Avionics full duplex switched ethernet(AFDX) is a switched interconnection technology developed to provide reliable data exchange with strong data transmission time guarantees in internal communication of the spacec...Avionics full duplex switched ethernet(AFDX) is a switched interconnection technology developed to provide reliable data exchange with strong data transmission time guarantees in internal communication of the spacecraft or aircraft.Virtual link(VL) is an important concept of AFDX to meet quality of service(QoS) requirements in terms of end-to-end message deadlines.A VL admission control algorithm in AFDX network under hard real-time(HRT) constraints is studied.Based on the scheduling prin-ciple of AFDX protocol,a packet scheduling scheme under HRT constraints is proposed,and after that an efficient VL admission control algorithm is presented.Analytical proof that the algorithm can effectively determine whether VL should be admitted is given.Finally simulative examples are presented to promote the conclusion.展开更多
Malicious software programs usually bypass the detection of anti-virus software by hiding themselves among apparently legitimate programs.In this work,we propose Windows Virtual Machine Introspection(WVMI)to accurat...Malicious software programs usually bypass the detection of anti-virus software by hiding themselves among apparently legitimate programs.In this work,we propose Windows Virtual Machine Introspection(WVMI)to accurately detect those hidden processes by analyzing memory data.WVMI dumps in-memory data of the target Windows operating systems from hypervisor and retrieves EPROCESS structures’address of process linked list first,and then generates Data Type Confidence Table(DTCT).Next,it traverses the memory and identifies the similarities between the nodes in process linked list and the corresponding segments in the memory by utilizing DTCT.Finally,it locates the segments of Windows’EPROCESS and identifies the hidden processes by further comparison.Through extensive experiments,our experiment shows that the WVMI detects the hidden process with high identification rate,and it is independent of different versions of Windows operating system.展开更多
基金National Natural Science Foundation of China (60879024)
文摘Avionics full duplex switched ethernet(AFDX) is a switched interconnection technology developed to provide reliable data exchange with strong data transmission time guarantees in internal communication of the spacecraft or aircraft.Virtual link(VL) is an important concept of AFDX to meet quality of service(QoS) requirements in terms of end-to-end message deadlines.A VL admission control algorithm in AFDX network under hard real-time(HRT) constraints is studied.Based on the scheduling prin-ciple of AFDX protocol,a packet scheduling scheme under HRT constraints is proposed,and after that an efficient VL admission control algorithm is presented.Analytical proof that the algorithm can effectively determine whether VL should be admitted is given.Finally simulative examples are presented to promote the conclusion.
基金Supported by the National Natural Science Foundation of China(61170026)
文摘Malicious software programs usually bypass the detection of anti-virus software by hiding themselves among apparently legitimate programs.In this work,we propose Windows Virtual Machine Introspection(WVMI)to accurately detect those hidden processes by analyzing memory data.WVMI dumps in-memory data of the target Windows operating systems from hypervisor and retrieves EPROCESS structures’address of process linked list first,and then generates Data Type Confidence Table(DTCT).Next,it traverses the memory and identifies the similarities between the nodes in process linked list and the corresponding segments in the memory by utilizing DTCT.Finally,it locates the segments of Windows’EPROCESS and identifies the hidden processes by further comparison.Through extensive experiments,our experiment shows that the WVMI detects the hidden process with high identification rate,and it is independent of different versions of Windows operating system.
