Static analysis is often impeded by malware obfuscation techniques,such as encryption and packing,whereas dynamic analysis tends to be more resistant to obfuscation by leveraging concrete execution ***,malware can emp...
详细信息
Static analysis is often impeded by malware obfuscation techniques,such as encryption and packing,whereas dynamic analysis tends to be more resistant to obfuscation by leveraging concrete execution ***,malware can employ evasive techniques to detect the analysis environment and alter its behavior *** known evasive techniques can be explicitly dismantled,the challenge lies in generically dismantling evasions without full knowledge of their conditions or implementations,such as logic bombs that rely on uncertain conditions,let alone unsupported evasive techniques,which contain evasions without corresponding dismantling strategies and those leveraging unknown *** this paper,we present Antitoxin,a prototype for automatically exploring evasive *** utilizes multi-path exploration guided by taint analysis and probability calculations to effectively dismantle evasive *** probabilities of branch execution are derived from dynamic coverage,while taint analysis helps identify paths associated with evasive techniques that rely on uncertain ***,Antitoxin prioritizes branches with lower execution probabilities and those influenced by taint analysis for multi-path *** is achieved through forced execution,which forcefully sets the outcomes of branches on selected ***,Antitoxin employs active anti-evasion countermeasures to dismantle known evasive techniques,thereby reducing exploration ***,Antitoxin provides valuable insights into sensitive behaviors,facilitating deeper manual *** experiments on a set of highly evasive samples demonstrate that Antitoxin can effectively dismantle evasive techniques in a generic *** probability calculations guide the multi-path exploration of evasions without requiring prior knowledge of their conditions or implementations,enabling the dismantling of unsupported techniques such as C2 and signific
Graph pattern mining is essential for deciphering complex networks. In the real world, graphs are dynamic and evolve over time, necessitating updates in mining patterns to reflect these changes. Traditional methods us...
详细信息
Graph pattern mining is essential for deciphering complex networks. In the real world, graphs are dynamic and evolve over time, necessitating updates in mining patterns to reflect these changes. Traditional methods use fine-grained incremental computation to avoid full re-mining after each update, which improves speed but often overlooks potential gains from examining inter-update interactions holistically, thus missing out on overall efficiency *** this paper, we introduce Cheetah, a dynamic graph mining system that processes updates in a coarse-grained manner by leveraging exploration domains. These domains exploit the community structure of real-world graphs to uncover data reuse opportunities typically missed by existing approaches. Exploration domains, which encapsulate extensive portions of the graph relevant to updates, allow multiple updates to explore the same regions efficiently. Cheetah dynamically constructs these domains using a management module that identifies and maintains areas of redundancy as the graph changes. By grouping updates within these domains and employing a neighbor-centric expansion strategy, Cheetah minimizes redundant data accesses. Our evaluation of Cheetah across five real-world datasets shows it outperforms current leading systems by an average factor of 2.63 ×.
Elliptic Curve Cryptography (ECC) is an encryption method that provides security comparable to traditional techniques like Rivest–Shamir–Adleman (RSA) but with lower computational complexity and smaller key sizes, m...
详细信息
Elliptic Curve Cryptography (ECC) is an encryption method that provides security comparable to traditional techniques like Rivest–Shamir–Adleman (RSA) but with lower computational complexity and smaller key sizes, making it a competitive option for applications such as blockchain, secure multi-party computation, and database security. However, the throughput of ECC is still hindered by the significant performance overhead associated with elliptic curve (EC) operations, which can affect their efficiency in real-world scenarios. This paper presents gECC, a versatile framework for ECC optimized for GPU architectures, specifically engineered to achieve high-throughput performance in EC operations. To maximize throughput, gECC incorporates batch-based execution of EC operations and microarchitecture-level optimization of modular arithmetic. It employs Montgomery’s trick [40] to enable batch EC computation and incorporates novel computation parallelization and memory management techniques to maximize the computation parallelism and minimize the access overhead of GPU global memory. Furthermore, we analyze the primary bottleneck in modular multiplication by investigating how the user codes of modular multiplication are compiled into hardware instructions and what these instructions’ issuance rates are. We identify that the efficiency of modular multiplication is highly dependent on the number of Integer Multiply-Add (IMAD) instructions. To eliminate this bottleneck, we propose novel techniques to minimize the number of IMAD instructions by leveraging predicate registers to pass the carry information and using addition and subtraction instructions (IADD3) to replace IMAD instructions. Our experimental results show that, for ECDSA and ECDH, the two commonly used ECC algorithms, gECC can achieve performance improvements of 5.56 × and 4.94 ×, respectively, compared to the state-of-the-art GPU-based system. In a real-world blockchain application, we can achieve performance impr
We developed and validated a deep learning system (termed DeepDR Plus) in a diverse, multiethnic, multi-country dataset to predict personalized risk and time to progression of diabetic retinopathy. We show that DeepDR...
详细信息
We developed and validated a deep learning system (termed DeepDR Plus) in a diverse, multiethnic, multi-country dataset to predict personalized risk and time to progression of diabetic retinopathy. We show that DeepDR Plus can be integrated into the clinical workflow to promote individualized intervention strategies for the management of diabetic retinopathy.
暂无评论