Despite extensive research, timing channels (TCs) are still known as a principal category of threats that aim to leak and transmit information by perturbing the timing or ordering of events. Existing TC detection appr...Despite extensive research, timing channels (TCs) are still known as a principal category of threats that aim to leak and transmit information by perturbing the timing or ordering of events. Existing TC detection approaches use either signature-based approaches to detect known TCs or anomaly-based approach by modeling the legitimate network traffic in order to detect unknown TCs. Un-fortunately, in a software-defined networking (SDN) environment, most existing TC detection approaches would fail due to factors such as volatile network traffic, imprecise timekeeping mechanisms, and dynamic network topology. Furthermore, stealthy TCs can be designed to mimic the legitimate traffic pattern and thus evade anomalous TC detection. In this paper, we overcome the above challenges by presenting a novel framework that harnesses the advantages of elastic re-sources in the cloud. In particular, our framework dynamically configures SDN to enable/disable differential analysis against outbound network flows of different virtual machines (VMs). Our framework is tightly coupled with a new metric that first decomposes the timing data of network flows into a number of using the discrete wavelet-based multi-resolution transform (DWMT). It then applies the Kullback-Leibler divergence (KLD) to measure the variance among flow pairs. The appealing feature of our approach is that, compared with the existing anomaly detection approaches, it can detect most existing and some new stealthy TCs without legitimate traffic for modeling, even with the presence of noise and imprecise timekeeping mechanism in an SDN virtual environment. We implement our framework as a prototype system, OBSERVER, which can be dynamically deployed in an SDN environment. Empirical evaluation shows that our approach can efficiently detect TCs with a higher detection rate, lower latency, and negligible performance overhead compared to existing approaches.展开更多
Since its birth in the early 90 's,digital forensics has been mainly focused on collecting and examining digital evidence from computers and networks that are controlled and owned by individuals or organizations.A...Since its birth in the early 90 's,digital forensics has been mainly focused on collecting and examining digital evidence from computers and networks that are controlled and owned by individuals or organizations.As cloud computing has recently emerged as a dominant platform for running applications and storing data,digital forensics faces well-known challenges in the cloud,such as data inaccessibility,data and service volatility,and law enforcement lacks control over the cloud.To date,very little research has been done to develop efficient theory and practice for digital forensics in the cloud.In this paper,we present a novel framework,Cloud Foren,which systematically addresses the challenges of forensics in cloud computing.Cloud Foren covers the entire process of digital forensics,from the initial point of complaint to the final point where the evidence is confirmed.The key components of Cloud Foren address some challenges,which are unique to the cloud.The proposed forensic process allows cloud forensic examiner,cloud provider,and cloud customer collaborate naturally.We use two case studies to demonstrate the applicability of Cloud Foren.We believe Cloud Foren holds great promise for more precise and automatic digital forensics in a cloud computing environment.展开更多
Elucidation the relationship between electrode potentials and heterogeneous electrocatalytic reactions has attracted widespread attention.Herein we construct the well-defined Mn single-atom(MnSA)catalyst with four N-c...Elucidation the relationship between electrode potentials and heterogeneous electrocatalytic reactions has attracted widespread attention.Herein we construct the well-defined Mn single-atom(MnSA)catalyst with four N-coordination through a simple thermal pyrolysis preparation method to investigate the electrode potential micro-environments effect on carbon dioxide reduction reactions(CO_(2)RR)and oxygen reduction reactions(ORR).MnSA catalysts generate higher CO production Faradaic efficiency of exceeding 90%at-0.9 V for CO_(2)RR and higher H_(2)O_(2)yield from 0.1 to 0.6 V with excellent ORR activity.Density functional theory(DFT)calculations based on constant potential models were performed to study the mechanism of MnSA on CO_(2)RR.The thermodynamic energy barrier of CO_(2)RR is lowest at-0.9 V vs.reversible hydrogen electrode(RHE).Similar DFT calculations on the H_(2)O_(2)yield of ORR showed that the H_(2)O_(2)yield at 0.2 V was higher.This study provides a reasonable explanation for the role of electrode potential micro-environments.展开更多
