Fuzzing is a technique that was used to detect potential vulnerabilities and errors in software or systems by generating random, abnormal, or invalid test cases.When applying fuzzing to the kernel, more complex and challenging obstacles were encountered compared to user-space applications.The kernel, being a highly intricate software system, consists of numerous interconnected modules, subsystems, and device drivers, which presented challenges such as a massive codebase, complex interfaces, and runtime uncertainty.Traditional fuzzing methods could only generate inputs that simply satisfied interface specifications and explicit call dependencies, making it difficult to thoroughly explore the kernel.In contrast, evolutionary kernel fuzzing employed heuristic evolutionary strategies to dynamically adjust the generation and selection of test cases, guided by feedback mechanisms.This iterative process aimed to generate higher-quality test cases.Existing work on evolutionary kernel fuzzing was examined.The concept of evolutionary kernel fuzzing was explained, and its general framework was summarized.The existing work on evolutionary kernel fuzzing was classified and compared based on the type of feedback mechanism utilized.The principles of how feedback mechanisms guided evolution were analyzed from the perspectives of collecting, analyzing, and utilizing runtime information.Additionally, the development direction of evolutionary kernel fuzzing was discussed.

In recent years, there has been widespread attention on hypergraphs as a research hotspot in network science.The unique structure of hypergraphs, which differs from traditional graphs, is characterized by hyperedges that can connect multiple nodes simultaneously, resulting in more complex and higher-order relationships.Effectively identifying important nodes and hyperedges in such network structures poses a key challenge.Eigenvector centrality, a common metric, has limitations in its application due to its locality when dealing with hub nodes with extremely high degree values in the network.To address this issue, the hypergraphs were transformed into their corresponding line graphs, and non-backtracking matrix centrality was employed as a method to measure the importance of hyperedges.This approach demonstrated better uniformity and differentiation in assessing the importance of hyperedges.Furthermore, the application of both eigenvector centrality and non-backtracking matrix centrality in assessing the importance of nodes in hypergraphs was explored.Comparative analysis revealed that non-backtracking matrix centrality effectively distinguished the importance of nodes.This research encompassed theoretical analysis, model construction, and empirical studies on real-world data.To validate the proposed method and conclusion, six real-world hypergraphs were selected as experimental subjects.The application of these methods to these hypergraphs confirmed the effectiveness of non-backtracking matrix centrality in identifying important nodes and hyperedges.The findings of this research offer a fresh perspective and approach for identifying key elements in hypergraphs, holding significant theoretical and practical implications for understanding and analyzing complex network systems.

With the continuous development of the internet, an increasing number of images have been tampered with on the network, accompanied by a growing range of techniques to cover up tampering traces.However, most current detection models neglect the impact of image post-processing on tamper detection algorithms, limiting their real-life applications.To address these issues, a general image tampering location model based on enhanced samples and the pseudo-twin network was proposed.The pseudo-twin network enabled the model to learn tampering features in real images.On one hand, by applying convolution constraints, the image content was suppressed, allowing the model to focus more on residual trace information of tampering.The two-branch structure of the network facilitated the comprehensive utilization of image feature information.By utilizing enhanced samples, the model could dynamically generate the most crucial pictures for learning tamper types, enabling targeted training of the model.This approach ensured that the model converged in all directions, ultimately obtaining the global optimal model.The idea of data enhancement was employed to automatically generate abundant tampered images and corresponding masks, effectively resolving the limited tampering dataset issue.Extensive experiments were conducted on four datasets, demonstrating the feasibility and effectiveness of the proposed model in pixel-level tamper detection.Particularly on the Columbia dataset, the algorithm achieves a 33.5% increase in F1 score and a 23.3% increase in MCC score.These results indicate that the proposed model harnesses the advantages of deep learning models and significantly improves the effectiveness of tamper location detection.

