检索结果-内蒙古大学图书馆

2nd International Conference on Consumer Electronics and Computer engineering, ICCECE 2022

作者： Zhang, Hao Dong, Weiyu Jiang, Liehui School of Cyber Science and Engineering Zhengzhou University Zhengzhou China State Key Laboratory of Mathematical Engineering and Advanced Computing Zhengzhou China

ISBN: (纸本)9781665408868

Fuzzing is one of the mainstream web application automated vulnerability detection methods. Because of its black box characteristics, it can be used to detect vulnerabilities without knowing the source code of the target application, so it is widely used. However, traditional web application fuzzing methods have the disadvantages of limited test cases, slow execution process, and low efficiency. In order to solve these problems, some scholars introduced genetic algorithms in the fuzzing process. However, after the test cases are entered, it is difficult to automatically detect the state of the web application, which will lead to deviations in the evolution direction of the population and the high aggressiveness of the test cases. This paper proposes a web application fuzzing script, which can realize automatic monitoring of web application status changes, and at the same time more accurately judge whether the test case is offensive. On this basis, an improved mutation method is proposed to enable the population to quickly evolve more aggressive test cases. Experimental results show that ZokFuzz can detect more web vulnerabilities compared to X-Ray and Burp Suite. © 2022 IEEE.

关键词： Genetic algorithms

来源：评论

学校读者我要写书评

暂无评论

Exploitability Analysis of Public Component Library Vulnerabilities Based on Taint Analysis 7

Exploitability Analysis of Public Component Library Vulnerab...

引用

7th International Conference on Intelligent computing and Signal Processing, ICSP 2022

作者： Yuan, Huijie Wang, Yunchao Zong, Guoxiao Lv, Zhuo State Key Laboratory of Mathematical Engineering and Advanced Computing Zhengzhou China State Grid Electric Power Research Institute Zhengzhou China

ISBN: (纸本)9781665478571

The reuse of public component libraries has contributed to the field of computer science because of its low implementation time and high production efficiency. However, the vulnerabilities in libraries can be more serious than those in real-world software because they can affect various software which uses these libraries. Therefore, the technologies of vulnerability mining of public component libraries have received extensive attention, such as fuzzing. But the number of crashes generated by fuzzing is huge, and only an exceedingly small number of public component library vulnerabilities are exploitable in real-world software. To solve this problem, we use taint analysis techniques to analyze the exploitability of library vulnerabilities in real-world software. We first use Pin binary instrumentation technology to instrument the consumer program, analyze the process of calling the library in the consumer program through the taint analysis, and convert the extracted execution path and parameter information into an adjacency matrix. Then we analyze the execution path and crash scene of the crash file, convert the exploitability analysis into path reachability analysis, and determine whether the crash can reach the vulnerable pointer of the software through reachability. Finally, we divide the library vulnerabilities into three levels: directly exploitable, indirectly exploitable, and unexploitable. We design and implement a prototype tool, LibExp-T, to analyze nine public component libraries and four real-world software containing multiple attack surfaces such as images, audio, video, fonts, etc. And we compare them with automatic exploit generation tools CRAX and REX. The results show that LibExp-T can effectively verify the exploitability of component library vulnerabilities in real-world software with low overhead. © 2022 IEEE.

关键词： Libraries

来源：评论

学校读者我要写书评

暂无评论

Self-embedding Image Watermarking based on Combined Decision Using Pre-offset and Post-offset Blocks

引用

Computers, Materials & Continua 2018年第11期57卷 243-260页

作者： Daofu Gong Yan Chen Haoyu Lu Zhenyu Li Yibing Han Zhengzhou Science and Technology Institute Zhengzhou450001China State Key Laboratory of Mathematical Engineering and Advanced Computing Zhengzhou450001China Department of Computer Science University of YorkYork YO105GHUK

To detect and recover random tampering areas,a combined-decision-based self-embedding watermarking scheme is proposed *** this scheme,the image is first partitioned into 2×2 size ***,the high 5 bits of a block’s average value is embedded into its offset *** tampering type of block is detected by comparing the watermarks of its pre-offset and post-offset *** theoretical analysis and experiments demonstrate that the proposed scheme not only has a lower ratio of false detection but also better performance with regard to avoiding random tampering.

