检索结果-内蒙古大学图书馆

Artificial intelligence in physiological characteristics recognition for internet of things authentication

Digital Communications and Networks 2024年第3期10卷 740-755页

作者： Zhimin Zhang Huansheng Ning Fadi Farha Jianguo Ding Kim-Kwang Raymond Choo School of Computer and Communication Engineering University of Science and Technology BeijingBeijing100083China Beijing Engineering Research Center for Cyberspace Data Analysis and Applications Beijing100083China Faculty of Informatics Engineering Aleppo UniversityAleppoSyria Department of Computer Science Blekinge Institute of Technology37179KarlskronaSweden Department of Information Systems and Cyber Security University of Texas at San AntonioSan AntonioTX78249-0631USA

Effective user authentication is key to ensuring equipment security,data privacy,and personalized services in Internet of Things(IoT)***,conventional mode-based authentication methods(e.g.,passwords and smart cards)may be vulnerable to a broad range of attacks(e.g.,eavesdropping and side-channel attacks).Hence,there have been attempts to design biometric-based authentication solutions,which rely on physiological and behavioral *** characteristics need continuous monitoring and specific environmental settings,which can be challenging to implement in ***,we can also leverage Artificial Intelligence(AI)in the extraction and classification of physiological characteristics from IoT devices processing to facilitate ***,we review the literature on the use of AI in physiological characteristics recognition pub-lished after *** use the three-layer architecture of the IoT(i.e.,sensing layer,feature layer,and algorithm layer)to guide the discussion of existing approaches and their *** also identify a number of future research opportunities,which will hopefully guide the design of next generation solutions.

关键词： Physiological characteristics recognition Artificial intelligence Internet of things Biological-driven authentication

来源：评论

学校读者我要写书评

暂无评论

Unleashing the power of pseudo-code for binary code similarity analysis

引用

cybersecurity 2023年第2期6卷 44-61页

作者： Weiwei Zhang Zhengzi Xu Yang Xiao Yinxing Xue School of Computer Science and Engineering University of Science and Technology of ChinaHefeiChina School of Computer Science and Engineering Nanyang Technological UniversitySingaporeSingapore Institute of Information Engineering Chinese Academy of SciencesBeijingChina School of Cyber Security University of Chinese Academy of SciencesBeijingChina

Code similarity analysis has become more popular due to its significant applicantions,including vulnerability detection,malware detection,and patch *** the source code of the software is difficult to obtain under most circumstances,binary-level code similarity analysis(BCSA)has been paid much attention *** recent years,many BCSA studies incorporating Al techniques focus on deriving semantic information from binary functions with code representations such as assembly code,intermediate representations,and control flow graphs to measure the ***,due to the impacts of different compilers,architectures,and obfuscations,binaries compiled from the same source code may vary considerably,which becomes the major obstacle for these works to obtain robust *** this paper,we propose a solution,named UPPC(Unleashing the Power of Pseudo-code),which leverages the pseudo-code of binary function as input,to address the binary code similarity analysis challenge,since pseudocode has higher abstraction and is platform-independent compared to binary *** selectively inlines the functions to capture the full function semantics across different compiler optimization levels and uses a deep pyramidal convolutional neural network to obtain the semantic embedding of the *** evaluated UPPC on a data set containing vulnerabilities and a data set including different architectures(X86,ARM),different optimization options(O0-O3),different compilers(GCC,Clang),and four obfuscation *** experimental results show that the accuracy of UPPC in function search is 33.2%higher than that of existing methods.

关键词： Binary code similarity Machine learning Software security Pseudo-code

来源：评论

学校读者我要写书评

暂无评论

MAD-LLM: A Novel Approach for Alert-Based Multi-stage Attack Detection via LLM 22

MAD-LLM: A Novel Approach for Alert-Based Multi-stage Attack...

引用

22nd IEEE International Symposium on Parallel and Distributed Processing with Applications, ISPA 2024

作者： Du, Dan Guan, Xingmao Liu, Yuling Jiang, Bo Liu, Song Feng, Huamin Liu, Junrong Chinese Academy of Sciences Institute of Information Engineering Beijing China University of Chinese Academy of Sciences School of Cyber Security Beijing China Beijing Electronic Science and Technology Institute Beijing China

ISBN: (纸本)9798331509712

In the realm of cybersecurity, detecting multi-stage attacks is vital for uncovering the actual intentions and strategies of attackers. However, the detection of multi-stage attacks is fraught with challenges due to the proliferation of alerts from diverse sources, the heterogeneity of their formats, and the weak correlations among them. This study explores MAD-LLM, a novel approach for alert-based multi-stage attack detection using Large Language Model (LLM). Leveraging their advanced natural language processing capabilities, LLM demonstrates significant advantages in text comprehension and pattern recognition. This research attempts to aggregate and correlate security alerts using the prompt engineering capabilities of LLM to reconstruct multi-stage attack chain. Experimental results indicate that LLM exhibit excellent performance in the task of multi-stage attack detection, providing an innovative solution for cybersecurity defense. This study also offers insights and implications for the application of LLM in other fields. © 2024 IEEE.

