9 research outputs found
MTFuzz: Fuzzing with a Multi-Task Neural Network
Fuzzing is a widely used technique for detecting software bugs and
vulnerabilities. Most popular fuzzers generate new inputs using an evolutionary
search to maximize code coverage. Essentially, these fuzzers start with a set
of seed inputs, mutate them to generate new inputs, and identify the promising
inputs using an evolutionary fitness function for further mutation. Despite
their success, evolutionary fuzzers tend to get stuck in long sequences of
unproductive mutations. In recent years, machine learning (ML) based mutation
strategies have reported promising results. However, the existing ML-based
fuzzers are limited by the lack of quality and diversity of the training data.
As the input space of the target programs is high dimensional and sparse, it is
prohibitively expensive to collect many diverse samples demonstrating
successful and unsuccessful mutations to train the model. In this paper, we
address these issues by using a Multi-Task Neural Network that can learn a
compact embedding of the input space based on diverse training samples for
multiple related tasks (i.e., predicting for different types of coverage). The
compact embedding can guide the mutation process by focusing most of the
mutations on the parts of the embedding where the gradient is high. \tool
uncovers previously unseen bugs and achieves an average of more
edge coverage compared with 5 state-of-the-art fuzzer on 10 real-world
programs.Comment: ACM Joint European Software Engineering Conference and Symposium on
the Foundations of Software Engineering (ESEC/FSE) 202
Linking and Consuming Agricultural Big Data with Linked Data and KOS
International audienceThis paper gives brief introduction about the big data, linked data and knowledge organization systems (KOS) and their relationships. As the authors mainly focus on the variety and value characteristics of big data, the linked data and KOS technologies are used to link and consume the large amounts of literature and scientific data in agricultural research community. The results show that it is a good way to describe, connect, organize, represent, visualize and access to big data effectively and semantically based on the linked data and KOS technologies
Hypervisor Memory Forensics
Abstract. Memory forensics is the branch of computer forensics that aims at extracting artifacts from memory snapshots taken from a running system. Even though it is a relatively recent field, it is rapidly growing and it is attracting considerable attention from both industrial and academic researchers. In this paper, we present a set of techniques to extend the field of memory forensics toward the analysis of hypervisors and virtual machines. With the increasing adoption of virtualization techniques (both as part of the cloud and in normal desktop environments), we believe that memory forensics will soon play a very important role in many investigations that involve virtual environments. Our approach, implemented in an open source tool as an extension of the Volatility framework, is designed to detect both the existence and the characteristics of any hypervisor that uses the Intel VT-x technology. It also supports the analysis of nested virtualization and it is able to infer the hierarchy of multiple hypervisors and virtual machines. Finally, by exploiting the techniques presented in this paper, our tool can reconstruct the address space of a virtual machine in order to transparently support any existing Volatility plugin- allowing analysts to reuse their code for the analysis of virtual environments
Sampling and haplotype locations.
<p>Map showing location and haplotype designations of each clade according to the phylogenetic tree. Circles represent the Northern clade, diamonds represent the VIC/TAS/NSW clade, crosses represent the Sunshine Coast clade, squares represent both NSW 1 and NSW 2 clades, and stars represent cities. The open shapes represent haplotypes from Zenger <i>et al</i>. [<a href="http://www.plosone.org/article/info:doi/10.1371/journal.pone.0128160#pone.0128160.ref023" target="_blank">23</a>] and solid black coloured shapes represent new haplotypes sampled in this paper. Inset is the Sunshine Coast region; shading in inset indicates contemporary temperate rainforest.</p
Digital forensic readiness framework for ransomware investigation
Over the years there has been a significant increase in the exploitation of the security vulnerabilities of Windows operating systems, the most severe threat being malicious software (malware). Ransomware, a variant of malware which encrypts files and retains the decryption key for ransom, has recently proven to become a global digital epidemic. The current method of mitigation and propagation of malware and its variants, such as anti-viruses, have proven ineffective against most Ransomware attacks. Theoretically, Ransomware retains footprints of the attack process in the Windows Registry and the volatile memory of the infected machine. Digital Forensic Readiness (DFR) processes provide mechanisms for the pro-active collection of digital footprints. This study proposed the integration of DFR mechanisms as a process to mitigate Ransomware attacks. A detailed process model of the proposed DFR mechanism was evaluated in compliance with the ISO/IEC 27043 standard. The evaluation revealed that the proposed mechanism has the potential to harness system information prior to, and during a Ransomware attack. This information can then be used to potentially decrypt the encrypted machine. The implementation of the proposed mechanism can potentially be a major breakthrough in mitigating this global digital endemic that has plagued various organizations. Furthermore, the implementation of the DFR mechanism implies that useful decryption processes can be performed to prevent ransom payment.http://www.springer.com/series/8197hj2019Computer Scienc