Windows 32/64位代码注入攻击是恶意软件常用的攻击技术,在内存取证领域,现存的代码注入攻击检测技术在验证完整性方面不能处理动态内容,并且在解析内存中数据结构方面无法兼容不同版本的Windows系统。因此提出了通过交叉验证进程堆栈和...Windows 32/64位代码注入攻击是恶意软件常用的攻击技术,在内存取证领域,现存的代码注入攻击检测技术在验证完整性方面不能处理动态内容,并且在解析内存中数据结构方面无法兼容不同版本的Windows系统。因此提出了通过交叉验证进程堆栈和VAD信息定位注入代码方法,将基于遍历栈帧得到的函数返回地址、模块名等信息结合进程VAD结构来检测函数返回地址、匹配文件名以定位注入代码,并且研发了基于Volatility取证框架的Windows代码注入攻击检测插件codefind。测试结果表明,即使在VAD节点被恶意软件修改,方法仍能够有效定位Windows 32/64位注入代码攻击。展开更多
CO_(2)electrochemical reduction reaction(CO_(2)RR)to formate is a hopeful pathway for reducing CO_(2)and producing high-value chemicals,which needs highly selective catalysts with ultra-broad potential windows to meet...CO_(2)electrochemical reduction reaction(CO_(2)RR)to formate is a hopeful pathway for reducing CO_(2)and producing high-value chemicals,which needs highly selective catalysts with ultra-broad potential windows to meet the industrial demands.Herein,the nanorod-like bimetallic ln_(2)O_(3)/Bi_(2)O_(3)catalysts were successfully synthesized by pyrolysis of bimetallic InBi-MOF precursors.The abundant oxygen vacancies generated from the lattice mismatch of Bi_(2)O_(3)and ln_(2)O_(3)reduced the activation energy of CO_(2)to*CO_(2)·^(-)and improved the selectivity of*CO_(2)·^(-)to formate simultaneously.Meanwhile,the carbon skeleton derived from the pyrolysis of organic framework of InBi-MOF provided a conductive network to accelerate the electrons transmission.The catalyst exhibited an ultra-broad applied potential window of 1200 mV(from-0.4 to-1.6 V vs RHE),relativistic high Faradaic efficiency of formate(99.92%)and satisfactory stability after 30 h.The in situ FT-IR experiment and DFT calculation verified that the abundant oxygen vacancies on the surface of catalysts can easily absorb CO_(2)molecules,and oxygen vacancy path is dominant pathway.This work provides a convenient method to construct high-performance bimetallic catalysts for the industrial application of CO_(2)RR.展开更多
Energy density,the Achilles’heel of aqueous supercapacitors,is simultaneously determined by the voltage window and specific capacitance of the carbon materials,but the strategy of synchronously boosting them has rare...Energy density,the Achilles’heel of aqueous supercapacitors,is simultaneously determined by the voltage window and specific capacitance of the carbon materials,but the strategy of synchronously boosting them has rarely been reported.Herein,we demonstrate that the rational utilization of the interaction between redox mediators(RMs)and carbon electrode materials,especially those with rich intrinsic defects,contributes to extended potential windows and more stored charges concurrently.Using 4-hydroxy-2,2,6,6-tetramethylpiperidinyloxyl(4OH-TEMPO)and intrinsic defect-rich carbons as the RMs and electrode materials,respectively,the potential window and capacitance are increased by 67%and sixfold in a neutral electrolyte.Moreover,this strategy could also be applied to alkaline and acid electrolytes.The first-principle calculation and experimental results demonstrate that the strong interaction between 4OH-TEMPO and defectrich carbons plays a key role as preferential adsorbed RMs may largely prohibit the contact of free water molecules with the electrode materials to terminate the water splitting at elevated potentials.For the RMs offering weaker interaction with the electrode materials,the water splitting still proceeds with a thus sole increase of the stored charges.The results discovered in this work could provide an alternative solution to address the low energy density of aqueous supercapacitors.展开更多
