检索结果-内蒙古大学图书馆

arXiv 2024年

作者： Zhao, Jian Wang, Shenao Zhao, Yanjie Hou, Xinyi Wang, Kailong Gao, Peiming Zhang, Yuanchao Wei, Chen Wang, Haoyu Huazhong University of Science and Technology Wuhan China MYbank Ant Group Hangzhou China Hubei Key Laboratory of Distributed System Security Hubei Engineering Research Center on Big Data Security School of Cyber Science and Engineering Huazhong University of Science and Technology China

The proliferation of pre-trained models (PTMs) and datasets has led to the emergence of centralized model hubs like Hugging Face, which facilitate collaborative development and reuse. However, recent security reports have uncovered vulnerabilities and instances of malicious attacks within these platforms, highlighting growing security concerns. This paper presents the first systematic study of malicious code poisoning attacks on pre-trained model hubs, focusing on the Hugging Face platform. We conduct a comprehensive threat analysis, develop a taxonomy of model formats, and perform root cause analysis of vulnerable formats. While existing tools like Fickling and ModelScan offer some protection, they face limitations in semantic-level analysis and comprehensive threat detection. To address these challenges, we propose MalHug, an end-to-end pipeline tailored for Hugging Face that combines dataset loading script extraction, model deserialization, in-depth taint analysis, and heuristic pattern matching to detect and classify malicious code poisoning attacks in datasets and models. In collaboration with Ant Group, a leading financial technology company, we have implemented and deployed MalHug on a mirrored Hugging Face instance within their infrastructure, where it has been operational for over three months. During this period, MalHug has monitored more than 705K models and 176K datasets, uncovering 91 malicious models and 9 malicious dataset loading scripts. These findings reveal a range of security threats, including reverse shell, browser credential theft, and system reconnaissance. This work not only bridges a critical gap in understanding the security of the PTM supply chain but also provides a practical, industry-tested solution for enhancing the security of pre-trained model hubs. Copyright © 2024, The Authors. All rights reserved.

关键词： Latent semantic analysis

来源：评论

学校读者我要写书评

暂无评论

Study on Modelling and Its Parameter Identification Method of Doubly-Fed Wind Turbines LVRT Based on Measured Power Response Curves 12

Study on Modelling and Its Parameter Identification Method o...

引用

12th International Conference on Renewable Power Generation, RPG 2023

作者： Jia, Lingjie Peng, Xiaotao He, Jing Li, Shaolin Miao, Fenglin Hubei Key Laboratory of Power Equipment & System Security for Integrated Energy School of Electrical Engineering and Automation Wuhan University China School of Electrical Engineering and Automation Wuhan University China China Electric Power Research Institute Beijing China

With the increasingly prominent energy and environmental problems, wind power generation with its advantages of clean, flexible, sustainable and other advantages in the grid account for an increasing *** is important to study the electromechanical transient model of wind turbine low voltage ride-through (LVRT) and its modeling method based on the measured data to improve the analysis results of the transient response characteristics of wind power grid-connected system to voltage faults. In this paper, based on Doubly-Fed Induction Generator (DFIG), firstly, the dynamic regulation process of converter and generator is ignored, and based on the electromechanical transient model of wind turbine active-reactive power regulation command to stator output active-reactive current respectively, the typical active-reactive power control mode of wind turbine LVRT is studied according to the measured power response curve of LVRT, and the active-reactive power limitation strategy during LVRT. The typical active-reactive power control method of LVRT and the active-reactive power limiting strategy during LVRT are investigated. Then, a method is proposed to identify the fault ride-through control strategy using the characteristic points of the power, voltage and current response curves of the measured voltage fault ride-through. Based on analyzing the main control parameters of the model with the parameter sensitivity, an optimization method based on the least square method is proposed to identify the model parameters step by step. Finally, the validity of the model and the identification method are verified by using Matlab/Simulink simulation and real measurement data, and the robustness of the model is verified by using operating conditions with different degrees of voltage dips. © The Institution of Engineering & Technology 2023.