关键词： Fragile watermarking self-embedding offset block tamper recovery random tampering

来源：评论

学校读者我要写书评

暂无评论

An Image Steganography Algorithm Based on Quantization Index Modulation Resisting Scaling Attacks and Statistical Detection

引用

Computers, Materials & Continua 2018年第7期56卷 151-167页

作者： Yue Zhang Dengpan Ye Junjun Gan Zhenyu Li Qingfeng Cheng State Key Laboratory of Mathematical Engineering and Advanced Computing Zhengzhou 450001China Computer School of Wuhan University Wuhan 430072China Department of Computer Science University of YorkYork YO105GHUK

In view of the fact that the current adaptive steganography algorithms are difficult to resist scaling attacks and that a method resisting scaling attack is only for the nearest neighbor interpolation method,this paper proposes an image steganography algorithm based on quantization index modulation resisting both scaling attacks and statistical *** the spatial image,this paper uses the watermarking algorithm based on quantization index modulation to extract the embedded *** construct the embedding distortion function of the new embedded domain based on S-UNIWARD steganography,and use the minimum distortion coding to realize the embedding of the secret ***,according to the embedding modification amplitude of secret messages in the new embedded domain,the quantization index modulation algorithm is applied to realize the final embedding of secret messages in the original embedded *** experimental results show that the algorithm proposed is robust to the three common interpolation attacks including the nearest neighbor interpolation,the bilinear interpolation and the bicubic *** the average correct extraction rate of embedded messages increases from 50%to over 93% after 0.5 times-fold scaling attack using the bicubic interpolation method,compared with the classical steganography algorithm *** the algorithm proposed has higher detection resistance than the original watermarking algorithm based on quantization index modulation.

关键词： Image steganography anti-scaling attack anti-statistical detection quantization index modulation

来源：评论

学校读者我要写书评

暂无评论

Distributed Deep Learning System for Efficient Face Recognition in Surveillance System 3

Distributed Deep Learning System for Efficient Face Recognit...

引用

3rd International Conference on advanced Information Science and System, AISS 2021

作者： Liu, Jinjin Chen, Zhifeng Li, Xiaonan Wei, Tongxin School of Computer Science Zhongyuan University of Technology China and State Key Laboratory of Mathematical Engineering and Advanced Computing China State Key Laboratory of Mathematical Engineering and Advanced Computing China School of Computer Science Zhongyuan University of Technology China School of Cyberspace Security Zhengzhou University China

ISBN: (纸本)9781450385862

In view of the bandwidth consumption caused by data stream transmission in video analysis system and the demand for accurate online real-time analysis of massive data, this paper proposes a deep learning model framework for face recognition employed in the embedded system. Through data collaboration, the cloud could build a more complex data set with a small amount of uploaded data gathered by the end devices. And the framework collaboration makes sure that the fully-trained cloud model directly download or distillate knowledge to the end devices. Experiments show that the deep model not only realizes the real-time response and the accurate response of the cloud system, but also greatly reduces the bandwidth consumption caused by sample data transmission in the model training process. © 2021 ACM.

关键词： Distillation

来源：评论

学校读者我要写书评

暂无评论

A Review of Field Text Analysis

A Review of Field Text Analysis

引用

2021 IEEE Conference on Telecommunications, Optics and Computer Science, TOCS 2021

作者： Li, Zhuolun Kang, Fei Yu, Pu Shu, Hui Zhengzhou University School of Software Zhengzhou China Meac State Key Laboratory of Mathematical Engineering and Advanced Computing Zhengzhou China

ISBN: (纸本)9781665424981

Field text analysis is the process of using natural language processing technology to understand the Text and extract information from unstructured text data. In recent years, due to the increasing maturity of machine learning technology, higher requirements have been put forward for field text analysis. This review first introduces the process of Text preprocessing and the development of text representation. Secondly, it summarizes the four typical techniques of text analysis, including named entity recognition, relation extraction, extractive text summarization, and text classification. Finally, for each typical technology, it introduces the commonly used methods and part of the researcher's exploration of this technology. © 2021 IEEE.

关键词： Text processing

来源：评论

学校读者我要写书评

暂无评论

A Note on Determine the Greatest Common Subfamily of Two NFSRs by Grbner Basis

引用

Journal of Systems engineering and Electronics 2015年第5期26卷 1231-1242页

作者： WANG Zhongxiao QI Wenfeng TIAN Tian Luoyang University of Foreign Language State Key Laboratory of Mathematical Engineering and Advanced Computing Zhengzhou Information Science and Technology Institute

For nonlinear feedback shift registers （NFSRs）, their greatest common subfamily may be not unique. Given two NFSRs, the authors only consider the case that their greatest common subfamily exists and is unique. If the greatest common subfamily is exactly the set of all sequences which can be generated by both of them, the authors can determine it by Grobner basis theory. Otherwise, the authors can determine it under some conditions and partly solve the problem.

