Export Citations
Save this search
Please login to be able to save your searches and receive alerts for new content matching your search criteria.
- posterDecember 2024
Poster: Whether We Are Good Enough to Detect Server-Side Request Forgeries in PHP-native Applications?
CCS '24: Proceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications SecurityPages 4928–4930https://doi.org/10.1145/3658644.3691419Server-side request forgeries (SSRFs) are inevitable in PHP web applications. Existing static taint analysis tools for PHP suffer from both high rates of false positives and false negatives in detecting SSRF because they do not incorporate application-...
- research-articleSeptember 2024
Self-Supervised Machine Learning Framework for Online Container Security Attack Detection
ACM Transactions on Autonomous and Adaptive Systems (TAAS), Volume 19, Issue 3Article No.: 16, Pages 1–28https://doi.org/10.1145/3665795Container security has received much research attention recently. Previous work has proposed to apply various machine learning techniques to detect security attacks in containerized applications. On one hand, supervised machine learning schemes require ...
- research-articleApril 2024
Coverage Goal Selector for Combining Multiple Criteria in Search-Based Unit Test Generation
IEEE Transactions on Software Engineering (ISOF), Volume 50, Issue 4Pages 854–883https://doi.org/10.1109/TSE.2024.3366613Unit testing is critical to the software development process, ensuring the correctness of basic programming units in a program (e.g., a method). Search-based software testing (SBST) is an automated approach to generating test cases. SBST generates test ...
- articleFebruary 2024
POBO: Safe and Optimal Resource Management for Cloud Microservices
ACM SIGMETRICS Performance Evaluation Review (SIGMETRICS), Volume 51, Issue 4Pages 20–21https://doi.org/10.1145/3649477.3649489Resource management in microservices is challenging due to the uncertain latency-resource relationship, dynamic environment, and strict Service-Level Agreement (SLA) guarantees. This paper presents a Pessimistic and Optimistic Bayesian Optimization ...
- research-articleNovember 2023
POBO: Safe and optimal resource management for cloud microservices
AbstractResource management in microservices is challenging due to the uncertain latency–resource relationship, dynamic environment, and strict Service-Level Agreement (SLA) guarantees. This paper presents a Pessimistic and Optimistic Bayesian ...
- research-articleJuly 2022
PerfSig: extracting performance bug signatures via multi-modality causal analysis
ICSE '22: Proceedings of the 44th International Conference on Software EngineeringPages 1669–1680https://doi.org/10.1145/3510003.3510110Diagnosing a performance bug triggered in production cloud environments is notoriously challenging. Extracting performance bug signatures can help cloud operators quickly pinpoint the problem and avoid repeating manual efforts for diagnosing similar ...
- research-articleOctober 2020
HangFix: automatically fixing software hang bugs for production cloud systems
SoCC '20: Proceedings of the 11th ACM Symposium on Cloud ComputingPages 344–357https://doi.org/10.1145/3419111.3421288Software hang bugs are notoriously difficult to debug, which often cause serious service outages in cloud systems. In this paper, we present HangFix, a software hang bug fixing framework which can automatically fix a hang bug that is triggered and ...
- posterSeptember 2020
Toward just-in-time patching for containerized applications
HotSoS '20: Proceedings of the 7th Symposium on Hot Topics in the Science of SecurityArticle No.: 30, Pages 1–2https://doi.org/10.1145/3384217.3384225Containers have become increasingly popular in distributed computing environments. However, recent studies have shown that containerized applications are susceptible to various security attacks. Traditional pre-scheduled software update approaches not ...
- research-articleOctober 2018
DScope: Detecting Real-World Data Corruption Hang Bugs in Cloud Server Systems
SoCC '18: Proceedings of the ACM Symposium on Cloud ComputingPages 313–325https://doi.org/10.1145/3267809.3267844Cloud server systems such as Hadoop and Cassandra have enabled many real-world data-intensive applications running inside computing clouds. However, those systems present many data-corruption and performance problems which are notoriously difficult to ...