Although there exist a few good schemes to protect the kernel hooks of operating systems, attackers are still able to circumvent existing defense mechanisms with spurious context infonmtion. To address this challenge,...Although there exist a few good schemes to protect the kernel hooks of operating systems, attackers are still able to circumvent existing defense mechanisms with spurious context infonmtion. To address this challenge, this paper proposes a framework, called HooklMA, to detect compromised kernel hooks by using hardware debugging features. The key contribution of the work is that context information is captured from hardware instead of from relatively vulnerable kernel data. Using commodity hardware, a proof-of-concept pro- totype system of HooklMA has been developed. This prototype handles 3 082 dynamic control-flow transfers with related hooks in the kernel space. Experiments show that HooklMA is capable of detecting compomised kernel hooks caused by kernel rootkits. Performance evaluations with UnixBench indicate that runtirre overhead introduced by HooklMA is about 21.5%.展开更多
A fault injection model-oriented testing strategy was proposed for detecting component vulnerabilities.A fault injection model was defined,and the faults were injected into the tested component based on the fault inje...A fault injection model-oriented testing strategy was proposed for detecting component vulnerabilities.A fault injection model was defined,and the faults were injected into the tested component based on the fault injection model to trigger security exceptions.The testing process could be recorded by the monitoring mechanism of the strategy,and the monitoring information was written into the security log.The component vulnerabilities could be detected by the detecting algorithm through analyzing the security log.Lastly,some experiments were done in an integration testing platform to verify the applicability of the strategy.The experimental results show that the strategy is effective and operable.The detecting rate is more than 90%for vulnerability components.展开更多
In view of the problems and the weaknesses of component-based software ( CBS ) reliability modeling and analysis, and a lack of consideration for real debugging circumstance of integration tes- ting, a CBS reliabili...In view of the problems and the weaknesses of component-based software ( CBS ) reliability modeling and analysis, and a lack of consideration for real debugging circumstance of integration tes- ting, a CBS reliability process analysis model is proposed incorporating debugging time delay, im- perfect debugging and limited debugging resources. CBS integration testing is formulated as a multi- queue muhichannel and finite server queuing model (MMFSQM) to illustrate fault detection process (FDP) and fault correction process (FCP). A unified FCP is sketched, given debugging delay, the diversities of faults processing and the limitations of debugging resources. Furthermore, the impacts of imperfect debugging on fault detection and correction are explicitly elaborated, and the expres- sions of the cumulative number of fault detected and corrected are illustrated. Finally, the results of numerical experiments verify the effectiveness and rationality of the proposed model. By comparison, the proposed model is superior to the other models. The proposed model is closer to real CBS testing process and facilitates software engineer' s quantitatively analyzing, measuring and predicting CBS reliability. K展开更多
The sipping test devices are used to identify the defective fuel. The defective fuel can be identified by detecting the occurrence of the fission products that are entrained by the medium rising around the fuel rods. ...The sipping test devices are used to identify the defective fuel. The defective fuel can be identified by detecting the occurrence of the fission products that are entrained by the medium rising around the fuel rods. This project is the setting of the two kinds of the three sipping test devices to inspect the tightness of the irradiated fuel assembly from two units NPP (nuclear power plant). The in-mast sipping shared by two units is used for qualitative tightness test of each fuel assembly during refueling operation above the reactor. The two poolside sipping is used for quantitatively confirming the diagnosis of the in-mast sipping and identifying the tightness of the fuel at the side of the fuel storage pools of each unit after refueling. The project was implemented by research, design manufacture and calibration of these three devices and completed successfully with serious quality assurance and quality control. The performance of these devices is well demonstrated.展开更多
In order to enhance the sealing quality and assemble efficiency of hydraulic supports, the evaluation system for the sealability of the hydraulic support and jack's seals was established through the testing and exper...In order to enhance the sealing quality and assemble efficiency of hydraulic supports, the evaluation system for the sealability of the hydraulic support and jack's seals was established through the testing and experimenting technology in respects, such as seals' dimensions, reasonable amounts of compression, sealability, life, resistance to pressure, etc. Through life detecting test of the seal, found the longest life seal ring under the same conditions, and through the reciprocating test of the hydraulic support, found the most appropriate amount of interference between the groove and the seal ring, thus, to decrease the leakage and extend the life span of the hydraulic support.展开更多
The scientific software installation testing has a main goal: Evaluate if the software meets its requirements and specifications. In this paper, the scientific software installation in six machines is evaluated. The ...The scientific software installation testing has a main goal: Evaluate if the software meets its requirements and specifications. In this paper, the scientific software installation in six machines is evaluated. The software installation was tested using a PDCA (Plan-Do-Check-Act) approach in 3 machines and were compared with other 3 machines which were installed exclusively based in the installer experience. The software installed on the machines using a PDCA approach for testing, lead to the expected results. Scientific software installation should be tested during the installation and not as a final test. A methodology based on PDCA is recommended for testing scientific software.展开更多
基金The authors would like to thank the anonymous reviewers for their insightful corrnlents that have helped improve the presentation of this paper. The work was supported partially by the National Natural Science Foundation of China under Grants No. 61070192, No.91018008, No. 61170240 the National High-Tech Research Development Program of China under Grant No. 2007AA01ZA14 the Natural Science Foundation of Beijing un- der Grant No. 4122041.
