Software-defined networking (SDN) has rapidly emerged as a promising new technology for future networks and gained considerable attention from both academia and industry. However, due to the separation between the control plane and the data plane, the SDN controller can easily become the target of denial-of service (DoS) attacks. To mitigate DoS attacks in OpenFlow networks, our solution, MinDoS, contains two key techniques/modules: the simplified DoS detection module and the priority manager. The proposed architecture sends requests into multiple buffer queues with different priorities and then schedules the processing of these flow requests to ensure better controller protection. The results show that MinDoS is effective and adds only minor overhead to the entire SDN/OpenFlow infrastructure.

Spectrum-based fault localization (SFL) is a lightweight approach, which aims at helping debuggers to identity root causes of failures by measuring suspiciousness for each program component being a fault, and generate a hypothetical fault ranking list. Although SFL techniques have been shown to be effective, the fault component in a buggy program cannot always be ranked at the top due to its complex fault triggering models. However, it is extremely difficult to model the complex triggering models for all buggy programs. To solve this issue, we propose two simple fault triggering models (RIPRα and RIPRβ), and a refinement technique to improve fault absolute ranking based on the two fault triggering models, through ruling out some higher ranked components according to its fault triggering model. Intuitively, our approach is effective if a fault component was ranked within top k in the two fault ranking lists outputted by the two fault localization strategies. Experimental results show that our approach can significantly improve the fault absolute ranking in the three cases.

Association rule mining discovers relationships among variables in a data set, representing them as rules. These are expected to often have predictive abilities, that is, to be able to predict future events, but commonly used rule interestingness measures, such as support and confidence, do not directly assess their predictive power. This paper proposes a cross-validation -based metric that quantifies the predictive power of such rules for characterizing software defects. The results of evaluation this metric experimentally using four open-source data sets (Mylyn, NetBeans, Apache Ant and jEdit) show that it can improve rule prioritization performance over conventional metrics (support, confidence and odds ratio) by 72.8% for Mylyn, 15.0% for NetBeans, 10.5% for Apache Ant and 0 for jEdit in terms of SumNormPre(100) precision criterion. This suggests that the proposed metric can provide better rule prioritization performance than conventional metrics and can at least provide similar performance even in the worst case.

Many software development teams usually tend to focus on maintenance activities in general. Recently, many studies on bug severity prediction have been proposed to help a bug reporter determine severity. But they do not consider the reporter's expression of emotion appearing in the bug report when they predict the bug severity level. In this paper, we propose a novel approach to severity prediction for reported bugs by using emotion similarity. First, we do not only compute an emotion-word probability vector by using smoothed unigram model (UM), but we also use the new bug report to find similar-emotion bug reports with Kullback-Leibler divergence (KL-divergence). Then, we introduce a new algorithm, Emotion Similarity (ES)-Multinomial, which modifies the original Naïve Bayes Multinomial algorithm. We train the model with emotion bug reports by using ES-Multinomial. Finally, we can predict the bug severity level in the new bug report. To compare the performance in bug severity prediction, we select related studies including Emotion Words-based Dictionary (EWD)-Multinomial, Naïve Bayes Multinomial, and another study as baseline approaches in open source projects (e.g., Eclipse, GNU, JBoss, Mozilla, and WireShark). The results show that our approach outperforms the baselines, and can reflect reporters' emotional expressions during the bug reporting.

During the execution of software, tremendous amounts of data can be recorded. By exploiting the execution data, one can discover behavioral models to describe the actual software execution. As a well-known open-source process mining toolkit, ProM integrates quantities of process mining techniques and enjoys a variety of applications in a broad range of areas. How to develop a better ProM software, both from user experience and software performance perspective, are of vital importance. To achieve this goal, we need to investigate the real execution behavior of ProM which can provide useful insights on its usage and how it responds to user operations. This paper aims to propose an effective approach to solve this problem. To this end, we first instrument existing ProM framework to capture execution logs without changing its architecture. Then a two-layered framework is introduced to support accurate ProM behavior discovery by characterizing both user interaction behavior and plug-in calling behavior separately. Next, detailed discovery techniques to obtain user interaction behavior model and plug-in calling behavior model are proposed. All proposed approaches have been implemented.

