检索结果-内蒙古大学图书馆

Active Defense Technology Based on Natural Software Diversity in Java Web Services

Journal of Physics: Conference Series 2020年第3期1550卷

作者： Zhenwu Liu Zheng Zhang Hao Liu Gaofei Zhang Yuan Chen State key Laboratory of Mathematical Engineering and Advanced Computing ZhengZhou HeNan 450001 China PLA Strategic Support Force Information Engineering University ZhengZhou HeNan 450001 China Jiangnan Institute of Computing Technology WuXi JiangSu 214083 China

With the popular use of network application services and the growing number of users, web services have become the main target of hackers. Traditional single software has insufficient security protection against unknown threats and is prone to various vulnerabilities. In this paper, we adopt a new type of active defense strategy in java web services. At different application layers, we use existing components based on the natural software diversity to form different software stacks, and use dynamic scheduling mechanisms to change the attack surface at all times to obtain security protection. Our analysis shows that the flexibility of java web services using this defense strategy is enhanced, and the exploitability of its vulnerabilities is effectively reduced.

关键词：

来源：评论

学校读者我要写书评

暂无评论

Constructing PLC Binary Program Model for Detection Purposes

Constructing PLC Binary Program Model for Detection Purposes

引用

1st International Conference on advanced Algorithms and Control engineering, ICAACE 2018

作者： Chang, Tianyou Wei, Qiang Geng, Yangyang Zhang, Hongwei State Key Laboratory of Mathematical Engineering and Advanced Computing Zhengzhou Henan450001 China People's Bank of China Center Branch of Zhoukou City Zhoukou Henan466000 China

Programmable Logic Controller (PLC) programs are vulnerable to tampering attacks with addition of malware, which can substantially cause severe physical destructions. In order to solve the problems, We propose a static analysis method of Binary PLC programs for the detection of PLC malwares. Firstly, disassemble the binary program into STL program. Secondly, constructed the control flow graph of STL program according to the characteristics of STL language. Thirdly, generate the program execution paths according to traverse the control flow graph and analysis loop paths. Finally the PLC program output and input mapping relations are obtained based on the program execution paths. The experiment shows that the proposed method has achieved the analysis of PLC programs and get each path predicate and the mapping relation between output and input. © Published under licence by IOP Publishing Ltd.

关键词： Malware

来源：评论

学校读者我要写书评

暂无评论

Topology-Aware Software Assignment in Networked Systems

引用

Journal of Physics: Conference Series 2019年第4期1213卷

作者： Junchao Wang Hao Liu Zhenwu Liu Zheng Zhang Jianmin Pang State key Laboratory of Mathematical Engineering and Advanced Computing Zhengzhou China

Cyberspace mimic defense has been proven to be a revolutionary defense technology that 'changes the rules of the game' to ensure the security of cyberspace. However, the software diversity inherent in mimic defense technology may increase the difficulty in managing software executable binaries, especially when updating or debugging a software. In this paper, we study the problem of software assignment in a networked system to minimise the number of binaries generated by mimic compilers. Mimic compilers can help to generate functional equivelant software executables which exhibits diverse characteristics such as binary size etc. Theoretically the software assignment problem is equal to the traditional graph coloring problem. To guarantee network severity, we apply a Welsh-Powell-based Software Assignment (WPSA) algorithm to determine the number of binaries needed and the assignment of these binaries to hosts in a network. We conduct experiments on real world network topologies. Experimental results show that our algorithm can effectively reduce the number of binaries needed in networked systems.

关键词：

来源：评论

学校读者我要写书评

暂无评论

A Framework for Multi-Variant Execution Environment

引用

Journal of Physics: Conference Series 2019年第1期1325卷

作者： Wang Junchao Liu Zhenwu Liu Hao Pang Jianmin State key Laboratory of Mathematical Engineering and Advanced Computing Zhengzhou China

Software diversity has been proven to be an effective approach to enhance system security. To make the best of the advantage brought by software diversity, a multi-variant execution environment is needed. However, although some MVEEs have been proposed, most of them are either too simple or only focusing one aspect which limits their widely adoption in industry. In this paper we propose a framework for multi-variant execution environment to enhance the security of software systems. The framework addresses different aspects when implementing a MVEE and can help to make the best of software diversity to enhance the system's security.

