In recent years, Web sites have already become the attackers' main target. When attackers embed malicious code in the Web pages, they generally change the display mode of the corresponding HTML tags to make the di...
详细信息
In recent years, Web sites have already become the attackers' main target. When attackers embed malicious code in the Web pages, they generally change the display mode of the corresponding HTML tags to make the display effect of malicious code invisible or almost invisible to the browser users. In this paper, the concept of abnormal visibility is proposed to describe the display feature setting of malicious code embedded. According to the concept, a malicious code detection method based on abnormal visibility recognition is designed and a prototype system is implemented. Compared to traditional methods and systems, the method has higher efficiency and less maintenance cost. Besides, a special-purpose JavaScript interpreter is implemented to get the execution output of browser-end scripts that are often used to generate malicious code dynamically by attackers. Experiments show that this system can detect most of the malicious Web pages efficiently and at the same time locate the malicious code in the source code accurately.
Ranking is one of the key factors for efficient and effective XML information retrieval. Compared with traditional IR, XML information retrieval has introduced many new challenges, one of which is that the traditional...
详细信息
In this paper, a rapid resynchronization method using intent logs is suggested for replication in-memory databases supporting mobile communication applications. Both the identifiers of unsynchronized segments and the ...
详细信息
In this paper, a rapid resynchronization method using intent logs is suggested for replication in-memory databases supporting mobile communication applications. Both the identifiers of unsynchronized segments and the identifiers of the slaves who have missed the updates in the segments are recorded in the intent logs. When receiving a resynchronization request from a slave, the master will scan the intent logs to find the unsynchronized segments for the salve, and then send the segments gotten directly from its memory to the slave. The performance results shown the intent logs method can reduce resynchronization time than methods using transaction logs.
Web sites have become the main targets of many attackers. Signature-based detection needs to maintain a large signature database and Honeypot based methods are not efficient. Since attackers always make the malicious ...
详细信息
Web sites have become the main targets of many attackers. Signature-based detection needs to maintain a large signature database and Honeypot based methods are not efficient. Since attackers always make the malicious codes in Web pages difficult to detect by the browser users, their methods can be classified into various fingerprints. Various malicious codes were analyzed to identify 6 types of fingerprints. The system utilizes a spider integrated with script interpretation to fetch target Web pages and extract specific tags for detection by HTML parsing for matching with the fingerprints to detect malicious codes. This method needs fewer fingerprints than traditional detection methods and is more efficient. Results for 60 websites show that the system has a false negative rate of 2.63% and a false positive rate of 1.99%.
To support electronic commerce applications with high reliability requirements, a synchronous replication framework of database servers is designed in this paper. At first, a three-tier architecture consisting of Web ...
详细信息
Top-k queries in uncertain databases are quite popular and useful due to its wide application usage. However, compared to top-k in traditional databases, queries over uncertain database are more complicated because of...
详细信息
ISBN:
(纸本)9781424449934
Top-k queries in uncertain databases are quite popular and useful due to its wide application usage. However, compared to top-k in traditional databases, queries over uncertain database are more complicated because of the existence of exponential possible worlds. A Top-k aggregate query ranks groups of tuples by their aggregate values, sum or average for example, and returns k groups with the highest aggregate values. As a powerful semantic of top-k, global top-k, returns A highest-ranked tuples according to their probabilities of being in the top-k anTopswers in possible worlds. We propose a dynamic programming based method to process global top-k aggregate queries in uncertain database, where the number of retrieved tuples and group states generated on these tuples are minimized. Experiment results show that our algorithm is effective.
As one part of preprocessing, automatic word segmentation is an key issue in Chinese information retrieval. Since integral words are put wholly together to compose into the more meaningful words and more express users...
详细信息
The main problem of existing static vulnerability detection methods based source code analysis is their high false positive and false negative rates. One main reason is lack of accurate and effective identification an...
详细信息
The main problem of existing static vulnerability detection methods based source code analysis is their high false positive and false negative rates. One main reason is lack of accurate and effective identification and analysis of security-related program elements, e.g. data validation checking, tainted data source, etc. A static vulnerability detection method based on data security state tracing and checking is proposed. In this method, the state space of state machine model is extended;the security state of a variable is identified by a vector that may correspond to multiple security-related properties rather than by a single property;Fine-grained state transition is provided to support accurate recognition of program security-related behaviors;The recognition of validation checking is introduced in vulnerability state machine to reduce false positives;and a systematic discrimination mechanism for tainted data is constructed to prevent false negatives result from neglecting tainted data sources. The experimental results of a prototype system show that this method can effectively detect buffer overflow and other type's vulnerabilities in software systems, and with obviously lower false positive than existing mainstream static detection methods and avoid some serious false negatives of these methods.
Sensor networks are widely used in many applications to collaboratively collect information from the physical environment. In these applications, the exploration of the relationship and linkage of sensing data within ...
详细信息
Sensor networks are widely used in many applications to collaboratively collect information from the physical environment. In these applications, the exploration of the relationship and linkage of sensing data within multiple regions can be naturally expressed by joining tuples in these regions. However, the highly distributed and resource-constraint nature of the network makes join a challenging query. In this paper, we address the problem of processing join query among different regions progressively and energy-efficiently in sensor networks. The proposed algorithm PEJA (Progressive Energy-efficient Join Algorithm) adopts an event-driven strategy to output the joining results as soon as possible, and alleviates the storage shortage problem in the in-network nodes. It also installs filters in the joining regions to prune unmatchable tuples in the early processing phase, saving lots of unnecessary transmissions. Extensive experiments on both synthetic and real world data sets indicate that the PEJA scheme outperforms other join algorithms, and it is effective in reducing the number of transmissions and the delay of query results during the join processing.
In keyword search over relational databases (KSORD), retrieval of user's initial query is often unsatisfying. User has to reformulate his query and execute the new query, which costs much time and effort. In this ...
详细信息
In keyword search over relational databases (KSORD), retrieval of user's initial query is often unsatisfying. User has to reformulate his query and execute the new query, which costs much time and effort. In this paper, a method of automatically reformulating user queries by relevance feedback is introduced, which is named VSM-RF. Aimed at the results of KSORD systems, VSM-RF adopts a ranking method based on vector space model to rank KSORD results. After the first time of retrieval, using user feedback or pseudo feedback just as user like, VSM-RF computes expansion terms based on probability and reformulates the new query using query expansion. After KSORD systems executing the new query, more relevant results are produced by the new query in the result list and presented to user. Experimental results verify this method's effectiveness.
暂无评论