检索结果-内蒙古大学图书馆

19th IEEE International Conference on Communication Technology, ICCT 2019

作者： Lin, Hongyang Zhu, Junhu Peng, Jianshan Zhu, DIxia State Key Laboratory of Mathematical Engineering and Advanced Computing Zhengzhou Henan450002 China

ISBN: (纸本)9781728105352

Fuzzing [1] is a well-known technique which was employed to provide unexpected or random data as input to JavaScript engines in hopes of finding a security vulnerability. For effective fuzzing, the input must be both syntactically correct and uncommonly randomized for exceptions such as crashes, failing built-in code assertions, or potential memory leaks. In this work, we introduced system Deity which managed to resolve the conflict with innovative AST(Abstract Syntax Tree) [2] based tree mutation and generating methods. It leverages a high-level structural representation of intermediate process JavaScript code. Our evaluation demonstrates the effectiveness of Deity. For large-scale JavaScript engines (njs, mjs, Javascript-Core, ChakraCore, Espruino, Jerryscript) fuzzing, our results significantly show that Deity can improve code coverage and finding more deep rooted bugs (i.e., 35 new bugs, among which we discovered 21 new vulnerabilities with 3 CVEs assigned) over Superion and CodeAlchemist. © 2019 IEEE.

关键词： Engines

来源：评论

学校读者我要写书评

暂无评论

Research on IoT malware based on the ATT&CK model 11

Research on IoT malware based on the ATT&CK model

引用

2021 11th International Workshop on Computer Science and engineering, WCSE 2021

作者： Hao, Bo Kang, Fei Yang, Ju Xiong, Xiaobing State Key Laboratory of Mathematical Engineering and Advanced Computing Henan Zhengzhou450001 China

ISBN: (纸本)9789811817915

The security of the IoT has become a hot research area in cyberspace security, among which the malware is a major threat. Based on the ATT&CK model, this paper studies the composition and behavior of IoT malware, constructs a malicious behavior model of IoT malware, and analyzes the technical implementation of each tactic in the malicious behavior model of IoT malware from three aspects: operating system related, target environment related and specific tools related. Based on this, we finally propose the evolution direction of IoT malware, which will be conducive to a more comprehensive grasp of the characteristics of IoT malware, and be supportive for maintaining the security of IoT. © 2021 11th International Workshop on Computer Science and engineering, WCSE 2021. All Rights Reserved.

关键词： Malware

来源：评论

学校读者我要写书评

暂无评论

MalCommunity: A graph-based evaluation model for malware family clustering 4th

MalCommunity: A graph-based evaluation model for malware fam...

引用

4th International Conference of Pioneer Computer Scientists, Engineers and Educators, ICPCSEE 2018

作者： Chen, Yihang Liu, Fudong Shan, Zheng Liang, Guanghui State Key of Laboratory of Mathematical Engineering and Advanced Computing ZhengzhouHenan450001 China

ISBN: (纸本)9789811322020

Malware clustering analysis plays an important role in large-scale malware homology analysis. However, the generation approach of the ground truth data is usually ignored. The Labels from Anti-virus(AV) engines are most commonly used but some of them are inaccurate or inconsistent. To overcome the drawback, many researchers make ground truth data based on voting mechanism such as AVclass, but this method is difficult to evaluate different-granularity clustering results. Graph-based method like VAMO is more robust but it needs to maintain a large-size database. In this paper, we propose a novel evaluation model named MalCommunity based on the graph named Malware Relation Graph. Different from VAMO, the construction of the graph is free from a large-size database and just needs the AV label information of the samples in the test set. We introduce community detection algorithm Fast Newman to divide the sample set and use modularity parameter to measure the target clustering results. The experiment results indicate that our model has the ability of noise immunity of malware family classification inconsistency and granularity inconsistency from AV labels. Our model is also convenient to evaluate different-granularity clustering methods with different heights. © Springer Nature Singapore Pte Ltd. 2018.

关键词： Graph theory

来源：评论

学校读者我要写书评

暂无评论

Rotation Model Enhancement for Adversarial Attack

Rotation Model Enhancement for Adversarial Attack

引用

2022 International Conference on Networking and Network Applications, NaNA 2022

作者： Zhang, Hengwei Li, Zheming Liu, Hao Yang, Bo Li, Chenwei Wang, Jindong State Key Laboratory of Mathematical Engineering and Advanced Computing Henan Key Laboratory of Information Security Zhengzhou China

ISBN: (数字)9781665461313

ISBN: (纸本)9781665461313

Current white-box attack to deep neural networks have achieved considerable success, but not for black-box attack. The main reason is poor transferability, as the adversarial examples are crafted with single deep neural networks model, and excessively depend on that model. To address that problem, we propose a rotation model enhancement algorithm to craft adversarial examples. We improve rotation method in model enhancement. This algorithm constructs a possibility model to randomly rotate original images, and generates multiple transformed images. Therefore, we craft adversarial examples with single model, and boost attack on multiple models, which demonstrate considerable transferability and success rate for black-box attack. The simulation indicates the algorithm boost black-box attack with a 89.2% success rate. © 2022 IEEE.