关键词：

来源：评论

学校读者我要写书评

暂无评论

Attacking Intel UEFI by Using Cache Poisoning

引用

Journal of Physics: Conference Series 2019年第4期1187卷

作者： Dong Wang Wei Yu Dong State Key Laboratory of Mathematical Engineering And Advanced Computing Zhengzhou China

The Unified Extensible Firmware Interface (UEFI) is a software interface between an operating system and platform firmware designed to replace a traditional BIOS. In this paper, we evaluated the security mechanisms used to protected SPI Flash, and then analyzed the attack surface presented by those security mechanisms. Intel provides several registers in its chipset relevant to locking down the SPI Flash chip that contains the UEFI in order to prevent arbitrary writes. Since these registers implement their functions through the system management mode, the main attack surface is concentrated in the system management mode. In this paper, we propose an attack vector for the system management mode, which uses the method of cache poisoning to attack the system management mode and destroy the protection mechanism of SPI Flash. This method can overcome the limitations for the traditional attacks. Experimental results proved that this kind of attack can arbitrarily write to the UEFI.

关键词：

来源：评论

学校读者我要写书评

暂无评论

Observation of topological edge states in thermal diffusion

arXiv

引用

arXiv 2021年

作者： Hu, Hao Han, Song Yang, Yihao Liu, Dongjue Xue, Haoran Liu, Gui-Geng Cheng, Zheyu Wang, Qi Jie Zhang, Shuang Zhang, Baile Luo, Yu School of Electrical and Electronic Engineering Nanyang Technological University 50 Nanyang Avenue Singapore639798 Singapore Interdisciplinary Center for Quantum Information State Key Laboratory of Modern Optical Instrumentation College of Information Science and Electronic Engineering Zhejiang University Hangzhou310027 China ZJU-Hangzhou Global Science and Technology Innovation Center Key Lab. of Advanced Micro/Nano Electronic Devices & Smart Systems of Zhejiang Zhejiang University Hangzhou310027 China International Joint Innovation Center ZJU-UIUC Institute Zhejiang University Haining314400 China Division of Physics and Applied Physics School of Physical and Mathematical Sciences Nanyang Technological University 21 Nanyang Link Singapore637371 Singapore Department of Physics University of Hong Kong Hong Kong Department of Electrical & Electronic Engineering University of Hong Kong China Centre for Disruptive Photonic Technologies Nanyang Technological University Singapore637371 Singapore

The topological band theory predicts that bulk materials with nontrivial topological phases support topological edge states. This phenomenon is universal for various wave systems and has been widely observed for electromagnetic and acoustic waves. Here, we extend the notion of band topology from wave to diffusion dynamics. Unlike the wave systems that are usually Hermitian, the diffusion systems are anti-Hermitian with purely imaginary eigenvalues corresponding to decay rates. Via direct probe of the temperature diffusion, we experimentally retrieve the Hamiltonian of a thermal lattice, and observe the emergence of topological edge decays within the gap of bulk decays. Our results show that such edge states exhibit robust decay rates, which are topologically protected against disorders. This work constitutes a thermal analogue of topological insulators and paves the way to exploring defect-immune heat dissipation. Copyright © 2021, The Authors. All rights reserved.

关键词： Topology

来源：评论

学校读者我要写书评

暂无评论

A Static Backward Taint Data Analysis Method for Detecting Web Application Vulnerabilities 9

A Static Backward Taint Data Analysis Method for Detecting W...

引用

2017 9th IEEE International Conference on Communication Software and Networks (ICCSN 2017)

作者： Xuexiong Yan Hengtai Ma Qingxian Wang Institute of Software Chinese Academy of Sciences State Key Laboratory of Mathematical Engineering and Advanced Computing Institute of Software Chinese Academy of Sciences State Key Laboratory of Mathematical Engineering and Advanced Computing

ISBN: (纸本)9781509038237;9781509038220

This paper addresses detecting taint-style Thisvulnerabilities in PHP code. It extends classical taint-style model with an element called "cleans", which is used to specify sanitation routines. Based on the new model, a static backward taint data analysis method is proposed to detecting taint-style vulnerabilities. This method includes four key steps, first of which is collecting sinks and constructing contexts, the second is backward tracing variables during a basic block, the third is tracing variables between blocks, and the last is tracing variables crossing function call. A tool called POSE implements this method and testing results show that the method is valid for detecting taint-style web application vulnerabilities.

关键词： taint data analysis PHP web application vulnerabilities

来源：评论

学校读者我要写书评

暂无评论

Research on Programmable Logic Controller Security

引用

IOP Conference Series: Materials Science and engineering 2019年第4期569卷

作者： Haolan Wu Yangyang Geng Ke Liu Wenwen Liu State Key Laboratory of Mathematical Engineering and Advanced Computing Zhengzhou 450001 China

With the convergence of computer technology and industrial networks, attackers are not limited to attacking only individual users' computers, turning to attack industrial control systems that can cause major infrastructure problems. Programmable Logic Controllers (PLC) are the core components of industrial control systems. Its safety has a profound impact on the safety of the entire industrial system. This paper firstly classifies the security research of PLC according to the structure and function, and expounds the existing security defects of PLC from the aspects of firmware security, operation security and program security. Then it summarizes and analyzes four types of security protection measures: the integrity of verification firmware, protocol security encryption, code formal verification, and program security defence detection. Finally, according to the overall safety of the industrial system and the actual development of the current PLC, we discuss the development trend of safety research.