关键词： Modeling languages

来源：评论

学校读者我要写书评

暂无评论

Relation Also Knows: Rethinking the Recall and Editing of Factual Associations in Auto-Regressive Transformer Language Models 39

Relation Also Knows: Rethinking the Recall and Editing of Fa...

引用

39th Annual AAAI Conference on Artificial Intelligence, AAAI 2025

作者： Liu, Xiyu Liu, Zhengxiao Gu, Naibin Lin, Zheng Ma, Wanli Xiang, Ji Wang, Weiping Institute of Information Engineering Chinese Academy of Sciences Beijing China School of Cyber Security University of Chinese Academy of Sciences Beijing China University of Electronic Science and Technology of China Chengdu China

ISBN: (纸本)157735897X

The storage and recall of factual associations in auto-regressive transformer language models (LMs) have drawn a great deal of attention, inspiring knowledge editing by directly modifying the located model weights. Most editing works achieve knowledge editing under the guidance of existing interpretations of knowledge recall that mainly focus on subject knowledge. However, these interpretations are seriously flawed, neglecting relation information and leading to the over-generalizing problem for editing. In this work, we discover a novel relation-focused perspective to interpret the knowledge recall of transformer LMs during inference and apply it on single knowledge editing to avoid over-generalizing. Experimental results on the dataset supplemented with a new R-Specificity criterion demonstrate that our editing approach significantly alleviates over-generalizing while remaining competitive on other criteria, breaking the domination of subject-focused editing for future research. Copyright © 2025, Association for the Advancement of Artificial Intelligence (***). All rights reserved.

关键词：

来源：评论

学校读者我要写书评

暂无评论

Save the Bruised Striver: A Reliable Live Patching Framework for Protecting Real-World PLCs 24

Save the Bruised Striver: A Reliable Live Patching Framework...

引用

19th European Conference on Computer Systems, EuroSys 2024

作者： Zhou, Ming Wang, Haining Li, Ke Zhu, Hongsong Sun, Limin School of Cyber Science and Engineering Nanjing University of Science and Technology China Department of Electrical and Computer Engineering Virginia Tech China Nari Group Corporation State Grid Electric Power Research Institute School of Cyber Security University of Chinese Academy of Sciences China Institute of Information Engineering Cas China Virginia Tech. United States

ISBN: (纸本)9798400704376

Industrial Control Systems (ICS), particularly programmable logic controllers (PLCs) responsible for managing underlying physical infrastructures, often operate for extended periods without interruption. Thus, it is challenging to patch security vulnerabilities of ICS in a timely manner after disclosure because it often necessitates waiting for a rare downtime window. While live patching has been introduced to avoid downtime and maintenance costs, conventional live patching methods are not viable for closed-source PLCs. Without the source code, it is difficult to understand the system behaviors and determine binary patch equivalence. To address these challenges, we present a Reliable Live Patching framework called RLPatch for applying live patches to third-party binary without source code. We design RLPatch to capture real-time conditions and dynamic behaviors of PLCs, which enables DevOps engineers to identify major non-recoverable fault (MNRF) vulnerabilities and generate hot patches. The core of RLPatch is an update agent that inserts breakpoints over the original MNRF code and then directs execution to the patches. To ensure system reliability, we use the unique constraints of PLCs to integrate the update processes with the scan cycle. We leverage RLPatch to patch 20 real vulnerabilities in three widely used Rockwell PLCs. We evaluate RLPatch in a real-world gas pipeline, demonstrating its reliability and effectiveness in practice. © 2024 Owner/Author.

关键词： Programmable logic controllers

来源：评论

学校读者我要写书评

暂无评论

Conformal Graph-level Out-of-distribution Detection with Adaptive Data Augmentation 25

Conformal Graph-level Out-of-distribution Detection with Ada...

