Handle Research Articles

Secure software development: leveraging application call graphs to detect security vulnerabilities

The inconsistency in software development standards frequently leads to vulnerabilities that can jeopardize an application’s cryptographic integrity. This situation can result in incomplete or flawed encryption processes. Vulnerabilities may manifest as missing, bypassed, or improperly executed encryption functions or the absence of critical cryptographic mechanisms, which eventually weaken security goals. This article introduces a thorough method for detecting vulnerabilities using dynamic and static analysis, focusing on a cryptographic function dominance tree. This strategy systematically minimizes the likelihood of integrity breaches in cryptographic applications. A layered and modular model is developed to maintain integrity by mapping the entire flow of cryptographic function calls across various components. The cryptographic function call graph and dominance tree are extracted and subsequently analyzed using an integrated dynamic and static technique. The extracted information undergoes strict evaluation against the anticipated function call sequence in the relevant cryptographic module to identify and localize potential security issues. Experimental findings demonstrate that the proposed method considerably enhances the accuracy and comprehensiveness of vulnerability detection in cryptographic applications, improving implementation security and resilience against misuse vulnerabilities.

Linear and Non-linear Relational Analyses for Quantum Program Optimization

The phase folding optimization is a circuit optimization used in many quantum compilers as a fast and effective way of reducing the number of high-cost gates in a quantum circuit. However, existing formulations of the optimization rely on an exact, linear algebraic representation of the circuit, restricting the optimization to being performed on straightline quantum circuits or basic blocks in a larger quantum program. We show that the phase folding optimization can be re-cast as an affine relation analysis , which allows the direct application of classical techniques for affine relations to extend phase folding to quantum programs with arbitrarily complicated classical control flow including nested loops and procedure calls. Through the lens of relational analysis, we show that the optimization can be powered-up by substituting other classical relational domains, particularly ones for non-linear relations which are useful in analyzing circuits involving classical arithmetic. To increase the precision of our analysis and infer non-linear relations from gate sets involving only linear operations — such as Clifford+t — we show that the sum-over-paths technique can be used to extract precise symbolic transition relations for straightline circuits. Our experiments show that our methods are able to generate and use non-trivial loop invariants for quantum program optimization, as well as achieve some optimizations of common circuits which were previously attainable only by hand.

RELINCHE: Automatically Checking Linearizability under Relaxed Memory Consistency

Concurrent libraries implement standard data structures, such as stacks and queues, in a thread-safe manner, typically providing an atomic interface to the data structure. They serve as building blocks for concurrent programs, and incorporate advanced synchronization mechanisms to achieve good performance. In this paper, we are concerned with the problem of verifying correctness of such libraries under weak memory consistency in a fully automated fashion. To this end, we develop a model checker, RELINCHE, that verifies atomicity and functional correctness of a concurrent library implementation in any client program that invokes the library methods up to some bounded number of times. Our tool establishes refinement between the concurrent library implementation and its atomic specification in a fully parallel client, which it then strengthens to capture all possible other more constrained clients of the library. RELINCHE scales sufficiently to verify correctness of standard concurrent library benchmarks for all client programs with up to 7--9 library method invocations, and finds minimal counterexamples with 4--7 method calls of non-trivial linearizability bugs due to weak memory consistency.

Decolonising the South African Criminal Procedure: Towards a Critical Approach to the Use of Ubuntu in Sentencing

South African Criminal Procedure has colonial roots which are yet to be fully uprooted. While several sections of the Criminal Procedure Act 51 of 1977 have been declared unconstitutional, much of the Act remains steeped in colonial legacies. Moreover, the minimum sentencing legislation, passed after democracy, also resembles the laws enforced by colonisers. This article challenges the colonial nature of the South African Criminal Procedure Regime and calls for its decolonisation. It proposes and endorses the use of ubuntu in sentencing proceedings to promote a culture of decolonisation. uBuntu is an African value which confronts the retributive and colonial nature of Criminal Procedure. The article builds on the current literature on decolonisation in South African law by focussing specifically on the decolonisation of Criminal Procedure and on how ubuntu can be adopted to assist in the process. While the Constitutional Court in Makwanyane 1995 3 SA 391 (CC) was praised for its interpretation of ubuntu in the abolition of the death penalty, subsequent criminal courts have been loath to apply it. This needs to change. The article is presented in four parts. Firstly, it looks at the concepts of colonisation, decolonisation and ubuntu. It then examines the historical colonial roots of sentencing in South Africa from 1652 up until the enactment of the Criminal Procedure Act, the current regime. Thirdly it analyses how ubuntu can be utilised and applied by presiding officers during sentencing. The study concludes by making several recommendations.