关键词： Wind turbines

来源：评论

学校读者我要写书评

暂无评论

Real-time stealth transmission via dither-based bias control

Real-time stealth transmission via dither-based bias control

引用

Conference on Lasers and Electro-Optics (CLEO)

作者： Yuanxiang Wang Weidong Shao Linsheng Zhong Xiaoxiao Dai Qi Yang Lei Deng Deming Liu Mengfan Cheng Hubei Key Laboratory of Distributed System Security Hubei Engineering Research Center on Big Data Security School of Cyber Science and Engineering Huazhong University of Science and Technology Wuhan China School of Optical and Electronic Information Huazhong University of Science and Technology Wuhan China

We report a real-time 1 kbps stealthy transmission in the 10 Gbps QPSK public communication. The stealth data is embedded in dither signals of bias control. The scheme is compatible with existing optical transmission ... 详细信息

ISBN: (纸本)9781957171258

关键词： Modulators Optical communications Optical networks Optical signals Quadrature phase shift keying Signal processing

来源：评论

学校读者我要写书评

暂无评论

Towards Robust Detection of Open Source Software Supply Chain Poisoning Attacks in Industry Environments

arXiv

引用

arXiv 2024年

作者： Zheng, Xinyi Wei, Chen Wang, Shenao Zhao, Yanjie Gao, Peiming Zhang, Yuanchao Wang, Kailong Wang, Haoyu Huazhong University of Science and Technology Wuhan China MYbank Ant Group Hangzhou China Hubei Key Laboratory of Distributed System Security Hubei Engineering Research Center on Big Data Security School of Cyber Science and Engineering Huazhong University of Science and Technology China Wuhan Jinyinhu Laboratory China

The exponential growth of open-source package ecosystems, particularly NPM and PyPI, has led to an alarming increase in software supply chain poisoning attacks. Existing static analysis methods struggle with high false positive rates and are easily thwarted by obfuscation and dynamic code execution techniques. While dynamic analysis approaches offer improvements, they often suffer from capturing non-package behaviors and employing simplistic testing strategies that fail to trigger sophisticated malicious behaviors. To address these challenges, we present OSCAR, a robust dynamic code poisoning detection pipeline for NPM and PyPI ecosystems. OSCAR fully executes packages in a sandbox environment, employs fuzz testing on exported functions and classes, and implements aspect-based behavior monitoring with tailored API hook points. We evaluate OSCAR against six existing tools using a comprehensive benchmark dataset of real-world malicious and benign packages. OSCAR achieves an F1 score of 0.95 in NPM and 0.91 in PyPI, confirming that OSCAR is as effective as the current state-of-the-art technologies. Furthermore, for benign packages exhibiting characteristics typical of malicious packages, OSCAR reduces the false positive rate by an average of 32.06% in NPM (from 34.63% to 2.57%) and 39.87% in PyPI (from 41.10% to 1.23%), compared to other tools, significantly reducing the workload of manual reviews in real-world deployments. In cooperation with Ant Group, a leading financial technology company, we have deployed OSCAR on its NPM and PyPI mirrors since January 2023, identifying 10,404 malicious NPM packages and 1,235 malicious PyPI packages over 18 months. This work not only bridges the gap between academic research and industrial application in code poisoning detection but also provides a robust and practical solution that has been thoroughly tested in a real-world industrial setting. Copyright © 2024, The Authors. All rights reserved.

关键词： Open source software

来源：评论

学校读者我要写书评

暂无评论

Research and application of artificial intelligence based webshell detection model: A literature review

arXiv

引用

arXiv 2024年

作者： Ma, Mingrui Han, Lansheng Zhou, Chunjie Hubei Key Laboratory of Distributed System Security Hubei Engineering Research Center on Big Data Security School of Cyber Science and Engineering Huazhong University of Science and Technology Wuhan430074 China The Key Laboratory of Ministry of Education for Image Processing and Intelligent Control School of Artificial Intelligence and Automation Huazhong University of Science and Technology Hubei Wuhan430074 China