With the rapid development of electronic communication and internet technology, the digitization of document circulation and processing has become increasingly prevalent.The trend towards greater convenience, flexibility, and diversity in electronic document signing is evident through practices such as online signature collection, remote signature confirmation, and electronic signature authentication.However, the signing and verification processes face challenges related to authenticity, integrity, and more.Instances of unlawful entities intercepting, copying, and forging signature images using low-cost methods to sign documents with false identities, as well as tampering with and forging signature files, are common.The application of electronic signature systems also encounters obstacles such as high costs, limited deployment, lack of universality, and complexities in real-time and consistent verification.To address these risks and challenges and ensure reliable verification in personal document signing processes, a credible method for generating and verifying signature seals that integrate handwriting features was proposed.This method primarily utilized the facial recognition and identity information matching functions of a trusted identity authentication platform.It integrated signature handwriting features and uniquely bound them to the signer's identity for reliable authentication.Accordingly, a signature seal with integrated handwriting features, a verification link for the signed document, and a digital signature QR code were generated.Analysis indicates that the signature seal produced by the proposed method not only serves the purpose of identity verification but also enables the discernment of the authenticity of the signed document.The verification link embedded in the QR code can directly validate the signer's identity, handwriting, and the authenticity and consistency of the signed document through online channels, providing a convenient means for the verification of both electronic and paper documents.The proposed method holds broad application prospects in the fields of electronic document circulation and the verification of the authenticity of electronic and paper documents.

Dynamic access control model is the theoretical basis for constructing a dynamic access control system for big data.However, most existing access control models can only fulfill dynamic access control in a single scenario and are unable to adapt to access control in multiple types of dynamic scenarios.These scenarios include changes in the contextual environment of big data, changes in entity relationships, and changes in the state of objects.To address these issues, an analysis was conducted based on the research of existing access control models and the dynamic factors of big data.Subsequently, scenario-aware access control (SAAC) model was proposed, which was based on dynamic factor conversion and scenario unified modeling.All types of dynamic factors were converted into basic elements such as attributes and relationships.Then, scene information was incorporated to model the various types of constituent elements in a unified manner.A big data dynamic access control model was constructed based on scene information to support multi-type dynamic factors and extended dynamic factors.The working framework of the SAAC model was designed, and the SAAC rule learning algorithm and SAAC rule execution algorithm were proposed corresponding to the workflow of the framework.This enabled the automatic learning of access control rules and dynamic access control decision-making.The security of the proposed model was analyzed and verified by introducing the non-transitive non-interference theory.To validate the effectiveness of the access control policy mining method of the proposed model, experimental comparisons were conducted between the SAAC model and baseline models such as ABAC-L, PBAC-X, DTRM, and FB-CAAC using four datasets.The experimental results demonstrate that the SAAC model and its strategy mining method outperforms the baseline models in terms of metrics such as area under the curve AUC, monotonicity, and steepness of the ROC curve.This verification confirms that the proposed model can support multiple types of dynamic factors and dynamic factor extensions, and that the combined effect of the access control rules obtained from its mining algorithm is relatively high.

Mining key nodes in complex networks has been a hotly debated topic as it played an important role in solving real-world problems.However, the existing key node mining algorithms focused on finding key nodes from a global perspective.This approach became problematic for large-scale social networks due to the unacceptable storage and computing resource overhead and the inability to utilize known query node information.A key node mining algorithm based on multiple query nodes was proposed to address the issue of key suspect mining.In this method, the known suspects were treated as query nodes, and the local topology was extracted.By calculating the critical degree of non-query nodes in the local topology, nodes with higher critical degrees were selected for recommendation.Aiming to overcome the high computational complexity of key node mining and the difficulty of effectively utilizing known query node information in existing methods, a two-stage key node mining algorithm based on multi-query was proposed to integrate the local topology information and the global node aggregation feature information of multiple query nodes.It reduced the calculation range from global to local and quantified the criticality of related nodes.Specifically, the local topology of multiple query nodes was obtained using the random walk algorithm with restart strategy.An unsupervised graph neural network model was constructed based on the graphsage model to obtain the embedding vector of nodes.The model combined the unique characteristics of nodes with the aggregation characteristics of neighbors to generate the embedding vector, providing input for similarity calculations in the algorithm framework.Finally, the criticality of nodes in the local topology was measured based on their similarity to the features of the query nodes.Experimental results demonstrated that the proposed algorithm outperformed traditional key node mining algorithms in terms of time efficiency and result effectiveness.