Effects of Vitamin and Mineral Supplementation During Gestation in Beef Heifers on Immunoglobulin Concentrations in Colostrum and Immune Responses in Naturally and Artificially Reared Calves.

Two experiments assessed the effects of providing a vitamin and mineral supplement to gestating beef heifers on concentrations of immunoglobulins (Ig) in colostrum and calf serum 24 h after feeding maternal colostrum (Exp. 1) or a colostrum-replacement product (Exp. 2). Angus-based heifers (n = 31, Exp. 1; n = 14, Exp. 2) were fed a basal diet (CON) or were fed a basal diet plus a vitamin and mineral supplement (VTM) from breeding (Exp. 1) or 60 d pre-breeding (Exp. 2) through calving. Colostrum was collected at calving, and serum was collected from calves 24 h after colostrum consumption to evaluate passive transfer. Serum was collected from calves in Exp. 1 to determine serum titers in response to vaccination at birth, pasture turn out, weaning, and 14 d after vaccination. Concentrations of IgG, IgM, or IgA in colostrum or in calf serum at 24 h were not impacted by dam treatment (p ≥ 0.21); however, concentrations of Ig in calf serum at 24 h were greater (p ≤ 0.01) in calves receiving maternal colostrum than those receiving a colostrum replacer. Calves born to VTM heifers had greater antibody titers at birth, pasture turn out, and weaning for infectious bovine rhinotracheitis (IBR), bovine viral diarrhea virus type 2 (BVD-2), and bovine respiratory syncytial virus (BRSV), respectively. Our results suggest that the programming of immune function in calves via prenatal nutrition appears to extend postnatally in CON and VTM offspring.

Semi-Implicit Numerical Integration of Boundary Value Problems

The numerical solution to boundary differential problems is a crucial task in modern applied mathematics. Usually, implicit integration methods are applied to solve this class of problems due to their high numerical stability and convergence. The known shortcoming of implicit algorithms is high computational costs, which can become unacceptable in the case of numerous right-hand side function calls, which are typical when solving boundary problems via the shooting method. Meanwhile, recently semi-implicit numerical integrators have gained major interest from scholars, providing an efficient trade-off between computational costs, stability, and precision. However, the application of semi-implicit methods to solving boundary problems has not been investigated in detail. In this paper, we aim to fill this gap by constructing a semi-implicit boundary problem solver and comparing the performance of explicit, semi-implicit, semi-explicit, and implicit methods using a set of linear and nonlinear test boundary problems. The novel blinking solver concept is introduced to overcome the main shortcoming of the semi-implicit schemes, namely, the low convergence on exponential solutions. The numerical stability of the blinking semi-implicit solver is investigated and compared with existing methods by plotting the stability regions. The performance plots for investigated methods are obtained as a dependence between global truncation error and estimated computation time. The experimental results confirm the assumption that semi-implicit numerical methods can significantly outperform both explicit and implicit solvers while solving boundary problems, especially in the proposed blinking modification. The results of this study can be efficiently used to create software for solving boundary problems, including partial derivative equations. Constructing semi-implicit numerical methods of higher-accuracy orders is also of interest for further research.

A Novel Two‐Stage Reliability Analysis Method Combining Improved Cross‐Entropy Adaptive Sampling and Relevant Vector Machine

ABSTRACTThe computational burden becomes unbearable when reliability analysis involves time‐consuming finite element analysis, especially for rare events. Therefore, reducing the number of performance function calls is the only way to improve computing efficiency. This paper proposes a novel reliability analysis method that combines relevant vector machine (RVM) and improved cross‐entropy adaptive sampling (iCE). In this method, RVM is employed to approximate the limit state surface and iCE is performed based on the constructed RVM. To guarantee the precision of RVM, the first level samples and the last level samples of iCE are used as candidate samples and the last level samples are regenerated along with the RVM updates. To prevent unnecessary updates of RVM, the proposed method considers the positions of the samples in the current design of experiment. In addition, based on the statistical properties of RVM and iCE, an error‐based stopping criterion is proposed. The accuracy and efficiency of the proposed method were validated through four benchmark examples. Finally, the proposed method is applied to engineering problems which are working in extreme environment.

