检索结果-内蒙古大学图书馆

Memory access integrity:detecting fine-grained memory access errors in binary code

Cybersecurity 2019年第1期2卷 286-303页

作者： Wenjie Li Dongpeng Xu WeiWu Xiaorui Gong Xiaobo Xiang Yan Wang Fangming gu Qianxiang Zeng School of Cyber Security University of Chinese Academy of SciencesBeijingChina University of New Hampshire BeijingChina Key Laboratory of Network Assessment Technology CASBeijingChina Beijing Key Laboratory of Network Security and Protection Technology BeijingChina Institute of Information Engineering Chinese Academy of SciencesBeijingChina

As one of the most notorious programming errors,memory access errors still hurt modern software ***,they are hidden deeply in important software systems written in memory unsafe languages like C/C++.Plenty of work have been proposed to detect bugs leading to memory access ***,all existing works lack the ability to handle two ***,they are not able to tackle fine-grained memory access errors,e.g.,data overflow inside one data *** errors are usually overlooked for a long time since they happen inside one memory block and do not lead to program ***,most existing works rely on source code or debugging information to recover memory boundary information,so they cannot be directly applied to detection of memory access errors in binary ***,searching memory access errors in binary code is a very common scenario in software vulnerability detection and *** order to overcome these challenges,we propose Memory Access Integrity(MAI),a dynamic method to detect finegrained memory access errors in off-the-shelf binary *** core idea is to recover fine-grained accessing policy between memory access behaviors and memory ranges,and then detect memory access errors based on the *** key insight in our work is that memory accessing patterns reveal information for recovering the boundary of memory objects and the accessing *** on these recovered information,our method maintains a new memory model to simulate the life cycle of memory objects and report errors when any accessing policy is *** evaluate our tool on popular CTF datasets and real world *** with the state of the art detection tool,the evaluation result demonstrates that our tool can detect fine-grained memory access errors effectively and *** the practical impact,our tool has detected three 0-day memory access errors in an audio decoder.

关键词： Binary analysis Fine-grained Memory access error Detection

来源：评论

学校读者我要写书评

暂无评论

Ciphertext-Policy Attribute Based Encryption Supporting Any Monotone Access Structures Without Escrow

引用

Chinese Journal of Electronics 2017年第3期26卷 640-646页

作者： ZHAO Qianqian ZHANG Yuqing ZHANG Guanghua WANG He State Key Laboratory of Integrated Services Networks Xidian University National Computer Network Intrusion Protection Center University of Chinese Academy of Sciences Beijing Key Laboratory of IOT Information Security Technology Institute of Information Engineering CAS

Ciphertext policy attribute-based encryption(CP-ABE)is becoming a new primitive for finegrained access *** neither produces multiple encrypted copies of the same data nor suffers from the severe burden of key distribution and *** escrow problem that the central authority could decrypt any ciphertexts addressed to all the specific users is still a challenge for CP-ABE *** new CP-ABE scheme without escrow is proposed,and furthermore the proposed scheme achieves fully security in the standard *** performance and security analysis results indicate that the proposed CP-ABE scheme is extremely appropriate for cloud storage system.

关键词： CP-ABE The escrow problem Fully security In the standard model

来源：评论

学校读者我要写书评

暂无评论

Fairness-Guaranteed Joint Access Control, 3-D UAV Trajectory Planning, and Task Scheduling in AGINs

引用

IEEE Transactions on Vehicular technology 2025年

作者： Du, Jianbo Yan, Haobo Sun, Aijing Wang, Chong Gao, Yuan Liu, Zhiquan Chu, Xiaoli Xi'an University of Posts and Telecommunications Shaanxi Key Laboratory of Information Communication Network and Security School of Communications and Information Engineering Xi'an 710121 China Chinese Academy of Sciences Key Laboratory of Space Utilization Beijing 100094 China Chinese Academy of Sciences Technology and Engineering Center for Space Utilization Beijing 100094 China Shanghai University School of Communication and Information Engineering Shanghai China Jinan University College of Cyber Security Guangzhou 510632 China The University of Sheffield Department of Electronic and Electrical Engineering Sheffield S1 3JD United Kingdom

