To analyze the behavioral model of the command,control,communication,computer,intelligence,surveillance,reconnaissance(C4ISR)architecture,we propose an executable modeling and analyzing approach to it.First,the meta c...To analyze the behavioral model of the command,control,communication,computer,intelligence,surveillance,reconnaissance(C4ISR)architecture,we propose an executable modeling and analyzing approach to it.First,the meta concept model of the C4ISR architecture is introduced.According to the meta concept model,we construct the executable meta models of the C4ISR architecture by extending the meta models of fUML.Then,we define the concrete syntax and executable activity algebra(EAA)semantics for executable models.The semantics functions are introduced to translating the syntax description of executable models into the item of EAA.To support the execution of models,we propose the executable rules which are the structural operational semantics of EAA.Finally,an area air defense of the C4ISR system is used to illustrate the feasibility of the approach.展开更多
An information hiding algorithm is proposed,which hides information by embedding secret data into the palette of bitmap resources of portable executable(PE)files.This algorithm has higher security than some traditiona...An information hiding algorithm is proposed,which hides information by embedding secret data into the palette of bitmap resources of portable executable(PE)files.This algorithm has higher security than some traditional ones because of integrating secret data and bitmap resources together.Through analyzing the principle of bitmap resources parsing in an operating system and the layer of resource data in PE files,a safe and useful solution is presented to solve two problems that bitmap resources are incorrectly analyzed and other resources data are confused in the process of data embedding.The feasibility and effectiveness of the proposed algorithm are confirmed through computer experiments.展开更多
As the scale of current systems become larger and larger and their complexity is increasing gradually,research on executable models in the design phase becomes significantly important as it is helpful to simulate the ...As the scale of current systems become larger and larger and their complexity is increasing gradually,research on executable models in the design phase becomes significantly important as it is helpful to simulate the execution process and capture defects of a system in advance.Meanwhile,the capability of a system becomes so important that stakeholders tend to emphasize their capability requirements when developing a system.To deal with the lack of official specifications and the fundamental theory basis for capability requirement,we propose a cooperative capability requirements(CCR)meta-model as a theory basis for researchers to refer to in this research domain,in which we provide detailed definition of the CCR concepts,associations and rules.Moreover,we also propose an executable framework,which may enable modelers to simulate the execution process of a system in advance and do well in filling the inconsistency and semantic gaps between stakeholders’requirements and their models.The primary working mechanism of the framework is to transform the Alf activity meta-model into the communicating sequential process(CSP)process meta-model based on some mapping rules,after which the internal communication mechanism between process nodes is designed to smooth the execution of behaviors in a CSP system.Moreover,a validation method is utilized to check the correctness and consistency of the models,and a self-fixing mechanism is used to fix the errors and warnings captured during the validation process automatically.Finally,a validation report is generated and fed back to the modelers for system optimization.展开更多
The continuous development of cyberattacks is threatening digital transformation endeavors worldwide and leadsto wide losses for various organizations. These dangers have proven that signature-based approaches are ins...The continuous development of cyberattacks is threatening digital transformation endeavors worldwide and leadsto wide losses for various organizations. These dangers have proven that signature-based approaches are insufficientto prevent emerging and polymorphic attacks. Therefore, this paper is proposing a Robust Malicious ExecutableDetection (RMED) using Host-based Machine Learning Classifier to discover malicious Portable Executable (PE)files in hosts using Windows operating systems through collecting PE headers and applying machine learningmechanisms to detect unknown infected files. The authors have collected a novel reliable dataset containing 116,031benign files and 179,071 malware samples from diverse sources to ensure the efficiency of RMED approach.The most effective PE headers that can highly differentiate between benign and malware files were selected totrain the model on 15 PE features to speed up the classification process and achieve real-time detection formalicious executables. The evaluation results showed that RMED succeeded in shrinking the classification timeto 91 milliseconds for each file while reaching an accuracy of 98.42% with a false positive rate equal to 1.58. Inconclusion, this paper contributes to the field of cybersecurity by presenting a comprehensive framework thatleverages Artificial Intelligence (AI) methods to proactively detect and prevent cyber-attacks.展开更多
One aspect of cybersecurity,incorporates the study of Portable Executables(PE)files maleficence.Artificial Intelligence(AI)can be employed in such studies,since AI has the ability to discriminate benign from malicious...One aspect of cybersecurity,incorporates the study of Portable Executables(PE)files maleficence.Artificial Intelligence(AI)can be employed in such studies,since AI has the ability to discriminate benign from malicious files.In this study,an exclusive set of 29 features was collected from trusted implementations,this set was used as a baseline to analyze the presented work in this research.A Decision Tree(DT)and Neural Network Multi-Layer Perceptron(NN-MLPC)algorithms were utilized during this work.Both algorithms were chosen after testing a few diverse procedures.This work implements a method of subgrouping features to answer questions such as,which feature has a positive impact on accuracy when added?Is it possible to determine a reliable feature set to distinguish a malicious PE file from a benign one?when combining features,would it have any effect on malware detection accuracy in a PE file?Results obtained using the proposed method were improved and carried few observations.Generally,the obtained results had practical and numerical parts,for the practical part,the number of features and which features included are the main factors impacting the calculated accuracy,also,the combination of features is as crucial in these calculations.Numerical results included,finding accuracies with enhanced values,for example,NN_MLPC attained 0.979 and 0.98;for DT an accuracy of 0.9825 and 0.986 was attained.展开更多
