检索结果-内蒙古大学图书馆

Delhi Section Conference (DELCON), IEEE

作者： Gideon Mwendwa Lokesh Chouhan Felix Etyang Ngaira Mandela Uwineza Gift School of Cyber Security and Digital Forensics National Forensic Sciences University Goa India School of Engineering Department of Computer Science Cochin University of Science and Technology Cochin India School of Cyber Security and Digital Forensics National Forensic Sciences University Gandhinagar India School of Cyber Security and Digital Forensics National Forensic Sciences University Jinja Uganda

ISBN: (数字)9798331518592

ISBN: (纸本)9798331518608

This study investigates the efficacy of machine learning algorithms in detecting and evaluating extremist content on social media platforms, and we employ X, formerly known as Twitter. We therefore utilize Kaggle's dataset that contains 83,000 entries from both extremist and non-extremist posts to compare the performance of four machine learning models, namely Support Vector Machine (SVM), Random Forest, Gradient Boosting, and Naive Bayes. Moreover, we examine a Stacking Classifier that leverages the advantages of all four models. The models were assessed using accuracy, precision, recall, F1 Score, ROC-AUC Score, training duration, and prediction time. The findings of our study revealed that the Support Vector Machine (SVM) algorithm was the most accurate and resilient, whereas Naive Bayes showcased remarkable computing efficiency, rendering it well-suited for real-time detection. The Random Forest and Gradient Boosting algorithms offered a well-balanced approach. Notably, the novel Stacking Classifier outperformed individual models, demonstrating the strength of a hybrid methodology. Hence our study presents a thorough structure for improving the identification of extremist material on social media, thereby providing essential knowledge for creating efficient, immediate detection systems to combat online extremism successfully.

关键词： Support vector machines Training Accuracy Social networking (online) Computational modeling Stacking Boosting Real-time systems Bayes methods Random forests

来源：评论

学校读者我要写书评

暂无评论

Semantic-Enhanced Static Vulnerability Detection in Baseband Firmware 24

Semantic-Enhanced Static Vulnerability Detection in Baseband...

引用

44th ACM/IEEE International Conference on Software engineering, ICSE 2024

作者： Liu, Yiming Zhang, Cen Li, Feng Li, Yeting Zhou, Jianhua Wang, Jian Zhan, Lanlan Liu, Yang Huo, Wei Institute of Information Engineering Cas School of Cyber Security Ucas Beijing China Key Laboratory of Network Assessment Technology Cas China Beijing Key Laboratory of Network Security and Protection Technology China Nanyang Technological University Singapore

ISBN: (纸本)9798400702174

Cellular network is the infrastructure of mobile communication. Baseband firmware, which carries the implementation of cellular network, has critical security impact on its vulnerabilities. To handle the inherent complexity in cellular communication, cellular protocols are usually implemented as message-centric systems, containing the common message processing phase and message specific handling phase. Though the latter takes most of the code (99.67%) and exposed vulnerabilities (74%), it is rather under-studied: existing detectors either cannot sufficiently analyze it or focused on analyzing the former phase. To fill this gap, we proposed a novel semantic-enhanced static vulnerability detector named BVFinder focusing on message specific phase vulnerability detection. Generally, it identifies a vulnerability by locating whether a predefined sensitive memory operation is tainted by any attacker-controllable input. Specifically, to reach high automation and preciseness, it made two key improvements: a semantic-based taint source identification and an enhanced taint propagation. The former employs semantic search techniques to identify registers and memory offsets that carry attacker-controllable inputs. This is achieved by matching the inputs to their corresponding message and data types using textual features and addressing patterns within the assemblies. On the other hand, the latter technology guarantees effective taint propagation by employing additional indirect call resolution algorithms. The evaluation shows that BVFinder outperforms the state-of-the-art detectors by detecting three to four times of amount of vulnerabilities in the dataset. Till now, BVFinder has found four zero-day vulnerabilities, with four CVEs and 12,410 USD bounty assigned. These vulnerabilities can potentially cause remote code execution to phones using Samsung shannon baseband, affecting hundreds of millions of end devices. © 2024 ACM.