The integration of Multi-access Edge Computing (MEC) with Air-Ground Integrated networks (AGINs) enhances communication coverage and computational capabilities, especially for supporting critical tasks such as emergency responses and environmental monitoring. In this paper, we develop an MEC-enabled AGIN architecture to serve Internet-of-Things devices. Our objective is to minimize the total energy consumption of IoTDs and unmanned aerial vehicle (UAV) and the number of dropped tasks, while maximizing the fairness index through refined access control, UAV trajectory planning, and task scheduling. Given the complexity of the optimization problem, we reformulate the problem as a Markov decision process and define the state space, the action space, the immediate reward, and the state transfer. Considering the inclusion of discrete variables, we solve the problem by devising a novel Multi-Agent Deep Deterministic Policy Gradient (MADDPG) based algorithm, where the continuous action outputs of MADDPG are discretized to satisfy the coupling constraints between variables. The simulation results indicate that our algorithm outperforms baseline algorithms in both convergence speed and system energy consumption. Additionally, it demonstrates exceptional stability and robustness, leading to a substantial improvement in overall system performance. © 1967-2012 IEEE.

关键词： Air-ground Integrated networks deep reinforcement learning multi-access edge computing UAV path planning

来源：评论

学校读者我要写书评

暂无评论

Deeply Understanding Graph-Based Sybil Detection Techniques via Empirical Analysis on Graph Processing

引用

China Communications 2020年第10期17卷 82-96页

作者： Jian Mao Xiang Li Qixiao Lin Zhenyu Guan Laboratory of Aerospace Network Security Ministry of Industry and Information TechnologySchool of Cyber Science and TechnologyBeihang UniversityBeijing 100191China Shanghai Key Laboratory of Integrated Administration Technologies for Information Security Shanghai 200240China Key Laboratory of Aerospace Network Security Ministry of Industry and Information TechnologyBeihang UniversityBeijing 100191China

Sybil attacks are one of the most prominent security problems of trust mechanisms in a distributed network with a large number of highly dynamic and heterogeneous devices,which expose serious threat to edge computing based distributed *** Sybil detection approaches extract social structures from target distributed systems,refine the graph via preprocessing methods and capture Sybil nodes based on the specific properties of the refined graph *** preprocessing is a critical component in such Sybil detection methods,and intuitively,the processing methods will affect the detection *** understanding the dependency on the graph-processing methods is very important to develop and deploy Sybil detection *** this paper,we design experiments and conduct systematic analysis on graph-based Sybil detection with respect to different graph preprocessing methods on selected network *** experiment results disclose the sensitivity caused by different graph transformations on accuracy and robustness of Sybil detection methods.

关键词： Sybil attack graph preprocessing Edge computing trust model

来源：评论

学校读者我要写书评

暂无评论

Packet： a privacy-aware access control policy composition method for services composition in cloud environments

引用

Frontiers of Computer Science 2016年第6期10卷 1142-1157页

作者： Li LIN Jian HU Jianbiao ZHANG College of Computer Science Beijing University of Technology Beijing 100124 China Beijing Key Laboratory of Trusted Computing Beijing 100124 China National Engineering Laboratory for Classified Information Security Protection Beijing 100124 China

Combining different independent cloud services must coordinate their access control policies. Otherwise unauthorized access to composite cloud service can occur when there＇s a conflict among different cloud service providers＇ access control policies, and then it will bring serious data security and privacy issues. In this paper, we propose Packet, a novel access control policy composition method that can detect and resolve policy conflicts in cloud service composition, including those conflicts related to privacyaware purposes and conditions. The Packet method is divided into four steps. First, employing a unified description, heterogeneous policies are transformed into a unified attributebased format. Second, to improve the conflict detection ef- ficiency, policy conflicts on the same resource can be eliminated by adopting cosine similarity-based algorithm. Third, exploiting a hierarchical structure approach, policy conflicts related to different resources or privacy-aware purposes and conditions can be detected. Fourth, different conflict resolution techniques are presented based on the corresponding conflict types. We have successfully implemented the Packet method in Openstack platform. Comprehensive experiments have been conducted, which demonstrate the effectiveness of the proposed method by the comparison with the existing XACML-based system at conflict detection and resolution performance.