Windows malware is becoming an increasingly pressing problem as the amount of malware continues to grow and more sensitive information is stored on systems.One of the major challenges in tackling this problem is the c...Windows malware is becoming an increasingly pressing problem as the amount of malware continues to grow and more sensitive information is stored on systems.One of the major challenges in tackling this problem is the complexity of malware analysis,which requires expertise from human analysts.Recent developments in machine learning have led to the creation of deep models for malware detection.However,these models often lack transparency,making it difficult to understand the reasoning behind the model’s decisions,otherwise known as the black-box problem.To address these limitations,this paper presents a novel model for malware detection,utilizing vision transformers to analyze the Operation Code(OpCode)sequences of more than 350000 Windows portable executable malware samples from real-world datasets.The model achieves a high accuracy of 0.9864,not only surpassing the previous results but also providing valuable insights into the reasoning behind the classification.Our model is able to pinpoint specific instructions that lead to malicious behavior in malware samples,aiding human experts in their analysis and driving further advancements in the field.We report our findings and show how causality can be established between malicious code and actual classification by a deep learning model,thus opening up this black-box problem for deeper analysis.展开更多
In the process of programmable networks simplifying network management and increasing network flexibility through custom packet behavior,security incidents caused by human logic errors are seriously threatening their ...In the process of programmable networks simplifying network management and increasing network flexibility through custom packet behavior,security incidents caused by human logic errors are seriously threatening their safe operation,robust verificationmethods are required to ensure their correctness.As one of the formalmethods,symbolic execution offers a viable approach for verifying programmable networks by systematically exploring all possible paths within a program.However,its application in this field encounters scalability issues due to path explosion and complex constraint-solving.Therefore,in this paper,we propose NetVerifier,a scalable verification system for programmable networks.Tomitigate the path explosion issue,we developmultiple pruning strategies that strategically eliminate irrelevant execution paths while preserving verification integrity by precisely identifying the execution paths related to the verification purpose.To address the complex constraint-solving problem,we introduce an execution results reuse solution to avoid redundant computation of the same constraints.To apply these solutions intelligently,a matching algorithm is implemented to automatically select appropriate solutions based on the characteristics of the verification requirement.Moreover,Language Aided Verification(LAV),an assertion language,is designed to express verification intentions in a concise form.Experimental results on diverse open-source programs of varying scales demonstrate NetVerifier’s improvement in scalability and effectiveness in identifying potential network errors.In the best scenario,compared with ASSERT-P4,NetVerifier reduced the execution path,verification time,and memory occupation of the verification process by 99.92%,94.76%,and 65.19%,respectively.展开更多
Exploring the mechanisms underlying willingness to buy(WTB)will help us identify neural indicators for predicting the performance of innovative products.Using functional magnetic resonance imaging,we asked participant...Exploring the mechanisms underlying willingness to buy(WTB)will help us identify neural indicators for predicting the performance of innovative products.Using functional magnetic resonance imaging,we asked participants to view products created by combining two components,including high applicability new combinations(HANCs),which provide a novel and practical application;and low applicability new combinations(LANCs),which provide no additional value.First,we found that WTB generally involves activation of the parahippocampal gyrus.For HANC,activation in the pars opercularis of the inferior frontal gyrus(IFG oper)is associated with WTB.Second,representational similarity analysis revealed that for HANC,the interrelation between the elements and combinations in the IFG oper predicts WTB.Third,multivoxel pattern analysis found that classification accuracy in the IFG oper predicts the difference in WTB between HANCs and LANCs.In conclusion,WTB requires default mode network-based associative processing.For HANC products,executive control network-based processes are necessary for value construction.展开更多
Since the advent of smart contracts,security vulnerabilities have remained a persistent challenge,compromsing both the reliability of contract execution and the overall stability of the virtual currency market.Consequ...Since the advent of smart contracts,security vulnerabilities have remained a persistent challenge,compromsing both the reliability of contract execution and the overall stability of the virtual currency market.Consequently,the academic community has devoted increasing attention to these security risks.However,conventional approaches to vulnerability detection frequently exhibit limited accuracy.To address this limitation,the present study introduces a novel vulnerability detection framework called GNNSE that integrates symbolic execution with graph neural networks(GNNs).The proposedmethod first constructs semantic graphs to comprehensively capture the control flow and data flow dependencies within smart contracts.These graphs are subsequently processed using GNNs to efficiently identify contracts with a high likelihood of vulnerabilities.For these high-risk contracts,symbolic execution is employed to perform fine-grained,path-level analysis,thereby improving overall detection precision.Experimental results on a dataset comprising 10,079 contracts demonstrate that the proposed method achieves detection precisions of 93.58% for reentrancy vulnerabilities and 92.73% for timestamp-dependent vulnerabilities.展开更多