关键词： Deep neural networks

来源：评论

学校读者我要写书评

暂无评论

Misleading Image Classification with Multi-shearing and Random Padding 6

Misleading Image Classification with Multi-shearing and Rand...

引用

6th International Conference on Electronic Information Technology and Computer engineering, EITCE 2022

作者： Li, Chenwei Li, Zheming Yang, Bo Zhang, Hengwei State Key Laboratory of Mathematical Engineering and Advanced Computing Henan Key Laboratory of Information Security Zhengzhou China

ISBN: (纸本)9781450397148

Neural networks are vulnerable when input data is applied with human-imperceptible perturbations, which is called adversarial examples. When used in image classification models, adversarial examples mislead neural netwoks to classify images with wrong labels, posing great threat to network security. White-box attack has achieved considerable success rate, for the model structure is already known. But black-box attack remains to be improved, so as to the transferability. We refer to the model augmentation method in network training process, and apply to generating adversarial examples to reduce overfitting. Consulting fundamental methods in adversarial examples, we propose a multi-cropping transformation method to alleviate overfitting and enhance transferability. Firstly, referring to data augmentation, we multi-crop original images in every iteration with random possibilities in adversarial exaples generating process. Secondly, the gradient of model loss function is calculated, and the perturbations are added to original images. Finally, we generate adversarial examples with iterative perturbations. The validation of our method is verified on single models and ensemble models, and the transferability is improved, compared to other fundamental methods. © 2022 Association for computing Machinery.

关键词： Shearing

来源：评论

学校读者我要写书评

暂无评论

A Note on Rotation Symmetric S-boxes

引用

Journal of Systems Science & Complexity 2019年第5期32卷 1460-1472页

作者： GAO Guangpu LIN Dongdai LIU Wenfen State Key Laboratory of Mathematical Engineering and Advanced Computing Zhengzhou 450002China State Key Laboratory of Information Security Institute of Information EngineeringChinese Academy of SciencesBeijing 100093China State Key Laboratory of Information Security Institute of Information EngineeringChinese Academy of SciencesBeijing 100093China Guangxi Key Laboratory of Cryptogpraphy and Information Security Guilin University of Electronic TechnologyGuilin 541004China

This paper is twofold. The first is devoted to study a class of quadratic rotation symmetric S-boxes(RSSBs) which was presented by Gao G, et al., Constructions of quadratic and cubic rotation symmetric bent functions, IEEE Transactions on Information Theory, vol. 58, no. 7, pp. 4908 –4913, 2012, by decomposing a class of cubic rotation symmetric bent functions. The authors obtain its nonlinearity and differential uniformity of such class of S-boxes. In particular, the compositional inversion of the class of rotation symmetric S-boxes is also presented. Then the authors introduce a steepest-descent-like search algorithm for the generation of RSSBs. The algorithm finds 5,6,7,8-bit RSSBs with very good cryptographic properties which can be applied in designing cryptographical algorithms.

关键词： Dual Keccak permutation rotation symmetry S-box

来源：评论

学校读者我要写书评

暂无评论

Traceability Method of Network Attack Based on Evolutionary Game

Traceability Method of Network Attack Based on Evolutionary ...

引用

2022 International Conference on Networking and Network Applications, NaNA 2022

作者： Zhang, Hengwei Zhang, Xiaoning Sun, Pengyu Liu, Xiaohu Ma, Junqiang Zhang, Yuchen State Key Laboratory of Mathematical Engineering and Advanced Computing Henan Key Laboratory of Information Security Zhengzhou China

ISBN: (数字)9781665461313

ISBN: (纸本)9781665461313

Cyberspace is vulnerable to continuous malicious attacks. Traceability of network attacks is an effective defense means to curb and counter network attacks. In this paper, the evolutionary game model is used to analyze the network attack and defense behavior. On the basis of the quantification of attack and defense benefits, the replication dynamic learning mechanism is used to describe the change process of the selection probability of attack and defense strategies, and finally the evolutionary stability strategies and their solution curves of both sides are obtained. On this basis, the attack behavior is analyzed, and the probability curve of attack strategy and the optimal attack strategy are obtained, so as to realize the effective traceability of attack behavior. © 2022 IEEE.

