With the spread use of the computers, a new crime space and method are presented for criminals. Thus computer evidence plays a key part in criminal cases. Traditional computer evidence searches require that the comput...With the spread use of the computers, a new crime space and method are presented for criminals. Thus computer evidence plays a key part in criminal cases. Traditional computer evidence searches require that the computer specialists know what is stored in the given computer. Binary-based information flow tracking which concerns the changes of control flow is an effective way to analyze the behavior of a program. The existing systems ignore the modifications of the data flow, which may be also a malicious behavior. Thus the function recognition is introduced to improve the information flow tracking. Function recognition is a helpful technique recognizing the function body from the software binary to analyze the binary code. And that no false positive and no false negative in our experiments strongly proves that our approach is effective.展开更多
In order to effectively detect and analyze the backdoors this paper introduces a method named Backdoor Analysis based on Sensitive flow tracking and Concolic Execution(BASEC).BASEC uses sensitive flow tracking to ef...In order to effectively detect and analyze the backdoors this paper introduces a method named Backdoor Analysis based on Sensitive flow tracking and Concolic Execution(BASEC).BASEC uses sensitive flow tracking to effectively discover backdoor behaviors, such as stealing secret information and injecting evil data into system, with less false negatives. With concolic execution on predetermined path, the backdoor trigger condition can be extracted and analyzed to achieve high accuracy. BASEC has been implemented and experimented on several software backdoor samples widespread on the Internet, and over 90% of them can be detected. Compared with behavior-based and system-call-based detection methods, BASEC relies less on the historical sample collections, and is more effective in detecting software backdoors, especially those injected into software by modifying and recompiling source codes.展开更多
Information Flow Tracking(IFT)is an established formal method for proving security properties related to confidentiality,integrity,and isolation.It has seen promise in identifying security vulnerabilities resulting fr...Information Flow Tracking(IFT)is an established formal method for proving security properties related to confidentiality,integrity,and isolation.It has seen promise in identifying security vulnerabilities resulting from design flaws,timing channels,and hardware Trojans for secure hardware design.However,existing IFT methods tend to take a qualitative approach and only enforce binary security properties,requiring strict non-interference for the properties to hold while real systems usually allow a small amount of information flows to enable desirable interactions.Consequently,existing methods are inadequate for reasoning about quantitative security properties or measuring the security of a design in order to assess the severity of a security vulnerability.In this work,we propose two multi-flow solutions—multiple verifications for replicating existing IFT model and multi-flow IFT method.The proposed multi-flow IFT method provides more insight into simultaneous information flow behaviors and allows for proof of quantitative information flow security properties,such as diffusion,randomization,and boundaries on the amount of simultaneous information flows.Experimental results show that our method can be used to prove a new type of information flow security property with verification performance benefits.展开更多
The University of Birmingham has pioneered and adapted the use of the medical imaging technique known as positron emission tomography (PET) to the study of particulate, granular and multiphase flows in industrial an...The University of Birmingham has pioneered and adapted the use of the medical imaging technique known as positron emission tomography (PET) to the study of particulate, granular and multiphase flows in industrial and physical processes, This paper provides a review of the PET and complimentary positron emission particle tracking (PEPT) techniques and details their application to the study of particulate sys- tems, The current state of the art, recent developments and example results from many of the applications to which these techniques have been applied are highlighted.展开更多
Liquid-solid binary fluidized beds are widely used in many industries. However, the flow behavior of such beds is not well understood due to the lack of accurate experimental and numerical data. In the current study, ...Liquid-solid binary fluidized beds are widely used in many industries. However, the flow behavior of such beds is not well understood due to the lack of accurate experimental and numerical data. In the current study, the behavior of monodisperse and binary liquid-solid fluidized beds of the same density but dif- ferent sizes is investigated using radioactive particle tracking (RPT) technique and a dense discrete phase model (DDPM). Experiments and simulations are performed in monodisperse fluidized beds containing two different sizes of glass beads (0.6 and I mm) and a binary fluidized bed of the same particles for vari- ous bed compositions. The results show that both RPT and DDPM can predict the mixing and segregation pattern in liquid-solid binary fluidized beds. The mean velocity predictions of DDPM are in good agree- ment with the experimental findings for both monodisperse and binary fluidized beds. However, the axial root mean square velocity predictions are only reasonable for bigger particles. Particle-particle interac- tions are found to be critical for predicting the flow behavior of solids in liquid-solid binary fluidized beds.展开更多
基金This work is supported by National Natural Science Foundation of China (Grant No.60773093, 60873209, and 60970107), the Key Program for Basic Research of Shanghai (Grant No. 09JC1407900, 09510701600, 10511500100), IBM SUR Funding and IBM Research-China JP Funding, and Key Lab of Information Network Security, Ministry of Public Security.