关键词：

来源：评论

学校读者我要写书评

暂无评论

Mobile APP user attribute prediction by heterogeneous information network modeling

arXiv

引用

arXiv 2019年

作者： Zhang, Hekai Gong, Jibing Teng, Zhiyong Wang, Dan Wang, Hongfei Du, Linfeng Bhuiyan, Zakirul Alam School of Information Science and Engineering Yanshan University Qinhuangdao066004 China Key Lab for Computer Virtual Technology and System Integration Yanshan University Qinhuangdao066004 China School of Computer Science and Engineering Beihang University Beijing100191 China Shenyuan Honors College Beihang University Beijing100191 China State Key Lab of Mathematical Engineering and Advanced Computing Wuxi214000 China Department of Computer and Information Sciences Fordham University

User-based attribute information, such as age and gender, is usually considered as user privacy information. It is difficult for enterprises to obtain user-based privacy attribute information. However, user-based privacy attribute information has a wide range of applications in personalized services, user behavior analysis and other aspects. Although many scholars have made achievements in user attribute prediction and other related fields, there are still two main problems that impede further improvement on the accuracy of classification: (1) Traditional machine learning classification merely takes each object as a single individual, ignoring the relationship between them;(2) At present, the popular Heterogeneous Path-Mine Information Network only considers whether the user has a relationship with the attributes of other nodes, rather than the degree of correlation of the attributes. It employs a linear regression model to fit the weight of meta-path, which is highly sensitive to outliers. To solve the above two problems, this paper advances the HetPathMine model and puts forward TPathMine model. With applying the number of clicks of attributes under each node to express the user's emotional preference information, optimizations of the solution of meta-path weight are also presented. Based on meta-path in heterogeneous information networks, the new model integrates all relationships among objects into isomorphic relationships of classified objects. Matrix is used to realize the knowledge dissemination of category knowledge among isomorphic objects. The experimental results show that: (1) the prediction of user attributes based on heterogeneous information networks can achieve higher accuracy than traditional machine learning classification methods;(2) TPathMine model based on the number of clicks is more accurate in classifying users of different age groups, and the weight of each meta-path is consistent with human intuition or the real world situation. Copyright ©

关键词： Forecasting

来源：评论

学校读者我要写书评

暂无评论

An anti-side-channel virtual CPU scheduling algorithm based on leakage evaluation for virtual machine security 7

An anti-side-channel virtual CPU scheduling algorithm based ...

引用

2017 7th International Workshop on Computer Science and engineering, WCSE 2017

作者： Du, Yuanzhi Du, Xuehui Yang, Zhi State Key Laboratory of Mathematical Engineering and Advanced Computing Zhengzhou China

ISBN: (纸本)9789811136719

Infrastructure as a service (IaaS) which is one of the cloud computing's service modes provides virtual machines to clients via shared physical machines. This Service provides convenience for many enterprises, but also introduces new security threats. Many studies have shown that the co-residency side-channel can be used to extract sensitive information by malicious users. Remarkably, Soo-Jin has present a migration-based system called Nomad to mitigating known and future side-channel which is more universal than the traditional method. However, large scale migration will lead to huge network overheads. To solve the above problems, the characteristics of co-residency side-channel on the single physical server is analyzed, based on which two virtual machine schedule algorithms according the leakage model in Nomad were proposed. The simulation results show that the algorithm can mitigate the threats effectively.

关键词： Virtual machine

来源：评论

学校读者我要写书评

暂无评论

建议与咨询留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

时间限定

文献类型

馆藏选择

核心期刊

语言

文献类型

帮助

文字说明：

检索规则说明：

检索范例：

分类表

所选分类

限定检索结果

文献类型

馆藏范围

日期分布

学科分类号

主题

机构

作者

语言

请选择保存的检索档案：

请选择收藏分类：

通借通还

建议与咨询 留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

时间限定

文献类型

馆藏选择

核心期刊

语言

文献类型

帮助

文字说明：

检索规则说明：

检索范例：

分类表

所选分类

限定检索结果

文献类型

馆藏范围

日期分布

学科分类号

主题

机构

作者

语言

请选择保存的检索档案： 新增检索档案 确定 取消

请选择收藏分类： 新增自定义分类 确定 取消

通借通还

建议与咨询留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

请选择保存的检索档案：

请选择收藏分类：