关键词： Network security

来源：评论

学校读者我要写书评

暂无评论

SecMVX:Analysis on the Vulnerability of Multi-Variant Execution

引用

China Communications 2021年第8期18卷 85-95页

作者： Bingzheng Li Zheng Zhang Xiaomei Wang Sheng Qu Jiangxing Wu State Key Laboratory of Mathematical Engineering and Advanced Computing Zhengzhou 450001China China National Digital Switching System Engineering and Technological R&D Center Zhengzhou 450002China

As an active defenses technique,multivariant execution(MVX)can detect attacks by monitoring the consistency of heterogeneous variants with parallel *** with patch-style passive defense,MVX can defend against known and even unknown vulnerability-based attacks without relying on attack feature ***,variants generated with software diversity technologies will introduce new vulnerabilities when they execute in ***,we analyze the security of MVX theory from the perspective of formal *** we summarize the general forms and techniques for attacks against MVX,and analyze the new vulnerabilities arising from the combination of variant generation *** propose SecMVX,a secure MVX architecture and variant generation *** evaluations based on CVEs and SPEC 2006 benchmark show that SecMVX introduces 11.29%of the average time overhead,and avoids vulnerabilities caused by the improper combination of variant generation technologies while keeping the defensive ability of MVX.

关键词： multi-variant execution software diversity cyberspace security

来源：评论

学校读者我要写书评

暂无评论

Solve the False-Positive Problem of the Mimic System Based on the Best Mimic Component Set

引用

China Communications 2022年第5期19卷 253-266页

作者： Yuwen Shao Zheng Zhang Xiaomei Wang Chuanxing Pan Jiangxing Wu State Key Laboratory of Mathematical Engineering and Advanced Computing Zhengzhou 450001China China National Digital Switching System Engineering and Technological R&D Center Zhengzhou 450002China

At present,there is a problem of false positives caused by the too vast mimic scope in mimic transformation *** studies have focused on the“compensation”method to deal with this problem,which is expensive and cannot fundamentally solve *** paper provides new insights into coping with the ***,this study summarizes the false-positive problem in the mimic transformation,analyzes its possible harm and the root ***,three properties about the mimic scope are *** on the three properties and security quantification technology,the best mimic component set theory is put forward to solve the false-positive *** are two algorithms,the supplemental method and the subtraction *** best mimic component set obtained by these two algorithms can fundamentally solve the mimic system’s false-positive problem but reduce the cost of mimic *** make up for the lack of previous researches.

关键词： mimic scope the best mimic component set false-positive rate mimic transformation

来源：评论

学校读者我要写书评

暂无评论

DEAM: Decoupled, Expressive, Area-Efficient Metadata Cache

引用

Journal of Computer Science & Technology 2014年第4期29卷 679-691页

作者：刘鹏方磊黄巍 CCF IEEE Department of Information Science and Electronic Engineering Zhejiang University State Key Laboratory of Mathematical Engineering and Advanced Computing ACM Department of Electrical and Computer Engineering University of Rochester NY 14627-0231 U.S.A.

Chip multiprocessor presents brand new opportunities for holistic on-chip data and coherence management solutions. An intelligent protocol should be adaptive to the fine-grain accessing behavior. And in terms of storage of metadata, the size of conventional directory grows as the square of the number of processors, making it very expensive in large-scale systems. In this paper, we propose a metadata cache framework to achieve three goals： 1） reducing the latency of data access and coherence activities, 2） saving the storage of metadata, and 3） providing support for other optimization techniques. The metm：lata is implemented with compact structures and tracks the dynamically changing access pattern. The pattern information is used to guide the delegation and replication of decoupled data and metadata to allow fast access. We also use our metadata cache as a building block to enhance stream prefetching. Using detailed execution-driven simulation, we demonstrate that our protocol achieves an average speedup of 1.12X compared with a shared cache protocol with 1/5 of the storage of metadata.

关键词： cache directory multiprocessor

来源：评论

学校读者我要写书评

暂无评论

建议与咨询留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

时间限定

文献类型

馆藏选择

核心期刊

语言

文献类型

帮助

文字说明：

检索规则说明：

检索范例：

分类表

所选分类

限定检索结果

文献类型

馆藏范围

日期分布

学科分类号

主题

机构

作者

语言

请选择保存的检索档案：

请选择收藏分类：

通借通还

建议与咨询 留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

时间限定

文献类型

馆藏选择

核心期刊

语言

文献类型

帮助

文字说明：

检索规则说明：

检索范例：

分类表

所选分类

限定检索结果

文献类型

馆藏范围

日期分布

学科分类号

主题

机构

作者

语言

请选择保存的检索档案： 新增检索档案 确定 取消

请选择收藏分类： 新增自定义分类 确定 取消

通借通还

建议与咨询留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

请选择保存的检索档案：

请选择收藏分类：