间谍软件是攻击者广泛采用的一类信息窃取类恶意软件,具有高威胁性、高隐蔽性等特点.间谍软件在实施窃密行为时通常采用触发执行策略,使得基于软件行为的动态检测方法难以在短时间内将其捕获,故上述方法检测间谍软件效果不佳.针对该问题...间谍软件是攻击者广泛采用的一类信息窃取类恶意软件,具有高威胁性、高隐蔽性等特点.间谍软件在实施窃密行为时通常采用触发执行策略,使得基于软件行为的动态检测方法难以在短时间内将其捕获,故上述方法检测间谍软件效果不佳.针对该问题,本文采用主动诱导间谍软件执行窃密行为的思路,从应用程序编程接口(Application Programming Interface,API)层面分析不同诱导操作和诱导强度对间谍软件的不同诱发效果,进而提出一种基于诱导机制的间谍软件检测方法(Spyware Detection Method based on Inducement Mechanism,SDMIM).SDMIM包含诱导操作筛选、软件“活跃度”计算、间谍软件判别3个阶段,能够适用于多种类型间谍软件的诱导式检测.实验结果表明,SDMIM能够在包含5种不同类型间谍软件的样本集上获得95.98%的检测准确率.展开更多
According to the equivalent circuit model(ECM),finite element model(FEM) and physical experiment,the LIDEP force induced by the spatial variations of the phase of AC electric fields produced by the bright and dark reg...According to the equivalent circuit model(ECM),finite element model(FEM) and physical experiment,the LIDEP force induced by the spatial variations of the phase of AC electric fields produced by the bright and dark regions on the photoconductive layer was demonstrated.Besides,the phenomenon of the light-induced electro-rotation(LIER) caused by the light-induced rotating electric field was confirmed numerically and experimentally for the first time.It may be helpful to go out of the dilemma that only the dipole moment model,based on the effect of light-induced partial potentials,can be used for LIDEP theoretical calculation currently.Through the FEM simulation and the electro-rotating experiment of yeast cells,it was found that the direction of yeast's LIER is relevant to the distance between its location and the edge of optical electrode,and the spin velocity of LIER is inversely proportional to that distance.Nevertheless,the LIER torques in the three-electrode mode show a non-uniform distribution where the LIDEP forces are harmful for a particle spinning stably around a fixed axis.Moreover,a four-electrode double-layer mode was proposed for the first time and the finite element simulation results agreed with the expected design,suggesting a new way for the dielectric spectrum measurement based on LIER.展开更多
文摘间谍软件是攻击者广泛采用的一类信息窃取类恶意软件,具有高威胁性、高隐蔽性等特点.间谍软件在实施窃密行为时通常采用触发执行策略,使得基于软件行为的动态检测方法难以在短时间内将其捕获,故上述方法检测间谍软件效果不佳.针对该问题,本文采用主动诱导间谍软件执行窃密行为的思路,从应用程序编程接口(Application Programming Interface,API)层面分析不同诱导操作和诱导强度对间谍软件的不同诱发效果,进而提出一种基于诱导机制的间谍软件检测方法(Spyware Detection Method based on Inducement Mechanism,SDMIM).SDMIM包含诱导操作筛选、软件“活跃度”计算、间谍软件判别3个阶段,能够适用于多种类型间谍软件的诱导式检测.实验结果表明,SDMIM能够在包含5种不同类型间谍软件的样本集上获得95.98%的检测准确率.
基金supported by the Major Program of the National Natural Science Foundation of China (Grant No. 91023024)the New Century Elitist Program by Ministry of Education of China (Grant No.NCET-07-0180)the Technology Supported Research Program from Jiangsu Province (Grant No. BE2009054)
文摘According to the equivalent circuit model(ECM),finite element model(FEM) and physical experiment,the LIDEP force induced by the spatial variations of the phase of AC electric fields produced by the bright and dark regions on the photoconductive layer was demonstrated.Besides,the phenomenon of the light-induced electro-rotation(LIER) caused by the light-induced rotating electric field was confirmed numerically and experimentally for the first time.It may be helpful to go out of the dilemma that only the dipole moment model,based on the effect of light-induced partial potentials,can be used for LIDEP theoretical calculation currently.Through the FEM simulation and the electro-rotating experiment of yeast cells,it was found that the direction of yeast's LIER is relevant to the distance between its location and the edge of optical electrode,and the spin velocity of LIER is inversely proportional to that distance.Nevertheless,the LIER torques in the three-electrode mode show a non-uniform distribution where the LIDEP forces are harmful for a particle spinning stably around a fixed axis.Moreover,a four-electrode double-layer mode was proposed for the first time and the finite element simulation results agreed with the expected design,suggesting a new way for the dielectric spectrum measurement based on LIER.
