检索结果-内蒙古大学图书馆

IEEE Information Technology, Networking, Electronic and Automation Control Conference

作者： Dongzhe Lu Long Liu State Key Laboratory of Mathematical Engineering and Advanced Computing Zhengzhou China

With the intensification of informatization and mobility, various web security threats are emerging. Cross-site scripting (XSS) attack is the most common type of web attack. Most traditional detection methods have been difficult to adapt to the existing confusion variants of XSS attacks. In this paper, we extract features based on big data collected from 2017 to 2022. In order to improve the XSS detection effect of detection tools, we build machine learning models based on more than 210,000 positive and negative samples, among which CNN has the best performance. Furthermore, we propose a new algorithm that improves the traditional virtual sample generation technology based on prior knowledge in order to improve the generalization of the models. Experimental results show that in most cases, the performance of the algorithm in this paper is better than other VSG methods, and the ability to detect and discover unknown attacks is improved to a certain extent.

关键词： Machine learning algorithms Automation Cross-site scripting Perturbation methods Neural networks Machine learning Big Data

来源：评论

学校读者我要写书评

暂无评论

Crop Enclave Interface for SGX Programs

Crop Enclave Interface for SGX Programs

引用

IEEE International Conference on Joint Cloud computing (JCC)

作者： Yaqi Fan Zhifeng Chen Qingbao Li Wenbo Deng State Key Laboratory of Mathematical Engineering and Advanced Computing Zhengzhou China

Existing memory attacks against SGX use the enclave interface, such as ECALLs and OCALLs, to inject malicious data into the enclave’s trusted memory to trigger memory corruption vulnerabilities therein. Therefore, enclave interface security becomes a key issue in defending against such attacks. However, a comprehensive static analysis of source SGX programs is currently lacking to obtain sufficient a priori knowledge to provide effective runtime interface protection for the enclave. In view of this, we identify 8 types of unsafe input data of enclave and design a new interface cropping method, SGXCrop. This method extracts critical interface information from source SGX programs, including ECALLs in use and unsafe input data, which are cropped at runtime of SGX programs. Tests in real SGX environment verify that the proposed method can effectively crop illegal ECALLs and unsafe input data.

关键词：

来源：评论

学校读者我要写书评

暂无评论

A Survey of Security Analysis on Industrial Control Devices via Rehosting

A Survey of Security Analysis on Industrial Control Devices ...

引用

Information Technology,Big Data and Artificial Intelligence (ICIBA), International Conference on IEEE International Conference on

作者： Houzhi Liu Rongkuan Ma Qiang Wei State Key Laboratory of Mathematical Engineering and Advanced Computing Zhengzhou China

At present, the network security of embedded devices has received more and more attention. However, the existing dynamic analysis tools can’t performance in embedded devices as common softwares. The main reason is that the internal state information of the embedded device can not be directly obtained, and the debugging interface usually shields the device after the manufacturer produces it. Thus, this paper introduces rehosting techniques for embedded systems and the differences between each way. Then we talk about the Deficiencies and future works in emulate execution.

关键词：

来源：评论

学校读者我要写书评

暂无评论

A NONLINEAR LEAST-SQUARES CONVEXITY ENFORCING C⁰ INTERIOR PENALTY METHOD FOR THE MONGE–AMPÈRE EQUATION ON STRICTLY CONVEX SMOOTH PLANAR DOMAINS

引用

Communications of the American Mathematical Society 2024年第14期4卷 607-640页

作者： Brenner, Susanne C. Sung, Li-Yeng Tan, Zhiyu Zhang, Hongchao Department of Mathematics and Center for Computation and Technology Louisiana State University Baton Rouge 70803 LA United States Center for Computation and Technology Louisiana State University Baton Rouge LA United States School of Mathematical Sciences and Fujian Provincial Key Laboratory on Mathematical Modeling and High Performance Scientific Computing Xiamen University Fujian 361005 China

We construct a nonlinear least-squares finite element method for computing the smooth convex solutions of the Dirichlet boundary value problem of the Monge-Ampère equation on strictly convex smooth domains in R². It is based on an isoparametric C⁰ finite element space with exotic degrees of freedom that can enforce the convexity of the approximate solutions. A priori and a posteriori error estimates together with corroborating numerical results are presented. © 2024 by the author(s) under Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 License (CC BY NC ND 4.0)

关键词： Monge-Ampère equation strictly convex smooth domains nonlinear least-squares convexity enforcing 𝐶⁰ interior penalty method enhanced cubic Lagrange finite elements isoparametric a priori and a posteriori error estimates active set algorithm

来源：评论

学校读者我要写书评

暂无评论

Cross-Network User Matching Based on Association Strength 11th

Cross-Network User Matching Based on Association Strength

引用

11th International Conference on Computer engineering and Networks, CENet2021

作者： Jiang, Qiuyan Gong, Daofu Liu, Fenlin State Key Laboratory of Mathematical Engineering and Advanced Computing Zhengzhou450001 China Qingdao Agricultural University Qingdao266001 China

