Malicious software programs usually bypass the detection of anti-virus software by hiding themselves among apparently legitimate programs.In this work,we propose Windows Virtual Machine Introspection(WVMI)to accurat...Malicious software programs usually bypass the detection of anti-virus software by hiding themselves among apparently legitimate programs.In this work,we propose Windows Virtual Machine Introspection(WVMI)to accurately detect those hidden processes by analyzing memory data.WVMI dumps in-memory data of the target Windows operating systems from hypervisor and retrieves EPROCESS structures’address of process linked list first,and then generates Data Type Confidence Table(DTCT).Next,it traverses the memory and identifies the similarities between the nodes in process linked list and the corresponding segments in the memory by utilizing DTCT.Finally,it locates the segments of Windows’EPROCESS and identifies the hidden processes by further comparison.Through extensive experiments,our experiment shows that the WVMI detects the hidden process with high identification rate,and it is independent of different versions of Windows operating system.展开更多
A large number of hydraulic concrete structures have hidden defects such as cracks,erosion,freeze and thaw,thermal fatigue,carbonization.These hidden defects seriously affect the strength,stability and durability of s...A large number of hydraulic concrete structures have hidden defects such as cracks,erosion,freeze and thaw,thermal fatigue,carbonization.These hidden defects seriously affect the strength,stability and durability of structures.These problems are studied mainly by single monitoring or diagnosis methods at present.The integration of multiple monitoring and diagnosis methods is not applied widely.Besides,the analysis theory on these problems is not developed very well.The systemic study on the aging mechanism of hydraulic concrete structures,time-variation model and health diagnosis is still not enough.The support for engineering practice is limited.Aimed at these major scientific and technological problems and combined with specific projects,study on detection of hidden defects and health diagnosis of hydraulic concrete structure has been carried out.This study includes the following content:field non-destructive examination of hidden defects of hydraulic concrete structures,seepage detection,the construction of in-situ sensing system,the combination of field detection and in-situ monitoring,the mechanism of crack,freeze and thaw,erosion and carbonization of hydraulic concrete structure,mechanism of combination aging;time-variation model of hydraulic concrete structure,theories and methods for health diagnosis of hydraulic concrete structures.展开更多
Traditional security framework in cloud platform usually brings self-vulnerability and considerable additional resource consumption. To solve these problems, we propose an external processes monitoring architecture fo...Traditional security framework in cloud platform usually brings self-vulnerability and considerable additional resource consumption. To solve these problems, we propose an external processes monitoring architecture for current popular cloud platform Open Stack with kernel-based virtual machine(KVM). With this architecture, we can monitor all active processes in online virtual machine(VMs) and scan them for their potential maliciousness in OpenS tack with no agent, and can also detect hidden processes in offline VMs’ memory snapshots and notice the user to decide whether to kill them when VMs become active. Analysis and experimental results show that our architecture is able to reduce consumption of CPU, memory and bandwidth in cloud platform and can detect viruses and hidden processes effectively in VMs.展开更多
At present, according to the characteristics of the medical industry, research is carried out on the work of safety in production in hospitals, and the shortcomings and blind spots in safety management are analyzed. C...At present, according to the characteristics of the medical industry, research is carried out on the work of safety in production in hospitals, and the shortcomings and blind spots in safety management are analyzed. Combined with the construction of risk classification and hidden danger investigation and management system, the risks of safety in production are comprehensively sorted out. In medical institutions, risk assessment and hierarchical control are carried out for the risks of public logistic support facilities such as fire fighting, water supply and heating, and power supply in hospitals, so as to strengthen the investigation and management of potential safety hazards, implement the management and prevention, improve the safety management level of hospitals, and avoid production safety accidents. It does not include the prevention and control of medical accidents and their risks.展开更多
The stochastic resonance based on optical bistability in the semiconductor optical amplifier is numerically investigated to extract a weak pulse signal buried in noise. The output property of optical bistability under...The stochastic resonance based on optical bistability in the semiconductor optical amplifier is numerically investigated to extract a weak pulse signal buried in noise. The output property of optical bistability under different system parameters is analyzed, which determines the performance of the stochastic resonance. Through optimizing these parameters, the noise-hidden signal is extracted via stochastic resonance, in which the maximum cross-correlation gain higher than nine is obtained. This provides a novel technology for detecting a weak optical signal in various signal processing fields.展开更多
基金Supported by the National Natural Science Foundation of China(61170026)
文摘Malicious software programs usually bypass the detection of anti-virus software by hiding themselves among apparently legitimate programs.In this work,we propose Windows Virtual Machine Introspection(WVMI)to accurately detect those hidden processes by analyzing memory data.WVMI dumps in-memory data of the target Windows operating systems from hypervisor and retrieves EPROCESS structures’address of process linked list first,and then generates Data Type Confidence Table(DTCT).Next,it traverses the memory and identifies the similarities between the nodes in process linked list and the corresponding segments in the memory by utilizing DTCT.Finally,it locates the segments of Windows’EPROCESS and identifies the hidden processes by further comparison.Through extensive experiments,our experiment shows that the WVMI detects the hidden process with high identification rate,and it is independent of different versions of Windows operating system.