文摘Although there exist a few good schemes to protect the kernel hooks of operating systems, attackers are still able to circumvent existing defense mechanisms with spurious context infonmtion. To address this challenge, this paper proposes a framework, called HooklMA, to detect compromised kernel hooks by using hardware debugging features. The key contribution of the work is that context information is captured from hardware instead of from relatively vulnerable kernel data. Using commodity hardware, a proof-of-concept pro- totype system of HooklMA has been developed. This prototype handles 3 082 dynamic control-flow transfers with related hooks in the kernel space. Experiments show that HooklMA is capable of detecting compomised kernel hooks caused by kernel rootkits. Performance evaluations with UnixBench indicate that runtirre overhead introduced by HooklMA is about 21.5%.
基金Project(513150601)supported by the National Pre-Research Project Foundation of China
文摘A fault injection model-oriented testing strategy was proposed for detecting component vulnerabilities.A fault injection model was defined,and the faults were injected into the tested component based on the fault injection model to trigger security exceptions.The testing process could be recorded by the monitoring mechanism of the strategy,and the monitoring information was written into the security log.The component vulnerabilities could be detected by the detecting algorithm through analyzing the security log.Lastly,some experiments were done in an integration testing platform to verify the applicability of the strategy.The experimental results show that the strategy is effective and operable.The detecting rate is more than 90%for vulnerability components.
基金Supported by the National High Technology Research and Development Program of China(No.2008AA01A201)the National Natural Science Foundation of China(No.60503015)+1 种基金the National Key R&D Program of China(No.2013BA17F02)the Shandong Province Science and Technology Program of China(No.2011GGX10108,2010GGX10104)
文摘In view of the problems and the weaknesses of component-based software ( CBS ) reliability modeling and analysis, and a lack of consideration for real debugging circumstance of integration tes- ting, a CBS reliability process analysis model is proposed incorporating debugging time delay, im- perfect debugging and limited debugging resources. CBS integration testing is formulated as a multi- queue muhichannel and finite server queuing model (MMFSQM) to illustrate fault detection process (FDP) and fault correction process (FCP). A unified FCP is sketched, given debugging delay, the diversities of faults processing and the limitations of debugging resources. Furthermore, the impacts of imperfect debugging on fault detection and correction are explicitly elaborated, and the expres- sions of the cumulative number of fault detected and corrected are illustrated. Finally, the results of numerical experiments verify the effectiveness and rationality of the proposed model. By comparison, the proposed model is superior to the other models. The proposed model is closer to real CBS testing process and facilitates software engineer' s quantitatively analyzing, measuring and predicting CBS reliability. K
文摘The sipping test devices are used to identify the defective fuel. The defective fuel can be identified by detecting the occurrence of the fission products that are entrained by the medium rising around the fuel rods. This project is the setting of the two kinds of the three sipping test devices to inspect the tightness of the irradiated fuel assembly from two units NPP (nuclear power plant). The in-mast sipping shared by two units is used for qualitative tightness test of each fuel assembly during refueling operation above the reactor. The two poolside sipping is used for quantitatively confirming the diagnosis of the in-mast sipping and identifying the tightness of the fuel at the side of the fuel storage pools of each unit after refueling. The project was implemented by research, design manufacture and calibration of these three devices and completed successfully with serious quality assurance and quality control. The performance of these devices is well demonstrated.
文摘In order to enhance the sealing quality and assemble efficiency of hydraulic supports, the evaluation system for the sealability of the hydraulic support and jack's seals was established through the testing and experimenting technology in respects, such as seals' dimensions, reasonable amounts of compression, sealability, life, resistance to pressure, etc. Through life detecting test of the seal, found the longest life seal ring under the same conditions, and through the reciprocating test of the hydraulic support, found the most appropriate amount of interference between the groove and the seal ring, thus, to decrease the leakage and extend the life span of the hydraulic support.
文摘The scientific software installation testing has a main goal: Evaluate if the software meets its requirements and specifications. In this paper, the scientific software installation in six machines is evaluated. The software installation was tested using a PDCA (Plan-Do-Check-Act) approach in 3 machines and were compared with other 3 machines which were installed exclusively based in the installer experience. The software installed on the machines using a PDCA approach for testing, lead to the expected results. Scientific software installation should be tested during the installation and not as a final test. A methodology based on PDCA is recommended for testing scientific software.