Software-defined networking (SDN) is recognized as the next-generation networking paradigm. The software-defined architecture for underwater acoustic sensor networks (SDUASNs) has become a hot topic. However, the current researches on SDUASNs is still in its infancy, which mainly focuses on network architecture, data transmission and routing. There exists some shortcomings that the scale of the SDUASNs is difficult to expand, and the security maintenance is seldom dabble. Therefore, a scalable software-definition architecture for underwater acoustic sensor networks (SSDUASNs) is introduced in this paper. It realizes an organic combination of the knowledge level, control level, and data level. The new nodes can easily access the network, which could be conducive to large-scale deployment. Then, the basic security authentication mechanism called BSAM is designed based on our architecture. In order to reflect the advantages of flexible and programmable in SSDUASNs, security authentication mechanism with pre-push (SAM-PP) is proposed in the further. In the current UASNs, nodes authentication protocol is inefficient as high consumption and long delay. In addition, it is difficult to adapt to the dynamic environment. The two mechanisms can effectively solve these problems. Compared to some existing schemes, BSAM and SAM-PP can effectively distinguish between legal nodes and malicious nodes, save the storage space of nodes greatly, and improve the efficiency of network operation. Moreover, SAM-PP has a further advantage in reducing the authentication delay.

An important step for improving software analyzability is applying refactorings during the maintenance phase to remove bad smells, especially the long method bad smell. Long method bad smell occurs most frequently and is a root cause of other bad smells. However, no research has proposed an approach to repeating refactoring identification, suggestion, and application until all long method bad smells have been removed completely without reducing software analyzability. This paper proposes an effective approach to identifying refactoring opportunities and suggesting an effective refactoring set for complete removal of long method bad smell without reducing code analyzability. This approach, called the long method remover or LMR, uses refactoring enabling conditions based on program analysis and code metrics to identify four refactoring techniques and uses a technique embedded in JDeodorant to identify extract method. For effective refactoring set suggestion, LMR uses two criteria: code analyzability level and the number of statements impacted by the refactorings. LMR also uses side effect analysis to ensure behavior preservation. To evaluate LMR, we apply it to the core package of a real world java application. Our evaluation criteria are 1) the preservation of code functionality, 2) the removal rate of long method characteristics, and 3) the improvement on analyzability. The result showed that the methods that apply suggested refactoring sets can completely remove long method bad smell, still have behavior preservation, and have not decreased analyzability. It is concluded that LMR meets the objectives in almost all classes. We also discussed the issues we found during evaluation as lesson learned.

We present a modular way of implementing adaptive decisions in performing scientific simulations. The proposed method employs modern software engineering mechanisms to allow for better software management in scientific computing, where software adaptation has often been implemented manually by the programmer or by using in-house tools, which complicates software management over time. By applying the aspect-oriented programming (AOP) paradigm, we consider software adaptation as a separate concern and, using popular AOP constructs, implement adaptive decision separately from the original code base, thereby improving software management. We demonstrate the effectiveness of our approach with applications to stochastic simulation software.

By focusing on the recent swing to the centralized approach by the software defined network (SDN), this paper presents a novel network architecture for refactoring the current distributed Internet protocol (IP) by not only utilizing the SDN itself but also implementing its cooperation with the optical transport layer. The first IP refactoring is for flexible network topology reconfiguration: the global routing and explicit routing functions are transferred from the distributed routers to the centralized SDN. The second IP refactoring is for cost-efficient maintenance migration: we introduce a resource portable IP router that can behave as a shared backup router by cooperating with the optical transport path switching. Extensive evaluations show that our architecture makes the current IP network easier to configure and more scalable. We also validate the feasibility of our proposal.