Digital forensics aims to uncover evidence of cybercrimes within compromised systems.These cybercrimes are often perpetrated through the deployment of malware,which inevitably leaves discernible traces within the comp...Digital forensics aims to uncover evidence of cybercrimes within compromised systems.These cybercrimes are often perpetrated through the deployment of malware,which inevitably leaves discernible traces within the compromised systems.Forensic analysts are tasked with extracting and subsequently analyzing data,termed as artifacts,from these systems to gather evidence.Therefore,forensic analysts must sift through extensive datasets to isolate pertinent evidence.However,manually identifying suspicious traces among numerous artifacts is time-consuming and labor-intensive.Previous studies addressed such inefficiencies by integrating artificial intelligence(AI)technologies into digital forensics.Despite the efforts in previous studies,artifacts were analyzed without considering the nature of the data within them and failed to prove their efficiency through specific evaluations.In this study,we propose a system to prioritize suspicious artifacts from compromised systems infected with malware to facilitate efficient digital forensics.Our system introduces a double-checking method that recognizes the nature of data within target artifacts and employs algorithms ideal for anomaly detection.The key ideas of this method are:(1)prioritize suspicious artifacts and filter remaining artifacts using autoencoder and(2)further prioritize suspicious artifacts and filter remaining artifacts using logarithmic entropy.Our evaluation demonstrates that our system can identify malicious artifacts with high accuracy and that its double-checking method is more efficient than alternative approaches.Our system can significantly reduce the time required for forensic analysis and serve as a reference for future studies.展开更多
To provide the supplier with the minimizum vehicle travel distance in the distribution process of goods in three situations of new customer demand,customer cancellation service,and change of customer delivery address,...To provide the supplier with the minimizum vehicle travel distance in the distribution process of goods in three situations of new customer demand,customer cancellation service,and change of customer delivery address,based on the ideas of pre-optimization and real-time optimization,a two-stage planning model of dynamic demand based vehicle routing problem with time windows was established.At the pre-optimization stage,an improved genetic algorithm was used to obtain the pre-optimized distribution route,a large-scale neighborhood search method was integrated into the mutation operation to improve the local optimization performance of the genetic algorithm,and a variety of operators were introduced to expand the search space of neighborhood solutions;At the real-time optimization stage,a periodic optimization strategy was adopted to transform a complex dynamic problem into several static problems,and four neighborhood search operators were used to quickly adjust the route.Two different scale examples were designed for experiments.It is proved that the algorithm can plan the better route,and adjust the distribution route in time under the real-time constraints.Therefore,the proposed algorithm can provide theoretical guidance for suppliers to solve the dynamic demand based vehicle routing problem.展开更多
Perovskite(PRV)luminescent solar concentrators(LSCs)use PRV materials to concentrate and convert sunlight into electricity.LSCs are made up of a flat plate or sheet of glass or plastic that contains a layer of lumines...Perovskite(PRV)luminescent solar concentrators(LSCs)use PRV materials to concentrate and convert sunlight into electricity.LSCs are made up of a flat plate or sheet of glass or plastic that contains a layer of luminescent PRV material.When sunlight enters the LSC,the PRV material absorbs the light and emits it at a longer wavelength.This emitted light is then trapped inside the LSC by total internal reflection,and it travels to the edges of the plate where it is collected by photovoltaic(PV)solar cells(SCs).The use of PRV materials in LSCs offers several advantages over other materials.PRV materials are highly efficient at converting light into electricity.They are also flexible,low-cost,and easy to manufacture,making them a promising candidate for large-scale solar energy applications.However,PRV materials have some challenges preventing their adoption.They are sensitive to moisture or heat and can degrade quickly over time.This significantly limits their lifespan and stability.Research on PRV is mostly focused on making them more stable and durable,but finding ways to improve the manufacturing process to reduce costs and increase efficiency is also relevant.While the opportunities offered by PRV materials for the specific application to LCSs are certainly interesting,the challenges make the prospect of a commercial product very unlikely in the short term.展开更多
