To estimate a clone region in a digital image is an important task of copy-move forgery (CMF) detection, which is one of the key techniques of digital image forensics. Most existing keypoint-based CMF detection schemes are weak in distinguishing the clone regions and the similar regions. However, some misjudgments may be resulted in some similar regions, which are not the clone regions. To solve this problem, a novel copy-move forgery detection scheme is proposed. To avoid misjudgments, rough clone regions are estimated first, which can obviously reduce the false positive rate. And then the customized threshold is created in accordance with characteristics of each image, which can reduce the false negative rate as far as possible. Experimental results show that our proposed scheme obviously restrains the interference by the similar regions and has an outstanding performance on estimating clone regions.
{"title":"A Copy-Move Forgery Detection Scheme with Improved Clone Region Estimation","authors":"Fei Zhao, Wenchang Shi, Bo Qin, Bin Liang","doi":"10.1109/TSA.2016.12","DOIUrl":"https://doi.org/10.1109/TSA.2016.12","url":null,"abstract":"To estimate a clone region in a digital image is an important task of copy-move forgery (CMF) detection, which is one of the key techniques of digital image forensics. Most existing keypoint-based CMF detection schemes are weak in distinguishing the clone regions and the similar regions. However, some misjudgments may be resulted in some similar regions, which are not the clone regions. To solve this problem, a novel copy-move forgery detection scheme is proposed. To avoid misjudgments, rough clone regions are estimated first, which can obviously reduce the false positive rate. And then the customized threshold is created in accordance with characteristics of each image, which can reduce the false negative rate as far as possible. Experimental results show that our proposed scheme obviously restrains the interference by the similar regions and has an outstanding performance on estimating clone regions.","PeriodicalId":114541,"journal":{"name":"2016 Third International Conference on Trustworthy Systems and their Applications (TSA)","volume":"30 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134390364","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Jingxuan Tu, Xiaoyuan Xie, Yuming Zhou, Baowen Xu, Lin Chen
Strictly speaking, fault localization includes assessing the code risk of being faulty and identifying the real fault. In practice, only highlighting some possible faulty statements is not helpful enough to reason the roots of the observed failures in a system. Programmers need to manually inspect the highlighted risky statements one by one, reading and understanding their contexts, in order to identify the real faulty ones. However, most related works have been focusing on risk assessment by simply ignoring the fault identification, which makes such techniques much less practical in real world. Therefore, in this paper, we propose a context-aware approach to assist fault comprehension and identification. Built on risk assessment results, our approach searches for the faults on Weighted Call Graph. In our approach the risky statements are re-ordered by function call chains, which can provide much richer information to understand the context and hence reduce the efforts in manual code inspection. Case studies with three open-source systems show that the proposed approach could help to improve the effectiveness of the whole fault localization process.
{"title":"A Search Based Context-Aware Approach for Understanding and Localizing the Fault via Weighted Call Graph","authors":"Jingxuan Tu, Xiaoyuan Xie, Yuming Zhou, Baowen Xu, Lin Chen","doi":"10.1109/TSA.2016.20","DOIUrl":"https://doi.org/10.1109/TSA.2016.20","url":null,"abstract":"Strictly speaking, fault localization includes assessing the code risk of being faulty and identifying the real fault. In practice, only highlighting some possible faulty statements is not helpful enough to reason the roots of the observed failures in a system. Programmers need to manually inspect the highlighted risky statements one by one, reading and understanding their contexts, in order to identify the real faulty ones. However, most related works have been focusing on risk assessment by simply ignoring the fault identification, which makes such techniques much less practical in real world. Therefore, in this paper, we propose a context-aware approach to assist fault comprehension and identification. Built on risk assessment results, our approach searches for the faults on Weighted Call Graph. In our approach the risky statements are re-ordered by function call chains, which can provide much richer information to understand the context and hence reduce the efforts in manual code inspection. Case studies with three open-source systems show that the proposed approach could help to improve the effectiveness of the whole fault localization process.","PeriodicalId":114541,"journal":{"name":"2016 Third International Conference on Trustworthy Systems and their Applications (TSA)","volume":"11 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116318493","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
With the high frequent use of social applications on Android platform, the cache file privacy disclosure issues have become increasingly serious. To our best knowledge, there is no effective privacy protection solution for social applications cache files. In this paper, we analyze the present situation of social applications cache file leaks on Android platform, and provide a privacy disclosure assessment criterion based on file storage directories and security state machines. And a cache file privacy protection framework, X-Prcaf (Xposed-based-Protecting-Cache-File), is proposed, which can make social applications avoid privacy data leaks in running process. This framework mainly uses taint tracking technology, operating system hook technology, and cryptographic technology. It aims to protect the entire life cycle of the social applications cache files, by strategy pre-generation, real-time monitoring and security reinforcement. Experiments demonstrate that X-Prcaf has a good effect on the cache file leaks of social software.