文摘With the spread use of the computers, a new crime space and method are presented for criminals. Thus computer evidence plays a key part in criminal cases. Traditional computer evidence searches require that the computer specialists know what is stored in the given computer. Binary-based information flow tracking which concerns the changes of control flow is an effective way to analyze the behavior of a program. The existing systems ignore the modifications of the data flow, which may be also a malicious behavior. Thus the function recognition is introduced to improve the information flow tracking. Function recognition is a helpful technique recognizing the function body from the software binary to analyze the binary code. And that no false positive and no false negative in our experiments strongly proves that our approach is effective.
基金Supported in part by the National Natural Science Foundation of China(61272493)the Specialized Research Fund for the Doctoral Program of Higher Education of China(20113402120026)Oversea Academic Training Funds of University of Science and Technology of China
文摘In order to effectively detect and analyze the backdoors this paper introduces a method named Backdoor Analysis based on Sensitive flow tracking and Concolic Execution(BASEC).BASEC uses sensitive flow tracking to effectively discover backdoor behaviors, such as stealing secret information and injecting evil data into system, with less false negatives. With concolic execution on predetermined path, the backdoor trigger condition can be extracted and analyzed to achieve high accuracy. BASEC has been implemented and experimented on several software backdoor samples widespread on the Internet, and over 90% of them can be detected. Compared with behavior-based and system-call-based detection methods, BASEC relies less on the historical sample collections, and is more effective in detecting software backdoors, especially those injected into software by modifying and recompiling source codes.
基金supported in part by the National Natural Science Foundation of China(No.61672433)the Natural Science Foundation of Shaanxi Province(No.2019JM-244)。
文摘Information Flow Tracking(IFT)is an established formal method for proving security properties related to confidentiality,integrity,and isolation.It has seen promise in identifying security vulnerabilities resulting from design flaws,timing channels,and hardware Trojans for secure hardware design.However,existing IFT methods tend to take a qualitative approach and only enforce binary security properties,requiring strict non-interference for the properties to hold while real systems usually allow a small amount of information flows to enable desirable interactions.Consequently,existing methods are inadequate for reasoning about quantitative security properties or measuring the security of a design in order to assess the severity of a security vulnerability.In this work,we propose two multi-flow solutions—multiple verifications for replicating existing IFT model and multi-flow IFT method.The proposed multi-flow IFT method provides more insight into simultaneous information flow behaviors and allows for proof of quantitative information flow security properties,such as diffusion,randomization,and boundaries on the amount of simultaneous information flows.Experimental results show that our method can be used to prove a new type of information flow security property with verification performance benefits.
基金The Positron Imaging Centre is supported by an EPSRC platform grant, EP/F035845/1
文摘The University of Birmingham has pioneered and adapted the use of the medical imaging technique known as positron emission tomography (PET) to the study of particulate, granular and multiphase flows in industrial and physical processes, This paper provides a review of the PET and complimentary positron emission particle tracking (PEPT) techniques and details their application to the study of particulate sys- tems, The current state of the art, recent developments and example results from many of the applications to which these techniques have been applied are highlighted.
文摘Liquid-solid binary fluidized beds are widely used in many industries. However, the flow behavior of such beds is not well understood due to the lack of accurate experimental and numerical data. In the current study, the behavior of monodisperse and binary liquid-solid fluidized beds of the same density but dif- ferent sizes is investigated using radioactive particle tracking (RPT) technique and a dense discrete phase model (DDPM). Experiments and simulations are performed in monodisperse fluidized beds containing two different sizes of glass beads (0.6 and I mm) and a binary fluidized bed of the same particles for vari- ous bed compositions. The results show that both RPT and DDPM can predict the mixing and segregation pattern in liquid-solid binary fluidized beds. The mean velocity predictions of DDPM are in good agree- ment with the experimental findings for both monodisperse and binary fluidized beds. However, the axial root mean square velocity predictions are only reasonable for bigger particles. Particle-particle interac- tions are found to be critical for predicting the flow behavior of solids in liquid-solid binary fluidized beds.
