检索结果-内蒙古大学图书馆

APTSHIELD: A Stable, Efficient and Real-Time APT Detection System for linux Hosts

IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING 2023年第6期20卷 5247-5264页

作者： Zhu, Tiantian Yu, Jinkai Xiong, Chunlin Cheng, Wenrui Yuan, Qixuan Ying, Jie Chen, Tieming Zhang, Jiabo Lv, Mingqi Chen, Yan Wang, Ting Fan, Yuan Zhejiang Univ Technol Coll Comp Sci & Technol Hangzhou 310023 Peoples R China Chinese Acad Sci Shenzhen Inst Adv Technol Shenzhen 518052 Peoples R China Northwestern Univ Dept Elect Engn & Comp Sci Evanston IL 60208 USA DAS Secur Hangzhou 310002 Peoples R China

Advanced Persistent Threat (APT) attacks have caused massive financial loss worldwide. Researchers thereby have proposed a series of solutions to detect APT attacks, such as dynamic/static code analysis, traffic detection, sandbox technology, endpoint detection and response (EDR), etc. However, existing defenses are failed to accurately and effectively defend against the current APT attacks that exhibit strong persistent, stealthy, diverse and dynamic characteristics due to the weak data source integrity, large data processing overhead and poor real-time performance in the process of real-world scenarios. To overcome these difficulties, in this paper we propose APTSHIELD, a stable, efficient and real-time APT detection system for linux hosts. In the aspect of data collection, audit is selected to stably collect kernel data of the operating system so as to carry out a complete portrait of the attack based on comprehensive analysis and comparison of existing logging tools;In the aspect of data processing, redundant semantics skipping and non-viable node pruning are adopted to reduce the amount of data, so as to reduce the overhead of the detection system;In the aspect of attack detection, an APT attack detection framework based on ATT&CK model is designed to carry out real-time attack response and alarm through the transfer and aggregation of labels. Experimental results on both laboratory and Darpa Engagement show that our system can effectively detect web vulnerability attacks, file-less attacks and remote access trojan attacks, and has a low false positive rate, which adds far more value than the existing frontier work.

关键词： Real-time systems linux Compaction Soft sensors Semantics Data collection Forensics Advanced persistent threat data collection data compaction real-time detection

来源：评论

学校读者我要写书评

暂无评论

Managing linux servers with LLM-based AI agents: An empirical evaluation with GPT4

引用

MACHINE LEARNING WITH APPLICATIONS 2024年 17卷

作者： Cao, Charles Wang, Feiyi Lindley, Lisa Wang, Zejiang Univ Tennessee Knoxville TN 37996 USA Oak Ridge Natl Lab Oak Ridge TN USA

This paper presents an empirical study on the application of Large Language Model (LLM)-based AI agents for automating server management tasks in linux environments. We aim to evaluate the effectiveness, efficiency, and adaptability of LLM-based AI agents in handling a wide range of server management tasks, and to identify the potential benefits and challenges of employing such agents in real-world scenarios. We present an empirical study where a GPT-based AI agent autonomously executes 150 unique tasks across 9 categories, ranging from file management to editing to program compilations. The agent operates in a Dockerized linux sandbox, interpreting task descriptions and generating appropriate commands or scripts. Our findings reveal the agent's proficiency in executing tasks autonomously and adapting to feedback, demonstrating the potential of LLMs in simplifying complex server management for users with varying technical expertise. This study contributes to the understanding of LLM applications in server management scenarios, and paves the foundation for future research in this domain.