Integrating Machine Learning and Large Language Models to Advance Exploration of Electrochemical Reactions

Electrochemical C‐H oxidation reactions offer a sustainable route to functionalize hydrocarbons, yet identifying suitable substrates and optimizing synthesis remain challenging. We report an integrated approach combining machine learning (ML) and large language models (LLMs) to streamline the exploration of electrochemical C‐H oxidation reactions. Utilizing a batch rapid screening electrochemical platform, we evaluated a wide range of reactions, initially classifying substrates by their reactivity, while LLMs text‐mined literature data to augment the training set. The resulting ML models for reactivity prediction achieved high accuracy (>90%) and enabled virtual screening of a large set of commercially available molecules. To optimize reaction conditions for selected substrates, LLMs were prompted to generate code that iteratively improved yields. This human‐AI collaboration proved effective, efficiently identifying high‐yield conditions for 8 drug‐like substances or intermediates. Notably, we benchmarked the accuracy and reliability of 10 different LLMs ‐ including LLaMA, Claude, and GPT‐4 ‐ on generating and executing codes related to ML based on natural language prompts given by chemists to showcase their tool‐making (code generation) and tool‐use (function calling) capabilities and potentials for accelerating research across four diverse tasks. We also collected an experimental benchmark dataset comprising 1071 reaction conditions and yields for electrochemical C‐H oxidation reactions.

Integrating Machine Learning and Large Language Models to Advance Exploration of Electrochemical Reactions.

Electrochemical C-H oxidation reactions offer a sustainable route to functionalize hydrocarbons, yet identifying suitable substrates and optimizing synthesis remainchallenging. We report an integrated approach combining machine learning (ML) and large language models (LLMs) to streamline the exploration of electrochemical C-H oxidation reactions. Utilizing a batch rapid screening electrochemical platform, we evaluated a wide range of reactions, initially classifying substrates by their reactivity, while LLMs text-mined literature data to augment the training set. The resulting ML models for reactivity prediction achieved high accuracy (>90%) and enabled virtual screening of a large set of commercially available molecules. To optimize reaction conditions for selected substrates, LLMs were prompted to generate code that iteratively improved yields. This human-AI collaboration proved effective, efficiently identifying high-yield conditions for 8 drug-like substances or intermediates. Notably, we benchmarked the accuracy and reliability of 10 different LLMs -including LLaMA, Claude, and GPT-4 -on generating and executing codes related to ML based on natural language prompts given by chemists to showcase their tool-making (code generation) and tool-use (function calling) capabilities and potentials for accelerating research across four diverse tasks. We also collected an experimental benchmark dataset comprising 1071 reaction conditions and yields for electrochemical C-H oxidation reactions.

Interpretable Conversation Routing via the Latent Embeddings Approach

Large language models (LLMs) are quickly implemented to answer question and support systems to automate customer experience across all domains, including medical use cases. Models in such environments should solve multiple problems like general knowledge questions, queries to external sources, function calling and many others. Some cases might not even require a full-on text generation. They possibly need different prompts or even different models. All of it can be managed by a routing step. This paper focuses on interpretable few-shot approaches for conversation routing like latent embeddings retrieval. The work here presents a benchmark, a sorrow analysis, and a set of visualizations of the way latent embeddings routing works for long-context conversations in a multilingual, domain-specific environment. The results presented here show that the latent embeddings router is able to achieve performance on the same level as LLM-based routers with additional interpretability and higher level of control over model decision-making.

Effectiveness of the Civil Registration Services in One Philippine Component City: Basis for Action Plan

This study assessed the effectiveness of civil registration services in Calamba City, Laguna, Philippines. It used a descriptive approach to explore public perception of birth, marriage, and death registration processes. Respondents generally considered the services effective. However, some variations emerged. Sex and civil status influenced birth registration perceptions, while age, gender, marital status, and education impacted marriage registration views. Educational background and time spent registering deaths were factors as well. Interestingly, perceived effectiveness and encountered problems were not always linked. Birth and marriage registration showed no significant correlation, while death registration displayed a negative correlation (better effectiveness meant fewer problems). Based on these findings, an action plan proposes improvements. For birth registration, it emphasizes accuracy checks and data entry. Marriage registration calls for clearer roles and procedures. Death registration focuses on streamlining registry number assignment.

