code into a dependency graph.The feature vector is then used as the learning target for the neural network.Four types of Convolutional Neural Networks(CNN),Long Short-Term Memory(LSTM),Bi-directional Long Short-Term Memory(BiLSTM),and Attention Mechanism+Bidirectional LSTM,are used to investigate various code defects,including blank pointer reference exception,XSS,and SQL injection defects.Experimental results show that the attention mechanism in two-dimensional BLSTM is the most effective for object recognition,verifying the correctness of the method.
文摘KK tubular joints are used to build jacket-type offshore structures. These joints are mostly made up of structural steel. These joints can withstand yield, buckling, and lateral loads depending on the structure’s design and environment. In this study, the Finite Element Model of the KK-type tubular joint has been created, and analysis has been performed under static loading using the Static Structural analysis system of ANSYS 19.2 commercial software and structural mechanics module of COMSOL Multiphysics. The KK tubular model is analyzed under compressive load conditions, and the resulting stress, strain, and deformation values are tabulated in both graphical and tabular form. This study includes a comparison of the outcomes from both commercial software. The results highlight that maximum stress, strain, and deformation values decrease as joint thickness increases. This study holds significant relevance in advancing the understanding of tubular KK joints and their response to compressive loading. The insights derived from the analysis have the potential to contribute to the development of more robust and reliable tubular KK joints in various engineering and structural applications. .
基金This workis supported in part by the Hi-tech Research and Development Programof China (2002AA422130) .
文摘Objective To study mechanics characteristics of two cooperative reconfigurable planetary robots when they get across an obstacle, and to find out the relationship between the maximum height of a stair with the configuration of the two-robot, and to find some restrictions of kinematics for the cooperation. Methods Multirobot cooperation theory is used in the whole study process. Inverse kinematics of the robot is used to form a desired configuration in the cooperation process. Static equations are established to analyze the relations between the friction factor, the configuration of robots and the maximum height of a stair. Kinematics analysis is used to find the restrictions of the two collaborative robots in position, velocity and acceleration. Results 3D simulation shows that the two cooperative robots can climb up a stair under the condition of a certain height and a certain friction factor between robot wheel and the surface of the stair. Following the restrictions of kinematics, the climbing mission is fulfilled successfully and smoothly. Conclusion The maximum height of a stair, which the two cooperative robots can climb up, is involved in the configuration of robots, friction factor between the stair and the robots. The most strict restriction of the friction factor does not appear in the horizontal position. In any case, the maximum height is smaller than half of the distance between the centroid of robot1 with the centroid of robot2. However, the height can be higher than the radius of one robot wheel, which profit from the collaboration.
基金National Natural Science Foundation of China,Grant number 59895410
文摘A macro-model of a reinforced concrete (RC) shear wall is developed for static inelastic analysis.The model is composed of RC column elements and RC membrane elements.The column elements are used to model the boundary zone and the membrane elements are used to model the wall panel.Various types of constitutive relationships of concrete could be adopted for the two kinds of elements.To perform analysis,the wall is divided into layers along its height.Two adjacent layers are connected with a rigid beam.There are only three unknown displacement components for each layer.A method called single degree of freedom compensation is adopted to solve the peak value of the capacity curve.The post-peak stage analysis is performed using a forced iteration approach.The macro-model developed in the study and the complete process analysis methodology are verified by the experimental and static inelastic analytical results of four RC shear wall specimens.
