检索结果-内蒙古大学图书馆

Proceedings of the 33rd USENIX Conference on Security Symposium

作者： Siyue Feng Yueming Wu Wenjie Xue Sikui Pan Deqing Zou Yang Liu Hai Jin National Engineering Research Center for Big Data Technology and System Services Computing Technology and System Lab Hubei Key Laboratory of Distributed System Security Hubei Engineering Research Center on Big Data Security Cluster and Grid Computing Lab and School of Cyber Science and Engineering Huazhong University of Science and Technology China Nanyang Technological University Singapore National Engineering Research Center for Big Data Technology and System Services Computing Technology and System Lab Hubei Key Laboratory of Distributed System Security Hubei Engineering Research Center on Big Data Security Cluster and Grid Computing Lab and School of Cyber Science and Engineering Huazhong University of Science and Technology China and Jinyinhu Laboratory China National Engineering Research Center for Big Data Technology and System Services Computing Technology and System Lab Hubei Key Laboratory of Distributed System Security Hubei Engineering Research Center on Big Data Security Cluster and Grid Computing Lab and School of Computer Science and Technology Huazhong University of Science and Technology China

ISBN: (纸本)9781939133441

With the continuous development of software open-sourcing, the reuse of open-source software has led to a significant increase in the occurrence of recurring vulnerabilities. These vulnerabilities often arise through the practice of copying and pasting existing vulnerabilities. Many methods have been proposed for detecting recurring vulnerabilities, but they often struggle to ensure both high efficiency and consideration of semantic information about vulnerabilities and patches. In this paper, we introduce FIRE, a scalable method for large-scale recurring vulnerability detection. It utilizes multi-stage filtering and differential taint paths to achieve precise clone vulnerability scanning at an extensive scale. In our evaluation across ten open-source software projects, FIRE demonstrates a precision of 90.0% in detecting 298 recurring vulnerabilities out of 385 ground truth instance. This surpasses the performance of existing advanced recurring vulnerability detection tools, detecting 31.4% more vulnerabilities than VUDDY and 47.0% more than MOVERY. When detecting vulnerabilities in large-scale software, FIRE outperforms MOVERY by saving about twice the time, enabling the scanning of recurring vulnerabilities on an ultra-large scale.

关键词：

来源：评论

学校读者我要写书评

暂无评论

Efficient Modeling Attack on Multiplexer PUFs via Kronecker Matrix Multiplication

引用

IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems 2025年

作者： Wang, Hongfei Wan, Caixue Jin, Hai Huazhong University of Science and Technology National Engineering Research Center for Big Data Technology and System Services Computing Technology and System Lab Hubei Key Laboratory of Distributed System Security Hubei Engineering Research Center on Big Data Security School of Cyber Science and Engineering Wuhan430074 China Huazhong University of Science and Technology National Engineering Research Center for Big Data Technology and System Services Computing Technology and System Lab Cluster and Grid Computing Lab School of Computer Science and Technology Wuhan430074 China

The Physical Unclonable Function (PUF) is valued for its lightweight nature and unique functionality, making it a common choice for securing hardware products requiring authentication and key generation mechanisms. In response to the susceptibility of individual PUFs to modeling attacks, advanced PUF variants have been developed to improve security measures. One notable type in this regard is the multiplexer-based composition of arbiter PUFs, known as MPUF, which aims to meet high reliability and security standards simultaneously. Current research on attacking MPUF encounters challenges such as substantial demands for training CRPs and low success rates. In this work, we propose a novel numerical modeling attack strategy for MPUFs. Using Kronecker products from mathematical perspective, this method precisely describe the MPUF model without using complex network architectures, boosting attack accuracy and overall efficiency. Experiment comparison with state-of-the-art works demonstrates that our method achieves better performance in terms of attack accuracy, robustness, and efficiency. Our method is able to successfully attack a (512, 8)-MPUF in 32.71 minutes with 97.14% accuracy, outperforming all existing attack methods on MPUFs. More, we validate our method through experiments with hardware implementations on FPGAs. The advantages of our method also include the adaptability to be employed to attack other MPUF variations like cMPUF and rMPUF, and the capability to be integrated with an existing attack method for launching efficient attack on MPUFs leveraging reliability information. © 2025 IEEE.