文摘Despite extensive research, timing channels (TCs) are still known as a principal category of threats that aim to leak and transmit information by perturbing the timing or ordering of events. Existing TC detection approaches use either signature-based approaches to detect known TCs or anomaly-based approach by modeling the legitimate network traffic in order to detect unknown TCs. Un-fortunately, in a software-defined networking (SDN) environment, most existing TC detection approaches would fail due to factors such as volatile network traffic, imprecise timekeeping mechanisms, and dynamic network topology. Furthermore, stealthy TCs can be designed to mimic the legitimate traffic pattern and thus evade anomalous TC detection. In this paper, we overcome the above challenges by presenting a novel framework that harnesses the advantages of elastic re-sources in the cloud. In particular, our framework dynamically configures SDN to enable/disable differential analysis against outbound network flows of different virtual machines (VMs). Our framework is tightly coupled with a new metric that first decomposes the timing data of network flows into a number of using the discrete wavelet-based multi-resolution transform (DWMT). It then applies the Kullback-Leibler divergence (KLD) to measure the variance among flow pairs. The appealing feature of our approach is that, compared with the existing anomaly detection approaches, it can detect most existing and some new stealthy TCs without legitimate traffic for modeling, even with the presence of noise and imprecise timekeeping mechanism in an SDN virtual environment. We implement our framework as a prototype system, OBSERVER, which can be dynamically deployed in an SDN environment. Empirical evaluation shows that our approach can efficiently detect TCs with a higher detection rate, lower latency, and negligible performance overhead compared to existing approaches.
文摘Since its birth in the early 90 's,digital forensics has been mainly focused on collecting and examining digital evidence from computers and networks that are controlled and owned by individuals or organizations.As cloud computing has recently emerged as a dominant platform for running applications and storing data,digital forensics faces well-known challenges in the cloud,such as data inaccessibility,data and service volatility,and law enforcement lacks control over the cloud.To date,very little research has been done to develop efficient theory and practice for digital forensics in the cloud.In this paper,we present a novel framework,Cloud Foren,which systematically addresses the challenges of forensics in cloud computing.Cloud Foren covers the entire process of digital forensics,from the initial point of complaint to the final point where the evidence is confirmed.The key components of Cloud Foren address some challenges,which are unique to the cloud.The proposed forensic process allows cloud forensic examiner,cloud provider,and cloud customer collaborate naturally.We use two case studies to demonstrate the applicability of Cloud Foren.We believe Cloud Foren holds great promise for more precise and automatic digital forensics in a cloud computing environment.
基金supported by the National Natural Science Foundation of China(Nos.52073214 and 22075211)Guangxi Natural Science Fund for Distinguished Young Scholars(No.2024GXNSFFA010008).
文摘Elucidation the relationship between electrode potentials and heterogeneous electrocatalytic reactions has attracted widespread attention.Herein we construct the well-defined Mn single-atom(MnSA)catalyst with four N-coordination through a simple thermal pyrolysis preparation method to investigate the electrode potential micro-environments effect on carbon dioxide reduction reactions(CO_(2)RR)and oxygen reduction reactions(ORR).MnSA catalysts generate higher CO production Faradaic efficiency of exceeding 90%at-0.9 V for CO_(2)RR and higher H_(2)O_(2)yield from 0.1 to 0.6 V with excellent ORR activity.Density functional theory(DFT)calculations based on constant potential models were performed to study the mechanism of MnSA on CO_(2)RR.The thermodynamic energy barrier of CO_(2)RR is lowest at-0.9 V vs.reversible hydrogen electrode(RHE).Similar DFT calculations on the H_(2)O_(2)yield of ORR showed that the H_(2)O_(2)yield at 0.2 V was higher.This study provides a reasonable explanation for the role of electrode potential micro-environments.