Malware attacks on Windows machines pose significant cybersecurity threats,necessitating effective detection and prevention mechanisms.Supervised machine learning classifiers have emerged as promising tools for malwar...Malware attacks on Windows machines pose significant cybersecurity threats,necessitating effective detection and prevention mechanisms.Supervised machine learning classifiers have emerged as promising tools for malware detection.However,there remains a need for comprehensive studies that compare the performance of different classifiers specifically for Windows malware detection.Addressing this gap can provide valuable insights for enhancing cybersecurity strategies.While numerous studies have explored malware detection using machine learning techniques,there is a lack of systematic comparison of supervised classifiers for Windows malware detection.Understanding the relative effectiveness of these classifiers can inform the selection of optimal detection methods and improve overall security measures.This study aims to bridge the research gap by conducting a comparative analysis of supervised machine learning classifiers for detecting malware on Windows systems.The objectives include Investigating the performance of various classifiers,such as Gaussian Naïve Bayes,K Nearest Neighbors(KNN),Stochastic Gradient Descent Classifier(SGDC),and Decision Tree,in detecting Windows malware.Evaluating the accuracy,efficiency,and suitability of each classifier for real-world malware detection scenarios.Identifying the strengths and limitations of different classifiers to provide insights for cybersecurity practitioners and researchers.Offering recommendations for selecting the most effective classifier for Windows malware detection based on empirical evidence.The study employs a structured methodology consisting of several phases:exploratory data analysis,data preprocessing,model training,and evaluation.Exploratory data analysis involves understanding the dataset’s characteristics and identifying preprocessing requirements.Data preprocessing includes cleaning,feature encoding,dimensionality reduction,and optimization to prepare the data for training.Model training utilizes various supervised classifiers,and their performance is evaluated using metrics such as accuracy,precision,recall,and F1 score.The study’s outcomes comprise a comparative analysis of supervised machine learning classifiers for Windows malware detection.Results reveal the effectiveness and efficiency of each classifier in detecting different types of malware.Additionally,insights into their strengths and limitations provide practical guidance for enhancing cybersecurity defenses.Overall,this research contributes to advancing malware detection techniques and bolstering the security posture of Windows systems against evolving cyber threats.展开更多
背景急性缺血性卒中(AIS)高发,及时恢复脑血流是治疗的关键,超时间窗就诊患者无更多促进脑血流恢复的治疗手段。研究远隔缺血后适应(RIPostC)治疗对AIS超时间窗就诊患者的临床疗效、并发症和预后,具有重要的临床意义。目的探究RIPostC...背景急性缺血性卒中(AIS)高发,及时恢复脑血流是治疗的关键,超时间窗就诊患者无更多促进脑血流恢复的治疗手段。研究远隔缺血后适应(RIPostC)治疗对AIS超时间窗就诊患者的临床疗效、并发症和预后,具有重要的临床意义。目的探究RIPostC治疗对AIS超时间窗患者干预的影响,为超时间窗就诊的AIS患者寻求安全、有效的脑血流恢复治疗方式。方法本研究采用随机、分组、安慰剂对照法进行试验。选取2021-09-02—2022-08-31于北京航天总医院神经内科病房住院治疗的超溶栓时间窗(发病时间>6 h)的AIS患者为研究对象。依据随机数字表法将患者分为对照组和试验组。试验期+随访期共90 d,均使用同等的一般治疗、脑血管病常规治疗,试验组在此基础上给予RIPostC治疗14 d(28次),对照组给予模拟的RIPostC治疗14 d(28次)。在干预前和干预后30 d、干预后90 d,采用改良Rankin量表(mRS)、美国国立卫生研究院卒中量表(NIHSS)评估两组患者神经功能,简易精神状态检查量表(MMSE)、蒙特利尔认知评估量表(MoCA)评估患者认知功能,工具性日常生活能力量表(IADL)评估日常生活能力,焦虑自评量表(SAS)、抑郁自评量表(SDS)评估精神状态,经颅多普勒超声(TCD)评估脑血流速度,以白介素(IL)-6反映炎症情况。结果122例患者中,最终完成试验及随访99例,其中试验组49例,对照组50例。两组患者性别、年龄、基础疾病(高血压、糖尿病、冠心病)及基线NIHSS评分比较,差异无统计学意义(P>0.05)。重复测量方差分析结果示,时间与组别对MMSE、MoCA、mRS、NIHSS、脑血流速度、IL-6存在交互作用(P<0.05),时间和组别对MMSE、MoCA、NIHSS、脑血流速度、IL-6主效应显著(P<0.05),时间对mRS、SAS、SDS、IADL主效应显著(P<0.05)。试验组干预后30、90 d MMSE、MoCA评分及脑血流速度均高于对照组,mRS、NIHSS评分均低于对照组(P<0.05);试验组干预后30、90 d SDS、IADL评分低于对照组(P<0.05);试验组干预后30 d SAS评分高于对照组,IL-6低于对照组(P<0.05)。99例患者中共有23例患者发生不良反应,其中试验组17例,对照组6例,两组皮肤瘀点、头晕、心慌、胸闷发生率比较,差异无统计学意义(P>0.05);对照组患者皮肤瘀斑发生率[4.00%(2/50)与12.24%(6/49)]、总不良反应发生率[12.00%(6/50)与34.69%(17/49)]低于试验组(P<0.05)。结论RIPostC治疗可降低AIS患者的炎症反应,对神经功能、认知功能抑郁情绪及颅内血流速度可起到积极的改善效果。展开更多