关键词： modeling attack multiplexer-based PUF Physical unclonable function

来源：评论

学校读者我要写书评

暂无评论

SSEM： Secure, Scalable and Efficient Multi-Owner Data Sharing in Clouds

引用

China Communications 2016年第8期13卷 231-243页

作者： Shungan Zhou Ruiying Du Jing Chen Hua Deng Jian Shen Huanguo Zhang The Key Laboratory of Aerospace Information Security and Trusted Computing Ministry of Education Computer School of Wuhan University Wuhan 430072 Hubei Province China State Grid Information and Communication Company of Hunan Electric Power Corp Changsha 410000 Hunan Province China

Data sharing is a main application of cloud computing. Some existing solutions are proposed to provide flexible access control for outsourced data in the cloud. However, few attentions have been paid to group-oriented data sharing when multiple data owners want to share their private data for cooperative purposes. In this paper, we put forward a new paradigm, referred to as secure, scalable and efficient multi-owner(SSEM) data sharing in clouds. The SSEM integrates identity-based encryption and asymmetric group key agreement to enable group-oriented access control for data owners in a many-to-many sharing pattern. Moreover, with SSEM, users can join in or leave from the group conveniently with the privacy of both group data and user *** proposed the key-ciphertext homomorphism technique to construct an SSEM scheme with short ciphertexts. The security analysis shows that our SSEM scheme achieves data security against unauthorized accesses and collusion attacks. Both theoretical and experimental results confirm that our proposed scheme takes users little costs to share and access outsourced data in a group manner.

关键词： data sharing cloud computing asymmetric key agreement access control

来源：评论

学校读者我要写书评

暂无评论

Automatic power-aware reconfiguration of processor resource in virtualized clusters

引用

Jisuanji Yanjiu yu Fazhan/Computer Research and Development 2011年第7期48卷 1123-1133页

作者： Jin, Hai Deng, Li Wu, Song Shi, Xuanhua Zhou, Like Key Laboratory of Services Computing Technology and System Huazhong University of Science and Technology Ministry of Education Wuhan 430074 China Key Laboratory of Cluster and Grid Computing of Hubei Province Huazhong University of Science and Technology Wuhan 430074 China

Virtualization provides significant benefits of system maintenance, load balancing, fault tolerance, and power-saving in clusters or data centers. It also enables dynamic reconfiguration of computing resource for application environment. However, current dynamic resource control approaches mainly focus on how to satisfy the application-level quality of service (QoS) when application workloads vary with time. They are driven by application performance, which is often specific to certain class of applications and also weakens the response capability of control systems. In this paper, a resource-use-status-driven resource reconfiguration scheme (RUSiC) is presented to automatically adapt to dynamic workload changes to meet the demands of application performance. According to the new characteristics introduced by system virtualization, the scheme is designed to be a two-layer resource reconfiguration model to exactly grasp the demands of applications. Based on real resource use status, the scheme adjusts proper resource configuration for applications in time. Furthermore, the scheme introduces power-saving into resource reconfiguration process and avoids considerable unnecessary power and cooling consumption by reducing the number of active physical nodes in a new resource configuration. Experiments demonstrate that the scheme can quickly detect and respond to shifting resource demands as application workloads change over time.