In this paper, we posit that, in future mobile network, network softwarization will be prevalent, and it becomes important to utilize deep machine learning within network to classify mobile traffic into fine grained slices, by identifying application types and devices so that we can apply Quality-of-Service (QoS) control, mobile edge/multi-access computing, and various network function per application and per device. This paper reports our initial attempt to apply deep machine learning for identifying application types from actual mobile network traffic captured from an MVNO, mobile virtual network operator and to design the system for classifying it to application specific slices.

Distributed Reflective Denial of Services (DRDoS) attacks have gained huge popularity and become a major factor in a number of massive cyber-attacks. Usually, the attackers launch this kind of attack with small volume of requests to generate a large volume of attack traffic aiming at the victim by using IP spoofing from legitimate hosts. There have been several approaches, such as static threshold based approach and confirmation-based approach, focusing on DRDoS attack detection at victim's side. However, these approaches have significant disadvantages: (1) they are only passive defences after the attack and (2) it is hard to trace back the attackers. To address this problem, considerable attention has been paid to the study of detecting DRDoS attack at source side. Because the existing proposals following this direction are supposed to be ineffective to deal with small volume of attack traffic, there is still a room for improvement. In this paper, we propose a novel method to detect DRDoS attack request traffic on SDN(Software Defined Network)-enabled gateways in the source side of attack traffic. Our method adjusts the sampling rate and provides a traffic-aware adaptive threshold along with the margin based on analysing observed traffic behind gateways. Experimental results show that the proposed method is a promising solution to detect DRDoS attack request in the source side.

Distributed control plane architecture has been employed in software-defined data center networks to improve the scalability of control plane. However, since the flow space is partitioned by assigning switches to different controllers, the network topology is also partitioned and the rule setup process has to invoke multiple controllers. Besides, the control load balancing based on switch migration is heavyweight. In this paper, we propose a lightweight load partition method which decouples the flow space from the network topology. The flow space is partitioned with hosts rather than switches as carriers, which supports fine-grained and lightweight load balancing. Moreover, the switches are no longer needed to be assigned to different controllers and we keep all of them controlled by each controller, thus each flow request can be processed by exactly one controller in a centralized style. Evaluations show that our scheme reduces rule setup costs and achieves lightweight load balancing.

This paper proposes a method to extract and visualize a library update history in a project. The method identifies reused library versions by comparing source code in a product with existing versions of the library so that developers can understand when their own copy of a library has been copied, modified, and updated.

Understanding which refactoring transformations were performed is in demand in modern software constructions. Traditionally, many researchers have been tackling understanding code changes with history data derived from version control systems. In those studies, problems of the traditional approach are pointed out, such as entanglement of multiple changes. To alleviate the problems, operation histories on IDEs' code editors are available as a new source of software evolution data nowadays. By replaying such histories, we can investigate past code changes in a fine-grained level. However, the prior studies did not provide enough evidence of their effectiveness for detecting refactoring transformations. This paper describes an experiment in which participants detect refactoring transformations performed by other participants after investigating the code changes with an operation-replay tool and diff tools. The results show that both approaches have their respective factors that pose misunderstanding and overlooking of refactoring transformations. Two negative factors on divided operations and generated compound operations were observed in the operation-based approach, whereas all the negative factors resulted from three problems on tangling, shadowing, and out-of-order of code changes in the difference-based approach. This paper also shows seven concrete examples of participants' mistakes in both approaches. These findings give us hints for improving existing tools for understanding code changes and detecting refactoring transformations.

The centralized controller of SDN enables a global topology view of the underlying network. It is possible for the SDN controller to achieve globally optimized resource composition and utilization, including optimized end-to-end paths. Currently, resource composition in SDN arena is usually conducted in an imperative manner where composition logics are explicitly specified in high level programming languages. It requires strong programming and OpenFlow backgrounds. This paper proposes declarative path composition, namely Compass, which offers a human-friendly user interface similar to natural language. Borrowing methodologies from Semantic Web, Compass models and stores SDN resources using OWL and RDF, respectively, to foster the virtualized and unified management of the network resources regardless of the concrete controller platform. Besides, path composition is conducted in a declarative manner where the user merely specifies the composition goal in the SPARQL query language instead of explicitly specifying concrete composition details in programming languages. Composed paths are also reused based on similarity matching, to reduce the chance of time-consuming path composition. The experiment results reflect the applicability of Compass in path composition and reuse.

