Dynamic searchable symmetric encryption (DSSE) enables users to delegate the keyword search over dynamically updated encrypted databases to an honest-but-curious server without losing keyword privacy. This paper studi...
Super spreaders are the flow that have a large number of distinct connections (also called spread), which related with many threats to networks. Estimating flow spread is the crucial step in super spreader detection. ...
Super spreaders are the flow that have a large number of distinct connections (also called spread), which related with many threats to networks. Estimating flow spread is the crucial step in super spreader detection. However, existing methods cannot achieve flow spread estimation in terms of accurate, efficient, and reversible simultaneously. All these characteristics is highly required for high-speed network measurement. In this paper, we propose MorphSketch, a new data structure that estimates flow spread for super spreader detection with high accuracy, memory efficiency, high throughput and reversibility. MorphSketch combines hashing with sampling to process packets in order to improve throughput. It uses self-morph bitmap to record spread information, which can adaptively enlarge the upper bound of spread estimation under limited memory usage to ensure accuracy and memory efficiency. Moreover, MorphSketch can track candidate super spreader by comparing corresponding spread information, which realizes reversibility in super spreader detection. We perform a series of performance evaluations on real world traffic trace. Experiment results demonstrate that under same memory usage, the MorphSketch significantly outperforms existing work in terms of accuracy and efficiency.
作者:
Yu HaoXu ZhangDongbin WangSchool of Cyberspace Security
Beijing University of Posts and Telecommunications Beijing China School of Cyberspace Security
Beijing University of Posts and Telecommunications National Engineering Research Center for Mobile Internet Security Beijing China School of Cyberspace Security
Beijing University of Posts and Telecommunications Key Laboratory of Ministry of Education and Trustworthy Distributed Computing and Service Beijing China
Container escape detection is a critical research topic in the field of cloud security. Among the challenges faced in modern cloud security, the issue of container escape poses a significant threat due to its direct i...
详细信息
ISBN:
(数字)9798331506209
ISBN:
(纸本)9798331506216
Container escape detection is a critical research topic in the field of cloud security. Among the challenges faced in modern cloud security, the issue of container escape poses a significant threat due to its direct impact on the security of the host machine. Although recent research has proposed various methods to address such issue, they have shortcomings in terms of real-time capabilities and deployment in multinode environments. Meanwhile, container network interface (CNI) plugins provide network functionality for container management systems such as Kubernetes, offering ease of use and scalability. Therefore, we propose CPCED, a real-time container escape detection system running on a generic CNI plugin, and implement the prototype. The system defines the container namespace event that is used to detect insecure interactions by monitoring its changes in the permissions of the process namespace. To detect the events, an algorithm is proposed to extract suspicious process paths and command context in Kubernetes and Docker environments. The experimental results show that this system detects nine container escape vulnerabilities successfully. Compared to PACED, one of the real-time container escape attack detection systems, the memory usage of CPCED is reduced by 7.6% on average, and the average detection time of single vulnerability is 18.6% of PACED’s.
SMT solvers check the satisfiability of logic formulas over first-order theories, which have been utilized in a rich number of critical applications, such as software verification, test case generation, and program sy...
SMT solvers check the satisfiability of logic formulas over first-order theories, which have been utilized in a rich number of critical applications, such as software verification, test case generation, and program synthesis. Bugs hidden in SMT solvers would severely mislead those applications and further cause severe consequences. Therefore, ensuring the reliability and robustness of SMT solvers is of critical importance. Although many approaches have been proposed to test SMT solvers, it is still a challenge to discover bugs effectively. To tackle such a challenge, we conduct an empirical study on the historical bug-triggering formulas in SMT solvers' bug tracking systems. We observe that the historical bug-triggering formulas contain valuable skeletons (i.e., core structures of formulas) as well as associated atomic formulas which can cast significant impacts on formulas' ability in triggering bugs. Therefore, we propose a novel approach that utilizes the skeletons extracted from the historical bug-triggering formulas and enumerates atomic formulas under the guidance of association rules derived from historical formulas. In this study, we realized our approach as a practical fuzzing tool HistFuzz and conducted extensive testing on the well-known SMT solvers Z3 and cvc5. To date, HistFuzz has found 111 confirmed new bugs for Z3 and cvc5, of which 108 have been fixed by the developers. More notably, out of the confirmed bugs, 23 are soundness bugs and invalid model bugs found in the solvers' default mode, which are essential for SMT solvers. In addition, our experiments also demonstrate that HistFuzz outperforms the state-of-the-art SMT solver fuzzers in terms of achieved code coverage and effectiveness.
Video violence detection aims to locate the time window in which violent behavior occurs. Most methods focus on utilizing RGB features directly or only fusing RGB and audio features, ignoring the effective exploitatio...