关键词： Virtualization

来源：评论

学校读者我要写书评

暂无评论

Virtual machine VCPU scheduling in the multi-core environment: Issues and challenges

引用

Jisuanji Yanjiu yu Fazhan/Computer Research and Development 2011年第7期48卷 1216-1224页

作者： Jin, Hai Zhong, Alin Wu, Song Shi, Xuanhua Key Laboratory of Services Computing Technology and System Huazhong University of Science and Technology Ministry of Education Wuhan 430074 China Key Laboratory of Cluster and Grid Computing of Hubei Province Huazhong University of Science and Technology Wuhan 430074 China

The policies and mechanisms of VCPU (virtual CPU) scheduling in a virtual machine system are key factors to determine the system performance. Because the architecture of the software stack in the virtual machine system is different from the traditional computer systems, when scheduling the VCPUs in virtual machines, simply adopting scheduling strategies and algorithms of existing operating systems without any modifications can lead to drastic degradation of the system performance. Moreover, with the multi-core technology being employed for physical processors, the complexity of the VCPU scheduling is increased. Firstly, the architecture of the virtual machine system and its two-stage scheduling framework are depicted and analyzed in detail in this paper. Because the deterministic mapping relationship between application threads and physical cores is difficult to establish in the two-stage framework, and part functions of operating systems move down to virtual machine monitor, VCPU scheduling will confront many problems and challenges that mainly embody four aspects: the semantic gap between guest operating systems and a virtual machine monitor, the synchronization mechanisms in a multiprocessor operating system, the structure of shared cache in multi-core processors and emerging asymmetric multi-core structure. And then advantages and limitations of the existing solutions for these problems are discussed and analyzed deeply, and suggestions for further researches are presented.

关键词： Virtual machine

来源：评论

学校读者我要写书评

暂无评论

MR-COF: A genetic MapReduce configuration optimization framework 15th

MR-COF: A genetic MapReduce configuration optimization frame...

引用

15th International Conference on Algorithms and Architectures for Parallel Processing, ICA3PP 2015

作者： Liu, Chao Zeng, Deze Yao, Hong Hu, Chengyu Yan, Xuesong Fan, Yuanyuan Hubei Key Laboratory of Intelligent Geo-Information Processing China University of Geosciences Wuhan430074 China China Services Computing Technology and System Lab and Cluster and Grid Computing Lab Huazhong University of Science and Technology Wuhan430074 China

ISBN: (纸本)9783319271392

Hadoop/MapReduce has emerged as a de facto programming framework to explore cloud-computing resources. Hadoop has many configuration parameters, some of which are crucial to the performance of MapReduce jobs. In practice, these parameters are usually set to default or inappropriate values. This severely limits system performance (e.g., execution time). Therefore, it is essential but also challenging to investigate how to automatically tune these parameters to optimize MapReduce job performance. In this paper, we propose an automatic MapReduce configuration optimization framework named as MR-COF. By monitoring and analyzing the runtime behavior, the framework adopts a cost-based performance prediction model that predicts the MapReduce job performance. In addition, we design a genetic search algorithm which iteratively tunes parameters in order to find out the best one. Testbed-based experimental results show that the average MapReduce job performance is increased by 35% with MR-COF compared to the default configuration. © Springer International Publishing Switzerland 2015.

关键词： MapReduce

来源：评论

学校读者我要写书评

暂无评论

Towards Effective and Efficient Error Handling Code Fuzzing Based on Software Fault Injection 31

Towards Effective and Efficient Error Handling Code Fuzzing ...

引用

31st IEEE International Conference on Software Analysis, Evolution and Reengineering, SANER 2024

作者： Chen, Kang Wen, Ming Jia, Haoxiang Wu, Rongxin Jin, Hai Wuhan430074 China Jin YinHu Laboratory Wuhan430074 China School of Informatics Xiamen University Xiamen361005 China School of Computer Science and Technology HUST Wuhan430074 China National Engineering Research Center for Big Data Technology and System Services Computing Technology and System Lab China Hubei Engineering Research Center on Big Data Security Hubei Key Laboratory of Distributed System Security China Cluster and Grid Computing Lab China

