-
Detecting Security Patches via Behavioral Data in Code Repositories
Authors:
Nitzan Farhi,
Noam Koenigstein,
Yuval Shavitt
Abstract:
The absolute majority of software today is developed collaboratively using collaborative version control tools such as Git. It is a common practice that once a vulnerability is detected and fixed, the developers behind the software issue a Common Vulnerabilities and Exposures or CVE record to alert the user community of the security hazard and urge them to integrate the security patch. However, so…
▽ More
The absolute majority of software today is developed collaboratively using collaborative version control tools such as Git. It is a common practice that once a vulnerability is detected and fixed, the developers behind the software issue a Common Vulnerabilities and Exposures or CVE record to alert the user community of the security hazard and urge them to integrate the security patch. However, some companies might not disclose their vulnerabilities and just update their repository. As a result, users are unaware of the vulnerability and may remain exposed. In this paper, we present a system to automatically identify security patches using only the developer behavior in the Git repository without analyzing the code itself or the remarks that accompanied the fix (commit message). We showed we can reveal concealed security patches with an accuracy of 88.3% and F1 Score of 89.8%. This is the first time that a language-oblivious solution for this problem is presented.
△ Less
Submitted 4 February, 2023;
originally announced February 2023.
-
Deep Reinforcement Q-Learning for Intelligent Traffic Signal Control with Partial Detection
Authors:
Romain Ducrocq,
Nadir Farhi
Abstract:
Intelligent traffic signal controllers, applying DQN algorithms to traffic light policy optimization, efficiently reduce traffic congestion by adjusting traffic signals to real-time traffic. Most propositions in the literature however consider that all vehicles at the intersection are detected, an unrealistic scenario. Recently, new wireless communication technologies have enabled cost-efficient d…
▽ More
Intelligent traffic signal controllers, applying DQN algorithms to traffic light policy optimization, efficiently reduce traffic congestion by adjusting traffic signals to real-time traffic. Most propositions in the literature however consider that all vehicles at the intersection are detected, an unrealistic scenario. Recently, new wireless communication technologies have enabled cost-efficient detection of connected vehicles by infrastructures. With only a small fraction of the total fleet currently equipped, methods able to perform under low detection rates are desirable. In this paper, we propose a deep reinforcement Q-learning model to optimize traffic signal control at an isolated intersection, in a partially observable environment with connected vehicles. First, we present the novel DQN model within the RL framework. We introduce a new state representation for partially observable environments and a new reward function for traffic signal control, and provide a network architecture and tuned hyper-parameters. Second, we evaluate the performances of the model in numerical simulations on multiple scenarios, in two steps. At first in full detection against existing actuated controllers, then in partial detection with loss estimates for proportions of connected vehicles. Finally, from the obtained results, we define thresholds for detection rates with acceptable and optimal performance levels.
△ Less
Submitted 29 September, 2021;
originally announced September 2021.
-
M/G/c/c state dependent queuing model for a road traffic system of two sections in tandem
Authors:
Nacira Guerouahane,
Djamil Aissani,
Nadir Farhi,
Louiza Bouallouche-Medjkoune
Abstract:
We propose in this article a M/G/c/c state dependent queuing model for road traffic flow. The model is based on finite capacity queuing theory which captures the stationary density-flow relationships. It is also inspired from the deterministic Godunov scheme for the road traffic simulation. We first present a reformulation of the existing linear case of M/G/c/c state dependent model, in order to u…
▽ More
We propose in this article a M/G/c/c state dependent queuing model for road traffic flow. The model is based on finite capacity queuing theory which captures the stationary density-flow relationships. It is also inspired from the deterministic Godunov scheme for the road traffic simulation. We first present a reformulation of the existing linear case of M/G/c/c state dependent model, in order to use flow rather than speed variables. We then extend this model in order to consider upstream traffic demand and downstream traffic supply. After that, we propose the model for two road sections in tandem where both sections influence each other. In order to deal with this mutual dependence, we solve an implicit system given by an algebraic equation. Finally, we derive some performance measures (throughput and expected travel time). A comparison with results predicted by the M/G/c/c state dependent queuing networks shows that the model we propose here captures really the dynamics of the road traffic.
△ Less
Submitted 3 June, 2017;
originally announced June 2017.
