Windows 32/64位代码注入攻击是恶意软件常用的攻击技术,在内存取证领域,现存的代码注入攻击检测技术在验证完整性方面不能处理动态内容,并且在解析内存中数据结构方面无法兼容不同版本的Windows系统。因此提出了通过交叉验证进程堆栈和...Windows 32/64位代码注入攻击是恶意软件常用的攻击技术,在内存取证领域,现存的代码注入攻击检测技术在验证完整性方面不能处理动态内容,并且在解析内存中数据结构方面无法兼容不同版本的Windows系统。因此提出了通过交叉验证进程堆栈和VAD信息定位注入代码方法,将基于遍历栈帧得到的函数返回地址、模块名等信息结合进程VAD结构来检测函数返回地址、匹配文件名以定位注入代码,并且研发了基于Volatility取证框架的Windows代码注入攻击检测插件codefind。测试结果表明,即使在VAD节点被恶意软件修改,方法仍能够有效定位Windows 32/64位注入代码攻击。展开更多
CO_(2)electrochemical reduction reaction(CO_(2)RR)to formate is a hopeful pathway for reducing CO_(2)and producing high-value chemicals,which needs highly selective catalysts with ultra-broad potential windows to meet...CO_(2)electrochemical reduction reaction(CO_(2)RR)to formate is a hopeful pathway for reducing CO_(2)and producing high-value chemicals,which needs highly selective catalysts with ultra-broad potential windows to meet the industrial demands.Herein,the nanorod-like bimetallic ln_(2)O_(3)/Bi_(2)O_(3)catalysts were successfully synthesized by pyrolysis of bimetallic InBi-MOF precursors.The abundant oxygen vacancies generated from the lattice mismatch of Bi_(2)O_(3)and ln_(2)O_(3)reduced the activation energy of CO_(2)to*CO_(2)·^(-)and improved the selectivity of*CO_(2)·^(-)to formate simultaneously.Meanwhile,the carbon skeleton derived from the pyrolysis of organic framework of InBi-MOF provided a conductive network to accelerate the electrons transmission.The catalyst exhibited an ultra-broad applied potential window of 1200 mV(from-0.4 to-1.6 V vs RHE),relativistic high Faradaic efficiency of formate(99.92%)and satisfactory stability after 30 h.The in situ FT-IR experiment and DFT calculation verified that the abundant oxygen vacancies on the surface of catalysts can easily absorb CO_(2)molecules,and oxygen vacancy path is dominant pathway.This work provides a convenient method to construct high-performance bimetallic catalysts for the industrial application of CO_(2)RR.展开更多
Digital forensics aims to uncover evidence of cybercrimes within compromised systems.These cybercrimes are often perpetrated through the deployment of malware,which inevitably leaves discernible traces within the comp...Digital forensics aims to uncover evidence of cybercrimes within compromised systems.These cybercrimes are often perpetrated through the deployment of malware,which inevitably leaves discernible traces within the compromised systems.Forensic analysts are tasked with extracting and subsequently analyzing data,termed as artifacts,from these systems to gather evidence.Therefore,forensic analysts must sift through extensive datasets to isolate pertinent evidence.However,manually identifying suspicious traces among numerous artifacts is time-consuming and labor-intensive.Previous studies addressed such inefficiencies by integrating artificial intelligence(AI)technologies into digital forensics.Despite the efforts in previous studies,artifacts were analyzed without considering the nature of the data within them and failed to prove their efficiency through specific evaluations.In this study,we propose a system to prioritize suspicious artifacts from compromised systems infected with malware to facilitate efficient digital forensics.Our system introduces a double-checking method that recognizes the nature of data within target artifacts and employs algorithms ideal for anomaly detection.The key ideas of this method are:(1)prioritize suspicious artifacts and filter remaining artifacts using autoencoder and(2)further prioritize suspicious artifacts and filter remaining artifacts using logarithmic entropy.Our evaluation demonstrates that our system can identify malicious artifacts with high accuracy and that its double-checking method is more efficient than alternative approaches.Our system can significantly reduce the time required for forensic analysis and serve as a reference for future studies.展开更多
To provide the supplier with the minimizum vehicle travel distance in the distribution process of goods in three situations of new customer demand,customer cancellation service,and change of customer delivery address,...To provide the supplier with the minimizum vehicle travel distance in the distribution process of goods in three situations of new customer demand,customer cancellation service,and change of customer delivery address,based on the ideas of pre-optimization and real-time optimization,a two-stage planning model of dynamic demand based vehicle routing problem with time windows was established.At the pre-optimization stage,an improved genetic algorithm was used to obtain the pre-optimized distribution route,a large-scale neighborhood search method was integrated into the mutation operation to improve the local optimization performance of the genetic algorithm,and a variety of operators were introduced to expand the search space of neighborhood solutions;At the real-time optimization stage,a periodic optimization strategy was adopted to transform a complex dynamic problem into several static problems,and four neighborhood search operators were used to quickly adjust the route.Two different scale examples were designed for experiments.It is proved that the algorithm can plan the better route,and adjust the distribution route in time under the real-time constraints.Therefore,the proposed algorithm can provide theoretical guidance for suppliers to solve the dynamic demand based vehicle routing problem.展开更多