ISBN: (纸本)9789811665530

Cross-network user matching is the one of the fundamental problems in social network fusion and analysis. This paper proposes an unsupervised algorithm based on association strength to address this problem. Specifically, the algorithm firstly computes the association strength between nodes based on user behavior characteristics in the social network graph. Then, the node sequence is obtained by the biased walk method based on the association strength, and word2vec method is utilized to learn the node feature vector. Finally, cross-network user matching is achieved based on the distance of feature vectors. The highlight of this paper is that the bias walking based on the association strength can select nodes as the context to form a specific sequence, and then do benefits on feature vectors learning. The experimental results show that the proposed algorithm can effectively match user without any prior knowledge. Furthermore, the matching precision is improved compared to the baseline method. © 2022, The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.

关键词： Behavioral research

来源：评论

学校读者我要写书评

暂无评论

ALEmu: A Framework for Application-layer Programs Emulation of Embedded Devices

ALEmu: A Framework for Application-layer Programs Emulation ...

引用

International Conference on Computer engineering and Applications (ICCEA)

作者： Heng He Xiaobing Xiong Yuntian Zhao State Key Laboratory of Mathematical Engineering and Advanced Computing Zhengzhou China

The difference between real devices and virtual environments causes a low success rate of application-layer program emulation when the firmware is operating in full-system emulation during the dynamic analysis of the firmware of embedded devices. In this paper, we propose ALEmu, an emulation framework for application-layer programs, which can effectively improve the emulation success rate of application-layer programs in embedded device firmware through automatic preprocessing of target programs, building configuration libraries, and hooking external program calls. When we test ALEmu on a variety of real-world devices, including routers and IP cameras, we find that it performs more successfully and accurately than the current state-of-the-art full-system emulation frameworks like Firmadyne and FirmAE.

关键词：

来源：评论

学校读者我要写书评

暂无评论

Vulnerability model and attack path prediction of the UEFI firmware platform based on risk propagation 11

Vulnerability model and attack path prediction of the UEFI f...

引用

2021 11th International Workshop on Computer Science and engineering, WCSE 2021

作者： Jiao, Weihua Li, Qingbao Chen, Zhifeng Cao, Fei State Key Laboratory of Mathematical Engineering and Advanced Computing China

ISBN: (纸本)9789811817915

Targeted at the situation of rampant attack on UEFI Platform Firmware, this paper systematically analyzes the Security mechanisms of UEFI platform firmware. Then the vulnerability factors of UEFI firmware are described by modeling language, and a vulnerability model of UEFI firmware platform based on risk propagation (VMURP) is proposed. This paper introduces an improved PageRank algorithm to this model to reduce the influence of subjective factors which influences the accuracy of model. Based on VMURP model, an innovative method is proposed which using security configuration vector and attack vector to evaluate attack paths. Then, we use this method and VMURP to predict the most possible attack path of specific UEFI firmware platform. Finally, verify the rationality of the model and the validity of the prediction by experimental analysis. This study is helpful to quickly evaluate the vulnerability of UEFI firmware platform and predict possible attacks, gives platform managers more targeted guidance and suggestions to strengthen the security mechanisms. © 2021 11th International Workshop on Computer Science and engineering, WCSE 2021. All Rights Reserved.

关键词： Forecasting

来源：评论

学校读者我要写书评

暂无评论

Feature-based identification method of MCU firmware IO interface

Feature-based identification method of MCU firmware IO inter...

引用

IEEE Information Technology, Networking, Electronic and Automation Control Conference

作者： Yuanbo Sun Weiyu Dong State Key Laboratory of Mathematical Engineering and Advanced Computing Zhengzhou China

Device simulation is an important method of embedded device security analysis, due to the extensive and heterogeneous nature of the current peripherals, the existing simulation technology for peripheral simulation is mostly fuzzy, to find the input and output that meet the firmware requirements as the main goal. In order to construct a template based on IO interface identification to extend the peripheral simulation scheme, this paper identifies the IO interface without firmware source code based on the characteristics of the IO configuration process in MCU firmware. Through experimental comparison, this method has a certain effect in MCU firmware interface recognition.

关键词： Analytical models Automation Source coding Registers Character recognition Object recognition Security

来源：评论

学校读者我要写书评

暂无评论

LOW-FREQUENCY BANDGAP BROADENING OF INERTIAL AMPLIFICATION METAMATERIALS 29

LOW-FREQUENCY BANDGAP BROADENING OF INERTIAL AMPLIFICATION M...