基金financially supported by the National Natural Science Foundation of China(52072409)the Major Scientific and Technological Innovation Project of Shandong Province(2020CXGC010403)+1 种基金the Taishan Scholar Project(No.ts201712020)the Natural Science Foundation of Shandong Province(ZR2021QE062)
文摘CO_(2)electrochemical reduction reaction(CO_(2)RR)to formate is a hopeful pathway for reducing CO_(2)and producing high-value chemicals,which needs highly selective catalysts with ultra-broad potential windows to meet the industrial demands.Herein,the nanorod-like bimetallic ln_(2)O_(3)/Bi_(2)O_(3)catalysts were successfully synthesized by pyrolysis of bimetallic InBi-MOF precursors.The abundant oxygen vacancies generated from the lattice mismatch of Bi_(2)O_(3)and ln_(2)O_(3)reduced the activation energy of CO_(2)to*CO_(2)·^(-)and improved the selectivity of*CO_(2)·^(-)to formate simultaneously.Meanwhile,the carbon skeleton derived from the pyrolysis of organic framework of InBi-MOF provided a conductive network to accelerate the electrons transmission.The catalyst exhibited an ultra-broad applied potential window of 1200 mV(from-0.4 to-1.6 V vs RHE),relativistic high Faradaic efficiency of formate(99.92%)and satisfactory stability after 30 h.The in situ FT-IR experiment and DFT calculation verified that the abundant oxygen vacancies on the surface of catalysts can easily absorb CO_(2)molecules,and oxygen vacancy path is dominant pathway.This work provides a convenient method to construct high-performance bimetallic catalysts for the industrial application of CO_(2)RR.
基金financially supported by the National Natural Science Foundation of China(22179145,22138013,and 21975287)Shandong Provincial Natural Science Foundation(ZR2020ZD08)+1 种基金Taishan Scholar Project(no.ts201712020)the startup support grant from China University of Petroleum(East China)
文摘Energy density,the Achilles’heel of aqueous supercapacitors,is simultaneously determined by the voltage window and specific capacitance of the carbon materials,but the strategy of synchronously boosting them has rarely been reported.Herein,we demonstrate that the rational utilization of the interaction between redox mediators(RMs)and carbon electrode materials,especially those with rich intrinsic defects,contributes to extended potential windows and more stored charges concurrently.Using 4-hydroxy-2,2,6,6-tetramethylpiperidinyloxyl(4OH-TEMPO)and intrinsic defect-rich carbons as the RMs and electrode materials,respectively,the potential window and capacitance are increased by 67%and sixfold in a neutral electrolyte.Moreover,this strategy could also be applied to alkaline and acid electrolytes.The first-principle calculation and experimental results demonstrate that the strong interaction between 4OH-TEMPO and defectrich carbons plays a key role as preferential adsorbed RMs may largely prohibit the contact of free water molecules with the electrode materials to terminate the water splitting at elevated potentials.For the RMs offering weaker interaction with the electrode materials,the water splitting still proceeds with a thus sole increase of the stored charges.The results discovered in this work could provide an alternative solution to address the low energy density of aqueous supercapacitors.
基金supported by the MSIT(Ministry of Science and ICT),Korea,under the ITRC(Information Technology Research Center)support program(IITP-2024-RS-2024-00437494)supervised by the IITP(Institute for Information&Communications Technology Planning&Evaluation).