Malware attacks on Windows machines pose significant cybersecurity threats,necessitating effective detection and prevention mechanisms.Supervised machine learning classifiers have emerged as promising tools for malwar...Malware attacks on Windows machines pose significant cybersecurity threats,necessitating effective detection and prevention mechanisms.Supervised machine learning classifiers have emerged as promising tools for malware detection.However,there remains a need for comprehensive studies that compare the performance of different classifiers specifically for Windows malware detection.Addressing this gap can provide valuable insights for enhancing cybersecurity strategies.While numerous studies have explored malware detection using machine learning techniques,there is a lack of systematic comparison of supervised classifiers for Windows malware detection.Understanding the relative effectiveness of these classifiers can inform the selection of optimal detection methods and improve overall security measures.This study aims to bridge the research gap by conducting a comparative analysis of supervised machine learning classifiers for detecting malware on Windows systems.The objectives include Investigating the performance of various classifiers,such as Gaussian Naïve Bayes,K Nearest Neighbors(KNN),Stochastic Gradient Descent Classifier(SGDC),and Decision Tree,in detecting Windows malware.Evaluating the accuracy,efficiency,and suitability of each classifier for real-world malware detection scenarios.Identifying the strengths and limitations of different classifiers to provide insights for cybersecurity practitioners and researchers.Offering recommendations for selecting the most effective classifier for Windows malware detection based on empirical evidence.The study employs a structured methodology consisting of several phases:exploratory data analysis,data preprocessing,model training,and evaluation.Exploratory data analysis involves understanding the dataset’s characteristics and identifying preprocessing requirements.Data preprocessing includes cleaning,feature encoding,dimensionality reduction,and optimization to prepare the data for training.Model training utilizes various supervised classifiers,and their performance is evaluated using metrics such as accuracy,precision,recall,and F1 score.The study’s outcomes comprise a comparative analysis of supervised machine learning classifiers for Windows malware detection.Results reveal the effectiveness and efficiency of each classifier in detecting different types of malware.Additionally,insights into their strengths and limitations provide practical guidance for enhancing cybersecurity defenses.Overall,this research contributes to advancing malware detection techniques and bolstering the security posture of Windows systems against evolving cyber threats.展开更多
针对网联车队列系统易受到干扰和拒绝服务(Denial of service, DoS)攻击问题,提出一种外部干扰和随机DoS攻击作用下的网联车安全H∞队列控制方法.首先,采用马尔科夫随机过程,将网联车随机DoS攻击特性建模为一个随机通信拓扑切换模型,据...针对网联车队列系统易受到干扰和拒绝服务(Denial of service, DoS)攻击问题,提出一种外部干扰和随机DoS攻击作用下的网联车安全H∞队列控制方法.首先,采用马尔科夫随机过程,将网联车随机DoS攻击特性建模为一个随机通信拓扑切换模型,据此设计网联车安全队列控制协议.然后,采用线性矩阵不等式(Linear matrix inequality, LMI)技术计算安全队列控制器参数,并应用Lyapunov-Krasovskii稳定性理论,建立在外部扰动和随机DoS攻击下队列系统稳定性充分条件.在此基础上,分析得到该队列闭环系统的弦稳定性充分条件.最后,通过7辆车组成的队列系统对比仿真实验,验证该方法的优越性.展开更多
基金financially supported by the National Natural Science Foundation of China(52072409)the Major Scientific and Technological Innovation Project of Shandong Province(2020CXGC010403)+1 种基金the Taishan Scholar Project(No.ts201712020)the Natural Science Foundation of Shandong Province(ZR2021QE062)
文摘CO_(2)electrochemical reduction reaction(CO_(2)RR)to formate is a hopeful pathway for reducing CO_(2)and producing high-value chemicals,which needs highly selective catalysts with ultra-broad potential windows to meet the industrial demands.Herein,the nanorod-like bimetallic ln_(2)O_(3)/Bi_(2)O_(3)catalysts were successfully synthesized by pyrolysis of bimetallic InBi-MOF precursors.The abundant oxygen vacancies generated from the lattice mismatch of Bi_(2)O_(3)and ln_(2)O_(3)reduced the activation energy of CO_(2)to*CO_(2)·^(-)and improved the selectivity of*CO_(2)·^(-)to formate simultaneously.Meanwhile,the carbon skeleton derived from the pyrolysis of organic framework of InBi-MOF provided a conductive network to accelerate the electrons transmission.The catalyst exhibited an ultra-broad applied potential window of 1200 mV(from-0.4 to-1.6 V vs RHE),relativistic high Faradaic efficiency of formate(99.92%)and satisfactory stability after 30 h.The in situ FT-IR experiment and DFT calculation verified that the abundant oxygen vacancies on the surface of catalysts can easily absorb CO_(2)molecules,and oxygen vacancy path is dominant pathway.This work provides a convenient method to construct high-performance bimetallic catalysts for the industrial application of CO_(2)RR.