The growing threat of malware,particularly in the Portable Executable(PE)format,demands more effective methods for detection and classification.Machine learning-based approaches exhibit their potential but often negle...The growing threat of malware,particularly in the Portable Executable(PE)format,demands more effective methods for detection and classification.Machine learning-based approaches exhibit their potential but often neglect semantic segmentation of malware files that can improve classification performance.This research applies deep learning to malware detection,using Convolutional Neural Network(CNN)architectures adapted to work with semantically extracted data to classify malware into malware families.Starting from the Malconv model,this study introduces modifications to adapt it to multi-classification tasks and improve its performance.It proposes a new innovative method that focuses on byte extraction from Portable Executable(PE)malware files based on their semantic location,resulting in higher accuracy in malware classification than traditional methods using full-byte sequences.This novel approach evaluates the importance of each semantic segment to improve classification accuracy.The results revealed that the header segment of PE files provides the most valuable information for malware identification,outperforming the other sections,and achieving an average classification accuracy of 99.54%.The above reaffirms the effectiveness of the semantic segmentation approach and highlights the critical role header data plays in improving malware detection and classification accuracy.展开更多
Purpose:Currently,different research conclusions exist about the relationship between relational capital and corporate innovation.The research aims to(1)reveal the actual relationship between executive alumni relation...Purpose:Currently,different research conclusions exist about the relationship between relational capital and corporate innovation.The research aims to(1)reveal the actual relationship between executive alumni relations and firm innovation performance,(2)examine the moderating role of executive academic backgrounds,(3)analyze the paths for firms to leverage knowledge spillovers from regional universities to promote firm innovation by their geographic location.Design/methodology/approach:A social network approach is used to construct alumni relationship networks of A-share listed companies in Shanghai and Shenzhen,China.A two-way fixed effects model is used to assess the impact of firms’structural position in executive alumni networks on firms’innovation performance.In addition,the research also delves into the interactions between knowledge spillovers from geographic locations and executives’alumni networks,aiming to elucidate their combined effects on firms’innovation performance.Findings:This paper explores the curvilinear relationship between executive alumni networks’centrality and firm innovation within the Chinese context.It also finds that in the positive effect interval on the right side of the“U-shaped,”the industry with the highest number of occurrences is the high-tech industry.Moreover,it elucidates the moderating influence of executives’academic experience on the alumni networks-innovation nexus,offering a nuanced understanding of these dynamics.Lastly,we provide novel insights into optimizing resource allocation to leverage geographic knowledge spillovers for innovation.Research limitations:The study may not fully represent the broader population of firms,particularly small and medium-sized enterprises(SMEs)or unlisted companies.Future research could expand the sample to include a more diverse range of firms to enhance the generalizability of the findings.Practical implications:Firstly,companies can give due consideration to the alumni resources of executives in their personnel decisions,but they should pay attention to the rational use of resources.Secondly,universities should actively work with companies to promote knowledge transfer and collaboration.Originality/value:The findings help clarify the influence mechanism of firms’innovation performance,providing theoretical support and empirical evidence for firms to drive innovation at the executive alumni relationship network level.展开更多
BACKGROUND Treatment-resistant depression(TRD)has a poor response to clinical treatment.Patients with TRD do not respond adequately to standard antidepressants.Even after receiving a full dose and sufficient duration ...BACKGROUND Treatment-resistant depression(TRD)has a poor response to clinical treatment.Patients with TRD do not respond adequately to standard antidepressants.Even after receiving a full dose and sufficient duration of combined antidepressant therapy,significant improvement is still difficult to achieve.At present,electroconvulsive therapy(ECT)remains a clinically effective method for treating refractory depression.A good anesthesia regimen can enhance its clinical efficacy.Actively exploring high-quality anesthesia regimens has become a current research hotspot.AIM To explore the effect of esketamine and etomidate anesthesia on the clinical efficacy of ECT for TRD.METHODS A total of 120 patients with TRD,treated at the Department of Psychiatry,The Second Affiliated Hospital of Shandong First Medical University,China between April 2020 and April 2024,were selected for the study.The patients were allocated at random into two groups using a random number table:The combination and control groups,with 60 patients in each group.Both groups underwent ECT;the combination group received esketamine and etomidate anesthesia,while the control group received etomidate anesthesia.The following parameters were compared between the two groups:Heart rate(HR);mean arterial pressure(MAP);peripheral capillary oxygen saturation(SpO2);initial and final threshold charges;and serum brain-derived neurotrophic factor(BDNF),nerve growth factor(NGF),5-hydroxytryptamine(5-HT),and interleukin-4(IL-4)levels.Neurological functions,basic executive function scores,and adverse reactions were compared during the treatment process.RESULTS During treatment,the maximum and minimum HR and MAP values in the combination group were markedly lower than those in the control group(P<0.05),whereas there was no significant difference in SpO2 between the two groups(P>0.05).During the treatment,there were no significant differences in the initial threshold charge and average duration of seizures during ECT between the two groups(P>0.05).However,the final threshold charge and total charge in the combination group were considerably lower than those in the control group(P<0.05).After treatment,the BDNF,NGF,5-HT,and IL-4 levels were evidently higher in the combination group than in the control group(P<0.05).During treatment,as the number of ECT sessions increased,both BRNAS and Measurement and Treatment Research to Improve Cognition in Schizophrenia Consensus Cognitive Battery(MCCB)scores increased,whereas Hamilton Depression Rating Scale(HAMD)-24 scores decreased in both groups.Starting from the third treatment session,the BRNAS and MCCB scores in the combination group were higher than in the control group,whereas the Hamilton Depression Scale-24 score was lower in the combination group than in the control group(P<0.05).After treatment,the Wisconsin Card Sorting Test scores and Tower of Hanoi test results in the combination group were significantly better than those in the control group(P<0.05).The occurrence of adverse reactions was compared between the two groups(P>0.05).CONCLUSION Esketamine and etomidate anesthesia during ECT for patients with TRD helps maintain stable vital signs during the treatment process,improves depressive symptoms,and enhances neurological and basic executive functions.展开更多