-
A vehicle-to-infrastructure communication based algorithm for urban traffic control
Authors:
Cyril Nguyen Van Phu,
Nadir Farhi,
Habib Haj-Salem,
Jean-Patrick Lebacque
Abstract:
We present in this paper a new algorithm for urban traffic light control with mixed traffic (communicating and non communicating vehicles) and mixed infrastructure (equipped and unequipped junctions). We call equipped junction here a junction with a traffic light signal (TLS) controlled by a road side unit (RSU). On such a junction, the RSU manifests its connectedness to equipped vehicles by broad…
▽ More
We present in this paper a new algorithm for urban traffic light control with mixed traffic (communicating and non communicating vehicles) and mixed infrastructure (equipped and unequipped junctions). We call equipped junction here a junction with a traffic light signal (TLS) controlled by a road side unit (RSU). On such a junction, the RSU manifests its connectedness to equipped vehicles by broadcasting its communication address and geographical coordinates. The RSU builds a map of connected vehicles approaching and leaving the junction. The algorithm allows the RSU to select a traffic phase, based on the built map. The selected traffic phase is applied by the TLS; and both equipped and unequipped vehicles must respect it. The traffic management is in feedback on the traffic demand of communicating vehicles. We simulated the vehicular traffic as well as the communications. The two simulations are combined in a closed loop with visualization and monitoring interfaces. Several indicators on vehicular traffic (mean travel time, ended vehicles) and IEEE 802.11p communication performances (end-to-end delay, throughput) are derived and illustrated in three dimension maps. We then extended the traffic control to a urban road network where we also varied the number of equipped junctions. Other indicators are shown for road traffic performances in the road network case, where high gains are experienced in the simulation results.
△ Less
Submitted 3 July, 2017; v1 submitted 24 March, 2017;
originally announced March 2017.
-
M/g/c/c state dependent queueing model for road traffic simulation
Authors:
Nacira Guerrouahane,
Djamil Aissani,
Louiza Bouallouche-Medjkoune,
Nadir Farhi
Abstract:
In this paper, we present a stochastic queuing model for the road traffic, which captures the stationary density-flow relationships in both uncongested and congestion conditions. The proposed model is based on the $M/g/c/c$ state dependent queuing model of Jain and Smith, and is inspired from the deterministic Godunov scheme for the road traffic simulation. We first propose a reformulation of the…
▽ More
In this paper, we present a stochastic queuing model for the road traffic, which captures the stationary density-flow relationships in both uncongested and congestion conditions. The proposed model is based on the $M/g/c/c$ state dependent queuing model of Jain and Smith, and is inspired from the deterministic Godunov scheme for the road traffic simulation. We first propose a reformulation of the $M/g/c/c$ state dependent model that works with density-flow fundamental diagrams rather than density-speed relationships. We then extend this model in order to consider upstream traffic demand as well as downstream traffic supply. Finally, we calculate the speed and travel time distributions for the $M/g/c/c$ state dependent queuing model and for the proposed model, and derive stationary performance measures (expected number of cars, blocking probability, expected travel time, and throughput). A comparison with results predicted by the $M/g/c/c$ state dependent queuing model shows that the proposed model correctly represents the dynamics of traffic and gives good performances measures. The results illustrate the good accuracy of the proposed model.
△ Less
Submitted 3 December, 2016;
originally announced December 2016.
-
Performance bounds in wormhole routing, a network calculus approach
Authors:
Nadir Farhi,
Bruno Gaujal
Abstract:
We present a model of performance bound calculus on feedforward networks where data packets are routed under wormhole routing discipline. We are interested in determining maximum end-to-end delays and backlogs of messages or packets going from a source node to a destination node, through a given virtual path in the network. Our objective here is to give a network calculus approach for calculating…
▽ More
We present a model of performance bound calculus on feedforward networks where data packets are routed under wormhole routing discipline. We are interested in determining maximum end-to-end delays and backlogs of messages or packets going from a source node to a destination node, through a given virtual path in the network. Our objective here is to give a network calculus approach for calculating the performance bounds. First we propose a new concept of curves that we call packet curves. The curves permit to model constraints on packet lengths of a given data flow, when the lengths are allowed to be different. Second, we use this new concept to propose an approach for calculating residual services for data flows served under non preemptive service disciplines. Third, we model a binary switch (with two input ports and two output ports), where data is served under wormhole discipline. We present our approach for computing the residual services and deduce the worst case bounds for flows passing through a wormhole binary switch. Finally, we illustrate this approach in numerical examples, and show how to extend it to feedforward networks.
△ Less
Submitted 3 August, 2010; v1 submitted 27 July, 2010;
originally announced July 2010.