{"title":"X-Prcaf : Xposed Based Protecting Cache File from Leaks in Android Social Applications","authors":"Qi Tang, Wen Zhang, Xiaoyong Li, Bin Wang","doi":"10.1109/TSA.2016.13","DOIUrl":"https://doi.org/10.1109/TSA.2016.13","url":null,"abstract":"With the high frequent use of social applications on Android platform, the cache file privacy disclosure issues have become increasingly serious. To our best knowledge, there is no effective privacy protection solution for social applications cache files. In this paper, we analyze the present situation of social applications cache file leaks on Android platform, and provide a privacy disclosure assessment criterion based on file storage directories and security state machines. And a cache file privacy protection framework, X-Prcaf (Xposed-based-Protecting-Cache-File), is proposed, which can make social applications avoid privacy data leaks in running process. This framework mainly uses taint tracking technology, operating system hook technology, and cryptographic technology. It aims to protect the entire life cycle of the social applications cache files, by strategy pre-generation, real-time monitoring and security reinforcement. Experiments demonstrate that X-Prcaf has a good effect on the cache file leaks of social software.","PeriodicalId":114541,"journal":{"name":"2016 Third International Conference on Trustworthy Systems and their Applications (TSA)","volume":"30 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121278258","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
GitHub, a popular social-software-development platform, has fostered a variety of software ecosystems where projects depend on one another and co-evolve together. The projects located in the central hub of the ecosystem are supposed to be important and could affect a number of other projects. However, few researches have investigated the dominant projects in a software ecosystem. In this study, we aim to identify the most influential projects in the GitHub Python ecosystem. We first construct the GitHub Python ecosystem with 19797 projects by identifying their inter-dependencies. Then, we calculate the four kinds of centrality metrics to measure the centrality and influence of each project in the ecosystem. Finally, we evaluate the project's popularity using GitHub social methods and compare the consistency of the two measurements. Our results indicate that 1) the most influential projects are mostly custom libraries; 2) only a small number of projects have large values of the centrality metrics; 3) the dominant projects are not always popular among the GitHub users. Our results help the researchers and practitioners gain a better understanding of the GitHub Python ecosystem.
{"title":"What Are the Dominant Projects in the GitHub Python Ecosystem?","authors":"Wanwangying Ma, Lin Chen, Yuming Zhou, Baowen Xu","doi":"10.1109/TSA.2016.23","DOIUrl":"https://doi.org/10.1109/TSA.2016.23","url":null,"abstract":"GitHub, a popular social-software-development platform, has fostered a variety of software ecosystems where projects depend on one another and co-evolve together. The projects located in the central hub of the ecosystem are supposed to be important and could affect a number of other projects. However, few researches have investigated the dominant projects in a software ecosystem. In this study, we aim to identify the most influential projects in the GitHub Python ecosystem. We first construct the GitHub Python ecosystem with 19797 projects by identifying their inter-dependencies. Then, we calculate the four kinds of centrality metrics to measure the centrality and influence of each project in the ecosystem. Finally, we evaluate the project's popularity using GitHub social methods and compare the consistency of the two measurements. Our results indicate that 1) the most influential projects are mostly custom libraries; 2) only a small number of projects have large values of the centrality metrics; 3) the dominant projects are not always popular among the GitHub users. Our results help the researchers and practitioners gain a better understanding of the GitHub Python ecosystem.","PeriodicalId":114541,"journal":{"name":"2016 Third International Conference on Trustworthy Systems and their Applications (TSA)","volume":"75 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122877398","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: