As the cyberspace structure becomes more and more complex, the problems of dynamic network space topology, complex composition structure, large spanning space scale, and a high degree of self-organization are becoming...
详细信息
Fuzzing is one of the mainstream web application automated vulnerability detection methods. Because of its black box characteristics, it can be used to detect vulnerabilities without knowing the source code of the tar...
详细信息
The coprime array constructs virtual array to obtain higher degrees of freedom (DOF), but the premise of doing so is that the signals are independent of each other. Once there are coherent signals, the signal model of...
详细信息
The reuse of public component libraries has contributed to the field of computer science because of its low implementation time and high production efficiency. However, the vulnerabilities in libraries can be more ser...
详细信息
JavaScript engine is the core component of web browsers, whose security issues are one of the critical aspects of the overall Web Eco-Security. Fuzzing technology, as an efficient software testing approach, has been w...
详细信息
Feature selection methods for classification are crucial for intrusion detection techniques using machine learning. High-dimensional features in intrusion detection data affect computational complexity, consume more u...
详细信息
Feature selection methods for classification are crucial for intrusion detection techniques using machine learning. High-dimensional features in intrusion detection data affect computational complexity, consume more used resources and more time for data analysis, and the irrelevant and redundant features among them often hinder the performance of classifiers and mislead the classification task. Therefore, it is challenging to select more relevant features from intrusion detection data containing many such features. In this paper, we propose an efficient feature selection algorithm that first considers the correlation between features and the redundancy of pairs of features with respect to class labels based on an improved Pearson correlation coefficient, and later improves the evaluation function based on conditional mutual information to obtain a final subset of features with the goal of improving the classification rate and accuracy. The proposed feature selection method based on improved conditional mutual information is compared with three existing feature selection methods on the frequently studied public benchmark intrusion detection dataset NSL-KDD. The experimental results show that the features selected by the proposed method in this paper lead to a significant reduction in execution time while resulting in higher classification accuracy.
With the advancement of information technology and the increasing prevalence of the internet, the number of malware has experienced an exponential, and the security threat to users' property and privacy is becomin...
详细信息
Recently, American National Institute of Standards and Technology (NIST) announced Kyber as the first KEM candidate to be standardized. The security of Kyber is based on the modular learning with errors (MLWE) problem...
Recently, American National Institute of Standards and Technology (NIST) announced Kyber as the first KEM candidate to be standardized. The security of Kyber is based on the modular learning with errors (MLWE) problem, which achieves excellent efficiency and size. This work proposes an improved key mismatch on Kyber, which can reduce the number of queries required to recover the secret key. We first transform the problem of finding a certain parameter of ciphertexts into a quantum ordered search problem. Then we give the procedure of finding the value of a parameter in the ciphertexts by the quantum method. Finally, we instantiate this attack method on Kyber512, Kyber768 and Kyber1024. Compared with the existing attack algorithm, our improved attack reduces the number of queries for Kyber512, Kyber768 and Kyber1024 by 63%, 59% and 45%, respectively.
At present, the network security of embedded devices has received more and more attention. However, the existing dynamic analysis tools can’t performance in embedded devices as common softwares. The main reason is th...
At present, the network security of embedded devices has received more and more attention. However, the existing dynamic analysis tools can’t performance in embedded devices as common softwares. The main reason is that the internal state information of the embedded device can not be directly obtained, and the debugging interface usually shields the device after the manufacturer produces it. Thus, this paper introduces rehosting techniques for embedded systems and the differences between each way. Then we talk about the Deficiencies and future works in emulate execution.
Directed greybox fuzzing directs fuzzers to specified code areas and has gained great achievements in 1-day vulnerability detection. However, existing directed graybox fuzzers fail to generate the crash sample even if...
Directed greybox fuzzing directs fuzzers to specified code areas and has gained great achievements in 1-day vulnerability detection. However, existing directed graybox fuzzers fail to generate the crash sample even if they found a testcase reaching the target site. There are mainly two questions that affect the effectiveness of directed greybox fuzzing: basic block-level target is coarse enough for 1-day vulnerability detection and the fuzzers follow a specific rule to select operators regardless of the vulnerability itself. This paper points out that only a few vulnerability-related variables are related to the vulnerability triggering. Based on the vulnerability-related variables, this paper proposes critical variable guided mutation, a mutation scheduling method to enhance the crash reproduction capability of directed greybox fuzzing. We implemented a prototype MDGF based on the critical variable guided mutation and evaluate it on real world programs. Evaluation of MDGF on various real-world programs showed that MDGF found vulnerabilities faster than the mainstream directed greybox fuzzers. The experimental results showed that the speed of MDGF is 6.18 times faster than that of AFLGo and 1.40 times faster than Beacon, and MDGF can find 1.71x more bugs than AFLGo.
暂无评论