关键词： Greatest common subfamily Grobner basis nonlinear feedback shift register stream cipher

来源：评论

学校读者我要写书评

暂无评论

Cross-Network User Matching Based on Association Strength 11th

Cross-Network User Matching Based on Association Strength

引用

11th International Conference on Computer engineering and Networks, CENet2021

作者： Jiang, Qiuyan Gong, Daofu Liu, Fenlin State Key Laboratory of Mathematical Engineering and Advanced Computing Zhengzhou450001 China Qingdao Agricultural University Qingdao266001 China

ISBN: (纸本)9789811665530

Cross-network user matching is the one of the fundamental problems in social network fusion and analysis. This paper proposes an unsupervised algorithm based on association strength to address this problem. Specifically, the algorithm firstly computes the association strength between nodes based on user behavior characteristics in the social network graph. Then, the node sequence is obtained by the biased walk method based on the association strength, and word2vec method is utilized to learn the node feature vector. Finally, cross-network user matching is achieved based on the distance of feature vectors. The highlight of this paper is that the bias walking based on the association strength can select nodes as the context to form a specific sequence, and then do benefits on feature vectors learning. The experimental results show that the proposed algorithm can effectively match user without any prior knowledge. Furthermore, the matching precision is improved compared to the baseline method. © 2022, The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.

关键词： Behavioral research

来源：评论

学校读者我要写书评

暂无评论

Programmable logic controller memory management vulnerability analysis 3

Programmable logic controller memory management vulnerabilit...

引用

2022 3rd International Conference on Signal Processing and Computer Science, SPCS 2022

作者： Geng, Yangyang Ma, Rongkuan Wei, Qiang Wang, Wenhai State Key Laboratory of Mathematical Engineering and Advanced Computing Zhengzhou China State Key Laboratory of Industrial Control Technology Zhejiang University Hangzhou310000 China

Programmable logic controller (PLC) is omnipresent in industrial control system (ICS), which plays an imperative part in critical infrastructures. However, once a PLC is compromised by an attacker, it will create destructive effects on critical infrastructures. The memory systems in PLCs are considered significant targets for attackers to disrupt real-world physical processes. In this paper, we proposed five types of attacks on the PLC memory management mechanism. Furthermore, we evaluated the feasibility of our memory attack generation approach on six PLCs from three leading controller vendors. A total of 22 memory attack payloads are implemented with several vulnerabilities on the target PLCs. © Published under licence by IOP Publishing Ltd.

关键词： Programmable logic controllers

来源：评论

学校读者我要写书评

暂无评论

A Review on IoT Botnet 2021

A Review on IoT Botnet

引用

2nd International Conference on computing and Data Science, CONF-CDS 2021

作者： Zhao, Hao Shu, Hui Xing, Ying State Key Laboratory of Mathematical Engineering and Advanced Computing Zhengzhou China Software College Zhongyuan University of Technology Zhengzhou China

ISBN: (纸本)9781450389570

The rapid development of the Internet of Things (IoT) also generates security threats that cannot be ignored. This paper lists the development history of botnets, introduces representative IoT botnets, and reveals their new characteristics. The botnet mechanism and characteristics of IoT botnets are analyzed in depth from three aspects: composition structure, life cycle, and attack behavior, and are compared with traditional botnets. Networks for comparison. The analysis discusses the details of IoT botnet technologies such as scanning discovery, covert communication and survival residency. Summarizes the research status of IoT botnet detection technologies and gives future directions. Finally, the importance of preventing IoT botnets and solving IoT security problems is discussed. © 2021 ACM.

关键词： Internet of things

来源：评论

学校读者我要写书评

暂无评论

建议与咨询留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

时间限定

文献类型

馆藏选择

核心期刊

语言

文献类型

帮助

文字说明：

检索规则说明：

检索范例：

分类表

所选分类

限定检索结果

文献类型

馆藏范围

日期分布

学科分类号

主题

机构

作者

语言

请选择保存的检索档案：

请选择收藏分类：

通借通还

建议与咨询 留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

时间限定

文献类型

馆藏选择

核心期刊

语言

文献类型

帮助

文字说明：

检索规则说明：

检索范例：

分类表

所选分类

限定检索结果

文献类型

馆藏范围

日期分布

学科分类号

主题

机构

作者

语言

请选择保存的检索档案： 新增检索档案 确定 取消

请选择收藏分类： 新增自定义分类 确定 取消

通借通还

建议与咨询留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

请选择保存的检索档案：

请选择收藏分类：