关键词： Semantics

来源：评论

学校读者我要写书评

暂无评论

An Effective Span-based Multimodal Named Entity Recognition with Consistent Cross-Modal Alignment 30

An Effective Span-based Multimodal Named Entity Recognition ...

引用

Joint 30th International Conference on Computational Linguistics and 14th International Conference on Language Resources and Evaluation, LREC-COLING 2024

作者： Xu, Yongxiu Xu, Hao Huang, Heyan Cui, Shiyao Tang, Minghao Wang, Longzheng Xu, Hongbo Institute of Information Engineering Chinese Academy of Sciences Beijing China School of Cyber Security University of Chinese Academy of Sciences Beijing China School of Computer Science and Technology Beijing Institute of Technology Beijing China

ISBN: (纸本)9782493814104

With the increasing availability of multimodal content on social media, consisting primarily of text and images, multimodal named entity recognition (MNER) has gained a wide-spread attention. A fundamental challenge of MNER lies in effectively aligning different modalities. However, the majority of current approaches rely on word-based sequence labeling framework and align the image and text at inconsistent semantic levels (whole image-words or regions-words). This misalignment may lead to inferior entity recognition performance. To address this issue, we propose an effective span-based method, named SMNER, which achieves a more consistent multimodal alignment from the perspectives of information-theoretic and cross-modal interaction, respectively. Specifically, we first introduce a cross-modal information bottleneck module for the global-level multimodal alignment (whole image-whole text). This module aims to encourage the semantic distribution of the image to be closer to the semantic distribution of the text, which can enable the filtering out of visual noise. Next, we introduce a cross-modal attention module for the local-level multimodal alignment (regions-spans), which captures the correlations between regions in the image and spans in the text, enabling a more precise alignment of the two modalities. Extensive experiments conducted on two benchmark datasets demonstrate that SMNER outperforms the state-of-the-art baselines. © 2024 ELRA Language Resource Association: CC BY-NC 4.0.

关键词： Alignment

来源：评论

学校读者我要写书评

暂无评论

Malware Classification Method Based on Dynamic Features with Sensitive Behaviors

Malware Classification Method Based on Dynamic Features with...

引用

2024 IEEE International Conference on Systems, Man, and cybernetics, SMC 2024

作者： Xie, Yamin Li, Siyuan Chen, Zhengcai Du, Haichao Jia, Xiaoqi Tang, Jing Du, Yuejin Institute of Information Engineering University of Chinese Academy of Sciences Beijing China School of Cyber Security University of Chinese Academy of Sciences Beijing China Future Security Institute Qihoo 360 Technology Co Ltd Beijing100093 China

ISBN: (纸本)9781665410205

Traditional malware classification methods often just scratch the surface by analyzing the sequence of system commands (API calls) used by malware during its operation. These approaches miss out on deeper, complex behaviors that could significantly enhance accuracy in identifying different malware types. To address this, we introduce SenBeMC, a method that delves deeper into the behaviors exhibited by malware. SenBeMC combine API call information vectors with behavioral information to enhance the deep semantic information of input features, enriching the hierarchical structure of feature representation. SenBeMC stands out by employing soft thresholding and attention mechanisms to sift through the noise - extraneous information that can mask the malware's true nature, and a BiLSTM model that excels in understanding the sequence and timing of actions, crucial for spotting sophisticated threats. Experimental evaluations on real-world datasets affirm that SenBeMC effectively improves feature representation and accuracy of malware classification when compared to other contemporary state-of-the-art models. © 2024 IEEE.

关键词： API sequence Deep Learning Malware classification Sensitive behavior

来源：评论

学校读者我要写书评

暂无评论

A Lossless Relational Data Watermarking Scheme Based on Uneven Partitioning 20th

A Lossless Relational Data Watermarking Scheme Based on Une...

