【摘 要】
:
Allocation,dereferencing,and freeing of memory data in kernels are coherently linked.There widely exist real cases where the correctness of memory is compromised.This incorrectness in kernel memory brings about significant security issues,e.g.,information
【机 构】
:
College of Computer Science and Technology,National University of Defense Technology,Changsha 410073
论文部分内容阅读
Allocation,dereferencing,and freeing of memory data in kernels are coherently linked.There widely exist real cases where the correctness of memory is compromised.This incorrectness in kernel memory brings about significant security issues,e.g.,information leaking.Though memory allocation,dereferencing,and freeing are closely related,previous work failed to realize they are closely related.In this paper,we study the life-cycle of kernel memory,which consists of allocation,dereferencing,and freeing.Errors in them are called memory life-cycle(MLC)bugs.We propose an in-depth study of MLC bugs and implement a memory life-cycle bug sanitizer(MEBS)for MLC bug detection.Utilizing an inter-procedural global call graph and novel identification approaches,MEBS can reveal memory allocation,dereferencing,and freeing sites in kernels.By constructing a modified define-use chain and examining the errors in the life-cycle,MLC bugs can be identified.Moreover,the experimental results on the latest kernels demonstrate that MEBS can effectively detect MLC bugs,and MEBS can be scaled to different kernels.More than 100 new bugs are exposed in Linux and FreeBSD,and 12 common vulnerabilities and exposures(CVE)are assigned.
其他文献
针对现有多属性群体决策方法较少考虑社会网络和决策者有限理性因素的影响,考虑到社会网络中的信任关系,提出了基于信任关系的TODIM(TOmada de decis?o interativa multicritério)群体多属性决策方法.根据决策专家之间的信任关系,计算出信任网络中的领导者、信任关系矩阵以及评价矩阵等.专家根据自身的自信程度来参考领导者的评价矩阵,调整备选方案的优势度.运用TODIM方法计算各方案最终的排序结果,并与未考虑信任关系时得出的排序结果进行比较,并对自信程度进行灵敏度分析.算例结果
雷达图像目标检测是国家海洋军事和经济发展的重点研究领域.与被动成像的光学雷达相比,合成孔径雷达(synthetic aperture radar,SAR)由于其高分辨率、全天候、全天时、主动式等特点,成为20世纪以来多国雷达研究的重要组成部分.图像目标检测是雷达图像解译的基础.提出一种复杂场景下深度表示的SAR船舶目标检测算法,针对SAR图像目标检测模型无法专注困难样本以及解决FPN多尺度金字塔融合的问题,提出将Libra R-CNN网络与NAS-FPN特征提取网络相结合.其中Libra R-CNN网络在
由于轴承故障数据存在数据量少和分布不均衡的问题,将迁移学习引入故障诊断领域,同时由于轴承故障数据的分布与源数据集分布差异巨大,直接采用迁移学习的方法会产生负迁移效应,即由于源数据集与目标数据集间分布差异过大而导致无法学习到源数据集的知识,提出一种对迁移学习进行改进的诊断新方法:即两步迁移学习法,使用DCGAN来制作辅助数据集,在辅助数据集上进行迁移学习,再将网络放在目标数据集上再次进行迁移学习训练,根据与普通迁移学习和不使用迁移学习的对比实验,新方法相较于目前已有的方法具有更快的速度与更高的准确率.
针对机械故障、天气状况等随机因素在运输过程中易对各种运输方式造成影响,研究更具有实际意义的带软时间窗的多式联运4PL路径问题.在软时间窗约束下,以总运输费用最小为目标,建立带有软时间窗的多式联运4PL路径优化模型.设计基于天牛须搜索思想和莱维飞行机制的乌鸦搜索算法对模型进行求解,采用田口方法确定算法最优参数组合,与其他算法进行对比分析,实验结果表明改进算法具有更好的求解效果和稳定性.通过数据分析,采用多式联运的运输组织形式,相比单一3PL服务商的单一运输方式,能够有效降低总运输费用;对于客户不同的软时间窗
To cater for the scenario of coordinated transportation of multiple trucks on the highway,a platoon system for autonomous driving has been extensively explored in the industry.Before such a platoon is deployed,it is necessary to ensure the safety of its d
Modern multiprocessors deploy a variety of weak memory models(WMMs).Total Store Order(TSO) is a widely-used weak memory model in SPARC implementations and x86 architecture.It omits the store-load constraint by allowing each core to employ a write buffer.I
利用关系数据进行股价预测的方法最近已经被提出,但目前还没有找到一种有效的方法可以有选择地聚合不同类型的关系数据去预测股价.提出一种改进的多层节点图注意力网络(FHAN)模型,该方法融合Fraudar算法,提供了一种对多个对象关系之间看问题的视角.模型把公司看做节点,把交互看成边,选择性地聚合不同关系类型的信息,并将这些信息添加到每个公司的节点表示中,添加了信息的节点表示被输入到特定任务层自动选择信息,实验结果表明,该方法比目前流行的神经网络算法在股价预测的效果上更准确,实验选取不同神经网络算法做对比,在最
As a continuation of previous years\'special section on software systems,this special section encourages and promotes research to address challenges from the perspective of software systems.The goal of this special section is to present state-of-the-art
Many applications need to meet diverse requirements of a large-scale distributed user group.That challenges the current requirements engineering techniques.Crowd-based requirements engineering was proposed as an umbrella term for dealing with the requirem
Programmable logic controllers(PLCs)play a critical role in many industrial control systems,yet face in-creasingly serious cyber threats.In this paper,we propose a novel PLC-compatible software-based defense mechanism,called Heterogeneous Redundant Proact