An efficient image encryption algorithm using 3D-cyclic chebyshev map and elliptic curve

With the development of internet technologies, it is now usual to communicate enormous amounts of text and visual data over networks, which calls for stringent procedures to guarantee confidentiality and integrity throughout transmission. An important part of safeguarding image communication over secure channel is cryptography. This study proposes an effective way to secure sensitive data by creating tamper-proof cryptosystems and authentication mechanisms. By employing elliptic curve cryptography (ECC) to generate secret encryption key and chaotic maps to successfully disguise and alter plain image pixel values, the technique strengthens overall system security through the use of hybrid cryptography. The method has a big enough key space to withstand brute-force attempts and exhibits robustness against statistical and differential attacks through analysis including evaluations and assessments of correlation, entropy, and histograms as well as evaluations such as NPCR, UACI, PSNR and keyspace analysis validate the efficacy of the proposed image encryption algorithm, affirming its systematic and robust nature and its capacity to offer superior image encryption protection over some existing ones.

Mining Fine-Grained Code Change Patterns Using Multiple Feature Analysis

Maintaining high code quality is a crucial concern in software development. Existing studies demonstrated that developers frequently face recurrent bugs and adopt similar fix measures, known as code change patterns. As an essential static analysis technique, code pattern mining supports various tasks, including code refactoring, automated program repair, and defect prediction, thus significantly improving software development processes. A prevalent approach to identifying code patterns involves translating code changes to edit actions into a Bag-of-Words (BoW) model. However, when applied to open-source projects, this method exhibits several limitations. For instance, it overlooks function call information and disregards feature word order. This study introduces MIFA, a novel technique for mining code change patterns using multiple feature analysis. MIFA extends existing BoW methods by incorporating analysis of function calls and overall changes in the Abstract Syntax Tree (AST) structure. We selected 20 popular Python projects and evaluated MIFA in both intra-project and cross-project scenarios. The experimental results indicate that: (1) MIFA achieved higher silhouette coefficients and F1 scores compared to other state-of-the-art methods, demonstrating a superior accuracy; (2) MIFA can assist developers in detecting unique change patterns more earlier, with an efficiency improvement of over 40% compared to random sampling. Additionally, we discussed critical parameters for measuring the similarity of code changes, guiding users to apply our method effectively.

Multiple-Input Multiple-Output Synthetic Aperture Radar Waveform and Filter Design in the Presence of Uncertain Interference Environment

Multiple-input multiple-output synthetic aperture radar (MIMO-SAR) anti-jamming waveform design relies on accurate prior information about the interference. However, it is difficult to obtain accurate prior knowledge about uncertain intermittent sampling repeater jamming (ISRJ), leading to a severe decline in the detection performance of MIMO-SAR systems. Therefore, this article studies the robust joint design problem of MIMO radar transmit waveform and filter against uncertain ISRJ. We characterize two categories of uncertain interference, including sample length uncertainty and sample-time uncertainty, modeled as Gaussian distribution in different range bins. Based on the uncertain interference model, we formulate the maximizing SINR as a figure of merit, which is a non-convex quadratic optimization problem under specific waveform constraints. Based on the alternating direction method of multipliers (ADMM) framework, a novel joint design algorithm of waveform and filter is proposed. In order to improve the convergence performance of ADMM, the difference in convex functions (DC) programming is applied to the ADMM iterations framework to solve the problem of waveform energy inequality constraint. Finally, numerical results demonstrate the effectiveness and robustness of the proposed method, compared to the existing methods that utilize deterministic interference models in the uncertain ISRJ environment. Moreover, the spaceborne SAR real scene imaging simulations are conducted to evaluate the anti-ISRJ performance.