System scenarios that derived from system design specification play an important role in the reliability engineering of component-based software systems. Several scenario-based approaches have been proposed to predict the reliability of a system at the design time, most of them adopt flat construction of scenarios, which doesn't conform to software design specifications and is subject to introduce state space explosion problem in the large systems. This paper identifies various challenges related to scenario modeling at the early design stages based on software architecture specification. A novel scenario-based reliability modeling and prediction approach is introduced. The approach adopts hierarchical scenario specification to model software reliability to avoid state space explosion and reduce computational complexity. Finally, the evaluation experiment shows the potential of the approach.

Many text entry methods are available in the use of touch interface devices when using a screen reader, and blind smartphone users and their supporters are eager to know which one is the easiest to learn and the fastest. Thus, we compared the text entry speeds and error counts for four combinations of software keyboards and character-selecting gestures over a period of five days. The split-tap gesture on the Japanese numeric keypad was found to be the fastest across the five days even though this text entry method produced the most errors. The two entry methods on the QWERTY keyboard were slower than the two entry methods on the numeric keypad. This difference in text entry speed was explained by the differences in key pointing and tapping times and their repitition numbers among different methods.

To efficiently use network resources, internet service providers need to conduct traffic engineering that dynamically controls traffic routes to accommodate traffic change with limited network resources. The performance of traffic engineering (TE) depends on the accuracy of traffic prediction. However, the size of traffic change has been drastically increasing in recent years due to the growth in various types of network services, which has made traffic prediction difficult. Our approach to tackle this issue is to separate traffic into predictable and unpredictable parts and to apply different control policies. However, there are two challenges to achieving this: dynamically separating traffic according to predictability and dynamically controlling routes for each separated traffic part. In this paper, we propose a macroflow-based TE scheme that uses different routing policies in accordance with traffic predictability. We also propose a traffic-separation algorithm based on real-time traffic analysis and a framework for controlling separated traffic with software-defined networking technology, particularly OpenFlow. An evaluation of actual traffic measured in an Internet2 network shows that compared with current TE schemes the proposed scheme can reduce the maximum link load by 34% (at the most congested time) and the average link load by an average of 11%.

In recent years, software-defined networking (SDN), which performs centralized network management with software, has attracted much attention. Although packets are transmitted based on flow entries in SDN switches, the number of flow entries that the SDN switches can handle is limited. To overcome this difficulty, this paper proposes a flow-based routing method that performs flexible routing control with a small number of flow entries. The proposed method provides mixed integer programming. It assigns common paths to flows that can be aggregated at intermediate switches, while considering the utilization of network links. Because it is difficult for mixed integer programming to compute large-scale problems, the proposed method also provides a heuristic algorithm for them. Through numerical experiments, this paper shows that the proposed method efficiently reduces both the number of flow entries and the loads of congested links.

Today's enterprise, data-center, and internet-service-provider networks deploy different types of network devices, including switches, routers, and middleboxes such as network address translation and firewalls. These devices are vertically integrated monolithic systems. Software-defined networking (SDN) and network function virtualization (NFV) are promising technologies for dis-aggregating vertically integrated systems into components by using “softwarization”. Software-defined networking separates the control plane from the data plane of switch and router, while NFV decouples high-layer service functions (SFs) or Network Functions (NFs) implemented in the data plane of a middlebox and enables the innovation of policy implementation by using SF chaining. Even though there have been several survey studies in this area, this area is continuing to grow rapidly. In this paper, we present a recent survey of this area. In particular, we survey research activities in the areas of re-architecting middleboxes, state management, high-performance platforms, service chaining, resource management, and trouble shooting. Efforts in these research areas will enable the development of future virtual-network-function platforms and innovation in service management while maintaining acceptable capital and operational expenditure.