引用

20th International Conference on Information security and Cryptology, Inscrypt 2024

作者： Xu, Wenhao Xian, Hequn College of Computer Science and Technology Qingdao University Qingdao266071 China Key Laboratory of Cyberspace Security Defense Institute of Information Engineering Chinese Academy of Sciences Beijing100085 China Cryptograph and Cyber Security Whampoa Institute Guangzhou510000 China

ISBN: (纸本)9789819647309

In modern relational databases, data security and integrity are crucial, particularly in large-scale, unevenly distributed big data environments. This paper proposes a lossless relational data watermarking scheme based on uneven partitioning, addressing the non-uniformity of data by managing data partitioning within the database. By selecting key attributes and setting appropriate thresholds, data is allocated to partitions of varying sizes and volumes. Different watermark intensities are embedded based on these partitions. Traditional robust watermarking schemes modify carriers to maintain data quality but often lack robustness. To improve this, the proposed scheme uses watermark encoding algorithms to integrate data bits with watermark information, storing the generated auxiliary data. During watermark extraction, the watermark is recovered from this auxiliary data through decoding algorithms. This method enhances watermark capacity by encoding at least one attribute of each data tuple, avoiding original data modifications and common distortion issues. Experimental results show that this scheme, combining uneven partitioning with high-capacity lossless watermarks, offers superior robustness and security compared to traditional methods. It provides an efficient and reliable option for data protection in relational databases, particularly suitable for large-scale and dynamically changing data environments. © The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd. 2025.

关键词： Data privacy

来源：评论

学校读者我要写书评

暂无评论

FirmPorter: Porting RTOSes at the Binary Level for Firmware Re-hosting 26th

FirmPorter: Porting RTOSes at the Binary Level for Firmwa...

引用

26th International Conference on Information and Communications security, ICICS 2024

作者： Xin, Mingfeng Wen, Hui Deng, Liting Li, Hong Li, Qiang Sun, Limin Beijing Key Laboratory of IOT Information Security Technology Institute of Information Engineering CAS Beijing China School of Cyber Security University of Chinese Academy of Sciences Beijing China School of Computer and Information Technology Beijing Jiaotong University Beijing China

ISBN: (纸本)9789819788002

The rapid growth of the Industrial Internet of Things (IIoT) has brought real-time operating system (RTOS) into focus as major targets for both security analysts and malicious adversaries. Due to the non-standard hardware and diverse software, embedded RTOS devices present unique challenges to security analysts for the accurate analysis of firmware binaries. The diversity in hardware components and tight coupling between firmware and hardware makes it hard to perform dynamic analysis, which must have the ability to execute firmware code in virtualized environments. However, emulating the large expanse of hardware peripherals makes analysts have to frequently modify the emulator for executing various firmware code in different virtualized environments, which greatly limits the ability of analysis. In this work, we explore the problem of firmware re-hosting related to the RTOS. A device driver is developed by developers so that RTOS can be run on their platform. By providing alternative implementations for device drivers, we can make minimal modifications to the firmware that is to be migrated from its original hardware environment into a virtualized one. We show that an approach is capable of offering the ability to emulate various RTOS firmware in an automated manner without modifying existing emulators. Our approach, called static binary-level driver porting, first locates device driver initialization function and identify driver types in the target firmware, then adapts pre-built drivers to the existing emulator hardware. Finally, it replaces the drivers in the firmware with ours by utilizing binary rewriting technique. We demonstrate the practicality of the proposed method on multiple hardware platforms and firmware samples for security analysis. The results show that the approach is flexible enough to emulate firmware for vulnerability assessment and exploit development. © The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd. 2025.

关键词： Firmware

来源：评论

学校读者我要写书评

暂无评论

A New Way of (Decentralized) Identity Authentication and Continuous Authentication Following X3DH Framework

A New Way of (Decentralized) Identity Authentication and Con...