基金Supported by the Key Project of Chinese National Programs for Fundamental Research and Development(Grant No.2002CB412707)Key Project of NNSF and Yalongjiang Hydroelectric Development Joint Research Fund(50539110,50539030)+2 种基金Science and Technology Support Plan(20006BAC14B03)National Natural Science Foundation Major Project(50539010)National Natural Science Foundation of China(Grant No.50579010)
文摘A large number of hydraulic concrete structures have hidden defects such as cracks,erosion,freeze and thaw,thermal fatigue,carbonization.These hidden defects seriously affect the strength,stability and durability of structures.These problems are studied mainly by single monitoring or diagnosis methods at present.The integration of multiple monitoring and diagnosis methods is not applied widely.Besides,the analysis theory on these problems is not developed very well.The systemic study on the aging mechanism of hydraulic concrete structures,time-variation model and health diagnosis is still not enough.The support for engineering practice is limited.Aimed at these major scientific and technological problems and combined with specific projects,study on detection of hidden defects and health diagnosis of hydraulic concrete structure has been carried out.This study includes the following content:field non-destructive examination of hidden defects of hydraulic concrete structures,seepage detection,the construction of in-situ sensing system,the combination of field detection and in-situ monitoring,the mechanism of crack,freeze and thaw,erosion and carbonization of hydraulic concrete structure,mechanism of combination aging;time-variation model of hydraulic concrete structure,theories and methods for health diagnosis of hydraulic concrete structures.
基金Supported by the National Natural Science Foundation of China(61170026)
文摘Traditional security framework in cloud platform usually brings self-vulnerability and considerable additional resource consumption. To solve these problems, we propose an external processes monitoring architecture for current popular cloud platform Open Stack with kernel-based virtual machine(KVM). With this architecture, we can monitor all active processes in online virtual machine(VMs) and scan them for their potential maliciousness in OpenS tack with no agent, and can also detect hidden processes in offline VMs’ memory snapshots and notice the user to decide whether to kill them when VMs become active. Analysis and experimental results show that our architecture is able to reduce consumption of CPU, memory and bandwidth in cloud platform and can detect viruses and hidden processes effectively in VMs.
文摘At present, according to the characteristics of the medical industry, research is carried out on the work of safety in production in hospitals, and the shortcomings and blind spots in safety management are analyzed. Combined with the construction of risk classification and hidden danger investigation and management system, the risks of safety in production are comprehensively sorted out. In medical institutions, risk assessment and hierarchical control are carried out for the risks of public logistic support facilities such as fire fighting, water supply and heating, and power supply in hospitals, so as to strengthen the investigation and management of potential safety hazards, implement the management and prevention, improve the safety management level of hospitals, and avoid production safety accidents. It does not include the prevention and control of medical accidents and their risks.
基金supported by the National Natural Science Foundation of China under Grant No.61275134
文摘The stochastic resonance based on optical bistability in the semiconductor optical amplifier is numerically investigated to extract a weak pulse signal buried in noise. The output property of optical bistability under different system parameters is analyzed, which determines the performance of the stochastic resonance. Through optimizing these parameters, the noise-hidden signal is extracted via stochastic resonance, in which the maximum cross-correlation gain higher than nine is obtained. This provides a novel technology for detecting a weak optical signal in various signal processing fields.