Fuzz testing is a widely adopted technique for uncovering bugs and security vulnerabilities in embedded firmware.However,many embedded systems heavily rely on peripherals,rendering conventional fuzzing techniques inef...Fuzz testing is a widely adopted technique for uncovering bugs and security vulnerabilities in embedded firmware.However,many embedded systems heavily rely on peripherals,rendering conventional fuzzing techniques ineffective.When peripheral responses are missing or incorrect,fuzzing a firmware may crash or exit prematurely,significantly limiting code coverage.While prior re-hosting approaches have made progress in simulating Memory-Mapped Input/Output(MMIO)and interrupt-based peripherals,they either ignore Direct Memory Access(DMA)or handle it oversimplified.In this work,we present ADFEmu,a novel automated firmware re-hosting framework that enables effective fuzzing of DMA-enabled firmware.ADFEmu integrates concolic execution with large language models(LLMs)to semantically emulate DMA operations and synthesize peripheral input sequences intelligently.Specifically,it learns DMA transfer patterns from the firmware’s context and employs guided symbolic execution to explore deeper and more diverse execution paths.This approach allows firmware to operate stably without hardware dependencies while achieving higher fidelity in emulation.Evaluated on real-world embedded firmware samples,ADFEmu achieves a 100%re-hosting success rate,improves total execution path exploration by 5.31%,and triggers more crashes compared to the state-of-the-art.These results highlight ADFEmu’s effectiveness in overcoming long-standing limitations of DMA emulation and its potential to advance automated vulnerability discovery in peripheral-rich embedded environments.展开更多
Introduction: Stroke may have a negative impact on mental health and behavior. Cognitive disorders are common after stroke. They are rarely assessed in current clinical practice, particularly in our context. They cons...Introduction: Stroke may have a negative impact on mental health and behavior. Cognitive disorders are common after stroke. They are rarely assessed in current clinical practice, particularly in our context. They constitute a real “invisible” handicap. In sub-Saharan Africa, we are not aware of any studies specifically assessing executive functions. These functions are at the heart of all adaptation processes to new or complex situations. This prompted the authors to carry out this study at the Ibrahima Pierre Ndiaye Neuroscience Department of the Fann National University Hospital Centre (Senegal). Objective and Methodology: The aim of this study was to assess and characterize post-stroke alterations in executive functions in our context. We conducted a descriptive cross-sectional study. It took place over a 4-month period from April 1 to August 31, 2021. Patients were matched to controls according to age, gender and educational level. Executive functions were assessed using the Frontal Assessment Battery (FAB). Results: A total of 30 patients with stroke were enrolled. These patients were matched to controls. The mean age of the patients was 46.87 ± 17.65 years. For the control group, it was 39.27 ± 12.33 years. The prevalence of executive function disorders was 20% in post-stroke patients. The majority of executive functions assessed were impaired. Sensitivity to interference and environmental autonomy were the only ones preserved. Conclusion: Impaired executive functions are common after stroke. They should be systematically assessed in all stroke patients to ensure optimal management.展开更多
As digital technology grows,it will improve accessibility to justice and legal protection for the differently abled and promote social justice.THE rapid development of digital technology is not only changing tradition...As digital technology grows,it will improve accessibility to justice and legal protection for the differently abled and promote social justice.THE rapid development of digital technology is not only changing traditional working modes but also profoundly impacting the application of laws,evidence collection,trial process,and execution.Digital technologies can remedy many shortcomings in traditional judicial procedures,better protecting the legitimate rights and interests of people,especially people with disabilities.展开更多
Compliance,as a very important aspect of corporate governance,has developed earlier in the world,while China's compliance management has developed relatively late and is currently lacking in development.However,ma...Compliance,as a very important aspect of corporate governance,has developed earlier in the world,while China's compliance management has developed relatively late and is currently lacking in development.However,many enterprises suffer serious losses without compliance management,especially import and export enterprises,which are forced to exit the market due to poor compliance management.This article is based on the urgent need of Chinese enterprises for compliance management,but the lack of research by scholars.It summarizes the literature on the factors affecting compliance,hoping to be helpful for the study of compliance management.展开更多
文摘To analyze the behavioral model of the command,control,communication,computer,intelligence,surveillance,reconnaissance(C4ISR)architecture,we propose an executable modeling and analyzing approach to it.First,the meta concept model of the C4ISR architecture is introduced.According to the meta concept model,we construct the executable meta models of the C4ISR architecture by extending the meta models of fUML.Then,we define the concrete syntax and executable activity algebra(EAA)semantics for executable models.The semantics functions are introduced to translating the syntax description of executable models into the item of EAA.To support the execution of models,we propose the executable rules which are the structural operational semantics of EAA.Finally,an area air defense of the C4ISR system is used to illustrate the feasibility of the approach.