Variable resolution machine learning optimization of antennas using global sensitivity analysis

The significance of rigorous optimization techniques in antenna engineering has grown significantly in recent years. For many design tasks, parameter tuning must be conducted globally, presenting a challenge due to associated computational costs. The popular bio-inspired routines often necessitate thousands of merit function calls to converge, generating prohibitive expenses whenever the design process relies on electromagnetic (EM) simulation models. Surrogate-assisted methods offer acceleration, yet constructing reliable metamodels is hindered in higher-dimensional spaces and systems with highly nonlinear characteristics. This work suggests an innovative technique for global antenna optimization embedded within a machine-learning framework. It involves iteratively refined kriging surrogates and particle swarm optimization for generating infill points. The search process operates within a reduced-dimensionality region established through fast global sensitivity analysis. Domain confinement enables the creation of accurate behavioral models using limited training data, resulting in low CPU costs for optimization. Additional savings are realized by employing variable-resolution EM simulations, where low-fidelity models are utilized during the global search stage (including sensitivity analysis), and high-fidelity ones are reserved for final (gradient-based) tuning of antenna parameters. Comprehensive verification demonstrates the consistent performance of the proposed procedure, its superiority over benchmark techniques, and the relevance of the mechanisms embedded into the algorithm for enhancing search process reliability, design quality, and computational efficiency.

FCG-MFD: Benchmark function call graph-based dataset for malware family detection

Cyber crimes related to malware families are on the rise. This growth persists despite the prevalence of various antivirus software and approaches for malware detection and classification. Security experts have implemented Machine Learning (ML) techniques to identify these cyber-crimes. However, these approaches demand updated malware datasets for continuous improvements amid the evolving sophistication of malware strains. Thus, we present the FCG-MFD, a benchmark dataset with extensive Function Call Graphs (FCG) for malware family detection. This dataset guarantees resistance against emerging malware families by enabling security systems. Our dataset has two sub-datasets (FCG & Metadata) (1,00,000 samples) from VirusSamples, Virusshare, VirusSign, theZoo, Vx-underground, and MalwareBazaar curated using FCGs and metadata to optimize the efficacy of ML algorithms. We suggest a new malware analysis technique using FCGs and graph embedding networks, offering a solution to the complexity of feature engineering in ML-based malware analysis. Our approach to extracting semantic features via the Natural Language Processing (NLP) method is inspired by tasks involving sentences and words, respectively, for functions and instructions. We leverage a node2vec mechanism-based graph embedding network to generate malware embedding vectors. These vectors enable automated and efficient malware analysis by combining structural and semantic features. We use two datasets (FCG & Metadata) to assess FCG-MFD performance. F1-Scores of 99.14% and 99.28% are competitive with State-of-the-art (SOTA) methods.

Comparison of the Distribution Patterns of Microsatellites Across the Genomes of Reptiles.

Microsatellites or simple sequence repeats (SSRs) are prevalent across various organisms' genomes. However, their distribution patterns and evolutionary dynamics in reptile genomes are rarely studied systematically. We herein conducted a comprehensive analysis of SSRs in the genomes of 36 reptile species. Our findings revealed that the total number of SSRs ranged from 1,840,965 to 7,664,452, accounting for 2.16%-8.19% of the genomes analyzed. The relative density ranged from 21,567.82 to 81,889.41 bp per megabase (Mbp). The abundance of different SSR categories followed the pattern of imperfect SSR (I-SSR) > perfect SSR (P-SSR) > compound SSR (C-SSR). A significant positive correlation was observed between the number of SSRs and genome size (p = 0.0034), whereas SSR frequency (p = 0.013) or density (p = 0.0099) showed a negative correlation with genome size. Furthermore, no correlation was found between SSR length and genome size. Mononucleotide repeats were the most common P-SSRs in crocodilians and turtles, whereas mononucleotides, trinucleotides, or tetranucleotides were the most common P-SSRs in snakes, lizards, and tuatara. P-SSRs of varying motif sizes showed nonrandom distribution across different genic regions, with AT-rich repeats being predominant. The genomic SSR content of the squamate lineage ranked the highest in abundance and variability, whereas crocodilians and turtles showed a slowly evolving and reduced microsatellite landscape. Gene ontology enrichment and Kyoto Encyclopedia of Genes and Genomes pathway analyses indicated that genes harboring P-SSRs in the coding DNA sequence regions were primarily involved in the regulation of transcription and translation processes. The SSR dataset generated in this study provides potential candidates for functional analysis and calls for broader-scale analyses across the evolutionary spectrum.