关键词： LLM GPT4 AI agent Server management linux

来源：评论

学校读者我要写书评

暂无评论

Cheshire: A Lightweight, linux-Capable RISC-V Host Platform for Domain-Specific Accelerator Plug-In

引用

IEEE TRANSACTIONS ON CIRCUITS AND SYSTEMS II-EXPRESS BRIEFS 2023年第10期70卷 3777-3781页

作者： Ottaviano, Alessandro Benz, Thomas Scheffler, Paul Benini, Luca Swiss Fed Inst Technol Integrated Syst Lab CH-8092 Zurich Switzerland Univ Bologna Dept Elect Elect & Informat Engn I-40126 Bologna Italy

Power and cost constraints in the Internet-of-Things (IoT) extreme-edge and TinyML domains, coupled with increasing performance requirements, motivate a trend toward heterogeneous architectures. These designs use energy-efficient application-class host processors to coordinate compute-specialized multicore accelerators, amortizing the architectural costs of operating system support and external communication. This brief presents Cheshire, a lightweight and modular 64-bit linux-capable host platform designed for the seamless plug-in of domain-specific accelerators. It features a unique low-pin-count DRAM interface, a last-level cache configurable as scratchpad memory, and a DMA engine enabling efficient data movement to or from accelerators or DRAM. It also provides numerous optional IO peripherals including UART, SPI, I2C, VGA, and GPIOs. Cheshire's synthesizable RTL description, comprising all of its peripherals and its fully digital DRAM interface, is available free and open-source. We implemented and fabricated Cheshire as a silicon demonstrator called Neo in TSMC's 65nm CMOS technology. At 1.2V, Neo achieves clock frequencies of up to 325 MHz while not exceeding 300 mW in total power on data-intensive computational workloads. Its RPC DRAM interface consumes only 250 pJ/B and incurs only 3.5 kGE in area for its PHY while attaining a peak transfer rate of 750 MB/s at 200 MHz.

关键词： RISC-V linux PHYs memory controllers domain-specific architectures heterogeneous computing VLSI

来源：评论

学校读者我要写书评

暂无评论

A practical approach to learning linux vulnerabilities

引用

JOURNAL OF COMPUTER VIROLOGY AND HACKING TECHNIQUES 2023年第3期19卷 409-418页

作者： Karapetyants, Nikolay Efanov, Dmitry Natl Res Nucl Univ MEPhI Moscow Engn Phys Inst Moscow Russia

Operating systems based on the linux kernel are widespread in the microcomputer, mobile, server, and supercomputer market. They have become an integral part of commercial and government information systems in which confidential information, personal data and trade secrets are stored and processed. Thus, the linux kernel is a critical object in such systems, because its compromise leads to the compromise of the entire system or an substantial part of it. In most cases, an attacker compromises the kernel by exploiting vulnerabilities, despite the protection mechanisms built into the kernel. And in order to find and eliminate them, an information security professional must have the appropriate skills. Such skills can only be learned through practice. In this paper, we propose a practice-oriented approach to exploring the variety of linux kernel vulnerabilities in order to acquire the skills to find, analyze and fix them by an information security professional. The proposed approach made it possible to transfer the laboratory practice to online learning during the COVID-19 pandemic.

关键词： linux vulnerability virtualization VirtualBox Vagrant COVID-19 online learning

来源：评论

学校读者我要写书评

暂无评论

A linux-based support for developing real-time applications on heterogeneous platforms with dynamic FPGA reconfiguration

引用

FUTURE GENERATION COMPUTER SYSTEMS-THE INTERNATIONAL JOURNAL OF ESCIENCE 2022年 129卷 125-140页

作者： Pagani, Marco Biondi, Alessandro Marinoni, Mauro Molinari, Lorenzo Lipari, Giuseppe Buttazzo, Giorgio Scuola Super Sant Anna Pisa Italy Univ Lille Cent Lille CNRS UMR 9189 CRIStAL Lille France

Computing platforms for next-generation cyber-physical systems are evolving towards heterogeneous architectures comprising different processing elements and hardware accelerators. In particular, SoC-FPGA platforms, including multiple general-purpose processing cores tightly coupled with an FPGA fabric, represent an attractive solution due to their flexibility, efficiency, and timing predictability. On these platforms, dedicated hardware accelerators implemented on the FPGA fabric can offload computationally intensive activities from general-purpose processing cores. Furthermore, dynamic partial reconfiguration allows virtualizing the FPGA resources by sharing them among multiple hardware accelerators over time. Although very promising, FPGA-based hardware acceleration also introduces new challenges, such as managing and scheduling multiple concurrent acceleration and reconfiguration requests. The FRED framework has been proposed to address these challenges while preserving the predictability required by real-time systems. FRED is based on a device model that matches the capabilities of contemporary SoC-FPGA platforms and comes with an ad-hoc scheduling infrastructure designed to guarantee bounded response times for DPR-enabled accelerated tasks. This paper presents Fred-linux, the reference implementation of the FRED framework for GNU/linux. Fred-linux allows developing rich applications while leveraging predictable FPGA-based hardware acceleration for performing heavy computations. Fred-linux has been developed using the Zynq-7000 and Zynq-UltraScale+ by Xilinx as reference platforms, and it can be easily ported and extended on other platforms thanks to its modular design. (C) 2021 Elsevier B.V. All rights reserved.

