As a complex, flexible and effective platform for network attacking, the botnet spreads widely in the Internet. Botnets can provide the botmasters with the ability to launch large-scale malicious activities such as sp...
详细信息
As a complex, flexible and effective platform for network attacking, the botnet spreads widely in the Internet. Botnets can provide the botmasters with the ability to launch large-scale malicious activities such as spamming and DDoS (distributed Denial of Service) attacks. Botnets are continuously bringing more and more severe threats, so that the study on botnets has already become one of the focuses in the field of network security. However, in recent years, some new developments of botnets are challenging the existing understanding on botnets. In this paper, according to the new conditions of botnets and the researches in existence, a definition of botnet is proposed based on the works of other researchers, taxonomies of botnets are introduced respectively from the views of network structure, dependency and delivery pattern of C&C (Command and Control) information. Then the techniques on detecting, measuring and restraining botnets are analyzed systematically. In the end, we give the evolution trends of botnets and the future research trends in this area.
Many recent applications involve processing and analyzing uncertain data. Recently, several research efforts have addressed answering skyline queries efficiently on massive uncertain datasets. However, the research la...
详细信息
Many recent applications involve processing and analyzing uncertain data. Recently, several research efforts have addressed answering skyline queries efficiently on massive uncertain datasets. However, the research lacks methods to compute these queries on uncertain data, where each dimension of the uncertain object is represented as an interval or an exact value. In this paper, we extensively study the problem of skyline query on these interval based uncertain objects, which has never been studied before. We first model the problem of querying the skylines on interval datasets. Typically, we address two efficient algorithms with I/O optimal for the conventional interval skyline queries and constrained interval skyline queries, respectively. Extensive experiments demonstrate the efficiency of all our proposed algorithms.
Software security is one of the most important aspects of software quality, but errors in programs are still inevitable. Despite the development of static and dynamic analysis, the useful but costly manual analysis is...
详细信息
Software security is one of the most important aspects of software quality, but errors in programs are still inevitable. Despite the development of static and dynamic analysis, the useful but costly manual analysis is still heavily used. In this paper, we propose a human computation game based software error detection mechanism. The purpose of our mechanism is to improve the effectiveness and efficiency of manual error detection. The framework includes four main steps: 1) get all suspicious error locations by static tools according to different security properties;2) slice the programs from each error location;3) construct games for each slice and show them to players;4) collect game information and generate the final error report. We evaluate our approach by instantiating it for detecting errors of buffer overflow. The results show that our technique is successful in practice.
Botnets are threatening the Internet heavily, and more and more botnets are utilizing the P2P technology to build their C&C (Command and Control) mechanisms. Some research have been made to compare the resilience ...
详细信息
Botnets are threatening the Internet heavily, and more and more botnets are utilizing the P2P technology to build their C&C (Command and Control) mechanisms. Some research have been made to compare the resilience of structured P2P botnets and unstructured ones, against elimination of nodes, but the problem that which eliminating strategy is the best is rarely studied. In this paper, we proposed a new metric called the half point, to measure the effectiveness of different strategies. We also selected seven different eliminating strategies and compared them. Through extensive simulations, we find that RBC is the best eliminating strategy. Further analysis shows that for the strategy RBC, the average degree of nodes in the botnet have the most significant influence. The bigger the average degree is, the bigger the half point of RBC is, which implies that node eliminating may not be a reasonable choice for mitigating botnets with big average degree. Results of this paper can provide guidance for restraining structured P2P botnets.
The paper proposes a scheme to improve the accuracy of tag estimation in the EBT algorithm in RFID system. In the proposed scheme, the mean value of the estimated tag number should be acquired before calculating the o...