关键词： cloud service composition access control privacy policy composition unified policy format conflict detection similarity analysis conflict resolution

来源：评论

学校读者我要写书评

暂无评论

From proof-of-concept to exploitable

引用

Cybersecurity 2019年第1期2卷 189-213页

作者： Yan Wang WeiWu Chao Zhang Xinyu Xing Xiaorui Gong Wei Zou School of Cyber Security University of Chinese Academy of SciencesBeijingChina Institute for Network Sciences and Cyberspace Tsinghua UniversityBeijingChina College of Information Sciences and Technology Pennsylvania State UniversityUniversity ParkUnited States Institute of Information Engineering Chinese Academy of SciencesBeijingChina Key Laboratory of Network Assessment Technology CASBeijingChina Beijing Key Laboratory of Network Security and Protection Technology BeijingChina

Exploitability assessment of vulnerabilities is important for both defenders and *** ultimate way to assess the exploitability is crafting a working ***,it usually takes tremendous hours and significant manual *** address this issue,automated techniques can be *** solutions usually explore in depth the crashing paths,i.e.,paths taken by proof-of-concept(PoC)inputs triggering vulnerabilities,and assess exploitability by finding exploitable states along the ***,exploitable states do not always exist in crashing ***,existing solutions heavily rely on symbolic execution and are not scalable in path exploration and exploit *** this paper,we propose a novel solution to generate exploit for userspace programs or facilitate the process of crafting a kernel UAF ***,we utilize oriented fuzzing to explore diverging paths from vulnerability *** userspace programs,we adopt a control-flow stitching solution to stitch crashing paths and diverging paths together to generate *** kernel UAF,we leverage a lightweight symbolic execution to identify,analyze and evaluate the system calls valuable and useful for exploiting *** have developed a prototype system and evaluated it on a set of 19 CTF(capture the flag)programs and 15 realworld Linux kernel UAF *** results showed it could generate exploit for most of the userspace test set,and it could also facilitate security mitigation bypassing and exploitability evaluation for kernel test set.

关键词： Exploit Vulnerability Taint analysis Fuzzing Symbolic execution

来源：评论

学校读者我要写书评

暂无评论

Aggregation-based dual heterogeneous task allocation in spatial crowdsourcing

引用

Frontiers of Computer Science 2024年第6期18卷 215-227页

作者： Xiaochuan LIN Kaimin WEI Zhetao LI Jinpeng CHEN Tingrui PEI College of Information Science and Technology&Cyberspace Security Jinan UniversityGuangzhou 510632China National&Local Joint Engineering Research Center of Network Security Detection and Protection Technology Guangzhou 510632China Guangdong Provincial Key Laboratory of Data Security and Privacy Protection Guangzhou 510632China School of Computer Science Beijing University of Posts and TelecommunicationsBeijing 100876China

Spatial crowdsourcing(SC)is a popular data collection paradigm for numerous *** the increment of tasks and workers in SC,heterogeneity becomes an unavoidable difficulty in task *** researches only focus on the single-heterogeneous task ***,a variety of heterogeneous objects coexist in real-world SC *** dramatically expands the space for searching the optimal task allocation solution,affecting the quality and efficiency of data *** this paper,an aggregation-based dual heterogeneous task allocation algorithm is put *** investigates the impact of dual heterogeneous on the task allocation problem and seeks to maximize the quality of task completion and minimize the average travel *** problem is first proved to be ***,a task aggregation method based on locations and requirements is built to reduce task ***,a time-constrained shortest path planning is also developed to shorten the travel distance in a *** that,two evolutionary task allocation schemes are ***,extensive experiments are conducted based on real-world datasets in various *** with baseline algorithms,our proposed schemes enhance the quality of task completion by up to 25% and utilize 34% less average travel distance.

关键词： task allocation aggregation shortest path dual heterogeneous spatial crowdsourcing

来源：评论

学校读者我要写书评

暂无评论

Cloud Platform Based Automated security Testing System for Mobile Internet

引用

Tsinghua Science and technology 2015年第6期20卷 537-544页

作者： Dan Tao Zhaowen Lin Cheng Lu the School of Electronic and Information Engineering Beijing Jiaotong University Jiangsu High Technology Research Key Laboratory for Wireless Sensor Networks Network and Information Center Institute of Network TechnologyScience and Technology on Information Transmission and Dissemination in Communication Networks LaboratoryNational Engineering Laboratory for Mobile Network SecurityBeijing University of Posts and Telecommunications

With respect to security, the use of various terminals in the mobile Internet environment is *** terminal testing methods cannot simulate actual testing environments; thus, the test results do not accurately reflect the security of terminals. To address this problem, we designed and developed a cloud platform based automated testing system for the mobile Internet. In this system, virtualization and automation technology are utilized to integrate mobile terminals into the cloud platform as a resource, to achieve a novel cloud service called Testing as a Service(Taa S). The system consists of three functional modules: web front-end module, testing environment module, and automated testing module. We adopted the permeable automated testing tool Metasploit to perform security testing. In our test experiments, we selected 100 apps with diverse vulnerability levels, ranging from secure to vulnerable, to perform a series of functional tests. The experimental results show that this system can correctly test both the number of vulnerable apps and their corresponding vulnerability levels. As such, the designed system can flexibly configure various testing environments for different testing cases or projects, and thereby perform security testing automatically.