基金supported by the MSIT(Ministry of Science and ICT),Korea,under the ITRC(Information Technology Research Center)support program(IITP-2024-RS-2024-00437494)supervised by the IITP(Institute for Information&Communications Technology Planning&Evaluation).
文摘Digital forensics aims to uncover evidence of cybercrimes within compromised systems.These cybercrimes are often perpetrated through the deployment of malware,which inevitably leaves discernible traces within the compromised systems.Forensic analysts are tasked with extracting and subsequently analyzing data,termed as artifacts,from these systems to gather evidence.Therefore,forensic analysts must sift through extensive datasets to isolate pertinent evidence.However,manually identifying suspicious traces among numerous artifacts is time-consuming and labor-intensive.Previous studies addressed such inefficiencies by integrating artificial intelligence(AI)technologies into digital forensics.Despite the efforts in previous studies,artifacts were analyzed without considering the nature of the data within them and failed to prove their efficiency through specific evaluations.In this study,we propose a system to prioritize suspicious artifacts from compromised systems infected with malware to facilitate efficient digital forensics.Our system introduces a double-checking method that recognizes the nature of data within target artifacts and employs algorithms ideal for anomaly detection.The key ideas of this method are:(1)prioritize suspicious artifacts and filter remaining artifacts using autoencoder and(2)further prioritize suspicious artifacts and filter remaining artifacts using logarithmic entropy.Our evaluation demonstrates that our system can identify malicious artifacts with high accuracy and that its double-checking method is more efficient than alternative approaches.Our system can significantly reduce the time required for forensic analysis and serve as a reference for future studies.
基金supported by Natural Science Foundation Project of Gansu Provincial Science and Technology Department(No.1506RJZA084)Gansu Provincial Education Department Scientific Research Fund Grant Project(No.1204-13).
文摘To provide the supplier with the minimizum vehicle travel distance in the distribution process of goods in three situations of new customer demand,customer cancellation service,and change of customer delivery address,based on the ideas of pre-optimization and real-time optimization,a two-stage planning model of dynamic demand based vehicle routing problem with time windows was established.At the pre-optimization stage,an improved genetic algorithm was used to obtain the pre-optimized distribution route,a large-scale neighborhood search method was integrated into the mutation operation to improve the local optimization performance of the genetic algorithm,and a variety of operators were introduced to expand the search space of neighborhood solutions;At the real-time optimization stage,a periodic optimization strategy was adopted to transform a complex dynamic problem into several static problems,and four neighborhood search operators were used to quickly adjust the route.Two different scale examples were designed for experiments.It is proved that the algorithm can plan the better route,and adjust the distribution route in time under the real-time constraints.Therefore,the proposed algorithm can provide theoretical guidance for suppliers to solve the dynamic demand based vehicle routing problem.
基金This researchwork is supported by Princess Nourah bint Abdulrahman University Researchers Supporting Project Number(PNURSP2024R411),Princess Nourah bint Abdulrahman University,Riyadh,Saudi Arabia.
文摘Malware attacks on Windows machines pose significant cybersecurity threats,necessitating effective detection and prevention mechanisms.Supervised machine learning classifiers have emerged as promising tools for malware detection.However,there remains a need for comprehensive studies that compare the performance of different classifiers specifically for Windows malware detection.Addressing this gap can provide valuable insights for enhancing cybersecurity strategies.While numerous studies have explored malware detection using machine learning techniques,there is a lack of systematic comparison of supervised classifiers for Windows malware detection.Understanding the relative effectiveness of these classifiers can inform the selection of optimal detection methods and improve overall security measures.This study aims to bridge the research gap by conducting a comparative analysis of supervised machine learning classifiers for detecting malware on Windows systems.The objectives include Investigating the performance of various classifiers,such as Gaussian Naïve Bayes,K Nearest Neighbors(KNN),Stochastic Gradient Descent Classifier(SGDC),and Decision Tree,in detecting Windows malware.Evaluating the accuracy,efficiency,and suitability of each classifier for real-world malware detection scenarios.Identifying the strengths and limitations of different classifiers to provide insights for cybersecurity practitioners and researchers.Offering recommendations for selecting the most effective classifier for Windows malware detection based on empirical evidence.The study employs a structured methodology consisting of several phases:exploratory data analysis,data preprocessing,model training,and evaluation.Exploratory data analysis involves understanding the dataset’s characteristics and identifying preprocessing requirements.Data preprocessing includes cleaning,feature encoding,dimensionality reduction,and optimization to prepare the data for training.Model training utilizes various supervised classifiers,and their performance is evaluated using metrics such as accuracy,precision,recall,and F1 score.The study’s outcomes comprise a comparative analysis of supervised machine learning classifiers for Windows malware detection.Results reveal the effectiveness and efficiency of each classifier in detecting different types of malware.Additionally,insights into their strengths and limitations provide practical guidance for enhancing cybersecurity defenses.Overall,this research contributes to advancing malware detection techniques and bolstering the security posture of Windows systems against evolving cyber threats.
