Maninder Singh

Software clone detection: A systematic review

Abstract Context Reusing software by means of copy and paste is a frequent activity in software development. The duplicated code is known as a software clone and the activity is known as code cloning . Software clones may lead to bug propagation and serious maintenance problems. Objective This study reports an extensive systematic literature review of software clones in general and software clone detection in particular. Method We used the standard systematic literature review method based on a comprehensive set of 213 articles from a total of 2039 articles published in 11 leading journals and 37 premier conferences and workshops. Results Existing literature about software clones is classified broadly into different categories. The importance of semantic clone detection and model based clone detection led to different classifications. Empirical evaluation of clone detection tools/techniques is presented. Clone management, its benefits and cross cutting nature is reported. Number of studies pertaining to nine different types of clones is reported. Thirteen intermediate representations and 24 match detection techniques are reported. Conclusion We call for an increased awareness of the potential benefits of software clone management, and identify the need to develop semantic and model clone detection techniques. Recommendations are given for future research.

A Survey on Zero-Day Polymorphic Worm Detection Techniques

Zero-day polymorphic worms pose a serious threat to the Internet security. With their ability to rapidly propagate, these worms increasingly threaten the Internet hosts and services. Not only can they exploit unknown vulnerabilities but can also change their own representations on each new infection or can encrypt their payloads using a different key per infection. They have many variations in the signatures of the same worm thus, making their fingerprinting very difficult. Therefore, signature-based defenses and traditional security layers miss these stealthy and persistent threats. This paper provides a detailed survey to outline the research efforts in relation to detection of modern zero-day malware in form of zero-day polymorphic worms.

SOCCER: Self-Optimization of Energy-efficient Cloud Resources

Cloud data centers often schedule heterogeneous workloads without considering energy consumption and carbon emission aspects. Tremendous amount of energy consumption leads to high operational costs and reduces return on investment and contributes towards carbon footprints to the environment. Therefore, there is need of energy-aware cloud based system which schedules computing resources automatically by considering energy consumption as an important parameter. In this paper, energy efficient autonomic cloud system [Self-Optimization of Cloud Computing Energy-efficient Resources (SOCCER)] is proposed for energy efficient scheduling of cloud resources in data centers. The proposed work considers energy as a Quality of Service (QoS) parameter and automatically optimizes the efficiency of cloud resources by reducing energy consumption. The performance of the proposed system has been evaluated in real cloud environment and the experimental results show that the proposed system performs better in terms of energy consumption of cloud resources and utilizes these resources optimally.

SHAPE--an approach for self-healing and self-protection in complex distributed networks

Increasing complexity of large scale distributed systems is creating problem in managing faults and security attacks because of the manual style adopted for management. This paper proposes a novel approach called SHAPE to self-heal and self-protect the system from various kinds of faults and security attacks. It deals with hardware, software, and network faults and provides security against DDoS, R2L, U2L, and probing attacks. SHAPE is implemented and evaluated against various standard metrics. The results are provided to support the approach.

Model clone detection based on tree comparison

Model driven development has become a key industry practice. With higher levels of abstraction and advent of domain specific languages, models find their presence in every field. Latest software engineering practices lead to large models which are really hard to design and manage. Significant overlaps in large models are really a matter of concern. Anecdotal evidences suggest that clones in models poses similar threats as in code. The paper introduces an approach to detect clones in UML models. The technique is based on finding similarities between two object oriented diagrams. Firstly, UML models are encoded as XMI files. Subtree comparison is applied after the XMI file is filtered and represented as a tree. Similarity between two diagram elements in a model is determined and reported as a clone.

The Journey of QoS-Aware Autonomic Cloud Computing

In a cloud environment, uncertainty and resource dispersion lead to problems with resource allocation due, for instance, to heterogeneity, dynamism, and failures. Unfortunately, existing resource management techniques, frameworks, and mechanisms are insufficient to handle these environments, applications, and resource behaviors. To provide efficient workload performance and applications, these issues must be addressed effectively. The authors offer a broad, methodical literature analysis of resource management in cloud computing, including resource provisioning, resource scheduling, and autonomic resource provisioning and scheduling. They describe the current status of resource management in cloud computing and provide further analysis of its techniques as developed by various industry and academic groups. They also look at possible future directions for resource management in cloud computing.

BULLET: Particle Swarm Optimization Based Scheduling Technique for Provisioned Cloud Resources

Cloud resource scheduling requires mapping of cloud resources to cloud workloads. Scheduling results can be optimized by considering Quality of Service (QoS) parameters as inherent requirements of scheduling. In existing literature, only a few resource scheduling algorithms have considered cost and execution time constraints but efficient scheduling requires better optimization of QoS parameters. The main aim of this research paper is to present an efficient strategy for execution of workloads on cloud resources. A particle swarm optimization based resource scheduling technique has been designed named as BULLET which is used to execute workloads effectively on available resources. Performance of the proposed technique has been evaluated in cloud environment. The experimental results show that the proposed technique efficiently reduces execution cost, time and energy consumption along with other QoS parameters.

Synthesizing test scenarios in UML activity diagram using a bio-inspired approach

Abstract The model-based analysis is receiving a wide acceptance as compare to code-based analysis in the context of prioritizing and guiding the testing effort and speeding up the development process. Ordinarily, system analysts as well as developers follow Unified Modeling Language (UML) activity diagrams to render all realizable flows of controls commonly recognized as scenarios of use cases. This paper applies a bio-inspired algorithm to produce test scenarios for the concurrent section in UML activity diagram. Here, the heuristic draws its inspiration from the internal mechanism of the slime mould Physarum Polycephalum , a large single-celled amoeboid organism. Simulations are performed using eight subject systems taken from the LINDHOLMEN data-set, two models taken from real life student projects and five synthetic models. The results obtained through different approaches are validated through the statistical analysis which demonstrates that our proposed approach is better than the existing Ant Colony Optimization (ACO) and Genetic Algorithm (GA) by a number of feasible test scenarios generated.

Behavior analysis of malware using machine learning

In todays scenario, cyber security is one of the major concerns in network security and malware pose a serious threat to cyber security. The foremost step to guard the cyber system is to have an in-depth knowledge of the existing malware, various types of malware, methods of detecting and bypassing the adverse effects of malware. In this work, machine learning approach to the fore-going static and dynamic analysis techniques is investigated and reported to discuss the most recent trends in cyber security. The study captures a wide variety of samples from various online sources. The peculiar details about the malware such as file details, signatures, and hosts involved, affected files, registry keys, mutexes, section details, imports, strings and results from different antivirus have been deeply analyzed to conclude origin and functionality of malware. This approach contributes to vital cyber situation awareness by combining different malware discovery techniques, for example, static examination, to alter the session of malware triage for cyber defense and decreases the count of false alarms. Current trends in warfare have been determined.

Data mining-based integrated network traffic visualization framework for threat detection

In this speedy and voluminous digital world, the threat detection and reporting are a challenging job for rapid action. The present study deals with a strong and viable solution to overcome different threats, network security using data mining approach and techniques through visual graphical representation. Current research study explained and proposed a novel approach named as ‘integrated network traffic visualization system’. Nevertheless, current framework is working and based on data mining, further help out to demonstrates two new visualization schemes called as: Firstly Grid and secondly Platter. Per framework results, the Grid view is capable of displaying network traffic in different classified grids, based on application layer protocols. Additionally, Platter view visualizes campus area wireless network traffic on a single screen mechanized automatically adjusted with network size. These active schemes are significantly effective to identify and monitor the compromised machines and cuts down reaction time.