文摘Digital forensics aims to uncover evidence of cybercrimes within compromised systems.These cybercrimes are often perpetrated through the deployment of malware,which inevitably leaves discernible traces within the compromised systems.Forensic analysts are tasked with extracting and subsequently analyzing data,termed as artifacts,from these systems to gather evidence.Therefore,forensic analysts must sift through extensive datasets to isolate pertinent evidence.However,manually identifying suspicious traces among numerous artifacts is time-consuming and labor-intensive.Previous studies addressed such inefficiencies by integrating artificial intelligence(AI)technologies into digital forensics.Despite the efforts in previous studies,artifacts were analyzed without considering the nature of the data within them and failed to prove their efficiency through specific evaluations.In this study,we propose a system to prioritize suspicious artifacts from compromised systems infected with malware to facilitate efficient digital forensics.Our system introduces a double-checking method that recognizes the nature of data within target artifacts and employs algorithms ideal for anomaly detection.The key ideas of this method are:(1)prioritize suspicious artifacts and filter remaining artifacts using autoencoder and(2)further prioritize suspicious artifacts and filter remaining artifacts using logarithmic entropy.Our evaluation demonstrates that our system can identify malicious artifacts with high accuracy and that its double-checking method is more efficient than alternative approaches.Our system can significantly reduce the time required for forensic analysis and serve as a reference for future studies.
基金supported by Natural Science Foundation Project of Gansu Provincial Science and Technology Department(No.1506RJZA084)Gansu Provincial Education Department Scientific Research Fund Grant Project(No.1204-13).
文摘To provide the supplier with the minimizum vehicle travel distance in the distribution process of goods in three situations of new customer demand,customer cancellation service,and change of customer delivery address,based on the ideas of pre-optimization and real-time optimization,a two-stage planning model of dynamic demand based vehicle routing problem with time windows was established.At the pre-optimization stage,an improved genetic algorithm was used to obtain the pre-optimized distribution route,a large-scale neighborhood search method was integrated into the mutation operation to improve the local optimization performance of the genetic algorithm,and a variety of operators were introduced to expand the search space of neighborhood solutions;At the real-time optimization stage,a periodic optimization strategy was adopted to transform a complex dynamic problem into several static problems,and four neighborhood search operators were used to quickly adjust the route.Two different scale examples were designed for experiments.It is proved that the algorithm can plan the better route,and adjust the distribution route in time under the real-time constraints.Therefore,the proposed algorithm can provide theoretical guidance for suppliers to solve the dynamic demand based vehicle routing problem.
文摘Perovskite(PRV)luminescent solar concentrators(LSCs)use PRV materials to concentrate and convert sunlight into electricity.LSCs are made up of a flat plate or sheet of glass or plastic that contains a layer of luminescent PRV material.When sunlight enters the LSC,the PRV material absorbs the light and emits it at a longer wavelength.This emitted light is then trapped inside the LSC by total internal reflection,and it travels to the edges of the plate where it is collected by photovoltaic(PV)solar cells(SCs).The use of PRV materials in LSCs offers several advantages over other materials.PRV materials are highly efficient at converting light into electricity.They are also flexible,low-cost,and easy to manufacture,making them a promising candidate for large-scale solar energy applications.However,PRV materials have some challenges preventing their adoption.They are sensitive to moisture or heat and can degrade quickly over time.This significantly limits their lifespan and stability.Research on PRV is mostly focused on making them more stable and durable,but finding ways to improve the manufacturing process to reduce costs and increase efficiency is also relevant.While the opportunities offered by PRV materials for the specific application to LCSs are certainly interesting,the challenges make the prospect of a commercial product very unlikely in the short term.
基金This researchwork is supported by Princess Nourah bint Abdulrahman University Researchers Supporting Project Number(PNURSP2024R411),Princess Nourah bint Abdulrahman University,Riyadh,Saudi Arabia.
