Memory analysis gains a weight in the area of computer live forensics.How to get network connection information is one of the challenges in memory analysis and plays an important role in identifying sources of malicio...Memory analysis gains a weight in the area of computer live forensics.How to get network connection information is one of the challenges in memory analysis and plays an important role in identifying sources of malicious cyber attack. It is more difficult to fred the drivers and get network connections information from a 64-bit windows 7 memory image file than from a 32-bit operating system memory image f'de. In this paper, an approach to fred drivers and get network connection information from 64-bit windows 7 memory images is given. The method is verified on 64-bit windows 7 version 6.1.7600 and proved reliable and efficient.展开更多
Accurate, updated information on the distribution of wetlands is essential for estimating net fluxes of greenhouse gases and for effectively protecting and managing wetlands. Because of their complex community structu...Accurate, updated information on the distribution of wetlands is essential for estimating net fluxes of greenhouse gases and for effectively protecting and managing wetlands. Because of their complex community structure and rich surface vegetation, deciduous broad-leaved forested swamps are considered to be one of the most difficult types of wetland to classify. In this research, with the support of remote sensing and geographic information system, multi-temporal radar images L-Palsar were used initially to extract the forest hydrological layer and phenology phase change layer as two variables through image analysis. Second, based on the environmental characteristics of forested swamps, three decision tree classifiers derived from the two variables were constructed to explore effective methods to identify deciduous broad-leaved forested swamps. Third, this study focused on analyzing the classification process between flat-forests, which are the most severely disturbed elements, and forested swamps. Finally, the application of the decision tree model will be discussed. The results showed that: 1) L-HH band(a L band with wavelength of 0–235 m in HH polarization mode; HH means Synthetic Aperture Radars transmit pulses in horizontal polarization and receive in horizontal polarization) in the leaf-off season is shown to be capable of detecting hydrologic conditions beneath the forest; 2) the accuracy of the classification(forested swamp and forest plat) was 81.5% based on hydrologic features, and 83.5% was achieved by combining hydrologic features and phenology response features, which indicated that hydrological characteristics under the forest played a key role. The HHOJ(refers to the band created by the subtraction with HH band in October and HH band in July) achieved by multi-temporal radar images did improve the classification accuracy, but not significantly, and more leaf-off radar images may be more efficient than multi-seasonal radar images for inland forested swamp mapping; 3) the lower separability between forested swamps dominated by vegetated surfaces and forest plat covered with litter was the main cause of the uncertainty in classification, which led to misleading interpretations of the pixel-based classification. Finally, through the analysis with kappa coefficients, it was shown that the value of the intersection point was an ideal choice for the variable.展开更多
基金This work is supported by the National Natural Science Foundation of China(61070163) and Shandong Natural Science Foundation (Y2008G35).
文摘Memory analysis gains a weight in the area of computer live forensics.How to get network connection information is one of the challenges in memory analysis and plays an important role in identifying sources of malicious cyber attack. It is more difficult to fred the drivers and get network connections information from a 64-bit windows 7 memory image file than from a 32-bit operating system memory image f'de. In this paper, an approach to fred drivers and get network connection information from 64-bit windows 7 memory images is given. The method is verified on 64-bit windows 7 version 6.1.7600 and proved reliable and efficient.
基金Under the auspices of Special Funds of State Environmental Protection Public Welfare Industry(No.2011467032)
文摘Accurate, updated information on the distribution of wetlands is essential for estimating net fluxes of greenhouse gases and for effectively protecting and managing wetlands. Because of their complex community structure and rich surface vegetation, deciduous broad-leaved forested swamps are considered to be one of the most difficult types of wetland to classify. In this research, with the support of remote sensing and geographic information system, multi-temporal radar images L-Palsar were used initially to extract the forest hydrological layer and phenology phase change layer as two variables through image analysis. Second, based on the environmental characteristics of forested swamps, three decision tree classifiers derived from the two variables were constructed to explore effective methods to identify deciduous broad-leaved forested swamps. Third, this study focused on analyzing the classification process between flat-forests, which are the most severely disturbed elements, and forested swamps. Finally, the application of the decision tree model will be discussed. The results showed that: 1) L-HH band(a L band with wavelength of 0–235 m in HH polarization mode; HH means Synthetic Aperture Radars transmit pulses in horizontal polarization and receive in horizontal polarization) in the leaf-off season is shown to be capable of detecting hydrologic conditions beneath the forest; 2) the accuracy of the classification(forested swamp and forest plat) was 81.5% based on hydrologic features, and 83.5% was achieved by combining hydrologic features and phenology response features, which indicated that hydrological characteristics under the forest played a key role. The HHOJ(refers to the band created by the subtraction with HH band in October and HH band in July) achieved by multi-temporal radar images did improve the classification accuracy, but not significantly, and more leaf-off radar images may be more efficient than multi-seasonal radar images for inland forested swamp mapping; 3) the lower separability between forested swamps dominated by vegetated surfaces and forest plat covered with litter was the main cause of the uncertainty in classification, which led to misleading interpretations of the pixel-based classification. Finally, through the analysis with kappa coefficients, it was shown that the value of the intersection point was an ideal choice for the variable.