基金supported by the Applied Basic Research Programs of Sichuan Province under Grant No.2010JY0001the Fundamental Research Funds for the Central Universities under Grant No.ZYGX2010J068
文摘An information hiding algorithm is proposed,which hides information by embedding secret data into the palette of bitmap resources of portable executable(PE)files.This algorithm has higher security than some traditional ones because of integrating secret data and bitmap resources together.Through analyzing the principle of bitmap resources parsing in an operating system and the layer of resource data in PE files,a safe and useful solution is presented to solve two problems that bitmap resources are incorrectly analyzed and other resources data are confused in the process of data embedding.The feasibility and effectiveness of the proposed algorithm are confirmed through computer experiments.
基金supported by the National Key R&D Program of China(2018YFC0806900)the China Postdoctoral Science Foundation Funded Project(2018M633757)+1 种基金the Primary Research&Development Plan of Jiangsu Province(BE2016904,BE2017616,BE2018754,BE2019762)Jiangsu Province Postdoctoral Science Foundation Funded Project(2019K185).
文摘As the scale of current systems become larger and larger and their complexity is increasing gradually,research on executable models in the design phase becomes significantly important as it is helpful to simulate the execution process and capture defects of a system in advance.Meanwhile,the capability of a system becomes so important that stakeholders tend to emphasize their capability requirements when developing a system.To deal with the lack of official specifications and the fundamental theory basis for capability requirement,we propose a cooperative capability requirements(CCR)meta-model as a theory basis for researchers to refer to in this research domain,in which we provide detailed definition of the CCR concepts,associations and rules.Moreover,we also propose an executable framework,which may enable modelers to simulate the execution process of a system in advance and do well in filling the inconsistency and semantic gaps between stakeholders’requirements and their models.The primary working mechanism of the framework is to transform the Alf activity meta-model into the communicating sequential process(CSP)process meta-model based on some mapping rules,after which the internal communication mechanism between process nodes is designed to smooth the execution of behaviors in a CSP system.Moreover,a validation method is utilized to check the correctness and consistency of the models,and a self-fixing mechanism is used to fix the errors and warnings captured during the validation process automatically.Finally,a validation report is generated and fed back to the modelers for system optimization.
文摘The continuous development of cyberattacks is threatening digital transformation endeavors worldwide and leadsto wide losses for various organizations. These dangers have proven that signature-based approaches are insufficientto prevent emerging and polymorphic attacks. Therefore, this paper is proposing a Robust Malicious ExecutableDetection (RMED) using Host-based Machine Learning Classifier to discover malicious Portable Executable (PE)files in hosts using Windows operating systems through collecting PE headers and applying machine learningmechanisms to detect unknown infected files. The authors have collected a novel reliable dataset containing 116,031benign files and 179,071 malware samples from diverse sources to ensure the efficiency of RMED approach.The most effective PE headers that can highly differentiate between benign and malware files were selected totrain the model on 15 PE features to speed up the classification process and achieve real-time detection formalicious executables. The evaluation results showed that RMED succeeded in shrinking the classification timeto 91 milliseconds for each file while reaching an accuracy of 98.42% with a false positive rate equal to 1.58. Inconclusion, this paper contributes to the field of cybersecurity by presenting a comprehensive framework thatleverages Artificial Intelligence (AI) methods to proactively detect and prevent cyber-attacks.
