Web applications become more and more important, and the corresponding security problems have been concerned about. This paper presents TASA, an ASP static analyzer, which employs a path-sensitive, inter-procedural an...
详细信息
Web applications become more and more important, and the corresponding security problems have been concerned about. This paper presents TASA, an ASP static analyzer, which employs a path-sensitive, inter-procedural and contextsensitive data flow analysis, mainly concerning the taint propagation and sanitization. This paper also discusses some techniques used in TASA, such as sanitization routines modeling, ASP specific features, alias analysis and path-related routines modeling, to prune false positives. Experiments on four open source applications show that TASA has a rate of false positive of 4.98% and it can avoid certain false warnings owing to the proposed approaches.
The trusted process mechanism is an important part of the operating system security mechanism, but there is no uniform definition of the trusted process and there are some limitations in understanding its fundamental ...
详细信息
The trusted process mechanism is an important part of the operating system security mechanism, but there is no uniform definition of the trusted process and there are some limitations in understanding its fundamental properties. In this paper, the trustworthiness of a trusted process is discussed in terms of privilege, data-operated integrity, functional and logic correctness, self-integrity, availability and trusted interactions. A trusted process definition is then given which summarizes the fundamental properties of a trusted process as a theoretical foundation for researching and enforcing the trusted process mechanism. A prototype of a trusted process mechanism is implemented in a secure operating system based on Linux, with the trustworthiness of the trusted process assured in many ways to improve and extende the original trust mechanisms in Linux.
With pixel un-mixing, the omission of pixel caused by mixed pixel can be resolved so as to improve the classification accuracy. But the trouble is only the proportion of each end member object in one pixel which can b...
详细信息
With pixel un-mixing, the omission of pixel caused by mixed pixel can be resolved so as to improve the classification accuracy. But the trouble is only the proportion of each end member object in one pixel which can be got through pixel un-mixing, while the spatial distribution of is uncertain. The objective of this study is to introduce the sub-pixel mapping based on spatial attraction model and explore some issues of it, such as neighboring pixels selection and spatial attraction normalization. As the experiments proven, the sub-pixel mapping could get better result by the eight neighboring pixels selecting mode and normalizing by sub-pixel mode in most cases.
Certificateless cryptography eliminates the key escrow problem in identity-based cryptography. Hierarchical cryptography exploits a practical security model to mirror the organizational hierarchy in the real world. In...
详细信息
Certificateless cryptography eliminates the key escrow problem in identity-based cryptography. Hierarchical cryptography exploits a practical security model to mirror the organizational hierarchy in the real world. In this paper, to incorporate the advantages of both types of cryptosystems, we instantiate hierarchical certificate less cryptography by formalizing the notion of hierarchical certificate less signatures. Furthermore, we propose an HCLS scheme which, under the hardness of the computational Diffie-Hellman (CDH) problem, is proven to be existentially unforgeable against adaptive chosen-message attacks in the random oracle model. As to efficiency, our scheme has constant complexity, regardless of the depth of the hierarchy. Hence, the proposal is secure and scalable for practical applications.
Web services are commonly perceived as an environment of both offering opportunities and threats. In this environment, one way to minimize threats is to use reputation evaluation, which can be computed, for example, t...
详细信息
Web services are commonly perceived as an environment of both offering opportunities and threats. In this environment, one way to minimize threats is to use reputation evaluation, which can be computed, for example, through transaction feedback. However, the current feedback-based approach is inaccurate and ineffective because of its inner limitations (e.g., feedback quality problem). As the main source of feedback, the qualities of existing on-line reviews are often varied greatly from low to high, the main reasons include: (1) they have no standard expression formats, (2) dishonest comments may exist among these reviews due to malicious attacking. Up to present, the quality problem of review has not been well solved, which greatly degrades their importance on service reputation evaluation. Therefore, we firstly present a novel evaluation approach for review quality in terms of multiple metrics. Then, we make a further improvement in service reputation evaluation based on those filtered reviews. Experimental results show the effectiveness and efficiency of our proposed approach compared with the naive feedback-based approaches.
Poor quality and harsh condition can result in faulty and outlier data in sampling data of sensor nodes. So we need median query to reflect average level of monitoring region. First, we put forward HMA algorithm. Seco...
详细信息
Poor quality and harsh condition can result in faulty and outlier data in sampling data of sensor nodes. So we need median query to reflect average level of monitoring region. First, we put forward HMA algorithm. Second, we extend HMA algorithm and put forward HFMA algorithm. In HFMA, We only need collect data inside filter and aggregate influence coefficient during sampling period. Base station can compute median result according to the sample data inside filter and influence coefficient aggregation value. Experimental results have shown that HFMA outperforms Naive algorithm and HMA algorithm and can prolong the lifetime of sensor network.
In this paper, a rapid resynchronization method using intent logs is suggested for replication In-memory databases supporting mobile communication applications. Both the identifiers of unsynchronized segments and the ...
详细信息
Top-k queries in uncertain databases are quite popular and useful due to its wide application usage. However, compared to Top-k in traditional databases, queries over uncertain database are more complicated because of...
详细信息
This paper considers the problem of constructing data aggregation trees in wireless sensor networks (WSNs)for a group of sensor nodes to send collected information to a single sink *** data aggregation tree contains t...
详细信息
This paper considers the problem of constructing data aggregation trees in wireless sensor networks (WSNs)for a group of sensor nodes to send collected information to a single sink *** data aggregation tree contains the sink node,all the source nodes,and some other non-source *** goal of constructing such a data aggregation tree is to minimize the number of non-source nodes to be included in the tree so as to save *** prove that the data aggregation tree problem is NP-hard and then propose an approximation algorithm with a performance ratio of four and a greedy *** also give a distributed version of the approximation *** simulations are performed to study the performance of the proposed *** results show that the proposed algorithms can find a tree of a good approximation to the optimal tree and has a high degree of scalability.
With the system becoming more complex and workloads becoming more fluctuating, it is very hard for DBA to quickly analyze performance data and optimize the system, self optimization is a promising technique. A data mi...
详细信息
暂无评论