ISBN: (纸本)9798350330663

Software systems often encounter various errors or exceptions in practice, and thus proper error handling code is essential to ensure the reliability of software systems. Unfortunately, error handling code is often bug-prone, while sufficiently testing them is challenging as such code often cannot be triggered under normal conditions. Motivated by this, recent studies have proposed to leverage software fault injection (SFI) based fuzzing to discover potential bugs in complicated error handling code. Despite the promising results achieved, their effectiveness and efficiency are still compromised in practice due to the huge search space of error sites, inadequate fuzzing guidance, and the overhead induced by context-sensitive SFI. To achieve effective and efficient testing of error handling code, this study presents AFL-FI, which first utilizes a similarity-based method to identify suspicious error sites, and then incorporates the idea of error site coverage to guide the fuzzing process. Finally, the design of lightweight context-sensitive SFI enables AFL-FI to execute test cases efficiently. We evaluate AFL-FI on eight large-scale open-source projects, and the results show that it can outperform existing state-of-the-art fuzzing tools significantly in terms of branch code coverage. More importantly, AFL-FI has discovered 13 previously unknown bugs, and all of them have been confirmed while 12 of them have been fixed. Besides, our evaluation also demonstrates that all the key designs of AFL-F I are effective that contribute significantly to its overall performance. © 2024 IEEE.

关键词： Errors

来源：评论

学校读者我要写书评

暂无评论

Contrastive Learning for Robust Android Malware Familial Classification

引用

IEEE Transactions on Dependable and Secure computing 2022年 1-14页

作者： Wu, Yueming Dou, Shihan Zou, Deqing Yang, Wei Qiang, Weizhong Jin, Hai National Engineering Research Center for Big Data Technology and System Services Computing Technology and System Lab Hubei Engineering Research Center on Big Data Security School of Cyber Science and Engineering Huazhong University of Science and Technology Wuhan China Shanghai Key Laboratory of Intelligent Information Processing School of Computer Science Fudan University Shanghai China University of Texas at Dallas Dallas USA National Engineering Research Center for Big Data Technology and System Services Computing Technology and System Lab Cluster and Grid Computing Lab School of Computer Science and Technology Huazhong University of Science and Technology Wuhan China

Due to its open-source nature, Android operating system has been the main target of attackers to exploit. Malware creators always perform different code obfuscations on their apps to hide malicious activities. Features extracted from these obfuscated samples through program analysis contain many useless and disguised features, which leads to many false negatives. To address the issue, in this paper, we demonstrate that obfuscation-resilient malware family analysis can be achieved through contrastive learning. The key insight behind our analysis is that contrastive learning can be used to reduce the difference introduced by obfuscation while amplifying the difference between malware and other types of malware. Based on the proposed analysis, we design a system that can achieve robust and interpretable classification of Android malware. To achieve robust classification, we perform contrastive learning on malware samples to learn an encoder that can automatically extract robust features from malware samples. To achieve interpretable classification, we transform the function call graph of a sample into an image by centrality analysis. Then the corresponding heatmaps can be obtained by visualization techniques. These heatmaps can help users understand why the malware is classified as this family. We implement IFDroid and perform extensive evaluations on two datasets. Experimental results show that IFDroid is superior to state-of-the-art Android malware familial classification systems. Moreover, IFDroid is capable of maintaining a 98.4% F1 on classifying 69,421 obfuscated malware samples. IEEE

关键词： Semantics

来源：评论

学校读者我要写书评

暂无评论

Machine Learning is All You Need: A Simple Token-Based Approach for Effective Code Clone Detection 24

Machine Learning is All You Need: A Simple Token-Based Appro...