引用

29th International Congress on Sound and Vibration, ICSV 2023

作者： Sun, Yonghang Xi, Chenyang Zheng, Hui State Key Laboratory of Mechanical System and Vibration School of Mechanical Engineering Shanghai Jiao Tong University Shanghai200240 China Institute of High Performance Computing A*STAR 138632 Singapore

ISBN: (纸本)9788011034238

The recent development of inertial amplification (IA) metamaterial provides a new venue for insulating low-frequency vibration and noise. It is different from conventional manners that over-rely on the structural density and therefore lead to prohibitively heavy structures. In this work, bandgap broadening techniques of a lever-type IA (LIA) metamaterial are explored on the premise of the same additional mass. Three methods are proposed here, respectively based on bandgap coupling mechanism, multi-resonance mechanism and parametric detuning mechanism. Their broadening performances are investigated via band-structures of unit cells and vibration transmissibility of finite structures. Numerical results show that an ultra-wide bandgap can be obtained by combining the bandgap coupling effect with installation position of LIA mechanism and structural damping of the host plate. Moreover, the introduction of multi-resonance mechanism can widen the low-frequency IA bandgap on the one hand, and more new bandgaps are generated due to multiple combinations of vibration of LIA mechanisms on the other hand. Parametric detuning of LIA mechanisms moves the cut-on and cut-off edges of IA bandgap to lower and higher frequency, respectively. The passband between IA and Bragg bandgaps changes to a stopband when the periodicity of finite structures is broken, and an ultra-wide stopband is obtained which from the cut-on frequency of IA bandgap to the cut-off frequency of Bragg bandgap. © 2023 Proceedings of the International Congress on Sound and Vibration. All rights reserved.

关键词： Energy gap

来源：评论

学校读者我要写书评

暂无评论

Pixel+ and Pixel++: compact and efficient forward-secure multi-signatures for PoS blockchain consensus 24

Pixel+ and Pixel++: compact and efficient forward-secure mul...

引用

Proceedings of the 33rd USENIX Conference on Security Symposium

作者： Jianghong Wei Guohua Tian Ding Wang Fuchun Guo Willy Susilo Xiaofeng Chen State Key Laboratory of Integrated Service Networks (ISN) Xidian University and State Key Laboratory of Mathematical Engineering and Advanced Computing State Key Laboratory of Integrated Service Networks (ISN) Xidian University College of Cyber Science Nankai University School of Computing and Information Technology University of Wollongong

ISBN: (纸本)9781939133441

Multi-signature schemes have attracted considerable attention in recent years due to their popular applications in PoS blockchains. However, the use of general multi-signature schemes poses a critical threat to the security of PoS blockchains once signing keys get corrupted. That is, after an adversary obtains enough signing keys, it can break the immutable nature of PoS blockchains by forking the chain and modifying the history from some point in the past. Forward-secure multi-signature (FS-MS) schemes can overcome this issue by periodically updating signing keys. The only FS-MS construction currently available is Drijvers et al's Pixel, which builds on pairing groups and only achieves forward security at the time period *** this work, we present new FS-MS constructions that either are free from pairing or capture forward security at the individual message level (i.e., fine-grained forward security). Our first construction Pixel+ works for a maximum number of time periods T. Pixel+ signatures consist of only one group element, and can be verified using two exponentiations. It is the first FS-MS from RSA assumption, and has 3.5x and 22.8x faster signing and verification than Pixel, respectively. Our second FS-MS construction Pixel++ is a pairing-based one. It immediately revokes the signing key's capacity of re-signing the message after creating a signature on this message, rather than at the end of the current time period. Thus, it provides more practical forward security than Pixel. On the other hand, Pixel++ is almost as efficient as Pixel in terms of signing and verification. Both Pixel+ and Pixel++ allow for non-interactive aggregation of signatures from independent signers and are proven to be secure in the random oracle model. In addition, they also support the aggregation of public keys, significantly reducing the storage overhead on PoS *** demonstrate how to integrate Pixel+ and Pixel++ into PoS blockchains. As a proof-of-concept, we provid

关键词：

来源：评论

学校读者我要写书评

暂无评论

建议与咨询留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

时间限定

文献类型

馆藏选择

核心期刊

语言

文献类型

帮助

文字说明：

检索规则说明：

检索范例：

分类表

所选分类

限定检索结果

文献类型

馆藏范围

日期分布

学科分类号

主题

机构

作者

语言

请选择保存的检索档案：

请选择收藏分类：

通借通还

建议与咨询 留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

时间限定

文献类型

馆藏选择

核心期刊

语言

文献类型

帮助

文字说明：

检索规则说明：

检索范例：

分类表

所选分类

限定检索结果

文献类型

馆藏范围

日期分布

学科分类号

主题

机构

作者

语言

请选择保存的检索档案： 新增检索档案 确定 取消

请选择收藏分类： 新增自定义分类 确定 取消

通借通还

建议与咨询留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

请选择保存的检索档案：

请选择收藏分类：