文摘One aspect of cybersecurity,incorporates the study of Portable Executables(PE)files maleficence.Artificial Intelligence(AI)can be employed in such studies,since AI has the ability to discriminate benign from malicious files.In this study,an exclusive set of 29 features was collected from trusted implementations,this set was used as a baseline to analyze the presented work in this research.A Decision Tree(DT)and Neural Network Multi-Layer Perceptron(NN-MLPC)algorithms were utilized during this work.Both algorithms were chosen after testing a few diverse procedures.This work implements a method of subgrouping features to answer questions such as,which feature has a positive impact on accuracy when added?Is it possible to determine a reliable feature set to distinguish a malicious PE file from a benign one?when combining features,would it have any effect on malware detection accuracy in a PE file?Results obtained using the proposed method were improved and carried few observations.Generally,the obtained results had practical and numerical parts,for the practical part,the number of features and which features included are the main factors impacting the calculated accuracy,also,the combination of features is as crucial in these calculations.Numerical results included,finding accuracies with enhanced values,for example,NN_MLPC attained 0.979 and 0.98;for DT an accuracy of 0.9825 and 0.986 was attained.
文摘Windows malware is becoming an increasingly pressing problem as the amount of malware continues to grow and more sensitive information is stored on systems.One of the major challenges in tackling this problem is the complexity of malware analysis,which requires expertise from human analysts.Recent developments in machine learning have led to the creation of deep models for malware detection.However,these models often lack transparency,making it difficult to understand the reasoning behind the model’s decisions,otherwise known as the black-box problem.To address these limitations,this paper presents a novel model for malware detection,utilizing vision transformers to analyze the Operation Code(OpCode)sequences of more than 350000 Windows portable executable malware samples from real-world datasets.The model achieves a high accuracy of 0.9864,not only surpassing the previous results but also providing valuable insights into the reasoning behind the classification.Our model is able to pinpoint specific instructions that lead to malicious behavior in malware samples,aiding human experts in their analysis and driving further advancements in the field.We report our findings and show how causality can be established between malicious code and actual classification by a deep learning model,thus opening up this black-box problem for deeper analysis.
基金supported by the National Key Research and Development Program of China under Grant 2023YFB2903902in part by the Science and Technology Innovation Leading Talents Subsidy Project of Central Plains under Grant 244200510038.
文摘In the process of programmable networks simplifying network management and increasing network flexibility through custom packet behavior,security incidents caused by human logic errors are seriously threatening their safe operation,robust verificationmethods are required to ensure their correctness.As one of the formalmethods,symbolic execution offers a viable approach for verifying programmable networks by systematically exploring all possible paths within a program.However,its application in this field encounters scalability issues due to path explosion and complex constraint-solving.Therefore,in this paper,we propose NetVerifier,a scalable verification system for programmable networks.Tomitigate the path explosion issue,we developmultiple pruning strategies that strategically eliminate irrelevant execution paths while preserving verification integrity by precisely identifying the execution paths related to the verification purpose.To address the complex constraint-solving problem,we introduce an execution results reuse solution to avoid redundant computation of the same constraints.To apply these solutions intelligently,a matching algorithm is implemented to automatically select appropriate solutions based on the characteristics of the verification requirement.Moreover,Language Aided Verification(LAV),an assertion language,is designed to express verification intentions in a concise form.Experimental results on diverse open-source programs of varying scales demonstrate NetVerifier’s improvement in scalability and effectiveness in identifying potential network errors.In the best scenario,compared with ASSERT-P4,NetVerifier reduced the execution path,verification time,and memory occupation of the verification process by 99.92%,94.76%,and 65.19%,respectively.
基金supported by the National Natural Science Foundation of China(32271097)the Major Project of the National Social Science Foundation of China(19ZDA043).
文摘Exploring the mechanisms underlying willingness to buy(WTB)will help us identify neural indicators for predicting the performance of innovative products.Using functional magnetic resonance imaging,we asked participants to view products created by combining two components,including high applicability new combinations(HANCs),which provide a novel and practical application;and low applicability new combinations(LANCs),which provide no additional value.First,we found that WTB generally involves activation of the parahippocampal gyrus.For HANC,activation in the pars opercularis of the inferior frontal gyrus(IFG oper)is associated with WTB.Second,representational similarity analysis revealed that for HANC,the interrelation between the elements and combinations in the IFG oper predicts WTB.Third,multivoxel pattern analysis found that classification accuracy in the IFG oper predicts the difference in WTB between HANCs and LANCs.In conclusion,WTB requires default mode network-based associative processing.For HANC products,executive control network-based processes are necessary for value construction.
基金supported by the National Key Research and Development Program of China(2020YFB1005704).
文摘Since the advent of smart contracts,security vulnerabilities have remained a persistent challenge,compromsing both the reliability of contract execution and the overall stability of the virtual currency market.Consequently,the academic community has devoted increasing attention to these security risks.However,conventional approaches to vulnerability detection frequently exhibit limited accuracy.To address this limitation,the present study introduces a novel vulnerability detection framework called GNNSE that integrates symbolic execution with graph neural networks(GNNs).The proposedmethod first constructs semantic graphs to comprehensively capture the control flow and data flow dependencies within smart contracts.These graphs are subsequently processed using GNNs to efficiently identify contracts with a high likelihood of vulnerabilities.For these high-risk contracts,symbolic execution is employed to perform fine-grained,path-level analysis,thereby improving overall detection precision.Experimental results on a dataset comprising 10,079 contracts demonstrate that the proposed method achieves detection precisions of 93.58% for reentrancy vulnerabilities and 92.73% for timestamp-dependent vulnerabilities.