详细信息
The paper proposes a scheme to improve the accuracy of tag estimation in the EBT algorithm in RFID system. In the proposed scheme, the mean value of the estimated tag number should be acquired before calculating the optimal prefix. And the circular queue is used to record the average tag number which has been acquired recently. Thought the computer simulation we proposed the optimal length of the queue and make an explanation why the circular queue should be used to store the average tag number. The proposed scheme makes a better system performance compared with the original EBT algorithm.
This paper evaluates the performance and efficiency of Imagine stream processor for scientific programs. It classifies scientific programs into three classes based on their computation to memory access ratios. Typical...
详细信息
Context situation, which means a snapshot of the status of the real world, is formed by integrating a large amount of contexts collected from various resources. How to get the context situation and use the situation t...
详细信息
Context situation, which means a snapshot of the status of the real world, is formed by integrating a large amount of contexts collected from various resources. How to get the context situation and use the situation to provide better services is a challenging issue. In this paper, we focused on this challenge on the basis of the mobile cloud computing architecture. An abstract model is proposed in this paper to uniformly collect the context and send them to cloud. A rule-based large-scale context aggregation algorithm is also proposed which utilizes the MapReduce computing paradigm. Finally, a large-scale context management framework based on the abstract model and the context aggregation algorithm is proposed, and a real-time traffic demo is implemented to verify the validity of the framework.
In recent years, many C code static analyzers, with different abilities of bug detection, have appeared and been applied in various domains. There are so many choices that it becomes hard for programmers to know in de...
详细信息
In recent years, many C code static analyzers, with different abilities of bug detection, have appeared and been applied in various domains. There are so many choices that it becomes hard for programmers to know in detail the strengths as well as limitations of all these analyzers and to find the most suitable ones for their code. In this paper, we propose a benchmark for C code static analyzers, named UCBench, to provide quantitative and qualitative measurements for evaluating analyzers. Being different from other benchmarks, UCBench concentrates more on users' requirements rather than the improvements of bug detecting technique itself. The major components of UCBench include test case database, evaluation metrics and harness. We classify test cases into several groups according to their attributes and design various user-centric evaluation metrics. Besides, we develop some harness to automate the evaluation process. Finally, we demonstrate our benchmark suite over four C code static analyzers: Flawfinder, Cppcheck, Uno and Splint.
Full precise pointer analysis has been a challenging problem, especially when dealing with dynamically-allocated memory. Separation logic can describe pointer alias formally, but cannot describe the quantitative reach...
详细信息
Full precise pointer analysis has been a challenging problem, especially when dealing with dynamically-allocated memory. Separation logic can describe pointer alias formally, but cannot describe the quantitative reachability between pointers. In this paper, we present a symbolic framework for analyzing the reachability between pointers in list-manipulating programs. The precise points-to relations of pointers in lists are described by formulae of quantitative separation logic (QSL), and the analysis framework is based on the operational and rearrangement rules about the assignments of pointers. The fixpoint calculus and the counter symbolic abstraction are used to find loop invariants. We can get precise relations between pointers at each point of list-manipulating programs. In the end, several initial examples about list-manipulating programs are given to show that the approach can get precise pointer analysis for list-manipulating programs.
Invalid pointer dereferences, such as null pointer dereferences, dangling pointer dereferences and double frees, are a prevalent source of software bugs in CPS software, due to flexible dereferencing pointers along va...
详细信息
Invalid pointer dereferences, such as null pointer dereferences, dangling pointer dereferences and double frees, are a prevalent source of software bugs in CPS software, due to flexible dereferencing pointers along various pointer fields. Existing tools have high overhead or are incomplete, thereby limiting their efficiency in checking the kind of CPS software with shared and mutable memory. In this paper, we present a novel extended pointer structure for detecting all invalid pointer dereferences in this kind of CPS software. We propose an invalid pointer dereferences detection algorithm based on the uniform transformation of abstract heap states. Experimental evaluation about a set of large C benchmark programs shows that the proposed approach is sufficiently efficient in detecting invalid pointer dereferences of CPS software with shared and mutable memory.
暂无评论