文摘Malware attacks on Windows machines pose significant cybersecurity threats,necessitating effective detection and prevention mechanisms.Supervised machine learning classifiers have emerged as promising tools for malware detection.However,there remains a need for comprehensive studies that compare the performance of different classifiers specifically for Windows malware detection.Addressing this gap can provide valuable insights for enhancing cybersecurity strategies.While numerous studies have explored malware detection using machine learning techniques,there is a lack of systematic comparison of supervised classifiers for Windows malware detection.Understanding the relative effectiveness of these classifiers can inform the selection of optimal detection methods and improve overall security measures.This study aims to bridge the research gap by conducting a comparative analysis of supervised machine learning classifiers for detecting malware on Windows systems.The objectives include Investigating the performance of various classifiers,such as Gaussian Naïve Bayes,K Nearest Neighbors(KNN),Stochastic Gradient Descent Classifier(SGDC),and Decision Tree,in detecting Windows malware.Evaluating the accuracy,efficiency,and suitability of each classifier for real-world malware detection scenarios.Identifying the strengths and limitations of different classifiers to provide insights for cybersecurity practitioners and researchers.Offering recommendations for selecting the most effective classifier for Windows malware detection based on empirical evidence.The study employs a structured methodology consisting of several phases:exploratory data analysis,data preprocessing,model training,and evaluation.Exploratory data analysis involves understanding the dataset’s characteristics and identifying preprocessing requirements.Data preprocessing includes cleaning,feature encoding,dimensionality reduction,and optimization to prepare the data for training.Model training utilizes various supervised classifiers,and their performance is evaluated using metrics such as accuracy,precision,recall,and F1 score.The study’s outcomes comprise a comparative analysis of supervised machine learning classifiers for Windows malware detection.Results reveal the effectiveness and efficiency of each classifier in detecting different types of malware.Additionally,insights into their strengths and limitations provide practical guidance for enhancing cybersecurity defenses.Overall,this research contributes to advancing malware detection techniques and bolstering the security posture of Windows systems against evolving cyber threats.
文摘背景急性缺血性卒中(AIS)高发,及时恢复脑血流是治疗的关键,超时间窗就诊患者无更多促进脑血流恢复的治疗手段。研究远隔缺血后适应(RIPostC)治疗对AIS超时间窗就诊患者的临床疗效、并发症和预后,具有重要的临床意义。目的探究RIPostC治疗对AIS超时间窗患者干预的影响,为超时间窗就诊的AIS患者寻求安全、有效的脑血流恢复治疗方式。方法本研究采用随机、分组、安慰剂对照法进行试验。选取2021-09-02—2022-08-31于北京航天总医院神经内科病房住院治疗的超溶栓时间窗(发病时间>6 h)的AIS患者为研究对象。依据随机数字表法将患者分为对照组和试验组。试验期+随访期共90 d,均使用同等的一般治疗、脑血管病常规治疗,试验组在此基础上给予RIPostC治疗14 d(28次),对照组给予模拟的RIPostC治疗14 d(28次)。在干预前和干预后30 d、干预后90 d,采用改良Rankin量表(mRS)、美国国立卫生研究院卒中量表(NIHSS)评估两组患者神经功能,简易精神状态检查量表(MMSE)、蒙特利尔认知评估量表(MoCA)评估患者认知功能,工具性日常生活能力量表(IADL)评估日常生活能力,焦虑自评量表(SAS)、抑郁自评量表(SDS)评估精神状态,经颅多普勒超声(TCD)评估脑血流速度,以白介素(IL)-6反映炎症情况。结果122例患者中,最终完成试验及随访99例,其中试验组49例,对照组50例。两组患者性别、年龄、基础疾病(高血压、糖尿病、冠心病)及基线NIHSS评分比较,差异无统计学意义(P>0.05)。重复测量方差分析结果示,时间与组别对MMSE、MoCA、mRS、NIHSS、脑血流速度、IL-6存在交互作用(P<0.05),时间和组别对MMSE、MoCA、NIHSS、脑血流速度、IL-6主效应显著(P<0.05),时间对mRS、SAS、SDS、IADL主效应显著(P<0.05)。试验组干预后30、90 d MMSE、MoCA评分及脑血流速度均高于对照组,mRS、NIHSS评分均低于对照组(P<0.05);试验组干预后30、90 d SDS、IADL评分低于对照组(P<0.05);试验组干预后30 d SAS评分高于对照组,IL-6低于对照组(P<0.05)。99例患者中共有23例患者发生不良反应,其中试验组17例,对照组6例,两组皮肤瘀点、头晕、心慌、胸闷发生率比较,差异无统计学意义(P>0.05);对照组患者皮肤瘀斑发生率[4.00%(2/50)与12.24%(6/49)]、总不良反应发生率[12.00%(6/50)与34.69%(17/49)]低于试验组(P<0.05)。结论RIPostC治疗可降低AIS患者的炎症反应,对神经功能、认知功能抑郁情绪及颅内血流速度可起到积极的改善效果。