文摘The growing threat of malware,particularly in the Portable Executable(PE)format,demands more effective methods for detection and classification.Machine learning-based approaches exhibit their potential but often neglect semantic segmentation of malware files that can improve classification performance.This research applies deep learning to malware detection,using Convolutional Neural Network(CNN)architectures adapted to work with semantically extracted data to classify malware into malware families.Starting from the Malconv model,this study introduces modifications to adapt it to multi-classification tasks and improve its performance.It proposes a new innovative method that focuses on byte extraction from Portable Executable(PE)malware files based on their semantic location,resulting in higher accuracy in malware classification than traditional methods using full-byte sequences.This novel approach evaluates the importance of each semantic segment to improve classification accuracy.The results revealed that the header segment of PE files provides the most valuable information for malware identification,outperforming the other sections,and achieving an average classification accuracy of 99.54%.The above reaffirms the effectiveness of the semantic segmentation approach and highlights the critical role header data plays in improving malware detection and classification accuracy.
基金supported in part by the National Natural Science Foundation of China under Grant No.72264036,in part by the West Light Foundation of The Chinese Academy of Sciences under Grant No.2020-XBQNXZ-020Xinjiang University of Finance and Economics Postgraduate Innovation Project XJUFE2024K036.
文摘Purpose:Currently,different research conclusions exist about the relationship between relational capital and corporate innovation.The research aims to(1)reveal the actual relationship between executive alumni relations and firm innovation performance,(2)examine the moderating role of executive academic backgrounds,(3)analyze the paths for firms to leverage knowledge spillovers from regional universities to promote firm innovation by their geographic location.Design/methodology/approach:A social network approach is used to construct alumni relationship networks of A-share listed companies in Shanghai and Shenzhen,China.A two-way fixed effects model is used to assess the impact of firms’structural position in executive alumni networks on firms’innovation performance.In addition,the research also delves into the interactions between knowledge spillovers from geographic locations and executives’alumni networks,aiming to elucidate their combined effects on firms’innovation performance.Findings:This paper explores the curvilinear relationship between executive alumni networks’centrality and firm innovation within the Chinese context.It also finds that in the positive effect interval on the right side of the“U-shaped,”the industry with the highest number of occurrences is the high-tech industry.Moreover,it elucidates the moderating influence of executives’academic experience on the alumni networks-innovation nexus,offering a nuanced understanding of these dynamics.Lastly,we provide novel insights into optimizing resource allocation to leverage geographic knowledge spillovers for innovation.Research limitations:The study may not fully represent the broader population of firms,particularly small and medium-sized enterprises(SMEs)or unlisted companies.Future research could expand the sample to include a more diverse range of firms to enhance the generalizability of the findings.Practical implications:Firstly,companies can give due consideration to the alumni resources of executives in their personnel decisions,but they should pay attention to the rational use of resources.Secondly,universities should actively work with companies to promote knowledge transfer and collaboration.Originality/value:The findings help clarify the influence mechanism of firms’innovation performance,providing theoretical support and empirical evidence for firms to drive innovation at the executive alumni relationship network level.
文摘BACKGROUND Treatment-resistant depression(TRD)has a poor response to clinical treatment.Patients with TRD do not respond adequately to standard antidepressants.Even after receiving a full dose and sufficient duration of combined antidepressant therapy,significant improvement is still difficult to achieve.At present,electroconvulsive therapy(ECT)remains a clinically effective method for treating refractory depression.A good anesthesia regimen can enhance its clinical efficacy.Actively exploring high-quality anesthesia regimens has become a current research hotspot.AIM To explore the effect of esketamine and etomidate anesthesia on the clinical efficacy of ECT for TRD.METHODS A total of 120 patients with TRD,treated at the Department of Psychiatry,The Second Affiliated Hospital of Shandong First Medical University,China between April 2020 and April 2024,were selected for the study.The patients were allocated at random into two groups using a random number table:The combination and control groups,with 60 patients in each group.Both groups underwent ECT;the combination group received esketamine and etomidate anesthesia,while the control group received etomidate anesthesia.The following parameters were compared between the two groups:Heart rate(HR);mean arterial pressure(MAP);peripheral capillary oxygen saturation(SpO2);initial and final threshold charges;and serum brain-derived neurotrophic factor(BDNF),nerve growth factor(NGF),5-hydroxytryptamine(5-HT),and interleukin-4(IL-4)levels.Neurological functions,basic executive function scores,and adverse reactions were compared during the treatment process.RESULTS During treatment,the maximum and minimum HR and MAP values in the combination group were markedly lower than those in the control group(P<0.05),whereas there was no significant difference in SpO2 between the two groups(P>0.05).During the treatment,there were no significant differences in the initial threshold charge and average duration of seizures during ECT between the two groups(P>0.05).However,the final threshold charge and total charge in the combination group were considerably lower than those in the control group(P<0.05).After treatment,the BDNF,NGF,5-HT,and IL-4 levels were evidently higher in the combination group than in the control group(P<0.05).During treatment,as the number of ECT sessions increased,both BRNAS and Measurement and Treatment Research to Improve Cognition in Schizophrenia Consensus Cognitive Battery(MCCB)scores increased,whereas Hamilton Depression Rating Scale(HAMD)-24 scores decreased in both groups.Starting from the third treatment session,the BRNAS and MCCB scores in the combination group were higher than in the control group,whereas the Hamilton Depression Scale-24 score was lower in the combination group than in the control group(P<0.05).After treatment,the Wisconsin Card Sorting Test scores and Tower of Hanoi test results in the combination group were significantly better than those in the control group(P<0.05).The occurrence of adverse reactions was compared between the two groups(P>0.05).CONCLUSION Esketamine and etomidate anesthesia during ECT for patients with TRD helps maintain stable vital signs during the treatment process,improves depressive symptoms,and enhances neurological and basic executive functions.