Deterministic computation of quantiles in a Lipschitz framework

In this article, we focus on computing the quantiles of a random variable f(X), where X is a [0,1]d-valued random variable, d∈N∗, and f:[0,1]d→R is a deterministic Lipschitz function. We are particularly interested in scenarios where the cost of a single function evaluation is high, while the law of X is assumed to be known. In this context, we propose a deterministic algorithm to compute deterministic lower and upper bounds for the quantile of f(X) at a given level α∈(0,1). With a fixed budget of N function calls, we demonstrate that our algorithm achieves an exponential deterministic convergence rate for d=1 (O(ρN) with ρ∈(0,1)) and a polynomial deterministic convergence rate for d>1 (O(N−1d−1)) and show the optimality of those rates. Furthermore, we design two algorithms, depending on whether the Lipschitz constant of f is known or unknown.

Implementation of an algorithm for predicting exacerbations in telemonitoring: A multimethod study of patients’ and clinicians’ experiences

BackgroundPrediction algorithms may improve the ability of telehealth solutions to assess the risk of future exacerbations in patients with chronic obstructive pulmonary disease. Learning from patients’ and clinicians’ evaluations and experiences about the use of such algorithms is essential to evaluate its potential and examine factors that could potentially influence the implementation and sustained use. ObjectiveTo investigate the patients’ and clinicians’ perceptions and satisfaction with an algorithm for predicting exacerbations in patients with chronic obstructive pulmonary disease. DesignMultimethod study. SettingThree community nursing sites in Aalborg Municipality, Denmark. ParticipantsOne hundred and eleven adults with chronic obstructive pulmonary disease and four clinicians (three nurses and one physiotherapist) specialized in telehealth monitoring of the disease. MethodsThe study was performed from November 2021 to November 2022 alongside a clinical trial in which a prediction algorithm was integrated into an existing telehealth system. The patients’ perspectives were investigated using a self-constructed questionnaire. The clinicians’ perspective was explored using semistructured individual interviews. ResultsMost patients (84.0 %–90.8 %) were satisfied with the algorithm and the additional measurements required by the algorithm. Approximately 71.7 %–75.9 % found that the algorithm could be a useful tool for disease assessment. Patients elaborated that they could see an exacerbation prevention potential in the algorithm. Patients trusted the algorithm and found an increased sense of security. The clinicians showed a positive response toward the algorithm and its user-friendliness. However, they were concerned that the additional measurements could be too demanding for some patients and questioned the accuracy of the measurements. Some felt that the algorithm could risk being time-consuming and harm the overall assessment of the individual patient. They expressed a need for continuous information about the algorithm to understand its functions and alarms. ConclusionsOptimal use of the algorithm would require that patients perform additional pulse and oxygen saturation measurements. Furthermore, it will require in-depth insight among clinicians regarding the algorithm's functions and alarms. RegistrationThe study was performed alongside a clinical trial, which was first registered September 9, 2021, at clinicaltrials.gov (registration number NCT05218525). Date of first recruitment was September 28, 2021.

Component-based modeling of cascading failure propagation in directed dual-weight software networks

Software vulnerabilities often lead to cascading failures, resulting in service unavailability and potential breaches of user data. However, existing models for cascading failure propagation typically focus solely on the static design’s calling relationships, disregarding dynamic runtime propagation paths. Moreover, current network topology models primarily consider function calling frequency while overlooking critical factors like internal failure probability and component failure tolerance rates. Yet, these factors significantly influence the actual propagation of software cascading failures. In this study, we address these limitations by incorporating internal failure probabilities and calling frequencies as node and edge weights, respectively. This forms the basis of our component-based directed dual-weight software network cascading failure propagation model. This model encompasses the evaluation of cascading failure propagation through intra-component and inter-component propagation probabilities, alongside the constraint of component failure tolerance rates. Through extensive experiments conducted on six real-world software applications, our model has demonstrated its effectiveness in predicting software cascading failure propagation processes. This method deepens our understanding of software failures and structures, equipping software testers with the knowledge to make well-informed judgments regarding software quality concerns.