Webshell, as the"culprit" behind numerous network attacks, is one of the research hotspots in the field of cybersecurity. However, the complexity, stealthiness, and confusing nature of webshells pose significant challenges to the corresponding detection schemes. With the rise of Artificial Intelligence (AI) technology, researchers have started to apply different intelligent algorithms and neural network architectures to the task of webshell detection. However, the related research still lacks a systematic and standardized methodological process, which is confusing and redundant. Therefore, following the development timeline, we carefully summarize the progress of relevant research in this field, dividing it into three stages: Start Stage, Initial Development Stage, and In-depth Development Stage. We further elaborate on the main characteristics and core algorithms of each stage. In addition, we analyze the pain points and challenges that still exist in this field and predict the future development trend of this field from our point of view. To the best of our knowledge, this is the first review that details the research related to AI-based webshell detection. It is also hoped that this paper can provide detailed technical information for more researchers interested in AI-based webshell detection tasks. Copyright © 2024, The Authors. All rights reserved.

关键词： Machine learning

来源：评论

学校读者我要写书评

暂无评论

A Large-Scale Empirical Study on Semantic Versioning in Golang Ecosystem 23

A Large-Scale Empirical Study on Semantic Versioning in Gola...

引用

Proceedings of the 38th IEEE/ACM International Conference on Automated Software Engineering

作者： Wenke Li Feng Wu Cai Fu Fan Zhou School of Cyber Science and Engineering Huazhong University of Science and Technology Wuhan China AND Hubei Key Laboratory of Distributed System Security Hubei Engineering Research Center on Big Data Security Platform and Content Group Tencent Technology (Shenzhen) Co.Ltd Shenzhen China

ISBN: (纸本)9798350329964

Third-party libraries (TPLs) have become an essential component of software, accelerating development and reducing maintenance costs. However, breaking changes often occur during the upgrades of TPLs and prevent client programs from moving forward. Semantic versioning (SemVer) has been applied to standardize the versions of releases according to compatibility, but not all releases follow SemVer compliance. Lots of work focuses on SemVer compliance in ecosystems such as Java and JavaScript beyond Golang (Go for short). Due to the lack of tools to detect breaking changes and dataset for Go, developers of TPLs do not know if breaking changes occur and affect client programs, and developers of client programs may hesitate to upgrade dependencies in terms of breaking *** bridge this gap, we conduct the first large-scale empirical study in the Go ecosystem to study SemVer compliance in terms of breaking changes and their impact. In detail, we propose GoSVI (Go Semantic Versioning Insight) to detect breaking changes and analyze their impact by resolving identifiers in client programs and comparing their types with breaking changes. Moreover, we collect the first large-scale Go dataset with a dependency graph from GitHub, including 124K TPLs and 532K client programs. Based on the dataset, our results show that 86.3% of library upgrades follow SemVer compliance and 28.6% of no-major upgrades introduce breaking changes. Furthermore, the tendency to comply with SemVer has improved over time from 63.7% in 2018/09 to 92.2% in 2023/03. Finally, we find 33.3% of downstream client programs may be affected by breaking changes. These findings provide developers and users of TPLs with valuable insights to help make decisions related to SemVer.

关键词： semantic versioning

来源：评论

学校读者我要写书评

暂无评论

A Large-Scale Empirical Study on Semantic Versioning in Golang Ecosystem

A Large-Scale Empirical Study on Semantic Versioning in Gola...

引用

IEEE International Conference on Automated Software Engineering (ASE)

作者： Wenke Li Feng Wu Cai Fu Fan Zhou School of Cyber Science and Engineering Huazhong University of Science and Technology Wuhan China Hubei Key Laboratory of Distributed System Security Hubei Engineering Research Center on Big Data Security Platform and Content Group Tencent Technology (Shenzhen) Co.Ltd Shenzhen China