基金funded by the Science and Technology Project of State Grid Jiangsu Electric Power Company Ltd.,grant number J2024169.
文摘Fuzz testing is a widely adopted technique for uncovering bugs and security vulnerabilities in embedded firmware.However,many embedded systems heavily rely on peripherals,rendering conventional fuzzing techniques ineffective.When peripheral responses are missing or incorrect,fuzzing a firmware may crash or exit prematurely,significantly limiting code coverage.While prior re-hosting approaches have made progress in simulating Memory-Mapped Input/Output(MMIO)and interrupt-based peripherals,they either ignore Direct Memory Access(DMA)or handle it oversimplified.In this work,we present ADFEmu,a novel automated firmware re-hosting framework that enables effective fuzzing of DMA-enabled firmware.ADFEmu integrates concolic execution with large language models(LLMs)to semantically emulate DMA operations and synthesize peripheral input sequences intelligently.Specifically,it learns DMA transfer patterns from the firmware’s context and employs guided symbolic execution to explore deeper and more diverse execution paths.This approach allows firmware to operate stably without hardware dependencies while achieving higher fidelity in emulation.Evaluated on real-world embedded firmware samples,ADFEmu achieves a 100%re-hosting success rate,improves total execution path exploration by 5.31%,and triggers more crashes compared to the state-of-the-art.These results highlight ADFEmu’s effectiveness in overcoming long-standing limitations of DMA emulation and its potential to advance automated vulnerability discovery in peripheral-rich embedded environments.
文摘Introduction: Stroke may have a negative impact on mental health and behavior. Cognitive disorders are common after stroke. They are rarely assessed in current clinical practice, particularly in our context. They constitute a real “invisible” handicap. In sub-Saharan Africa, we are not aware of any studies specifically assessing executive functions. These functions are at the heart of all adaptation processes to new or complex situations. This prompted the authors to carry out this study at the Ibrahima Pierre Ndiaye Neuroscience Department of the Fann National University Hospital Centre (Senegal). Objective and Methodology: The aim of this study was to assess and characterize post-stroke alterations in executive functions in our context. We conducted a descriptive cross-sectional study. It took place over a 4-month period from April 1 to August 31, 2021. Patients were matched to controls according to age, gender and educational level. Executive functions were assessed using the Frontal Assessment Battery (FAB). Results: A total of 30 patients with stroke were enrolled. These patients were matched to controls. The mean age of the patients was 46.87 ± 17.65 years. For the control group, it was 39.27 ± 12.33 years. The prevalence of executive function disorders was 20% in post-stroke patients. The majority of executive functions assessed were impaired. Sensitivity to interference and environmental autonomy were the only ones preserved. Conclusion: Impaired executive functions are common after stroke. They should be systematically assessed in all stroke patients to ensure optimal management.
文摘As digital technology grows,it will improve accessibility to justice and legal protection for the differently abled and promote social justice.THE rapid development of digital technology is not only changing traditional working modes but also profoundly impacting the application of laws,evidence collection,trial process,and execution.Digital technologies can remedy many shortcomings in traditional judicial procedures,better protecting the legitimate rights and interests of people,especially people with disabilities.
文摘Compliance,as a very important aspect of corporate governance,has developed earlier in the world,while China's compliance management has developed relatively late and is currently lacking in development.However,many enterprises suffer serious losses without compliance management,especially import and export enterprises,which are forced to exit the market due to poor compliance management.This article is based on the urgent need of Chinese enterprises for compliance management,but the lack of research by scholars.It summarizes the literature on the factors affecting compliance,hoping to be helpful for the study of compliance management.