引用

44th ACM/IEEE International Conference on Software Engineering, ICSE 2024

作者： Feng, Siyue Suo, Wenqi Wu, Yueming Zou, Deqing Liu, Yang Jin, Hai Huazhong University of Science and Technology China Nanyang Technological University Singapore Hubei Engineering Research Center on Big Data Security Cluster and Grid Computing Lab National Engineering Research Center for Big Data Technology and System Services Computing Technology and System Lab Hubei Key Laboratory of Distributed System Security China Jinyinhu Laboratory Wuhan430074 China School of Cyber Science and Engineering Hust Wuhan430074 China School of Computer Science and Technology Hust Wuhan430074 China

ISBN: (纸本)9798400702174

As software engineering advances and the code demand rises, the prevalence of code clones has increased. This phenomenon poses risks like vulnerability propagation, underscoring the growing importance of code clone detection techniques. While numerous code clone detection methods have been proposed, they often fall short in real-world code environments. They either struggle to identify code clones effectively or demand substantial time and computational resources to handle complex clones. This paper introduces a code clone detection method namely Toma using tokens and machine learning. Specifically, we extract token type sequences and employ six similarity calculation methods to generate feature vectors. These vectors are then input into a trained machine learning model for classification. To evaluate the effectiveness and scalability of Toma, we conduct experiments on the widely used BigCloneBench dataset. Results show that our tool outperforms token-based code clone detectors and most tree-based clone detectors, demonstrating high effectiveness and significant time savings. © 2024 ACM.

关键词： Machine learning

来源：评论

学校读者我要写书评

暂无评论

Intersecting-Boundary-Sensitive Fingerprinting for Tampering Detection of DNN Models 41

Intersecting-Boundary-Sensitive Fingerprinting for Tampering...

引用

41st International Conference on Machine Learning, ICML 2024

作者： Bai, Xiaofan He, Chaoxiang Ma, Xiaojing Zhu, Bin Benjamin Jin, Hai School of Cyber Science and Engineering Huazhong University of Science and Technology China National Engineering Research Center for Big Data Technology and System China Services Computing Technology and System Lab China Hubei Engineering Research Center on Big Data Security China Hubei Key Laboratory of Distributed System Security China Microsoft United States School of Computer Science and Technology Huazhong University of Science and Technology China Cluster and Grid Computing Lab China

Cloud-based AI services offer numerous benefits but also introduce vulnerabilities, allowing for tampering with deployed DNN models, ranging from injecting malicious behaviors to reducing computing resources. Fingerprint samples are generated to query models to detect such tampering. In this paper, we present Intersecting-Boundary-Sensitive Fingerprinting (IBSF), a novel method for black-box integrity verification of DNN models using only top-1 labels. Recognizing that tampering with a model alters its decision boundary, IBSF crafts fingerprint samples from normal samples by maximizing the partial Shannon entropy of a selected subset of categories to position the fingerprint samples near decision boundaries where the categories in the subset intersect. These fingerprint samples are almost indistinguishable from their source samples. We theoretically establish and confirm experimentally that these fingerprint samples' expected sensitivity to tampering increases with the cardinality of the subset. Extensive evaluation demonstrates that IBSF surpasses existing state-of-the-art fingerprinting methods, particularly with larger subset cardinality, establishing its state-of-the-art performance in black-box tampering detection using only top-1 labels. The IBSF code is available at: https://***/CGCL-codes/IBSF. Copyright 2024 by the author(s)

关键词： HTTP

来源：评论

学校读者我要写书评

暂无评论

建议与咨询留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

时间限定

文献类型

馆藏选择

核心期刊

语言

文献类型

帮助

文字说明：

检索规则说明：

检索范例：

分类表

所选分类

限定检索结果

文献类型

馆藏范围

日期分布

学科分类号

主题

机构

作者

语言

请选择保存的检索档案：

请选择收藏分类：

通借通还

建议与咨询 留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

时间限定

文献类型

馆藏选择

核心期刊

语言

文献类型

帮助

文字说明：

检索规则说明：

检索范例：

分类表

所选分类

限定检索结果

文献类型

馆藏范围

日期分布

学科分类号

主题

机构

作者

语言

请选择保存的检索档案： 新增检索档案 确定 取消

请选择收藏分类： 新增自定义分类 确定 取消

通借通还

建议与咨询留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

请选择保存的检索档案：

请选择收藏分类：