关键词： Heterogeneous computing FPGA DPR Real-time linux

来源：评论

学校读者我要写书评

暂无评论

linux Kernel Keyloggers and Information Security 18th

Linux Kernel Keyloggers and Information Security

引用

18th IFIP WG 11.12 International Symposium on Human Aspects of Information Security and Assurance, HAISA 2024

作者： Hassett, Louis Ogwok, Daniel University of Johannesburg Auckland Park Johannesburg2092 South Africa

ISBN: (纸本)9783031725586

This research paper aims to build and explore a linux kernel module capable of logging keystrokes that a user would make on a linux-based system. The module captures credentials which is a process known as keylogging. The kernel of the operating system manages all resources and data, and a breach in this area is a serious information security risk. This paper provides substantial evidence that kernel-level keyloggers are a very serious risk to information security in operating systems and computer systems in general. Such keyloggers can log user information, such as passwords, usernames and other information without much of the user’s knowledge. © IFIP International Federation for Information Processing 2025.

关键词： linux

来源：评论

学校读者我要写书评

暂无评论

Using Ansible Playbooks to Port Non-cloud-Native Applications Across linux Distributions: A Novel Approach

引用

SN Computer Science 2023年第5期4卷 644页

作者： Kumar, Sanjeet Das, Suvrojit Department of CSE NIT Durgapur West Bengal Durgapur India

Porting of software applications is a very old research problem and has led to many unique solutions like POSIX interface specifications. linux distributions have a similar standard named LSB or linux standard base;however, even after decades of its existence, it is very difficult to port an application from one linux distribution to another distribution. Portability is important for a consumer as it enables them to come out of vendor lock-in. linux allows the consumers to test the applications on a free distribution before moving to a distribution with paid subscriptions. Portability of cloud-native applications has been more or less been solved by the container technology;however, the portability of non-cloud-native application still remains an open research problem. This paper provides a solution to the problem of application portability for non-cloud-native application using very popular open-source ansible software. The proposed solution is based on an open-source project called machinery which utilizes ansible for exporting the state of a source linux distribution and applying that state to a target distribution without requiring the source system to be shut down. © 2023, The Author(s), under exclusive licence to Springer Nature Singapore Pte Ltd.

关键词： Ansible Application migration Application portability linux

来源：评论

学校读者我要写书评

暂无评论

ezFS: A Pedagogical linux File System 2025

ezFS: A Pedagogical Linux File System

引用

56th Technical Symposium on Computer Science Education

作者： Nieh, Emma Zhang, Zijian Nieh, Jason Dalton Sch New York NY 10128 USA Columbia Univ New York NY USA

ISBN: (纸本)9798400705328

Hands-on programming experience is crucial for students to learn about operating systems, but implementing key concepts such as file systems is perceived as being too hard to do for a real operating system in an introductory course on operating systems. To overcome these barriers, we introduce ezFS, a linux file system that supports standard file system operations to persistent disk storage, yet is simple enough for students in an introductory operating systems course to implement in a couple weeks. ezFS takes advantage of file system and block storage interfaces in linux that simplify file system implementation, such that its implementation requires only a few hundred lines of C code. We leverage standard file system interfaces to also develop an ezFS grader that can automatically grade ezFS implementations so that it is easy to scale its use for teaching a large course. We have successfully used ezFS as a programming assignment in an introductory operating systems course for hundreds of college students. ezFS significantly enhanced students' understanding of how file systems work in real operating systems, was simpler to implement than even pseudo linux file systems, and was less difficult to complete than other programming assignments typically assigned for the course.