Third-party libraries (TPLs) have become an essential component of software, accelerating development and reducing maintenance costs. However, breaking changes often occur during the upgrades of TPLs and prevent client programs from moving forward. Semantic versioning (SemVer) has been applied to standardize the versions of releases according to compatibility, but not all releases follow SemVer compliance. Lots of work focuses on SemVer compliance in ecosystems such as Java and JavaScript beyond Golang (Go for short). Due to the lack of tools to detect breaking changes and dataset for Go, developers of TPLs do not know if breaking changes occur and affect client programs, and developers of client programs may hesitate to upgrade dependencies in terms of breaking changes. To bridge this gap, we conduct the first large-scale empirical study in the Go ecosystem to study SemVer compliance in terms of breaking changes and their impact. In detail, we propose GoSVI (Go Semantic Versioning Insight) to detect breaking changes and analyze their impact by resolving identifiers in client programs and comparing their types with breaking changes. Moreover, we collect the first large-scale Go dataset with a dependency graph from GitHub, including 124K TPLs and 532K client programs. Based on the dataset, our results show that 86.3% of library upgrades follow SemVer compliance and 28.6% of no-major upgrades introduce breaking changes. Furthermore, the tendency to comply with SemVer has improved over time from 63.7% in 2018/09 to 92.2% in 2023/03. Finally, we find 33.3% of downstream client programs may be affected by breaking changes. These findings provide developers and users of TPLs with valuable insights to help make decisions related to SemVer.

关键词：

来源：评论

学校读者我要写书评

暂无评论

Partial Deep Domain Adaptation for Non-Intrusive Load Monitoring 21

Partial Deep Domain Adaptation for Non-Intrusive Load Monito...

引用

21st IEEE International Symposium on Parallel and distributed Processing with Applications, 13th IEEE International Conference on Big Data and Cloud Computing, 16th IEEE International Conference on Social Computing and Networking and 13th International Conference on Sustainable Computing and Communications, ISPA/BDCloud/SocialCom/SustainCom 2023

作者： Li, Yuying Yang, Yang Wang, Chen Liu, Runqin Jiang, Hongbo Liu, Wenping Hubei University Key Laboratory of Intelligent Sensing System and Security Ministry of Education School of Artificial Intelligence Wuhan China Huazhong University of Science and Technology Wuhan China China Unicom Central South Research Institute Changsha China Hunan University Changsha China Hubei University of Economics Wuhan China

ISBN: (纸本)9798350329223

With the widespread deployment of smart meters and the burgeoning integration of the Ubiquitous Power Internet of Things (UPIoT), Non-Intrusive Load Monitoring (NILM) has emerged as an essential technology, providing granular insights into device-level energy consumption. However, NILM model generalization is impeded by user and appliance heterogeneity. Domain adaptation has been leveraged to enhance NILM models, but it typically necessitates consistent appliance categorization across households. Addressing this, our study presents Weighted Adaptation NILM (WeAd-NILM), a partial deep domain adaptation model designed for Partial Domain Adaptation (PDA) scenarios that accommodate diverse appliance categories, aligning with real-world load decomposition tasks. WeAd-NILM introduces a sample weighting mechanism tailored for PDA, mitigating negative transfer from outliers. Through distribution analysis and multi-objective regression, WeAd-NILM effectively performs load decomposition, fostering knowledge transfer. Verified on UK-DALE and REFIT datasets, WeAd-NILM demonstrates exceptional transferability and load decomposition accuracy. © 2023 IEEE.

关键词： Internet of things

来源：评论

学校读者我要写书评

暂无评论

Enhancing the MILP/MIQCP-based Automatic Search for Differential-Linear Distinguishers of Simon-Like Ciphers

arXiv

引用

arXiv 2024年

作者： Chen, Siwei Xiang, Zejun Zeng, Xiangyong Qin, Guangxue School of Cyber Science and Technology Key Laboratory of Intelligent Sensing System and Security Hubei University Wuhan China Faculty of Mathematics and Statistics Hubei Key Laboratory of Applied Mathematics Hubei University Wuhan China