引用

2024 International Conference Optoelectronic Information and Optical engineering, OIOE 2024

作者： Zhao, Yufei Wang, Xinzhe Zhang, Daojuan Wu, Tianqi Gao, Lifang Chen, Ling State Grid Laboratory of Power Cyber-Security Protection and Monitoring Technology China Electric Power Research Institute Co. Ltd. Beijing China State Grid Hebei Information and Telecommunication Branch Hebei China School of Cyber Science and Engineering Sichuan University Chengdu China

ISBN: (数字)9781510688209

ISBN: (纸本)9781510688193

Authentication and key establishment are fundamental goals of modern cryptography. There are plenty of works that focus on secure and efficient design of them. Among them, the Diffie-Hellman key agreement protocol is the most widely used ones. They daily used Transport Lay security (TLS) protocol that are the basis of HTTPS is what protect us when we are surfing. However, as we all known, the protocol is not secure against man in the middle attack, so various kinds of authentication methods are proposed. With the development of technique for digital identity, we found the new needs to integrate authentication in the Diffie-Hellman kind of key agreement protocol. In this paper, we revisit the classical problem of authentication and key establishment. Inspired by the Signal protocol, we propose a new scheme of authentication with identity, we also note that although the decentralized identity is another kind of identity infrastructure, by the use of credential that is constructed with identity attributes, our scheme supports both centralized and decentralized identity system. With the development of Internet of Things (IoT), secure and efficient authentication and key establishment for sensors with limited computation power is also an urgent need. To this end, we realize a new authentication way and integrate it to X3DH protocol, which is the key component of Signal protocol. Besides, we consider the function of continual authentication that is very necessary in long-term secure communication. Last but not the least, we also give detailed analysis on security and computation, which shows the security and efficiency of our scheme. © 2025 SPIE.

关键词： Information security Internet of things Receivers Data communications Network security Power grids Sensors Symmetric key encryption Telecommunications Transportation security

来源：评论

学校读者我要写书评

暂无评论

NDFuzz:a non-intrusive coverage-guided fuzzing framework for virtualized network devices

引用

cybersecurity 2023年第1期6卷 54-74页

作者： Yu Zhang Nanyu Zhong Wei You Yanyan Zou Kunpeng Jian Jiahuan Xu Jian Sun Baoxu Liu Wei Huo Institute of Information Engineering Chinese Academy of SciencesBejingChina School of Cyber Security University of Chinese Academy of SciencesBejingChina Key Laboratory of Network Assessment Technology Chinese Academy of SciencesBeijingChina Beijing Key Laboratory of Network Security and Protection Technology BeijingChina Renmin University of China BeijingChina

Network function virtualization provides programmable in-network middlewares by leveraging virtualization tech-nologies and commodity hardware and has gained popularity among all mainstream network device *** it is challenging to apply coverage-guided fuzzing,one of the state-of-the-art vulnerability discovery approaches,to those virtualized network devices,due to inevitable integrity protection adopted by those *** this paper,we propose a coverage-guided fuzzing framework NDFuzz for virtualized network devices with a novel integrity protec-tion bypassing method,which is able to distinguish processes of virtualized network devices from hypervisors with a carefully designed non-intrusive page global directory inference *** implement NDFuzz atop of two black-box fuzzers and evaluate NDFuzz with three representative network protocols,SNMP,DHCP and NTP,on nine popular virtualized network *** obtains an average 36%coverage improvement in comparison with its black-box *** discovers 2 O-Day vulnerabilities and 11-Day vulnerability with coverage guidance while the black-box fuzzer can find only one of *** discovered vulnerabilities are confirmed by corresponding vendors.

关键词： Coverage-guided fuzzing Network devices Network function virtualization

来源：评论

学校读者我要写书评

暂无评论

Improved Attacks on (EC)DSA with Nonce Leakage by Lattice Sieving with Predicate

IACR Transactions on Cryptographic Hardware and Embedded Sys...

引用

IACR Transactions on Cryptographic Hardware and Embedded Systems 2023年第2期2023卷 568-586页

作者： Xu, Luyao Dai, Zhengyi Wu, Baofeng Lin, Dongdai State Key Laboratory of Information Security Institute of Information Engineering Chinese Academy of Sciences Beijing100093 China School of Cyber Security University of Chinese Academy of Sciences Beijing100049 China College of Computer National University of Defense Technology Changsha410073 China