关键词： file systems operating systems computer science education linux

来源：评论

学校读者我要写书评

暂无评论

Impact of Real-Time linux for Industrial Edge AI 5th

Impact of Real-Time Linux for Industrial Edge AI

引用

5th International Conference on Innovative Intelligent Industrial Production and Logistics

作者： Fernandez De Barrena, Telmo Garcia, Ander Franco, Javier Luis Ferrando, Juan Fdn Vicomtech Basque Res & Technol Alliance BRTA Mikeletegi 57 Donostia San Sebastian Spain Univ Deusto Fac Engn Unibertsitate Etorb Bilbao 24006 Spain

ISBN: (纸本)9783031807749;9783031807756

Traditionally hard real-time operating systems (RTOS) were reserved for applications with very restrictive requirements, such as aviation, industrial control or safety, where upper bounds of jitter and latency were guaranteed. However, requirements of Industry 4.0 and Industrial Edge Artificial Intelligence (AI) are different. Nowadays Industrial Edge AI does not control safety critical tasks, it analyses data and applies AI models to optimize industrial processes. Thus, they present soft real-time requirements: the sooner a result is returned the better, but no critical harm for operators or industrial assets is introduced by delays on the results from the AI services. Thus, Industrial Edge AI applications have been usually deployed as software containers or on general purpose Operating Systems (OS). However, latest linux kernel versions include a preemption option to transform general linux distributions into soft RTOS. This paper focuses on the effect of this option for Industrial Edge AI. In order to measure its impact, three different experiments have been defined, where Raspberry Pis (RPis) and a PLC send data using MQTT and OPC UA Pub/Sub, under different sampling frequencies and computational load conditions. Then, Java and Python clients have been deployed on a different RPi running two versions of the linux Kernel, the regular one and the soft real-time one. Finally, latency, jitter and packet loss measures have been taken in several variations of these setups in order to identify the response of each linux Kernel for different use cases. Results of the experiments have been used to generate general guidelines for kernel selection for different use cases.

关键词： Edge AI Industry 4.0 Real-Time linux Preemption

来源：评论

学校读者我要写书评

暂无评论

linux log Dimension Reduction Method based on Recurrent Neural Network 4

Linux log Dimension Reduction Method based on Recurrent Neur...

引用

4th International Symposium on Computer Technology and Information Science, ISCTIS 2024

作者： Yang, Dawei Jiangsu Automation Research Institute Jiangsu China

ISBN: (纸本)9798350354560

In order to solve the problems of high dimension, strong correlation and information redundancy in large-scale log data processing, this paper proposed a linux log dimension reduction method based on recurrent neural network. Aiming at the high-dimensional characteristics and time-series nature of linux system logs, this model uses long short-term memory (LSTM) network as the basic building block to learn the low-dimensional representation of log data and effectively captures the time-series dynamic information. Experimental evaluation shows that the proposed method can significantly reduce the data dimension while retaining important information, which is conducive to subsequent log analysis and anomaly detection tasks. © 2024 IEEE.

关键词： linux

来源：评论

学校读者我要写书评

暂无评论

建议与咨询留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

时间限定

文献类型

馆藏选择

核心期刊

语言

文献类型

帮助

文字说明：

检索规则说明：

检索范例：

分类表

所选分类

限定检索结果

文献类型

馆藏范围

日期分布

学科分类号

主题

机构

作者

语言

请选择保存的检索档案：

请选择收藏分类：

通借通还

建议与咨询 留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

时间限定

文献类型

馆藏选择

核心期刊

语言

文献类型

帮助

文字说明：

检索规则说明：

检索范例：

分类表

所选分类

限定检索结果

文献类型

馆藏范围

日期分布

学科分类号

主题

机构

作者

语言

请选择保存的检索档案： 新增检索档案 确定 取消

请选择收藏分类： 新增自定义分类 确定 取消

通借通还

建议与咨询留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

请选择保存的检索档案：

请选择收藏分类：