引用

34th ACM Web Conference, WWW 2025

作者： Lin, Xixun Cao, Yanan Sun, Nan Zou, Lixin Zhou, Chuan Zhang, Peng Zhang, Shuai Zhang, Ge Wu, Jia Institute of Information Engineering Chinese Academy of Sciences Beijing China Institute of Information Engineering Chinese Academy of Sciences School of Cyber Security University of Chinese Academy of Sciences Beijing China School of Cyber Science and Engineering Wuhan University Wuhan China Academy of Mathematics and Systems Science CAS School of Cyber Security University of Chinese Academy of Sciences Beijing China Cyberspace Institute of Advanced Technology Guangzhou University Guangzhou China Academy of Mathematics and Systems Science CAS Beijing China School of Computer Science and Technology Donghua University Shanghai China Department of Computing Macquarie University Sydney Australia

ISBN: (纸本)9798400712746

Graph-level out-of-distribution (OOD) detection, which attempts to identify OOD graphs originated from an unknown distribution, is a vital building block for safety-critical applications in Web and society. Current approaches concentrate on how to learn better graph representations, but fail to provide any statistically guarantee on detection results, therefore impeding their deployments in the scenario where detection errors would result in serious consequences. To overcome this critical issue, we propose the Conformal Graph-level Out-of-distribution Detection (CGOD), extending the theory of conformal prediction to graph-level OOD detection with a rigorous control over the false positive rate. In CGOD, we develop a new aggregated non-conformity score function based on the proposed adaptive data augmentation. Through the guidance from two designed metrics, i.e., score consistency and representation diversity, our augmentation strategy can generate multiple non-conformity scores, and aggregating these generated non-conformity scores together is robust to the misleading information. Meanwhile, our score function can perceive the subsequent process of conformal inference, enabling the aggregated non-conformity score to be adaptive to different input graphs and deriving a more accurate score estimation. We conduct experiments on multiple real-world datasets with different empirical settings. Extensive results and model analyses demonstrate the superior performance of our approach over several competitive baselines. © 2025 Copyright held by the owner/author(s).

关键词： Network theory (graphs)

来源：评论

学校读者我要写书评

暂无评论

DBSFT: A High-Precision Database Anomaly Detection and Analysis via Task-Tune Based LLM 3rd

DBSFT: A High-Precision Database Anomaly Detection and Analy...

引用

3rd International Conference on Machine Learning, Cloud Computing and Intelligent Mining, MLCCIM 2024

作者： Zhong, Huazhen Wang, Jibin Wang, Xuejian Wang, Xin Xiao, Wenjie Tang, Xuehai Zang, Liangjun Institute of Information Engineering Chinese Academy of Sciences Beijing China China Mobile Information Technology Center Beijing China School of Cyber Security University of Chinese Academy of Sciences Beijing China

ISBN: (纸本)9789819624676

Databases, serving as crucial tools for storing and managing critical information, play pivotal roles in today's information technology landscape and are simultaneously focal points for cybersecurity. However, an increasing number of anomalous attacks targeting databases have emerged, resulting in numerous incidents such as data breaches and deletions, causing significant disruptions to database security. Despite the existence of some methods for protecting databases, current detection approaches lack interpretability, making it challenging to analyze anomalous operational behaviors and provide explanations for why they are considered anomalous. In this paper, we introduce DBSFT, a database operation behavior anomaly detection and analysis method with interpretability. Initially, pretraining is conducted using the RoBERTa model, followed by fine-tuning for the tasks of anomaly detection and anomaly analysis. Unlike previous methods, this model employs a multi-task learning approach. Experimental results indicate that DBSFT outperforms the current state-of-the-art models for each task, demonstrating superior performance in both anomaly detection and analysis tasks. © The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd. 2025.

关键词： Database systems

来源：评论

学校读者我要写书评

暂无评论

PowerDP: De-Obfuscating and Profiling Malicious PowerShell Commands With Multi-Label Classifiers

引用

IEEE Access 2023年 11卷 256-270页

作者： Tsai, Meng-Han Lin, Chia-Ching He, Zheng-Gang Yang, Wei-Chieh Lei, Chin-Laung Graduate Institute of Electrical Engineering National Taiwan University Taipei106319 Taiwan Institute for Information Industry Center for Cybersecurity Service Taipei106214 Taiwan National Center for Cyber Security Technology Taipei106043 Taiwan