关键词： automated security testing cloud platform virtuali

来源：评论

学校读者我要写书评

暂无评论

Focus on Local: Finding Reliable Discriminative Regions for Visual Place Recognition

arXiv

引用

arXiv 2025年

作者： Wang, Changwei Chen, Shunpeng Song, Yukun Xu, Rongtao Zhang, Zherui Zhang, Jiguang Yang, Haoran Zhang, Yu Fu, Kexue Du, Shide Xu, Zhiwei Gao, Longxiang Guo, Li Xu, Shibiao Key Laboratory of Computing Power Network and Information Security Ministry of Education Shandong Computer Science Center Qilu University of Technology Shandong Academy of Sciences China School of Artificial Intelligence Beijing University of Posts and Telecommunications China Shandong Provincial Key Laboratory of Computing Power Internet and Service Computing Shandong Fundamental Research Center for Computer Science China MAIS Institute of Automation Chinese Academy of Sciences China Tongji University China College of Computer and Data Science Fuzhou University China Shandong University China

Visual Place Recognition (VPR) is aimed at predicting the location of a query image by referencing a database of geotagged images. For VPR task, often fewer discriminative local regions in an image produce important effects while mundane background regions do not contribute or even cause perceptual aliasing because of easy overlap. However, existing methods lack precisely modeling and full exploitation of these discriminative regions. In this paper, we propose the Focus on Local (FoL) approach to stimulate the performance of image retrieval and re-ranking in VPR simultaneously by mining and exploiting reliable discriminative local regions in images and introducing pseudo-correlation supervision. First, we design two losses, Extraction-Aggregation Spatial Alignment Loss (SAL) and Foreground-Background Contrast Enhancement Loss (CEL), to explicitly model reliable discriminative local regions and use them to guide the generation of global representations and efficient re-ranking. Second, we introduce a weakly-supervised local feature training strategy based on pseudo-correspondences obtained from aggregating global features to alleviate the lack of local correspondences ground truth for the VPR task. Third, we suggest an efficient re-ranking pipeline that is efficiently and precisely based on discriminative region guidance. Finally, experimental results show that our FoL achieves the state-of-the-art on multiple VPR benchmarks in both image retrieval and re-ranking stages and also significantly outperforms existing two-stage VPR methods in terms of computational efficiency. Copyright © 2025, The Authors. All rights reserved.

关键词： Photointerpretation

来源：评论

学校读者我要写书评

暂无评论

Quantum broadcast communication with authentication

引用

Chinese Physics B 2010年第7期19卷 63-67页

作者：杨宇光王叶红温巧燕 College of Computer Science and Technology Beijing University of Technology State Key Laboratory of Information Security (Graduate University of Chinese Academy of Sciences) State Key Laboratory of Integrated Services Network Xidian University State Key Laboratory of Networking and Switching Technology Beijing University of Posts and Telecommunications

Two simple quantum broadcast communication schemes are proposed. A central party can broadcast his secret message to all the legitimate receivers simultaneously. Compared with the three schemes proposed recently （Wang et al. 2007 Chin. Phys. 16 1868）, the proposed schemes have the advantages of consuming fewer quantum and classical resources, lessening the difficulty and intensity of necessary operations, and having higher efficiency.

关键词： quantum broadcast communication authentication quantum secure direct communication

来源：评论

学校读者我要写书评

暂无评论

建议与咨询留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

时间限定

文献类型

馆藏选择

核心期刊

语言

文献类型

帮助

文字说明：

检索规则说明：

检索范例：

分类表

所选分类

限定检索结果

文献类型

馆藏范围

日期分布

学科分类号

主题

机构

作者

语言

请选择保存的检索档案：

请选择收藏分类：

通借通还

建议与咨询 留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

时间限定

文献类型

馆藏选择

核心期刊

语言

文献类型

帮助

文字说明：

检索规则说明：

检索范例：

分类表

所选分类

限定检索结果

文献类型

馆藏范围

日期分布

学科分类号

主题

机构

作者

语言

请选择保存的检索档案： 新增检索档案 确定 取消

请选择收藏分类： 新增自定义分类 确定 取消

通借通还

建议与咨询留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

请选择保存的检索档案：

请选择收藏分类：