In this paper, we propose an improved method based on Mixed-Integer Linear Programming/Mixed-Integer Quadratic Constraint Programming (MILP/MIQCP) to automatically find better differential-linear (DL) distinguishers for the all members of Simon and Simeck block cipher families. To be specific, we first give the completely precise MILP model to describe the linear part, and explain how to utilize the general expressions of Gurobi solver to model the propagation of continuous difference for the middle part in a quite easy way. Secondly, in order to solve the MILP/MIQCP model in a reasonable time, we propose two heuristic strategies based on the divide-and-conquer idea to speed up the search process. Thirdly, we introduce the transforming technique, which exploits the clustering effect on DL trails, to improve the estimated correlation of the DL approximation. We apply our method to Simon and Simeck block cipher families. Consequently, we find the 14/17/21/26-round theoretical DL distinguishers of Simon 32/48/64/96, which extend the previous longest ones of Simon 32/48/96 by one round and Simon 64 by two rounds, respectively. For Simeck, we do not explore longer distinguishers compared to the currently best results, but refresh all the results of Zhou et al. (the first work to automate finding DL distinguishers for Simon-like ciphers using MILP/MIQCP). Besides, in order to validate the correctness of these distinguishers, the experimental verifications are conducted on Simon 32/Simeck 32 and Simon 48/Simeck 48. The results show that our theoretical estimations on correlations are very close to the experimental ones, which can be regarded as a concrete support for the effectiveness of our method. © 2024, CC BY.

关键词： Mixed-integer linear programming

来源：评论

学校读者我要写书评

暂无评论

MalwareTotal: Multi-Faceted and Sequence-Aware Bypass Tactics Against Static Malware Detection

MalwareTotal: Multi-Faceted and Sequence-Aware Bypass Tactic...

引用

International Conference on Software Engineering (ICSE)

作者： Shuai He Cai Fu Hong Hu Jiahe Chen Jianqiang Lv Shuai Jiang School of Cyber Science and Engineering Huazhong Science and technology University China Hubei Key Laboratory of Distributed System Security Huazhong Science and technology University China Pennsylvania State University United States

ISBN: (数字)9798400702174

ISBN: (纸本)9798350382143

Recent methods have demonstrated that machine learning (ML) based static malware detection models are vulnerable to adversarial attacks. However, the generated malware often fails to generalize to production-level anti-malware software (AMS), as they usually involve multiple detection methods. This calls for universal solutions to the problem of malware variants generation. In this work, we demonstrate how the proposed method, MalwareTotal, has allowed malware variants to continue to abound in ML-based, signature-based, and hybrid anti-malware software. Given a malicious binary, we develop sequential bypass tactics that enable malicious behavior to be concealed within multi-faceted manipulations. Through 12 experiments on real-world malware, we demonstrate that an attacker can consistently bypass detection (98.67%, and 100% attack success rate against ML-based methods EMBER and MalConv, respectively; 95.33%, 92.63%, and 98.52% attack success rate against production-level anti-malware software ClamAV, AMS A, and AMS B, respectively) without modifying the malware functionality. We further demonstrate that our approach outperforms state-of-the-art adversarial malware generation techniques both in attack success rate and query consumption (the number of queries to the target model). Moreover, the samples generated by our method have demonstrated transferability in the real-world integrated malware detector, VirusTotal. In addition, we show that common mitigation such as adversarial training on known attacks cannot effectively defend against the proposed attack. Finally, we investigate the value of the generated adversarial examples as a means of hardening victim models through an adversarial training procedure, and demonstrate that the accuracy of the retrained model against generated adversarial examples increases by 88.51 percentage points.

关键词： Training Pipelines Detectors Pressing Software systems Malware Space exploration

来源：评论

学校读者我要写书评

暂无评论

建议与咨询留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

时间限定

文献类型

馆藏选择

核心期刊

语言

文献类型

帮助

文字说明：

检索规则说明：

检索范例：

分类表

所选分类

限定检索结果

文献类型

馆藏范围

日期分布

学科分类号

主题

机构

作者

语言

请选择保存的检索档案：

请选择收藏分类：

通借通还

建议与咨询 留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

时间限定

文献类型

馆藏选择

核心期刊

语言

文献类型

帮助

文字说明：

检索规则说明：

检索范例：

分类表

所选分类

限定检索结果

文献类型

馆藏范围

日期分布

学科分类号

主题

机构

作者

语言

请选择保存的检索档案： 新增检索档案 确定 取消

请选择收藏分类： 新增自定义分类 确定 取消

通借通还

建议与咨询留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

请选择保存的检索档案：

请选择收藏分类：