Lattice reduction algorithms have been proved to be one of the most powerful and versatile tools in public key cryptanalysis. In this work, we primarily concentrate on lattice attacks against (EC)DSA with nonce leakage via some side-channel analysis. Previous works relying on lattice reduction algorithms such as LLL and BKZ will finally lead to the "lattice barrier": lattice algorithms become infeasible when only fewer nonce is known. Recently, Albrecht and Heninger introduced lattice algorithms augmented with a predicate and broke the lattice barrier (Eurocrypt 2021). We improve their work in several aspects. We first propose a more efficient predicate algorithm which aims to search for the target lattice vector in a large database. Then, we combine sieving with predicate algorithm with the "dimensions for free" and "progressive sieving" techniques to further improve the performance of our attacks. Furthermore, we give a theoretic analysis on how to choose the optimal Kannan embedding factor. As a result, our algorithm outperforms the state-of-the-art lattice attacks for existing records such as 3-bit nonce leakage for a 256-bit curve and 2-bit nonce leakage for a 160-bit curve in terms of running time, sample numbers and success probability. We also break the lattice records on the 384-bit curve with 3-bit nonce leakage and the 256-bit curve with 2-bit nonce leakage which are thought infeasible previously. Finally, we give the first lattice attack against ECDSA with a single-bit nonce leakage, which enables us to break a 112-bit curve with 1-bit nonce leakage in practical time. © 2023, Ruhr-University of Bochum. All rights reserved.

关键词： Side channel attack

来源：评论

学校读者我要写书评

暂无评论

Identifying malicious traffic under concept drift based on intraclass consistency enhanced variational autoencoder

引用

Science China(Information Sciences) 2024年第8期67卷 238-252页

作者： Xiang LUO Chang LIU Gaopeng GOU Gang XIONG Zhen LI Binxing FANG Institute of Information Engineering Chinese Academy of Sciences School of Cyber Security University of Chinese Academy of Sciences School of Computer Science and Technology Harbin Institute of Technology (Shenzhen)

Accurate identification of malicious traffic is crucial for implementing effective defense countermeasures and has led to extensive research efforts. However, the continuously evolving techniques employed by adversaries have introduced the issues of concept drift, which significantly affects the performance of existing methods. To tackle this challenge, some researchers have focused on improving the separability of malicious traffic representation and designing drift detectors to reduce the number of false ***, these methods often overlook the importance of enhancing the generalization and intraclass consistency in the representation. Additionally, the detectors are not sufficiently sensitive to the variations among different malicious traffic classes, which results in poor performance and limited robustness. In this paper, we propose intraclass consistency enhanced variational autoencoder with Class-Perception detector(ICE-CP) to identify malicious traffic under concept drift. It comprises two key modules during training:intraclass consistency enhanced(ICE) representation learning and Class-Perception(CP) detector construction. In the first module, we employ a variational autoencoder(VAE) in conjunction with Kullback-Leibler(KL)-divergence and cross-entropy loss to model the distribution of each input malicious traffic flow. This approach simultaneously enhances the generalization, interclass consistency, and intraclass differences in the learned representation. Consequently, we obtain a compact representation and a trained classifier for nondrifting malicious traffic. In the second module, we design the CP detector, which generates a centroid and threshold for each malicious traffic class separately based on the learned representation, depicting the boundaries between drifting and non-drifting malicious traffic. During testing, we utilize the trained classifier to predict malicious traffic classes for the testing samples. Then, we use the CP det

关键词： concept drift malicious traffic identification variational autoencoder intrusion detection cyberspace security

来源：评论

学校读者我要写书评

暂无评论

建议与咨询留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

时间限定

文献类型

馆藏选择

核心期刊

语言

文献类型

帮助

文字说明：

检索规则说明：

检索范例：

分类表

所选分类

限定检索结果

文献类型

馆藏范围

日期分布

学科分类号

主题

机构

作者

语言

请选择保存的检索档案：

请选择收藏分类：

通借通还

建议与咨询 留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

时间限定

文献类型

馆藏选择

核心期刊

语言

文献类型

帮助

文字说明：

检索规则说明：

检索范例：

分类表

所选分类

限定检索结果

文献类型

馆藏范围

日期分布

学科分类号

主题

机构

作者

语言

请选择保存的检索档案： 新增检索档案 确定 取消

请选择收藏分类： 新增自定义分类 确定 取消

通借通还

建议与咨询留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

请选择保存的检索档案：

请选择收藏分类：