Abstract: A field emission assembly and an electromagnetic wave generator are provided, the field emission assembly includes a linear emitter which includes carbon nanotube (CNT) fibers and emits electrons and a holder configured to fix the emitter, both ends of the emitter are fixed to the holder, and the emitter includes at least one of a curved portion so as to form a peak in an electron emission direction and a bent portion so as to form a peak in the electron emission direction.

Abstract: A taint report represents a taint flow from a source value at a source program point to a sink value at a sink program point. Candidate watchpoints that correspond to taint-like values similar to the source value may be inferred from an execution trace. Different subsets of candidate watchpoints represent solutions to the problem of determining an optimal subset of watchpoints contributing to a taint flow. Using a hill-climbing heuristic, incremental improvements are efficiently applied to a solution until no more improvements are found. An objective function may determine whether one solution improves another solution. The objective function may be based on validity, understandability, and performance. Validity favors candidate watchpoints that reduce the edit distance between the source and sink values. Understandability favors candidate watchpoints included in a call chain from the source program point to the sink program point. Performance favors small subsets of candidate watchpoints.

Abstract: A method for detecting a deserialization attack may include identifying, in a byte stream, a class name corresponding to a class, generating, for the class, a feature vector, generating, by applying a benign deserialization model to the feature vector, a benign probability window, generating, by applying a malicious deserialization model to the feature vector, a malicious probability window, comparing the benign probability window and the malicious probability window to obtain a comparison result, and determining, based on the comparison result, that the class is malicious.

Abstract: A method for detecting malicious code may include generating, from deserialization examples, a finite automaton including states. The states may include labeled states corresponding to the deserialization examples. A state may correspond to a path from a start state to the state. The method may further include while traversing the states, generating a state mapping including, for the state, a tracked subset of the states, determining that the path corresponds to a path type, inferring, using the path type and the state mapping, a regular expression for the state, and determining, for a new deserialization example and using the regular expression, a polarity indicating whether it is safe to deserialize the new deserialization example.

Abstract: A method for modifying a call graph may include identifying, in source code, a first call site including a first predicate and a call from a first function to a second function. The first call site may correspond to a first edge of the call graph. The first edge may connect a first node corresponding to the first function and a second node corresponding to the second function. The method may further include modifying the call graph by labelling the first edge with a first encoding of the first predicate, and identifying, in the source code, a second call site including a second predicate and a call from a third function to the first function. The method may further include in response to determining that the first predicate is unsatisfied, modifying the call graph by labelling the second edge with a second encoding of a violation of the first predicate.

Abstract: A taint report represents a taint flow from a source value at a source program point to a sink value at a sink program point. Candidate watchpoints that correspond to taint-like values similar to the source value may be inferred from an execution trace. Different subsets of candidate watchpoints represent solutions to the problem of determining an optimal subset of watchpoints contributing to a taint flow. Using a hill-climbing heuristic, incremental improvements are efficiently applied to a solution until no more improvements are found. An objective function may determine whether one solution improves another solution. The objective function may be based on validity, understandability, and performance. Validity favors candidate watchpoints that reduce the edit distance between the source and sink values. Understandability favors candidate watchpoints included in a call chain from the source program point to the sink program point. Performance favors small subsets of candidate watchpoints.

Abstract: A method for modifying a call graph may include identifying, in source code, a first call site including a first predicate and a call from a first function to a second function. The first call site may correspond to a first edge of the call graph. The first edge may connect a first node corresponding to the first function and a second node corresponding to the second function. The method may further include modifying the call graph by labelling the first edge with a first encoding of the first predicate, and identifying, in the source code, a second call site including a second predicate and a call from a third function to the first function. The method may further include in response to determining that the first predicate is unsatisfied, modifying the call graph by labelling the second edge with a second encoding of a violation of the first predicate.

Abstract: A method for analyzing a software library may include obtaining the software library, identifying a candidate security-sensitive entity in the software library, and generating a control flow graph that includes execution paths. Each execution path may include a public entry node corresponding to a public entry and a candidate security-sensitive entity node corresponding to the candidate security-sensitive entity. The public entry is a point where an application program external to the software library may access the software library. The method may further include determining whether each execution path in the control flow graph includes a permission check node between the respective public entry node and the candidate security-sensitive entity node in the respective execution path. Each permission check node may correspond to a permission check in the software library.

Abstract: A method for analyzing a software library may include obtaining the software library, identifying a candidate security-sensitive entity in the software library, and generating a control flow graph that includes execution paths. Each execution path may include a public entry node corresponding to a public entry and a candidate security-sensitive entity node corresponding to the candidate security-sensitive entity. The public entry is a point where an application program external to the software library may access the software library. The method may further include determining whether each execution path in the control flow graph includes a permission check node between the respective public entry node and the candidate security-sensitive entity node in the respective execution path. Each permission check node may correspond to a permission check in the software library.

Abstract: An electronic device is provided. The electronic device includes a processor and a memory electrically connected to the processor. The memory stores a super-clustered common acoustic data set and instructions to allow the processor to acquire at least one text, select information associated with a speech into which the acquired text is transformed, when the selected information is first information, select at least one of first paths, load elements of the super-clustered common acoustic data set based on the selected first paths, and generate a first acoustic signal based on the elements of the super-clustered common acoustic data set, and when the selected information is second information, select at least one of second paths, load elements of the super-clustered common acoustic data set based on the at least one second path, and generate a second acoustic signal based on the elements of the super-clustered common acoustic data set.