Biblio

Filters: Author is Li, Jin  [Clear All Filters]
2022-07-28
Wang, Jingjing, Huang, Minhuan, Nie, Yuanping, Li, Jin.  2021.  Static Analysis of Source Code Vulnerability Using Machine Learning Techniques: A Survey. 2021 4th International Conference on Artificial Intelligence and Big Data (ICAIBD). :76—86.

With the rapid increase of practical problem complexity and code scale, the threat of software security is increasingly serious. Consequently, it is crucial to pay attention to the analysis of software source code vulnerability in the development stage and take efficient measures to detect the vulnerability as soon as possible. Machine learning techniques have made remarkable achievements in various fields. However, the application of machine learning in the domain of vulnerability static analysis is still in its infancy and the characteristics and performance of diverse methods are quite different. In this survey, we focus on a source code-oriented static vulnerability analysis method using machine learning techniques. We review the studies on source code vulnerability analysis based on machine learning in the past decade. We systematically summarize the development trends and different technical characteristics in this field from the perspectives of the intermediate representation of source code and vulnerability prediction model and put forward several feasible research directions in the future according to the limitations of the current approaches.

2017-05-22
Tan, Chuting, Jiang, Zoe L., Wang, Xuan, Yiu, S.M., Fang, Junbin, Li, Jin, Jin, Yabin, Huang, Jiajun.  2016.  Generic Construction of Publicly Verifiable Predicate Encryption. Proceedings of the 11th ACM on Asia Conference on Computer and Communications Security. :889–894.

There is an increasing trend for data owners to store their data in a third-party cloud server and buy the service from the cloud server to provide information to other users. To ensure confidentiality, the data is usually encrypted. Therefore, an encrypted data searching scheme with privacy preserving is of paramount importance. Predicate encryption (PE) is one of the attractive solutions due to its attribute-hiding merit. However, as cloud is not always trusted, verifying the searched results is also crucial. Firstly, a generic construction of Publicly Verifiable Predicate Encryption (PVPE) scheme is proposed to provide verification for PE. We reduce the security of PVPE to the security of PE. However, from practical point of view, to decrease the communication overhead and computation overhead, an improved PVPE is proposed with the trade-off of a small probability of error.