In recent years, PowerShell has become the common tool that helps attackers launch targeted attacks using living-off-the-land tactics and fileless attack techniques. Unfortunately, malware-derived PowerShell Commands (PSCmds) have typically been obfuscated to hide the malicious intent from detection and analysis. Also, malicious PSCmds' expansive use of multiple obfuscation strategies and encryption methods makes them difficult to be revealed. Despite the advances in malicious PSCmds detection incorporating new approaches such as machine learning and deep learning, there is still no consensus on the solution to de-obfuscating malicious PSCmds and profiling their behavior. To address this challenge, we propose a hybrid framework that combines deep learning and program analysis for automatic PowerShell De-obfuscation and behavioral Profiling (PowerDP) through multi-label classification in a static manner. First, we use character distribution features to forecast obfuscation types of malicious PSCmds. Second, we developed an extensive de-obfuscator utilizing static regular expression replacement to recover the original content of obfuscated PSCmds based on the predicted obfuscation types. Finally, we profile the behavior of PSCmds by features extracted from the abstract syntax tree of PSCmds after de-obfuscation. Our results show that PowerDP achieves a promising 99.82% accuracy and 0.18% hamming loss in obfuscation multi-label classification using deep learning. Furthermore, the successful recovery rate of the de-obfuscator against 15 obfuscation types is 98.11% on average with semantic similarity comparison, and the accuracy of the behavior multi-label classification for identifying 5 behaviors in malicious PSCmds averages 98.53%. The evaluation indicates that PowerDP is able to classify and profile complicated PSCmds. © 2013 IEEE.

关键词： Semantics

来源：评论

学校读者我要写书评

暂无评论

Machine Learning-Based Crop Recommendation System 4

Machine Learning-Based Crop Recommendation System

引用

4th International Conference on Ubiquitous Computing and Intelligent Information Systems, ICUIS 2024

作者： Ebenezer, V. Nair, Akash Stewart Kirubakaran, S. Praising Linijah, N.L. Rajan, Jerlin Santhiya, P. Karunya Institute of Technology and Sciences Division of Data Sciences and Cyber Security Coimbatore India Karunya Institute of Technology and Sciences Division of Computer Science and Engineering Coimbatore India Karunya School of Management Karunya Institute of Technology and Sciences Coimbatore India

ISBN: (纸本)9798331529635

The time-honored way that farmers have been used to apply to the identification of the best crops for better yield is not exhaustive. Under this technique, the management process of powerful and productive resources, cannot be done properly. The crop recommendation system comprising a machine learningbased model can be deployed to solve the problem. While using techniques such as Logistic Regression, Decision Trees, Random Forests, XGB boost, SVM and Stacking Classifier, the machine learning model attempts to predict the most suitable crops by taking and observing soil contents and environmental parameters. That study is devoted to helping farmers have comprehensive prescriptions and appropriate crop selections to optimize productivity and guarantee sustainability. © 2024 IEEE.

关键词： Adversarial machine learning

来源：评论

学校读者我要写书评

暂无评论

Strategies for Building and Maintaining Secure Web Applications 5

Strategies for Building and Maintaining Secure Web Applicati...

引用

5th International Conference on Mobile Computing and Sustainable Informatics, ICMCSI 2024

作者： Sathiyapriyan, C. Manikandan, B. Gokul, S. Satheesh, Rewin Nivetha, S. Leelavathy, S. Aarupadai Veedu Institute of Technology Cyber Security Department of Computer Science and Engineering Chennai603104 India Aarupadai Veedu Institute of Technology Department of Computer Science and Engineering Chennai603104 India Sathyabama Institute of Science and Technology Department of Computer Science and Engineering Chennai600119 India

ISBN: (纸本)9798350395235

Ensuring the security of web applications is paramount in safeguarding sensitive data and maintaining user trust. This study presents a comprehensive overview of strategies for building and maintaining secure web applications, acknowledging their inherent limitations and outlining potential areas for future work. The strategies discussed encompass fundamental aspects of web application security, including input validation and sanitization, robust authentication and authorization mechanisms, secure communication through HTTPS, timely security patching, implementation of security headers, monitoring and logging, client-side security measures, and vigilance in handling third-party components.. This research employed algorithms include Routing Algorithms, Middleware Execution Order Algorithms, Eloquent ORM Algorithms, Encryption and Hashing Algorithms, Session Handling Algorithms, Queue Management Algorithms, and Dependency Injection Algorithms. © 2024 IEEE.

关键词： Sensitive data

来源：评论

学校读者我要写书评

暂无评论

建议与咨询留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

时间限定

文献类型

馆藏选择

核心期刊

语言

文献类型

帮助

文字说明：

检索规则说明：

检索范例：

分类表

所选分类

限定检索结果

文献类型

馆藏范围

日期分布

学科分类号

主题

机构

作者

语言

请选择保存的检索档案：

请选择收藏分类：

通借通还

建议与咨询 留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

时间限定

文献类型

馆藏选择

核心期刊

语言

文献类型

帮助

文字说明：

检索规则说明：

检索范例：

分类表

所选分类

限定检索结果

文献类型

馆藏范围

日期分布

学科分类号

主题

机构

作者

语言

请选择保存的检索档案： 新增检索档案 确定 取消

请选择收藏分类： 新增自定义分类 确定 取消

通借通还

建议与咨询留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

请选择保存的检索档案：

请选择收藏分类：