Video violence detection aims to locate the time window in which violent behavior occurs. Most methods focus on utilizing RGB features directly or only fusing RGB and audio features, ignoring the effective exploitation of motion information carried in optical flow. This lack of emphasis on motion information may impact the overall accuracy of violence detection. Moreover, we observe that videos contain strong local correlations, so it is insufficient to analyze only from a holistic perspective without capturing finer details. Therefore, in this paper, we design a novel Global-and-Local Cross-Modal Network (GL-CMN) for violence detection, which effectively integrates motion information and multi-granularity features from target videos. Specifically, we first propose a Motion-Guided Attention Module (MGAM) to obtain enhanced visual features by calibrating RGB features through optical flow features. Secondly, The enhanced features are simultaneously fed into two parallel branches of the network. The global branch fuses the visual and audio features into holistic representations. The local branch extracts multi-scale temporal dependencies through dilated convolutions. Experiments demonstrate that our method exhibits significant improvement compared to previous state-of-the-art methods on the XD-Violence dataset.
Computer science is a practical discipline. It is always a great challenge to evaluate students' computer practice using computer-aided means for large scale students. We always need to address problems such as su...
详细信息
The application of blockchain in the Internet of Things (IoT) solves the problem of centralization, enables data interaction of IoT nodes in untrusted environments. However, most of the blockchain consensus protocols ...
详细信息
The application of blockchain in the Internet of Things (IoT) solves the problem of centralization, enables data interaction of IoT nodes in untrusted environments. However, most of the blockchain consensus protocols are computationally expensive and poorly scalable, which cannot meet the current demand for low power consumption and low latency of IoT devices. Meanwhile, IoT nodes suffer from many malicious attacks. An effective reputation evaluation scheme is valuable for establishing a trusted, secure IoT environment with certain applications. In this paper, we propose RBCP, a novel reputation-based blockchain consensus protocol, and apply it to the IoT. The protocol divides IoT nodes into multiple regions, and consensus nodes in each region are selected based on real-time updated reputation values, which are used to participate in light PoW consensus and finally propose blocks. Then, we model the deposits and profits of the nodes as Stackelberg game and analyze the relationship between them. To evaluate our proposed protocol, we compare it with existing consensus protocols through several experiments. Our experimental results show that RBCP has advantages in terms of TPS, consensus time, and communication consumption, proving that it has low latency and less consensus time under the premise of sufficient security.
Despite impressive capabilities and outstanding performance, deep neural networks (DNNs) have captured increasing public concern about their security problems, due to their frequently occurred erroneous behaviors. The...
详细信息
Despite impressive capabilities and outstanding performance, deep neural networks (DNNs) have captured increasing public concern about their security problems, due to their frequently occurred erroneous behaviors. Therefore, it is necessary to conduct a systematical testing for DNNs before they are deployed to real-world applications. Existing testing methods have provided fine-grained metrics based on neuron coverage and proposed various approaches to improve such metrics. However, it has been gradually realized that a higher neuron coverage does not necessarily represent better capabilities in identifying defects that lead to errors. Besides, coverage-guided methods cannot hunt errors due to faulty training procedure. So the robustness improvement of DNNs via retraining by these testing examples are unsatisfactory. To address this challenge, we introduce the concept of excitable neurons based on Shapley value and design a novel white-box testing framework for DNNs, namely DeepSensor. It is motivated by our observation that neurons with larger responsibility towards model loss changes due to small perturbations are more likely related to incorrect corner cases due to potential defects. By maximizing the number of excitable neurons concerning various wrong behaviors of models, DeepSensor can generate testing examples that effectively trigger more errors due to adversarial inputs, polluted data and incomplete training. Extensive experiments implemented on both image classification models and speaker recognition models have demonstrated the superiority of DeepSensor. Compared with the state-of-the-art testing approaches, DeepSensor can find more test errors due to adversarial inputs (∼ ×1.2), polluted data (∼ ×5) and incompletely-trained DNNs (∼ ×1.3). Additionally, it can help DNNs build larger l2-norm robustness bound (∼ ×3) via retraining according to CLEVER's certification. We further provide interpretable proofs for effectiveness of DeepSensor via excitable neuro
Logic diagnosis is a key step in yield learning. Multiple faults diagnosis is challenging because of several reasons, including error masking, fault reinforcement, and huge search space for possible fault combinations...
详细信息
ISBN:
(数字)9783981926385
ISBN:
(纸本)9798350348606
Logic diagnosis is a key step in yield learning. Multiple faults diagnosis is challenging because of several reasons, including error masking, fault reinforcement, and huge search space for possible fault combinations. This work proposes a two-phase method for multiple-fault diagnosis. The first phase efficiently reduces the potential number of fault candidates through machine learning. The second phase obtains the final diagnosis results, by formulating the task as an combinational optimization problem that is later iteratively solved using binary evolution computation. Experiments shows that our method outperforms two existing methods for multiple-fault diagnosis, and achieves better diagnosability (improved by
$1.87\times$
) and resolution (improved by
$1.42\times$
) compared with a state-of-the-art commercial diagnosis tool.
Code comment is one of the most effective ways to help programmers to understand the source code. High-quality comment decisions can not only cover the core code snippets in the software system but also avoid generati...
详细信息
暂无评论