With the rapid development of operating systems,attacks on system vulnerabilities are increasing.Dynamic link library(DLL)hijacking is prevalent in installers on freeware platforms and is highly susceptible to exploit...With the rapid development of operating systems,attacks on system vulnerabilities are increasing.Dynamic link library(DLL)hijacking is prevalent in installers on freeware platforms and is highly susceptible to exploitation by malware attackers.However,existing studies are based solely on the load paths of DLLs,ignoring the attributes of installers and invocation modes,resulting in low accuracy and weak generality of vulnerability detection.In this paper,we propose a novel model,AB-DHD,which is based on an attention mechanism and a bi-directional gated recurrent unit(BiGRU)neural network for DLL hijacking vulnerability discovery.While BiGRU is an enhancement of GRU and has been widely applied in sequence data processing,a double-layer BiGRU network is introduced to analyze the internal features of installers with DLL hijacking vulnerabilities.Additionally,an attention mechanism is incorporated to dynamically adjust feature weights,significantly enhancing the ability of our model to detect vulnerabilities in new installers.A comprehensive“List of Easily Hijacked DLLs”is developed to serve a reference for future studies.We construct an EXEFul dataset and a DLLVul dataset,using data from two publicly available authoritative vulnerability databases,Common Vulnerabilities&Exposures(CVE)and China National Vulnerability Database(CNVD),and mainstream installer distribution platforms.Experimental results show that our model outperforms popular automated tools like Rattler and DLLHSC,achieving an accuracy of 97.79%and a recall of 94.72%.Moreover,17 previously unknown vulnerabilities have been identified,and corresponding vulnerability certifications have been assigned.展开更多
In this study,a multi-physics and multi-scale coupling program,Fluent/KMC-sub/NDK,was developed based on the user-defined functions(UDF)of Fluent,in which the KMC-sub-code is a sub-channel thermal-hydraulic code and t...In this study,a multi-physics and multi-scale coupling program,Fluent/KMC-sub/NDK,was developed based on the user-defined functions(UDF)of Fluent,in which the KMC-sub-code is a sub-channel thermal-hydraulic code and the NDK code is a neutron diffusion code.The coupling program framework adopts the"master-slave"mode,in which Fluent is the master program while NDK and KMC-sub are coupled internally and compiled into the dynamic link library(DLL)as slave codes.The domain decomposition method was adopted,in which the reactor core was simulated by NDK and KMC-sub,while the rest of the primary loop was simulated using Fluent.A simulation of the reactor shutdown process of M2LFR-1000 was carried out using the coupling program,and the code-to-code verification was performed with ATHLET,demonstrating a good agreement,with absolute deviation was smaller than 0.2%.The results show an obvious thermal stratification phenomenon during the shutdown process,which occurs 10 s after shutdown,and the change in thermal stratification phenomena is also captured by the coupling program.At the same time,the change in the neutron flux density distribution of the reactor was also obtained.展开更多
The present paper deals with the development of a modular, flexible and structured block to block approach for the study of regulators by implementing the different blocks on a DSP (digital signal processor). The pr...The present paper deals with the development of a modular, flexible and structured block to block approach for the study of regulators by implementing the different blocks on a DSP (digital signal processor). The proposed low-cost approach has been applied and validated by the implementation of an industrial regulator in a real time hardware-in-the-loop simulation of a mixed islanded power network including precise models of the hydraulic system. The studied network is constituted of three different types of electrical power generation systems and a consumer.展开更多
基金supported by the National Natural Science Foundation of China under Grant Nos.62072253,62172258,62302238,and 62372245the CCF-Tencent Rhino-Bird Open Research Fund,the Major Science and Technology Demonstration Project of Jiangsu Provincial Key Research and Development Program under Grant No.BE2022798the Postgraduate Research and Practice Innovation Program of Jiangsu Province of China under Grant No.KYCX20_0829.
文摘With the rapid development of operating systems,attacks on system vulnerabilities are increasing.Dynamic link library(DLL)hijacking is prevalent in installers on freeware platforms and is highly susceptible to exploitation by malware attackers.However,existing studies are based solely on the load paths of DLLs,ignoring the attributes of installers and invocation modes,resulting in low accuracy and weak generality of vulnerability detection.In this paper,we propose a novel model,AB-DHD,which is based on an attention mechanism and a bi-directional gated recurrent unit(BiGRU)neural network for DLL hijacking vulnerability discovery.While BiGRU is an enhancement of GRU and has been widely applied in sequence data processing,a double-layer BiGRU network is introduced to analyze the internal features of installers with DLL hijacking vulnerabilities.Additionally,an attention mechanism is incorporated to dynamically adjust feature weights,significantly enhancing the ability of our model to detect vulnerabilities in new installers.A comprehensive“List of Easily Hijacked DLLs”is developed to serve a reference for future studies.We construct an EXEFul dataset and a DLLVul dataset,using data from two publicly available authoritative vulnerability databases,Common Vulnerabilities&Exposures(CVE)and China National Vulnerability Database(CNVD),and mainstream installer distribution platforms.Experimental results show that our model outperforms popular automated tools like Rattler and DLLHSC,achieving an accuracy of 97.79%and a recall of 94.72%.Moreover,17 previously unknown vulnerabilities have been identified,and corresponding vulnerability certifications have been assigned.
基金supported by Science and Technology on Reactor System Design Technology Laboratory,Chengdu,China(LRSDT2020106)
文摘In this study,a multi-physics and multi-scale coupling program,Fluent/KMC-sub/NDK,was developed based on the user-defined functions(UDF)of Fluent,in which the KMC-sub-code is a sub-channel thermal-hydraulic code and the NDK code is a neutron diffusion code.The coupling program framework adopts the"master-slave"mode,in which Fluent is the master program while NDK and KMC-sub are coupled internally and compiled into the dynamic link library(DLL)as slave codes.The domain decomposition method was adopted,in which the reactor core was simulated by NDK and KMC-sub,while the rest of the primary loop was simulated using Fluent.A simulation of the reactor shutdown process of M2LFR-1000 was carried out using the coupling program,and the code-to-code verification was performed with ATHLET,demonstrating a good agreement,with absolute deviation was smaller than 0.2%.The results show an obvious thermal stratification phenomenon during the shutdown process,which occurs 10 s after shutdown,and the change in thermal stratification phenomena is also captured by the coupling program.At the same time,the change in the neutron flux density distribution of the reactor was also obtained.
文摘The present paper deals with the development of a modular, flexible and structured block to block approach for the study of regulators by implementing the different blocks on a DSP (digital signal processor). The proposed low-cost approach has been applied and validated by the implementation of an industrial regulator in a real time hardware-in-the-loop simulation of a mixed islanded power network including precise models of the hydraulic system. The studied network is constituted of three different types of electrical power generation systems and a consumer.