The JPEG format is widely used for its high compression rate in image storage.Privacy protection schemes applied to JPEG images not only need to safeguard the content of the privacy region but also maintain the file size.Furthermore, the region of interest (ROI), which contains private information, often occupies only a portion of the entire JPEG image.Protecting only the ROI can help preserve the file size.In light of this, an adaptable privacy protection scheme for JPEG images was proposed.Privacy regions were identified using methods like face detection within the JPEG images.These regions were then modified using the block-based adaptable reversible modification algorithm presented in this study.Reconstruction information was embedded into the image through reversible data hiding.The application of reversible algorithms in the privacy protection process enabled authorized users to fully restore the protected area.By introducing variable parameters, this scheme allowed for the selection of appropriate parameters to meet different practical requirements and achieve optimal encryption results.Additionally, the complex scenario of multiple overlapping ROIs was discussed and resolved.Experimental evaluations were conducted to investigate the influence of parameters on performance, considering both peak signal-to-noise ratio (PSNR) and file size increment.The results demonstrate that the proposed scheme outperforms existing schemes in terms of privacy protection and file size when suitable parameters are employed.

In recent years, the widespread application of internet of vehicles technology has garnered attention due to its complex nature and point-to-point communication characteristics.Critical and sensitive vehicle information is transmitted between different devices in internet of vehicles, necessitating the establishment of secure and reliable lightweight keys for encryption and decryption purposes in order to ensure communication security.Traditional key generation schemes have limitations in terms of flexibility and expandability within the vehicle network.A popular alternative is the physical layer key generation technology based on wireless channels, which offers lightweight characteristics and a theoretical basis of security in information theory.However, in the context of internet of vehicles, the movement speed of devices impacts the autocorrelation of generated keys, requiring improvements to traditional channel modeling methods.Additionally, the randomness and consistency of generated wireless keys are of higher importance in applications in internet of vehicles.This research focused on a key generation system based on the wireless physical layer, conducting channel modeling based on line-of-sight and multipath fading effects to reflect the impact of vehicle speed on autocorrelation.To enhance the randomness of key generation, a differential quantization method based on cumulative distribution function was proposed.Furthermore, an information reconciliation scheme based on neural network auto-encoder was introduced to achieve a dynamic balance between reliability and confidentiality.Compared to the implementation of Slepian-Wolf low-density parity-check codes, the proposed method reduces the bit disagreement rate by approximately 30%.

Password-based authentication has been widely used as the primary authentication mechanism.However, occasional large-scale password leaks have highlighted the vulnerability of passwords to risks such as guessing or theft.In recent years, research on password analysis using natural language processing techniques has progressed, treating passwords as a special form of natural language.Nevertheless, limited studies have investigated the impact of password text segmentation granularity on the effectiveness of password analysis with large language models.A multi-granularity password-analyzing framework was proposed based on a large language model, which follows the pre-training paradigm and autonomously learns prior knowledge of password distribution from large unlabelled datasets.The framework comprised three modules: the synchronization network, backbone network, and tail network.The synchronization network module implemented char-level, template-level, and chunk-level password segmentation, extracting knowledge on character distribution, structure, word chunk composition, and other password features.The backbone network module constructed a generic password model to learn the rules governing password composition.The tail network module generated candidate passwords for guessing and analyzing target databases.Experimental evaluations were conducted on eight password databases including Tianya and Twitter, analyzing and summarizing the effectiveness of the proposed framework under different language environments and word segmentation granularities.The results indicate that in Chinese user scenarios, the performance of the password-analyzing framework based on char-level and chunk-level segmentation is comparable, and significantly superior to the framework based on template-level segmentation.In English user scenarios, the framework based on chunk-level segmentation demonstrates the best password-analyzing performance.

With the rapid development of network technology, the number and variety of malware have been increasing, posing a significant challenge in the field of network security.However, existing single-feature malware detection methods have proven inadequate in representing sample information effectively.Moreover, multi-feature detection approaches also face limitations in feature fusion, resulting in an inability to learn and comprehend the complex relationships within and between features.These limitations ultimately lead to subpar detection results.To address these issues, a malware detection method called MFAGM was proposed, which focused on multimodal feature fusion.By processing the .asm and .bytes files of the dataset, three key features belonging to two types (opcode statistics sequences, API sequences, and grey-scale image features) were successfully extracted.This comprehensive characterization of sample information from multiple perspectives aimed to improve detection accuracy.In order to enhance the fusion of these multimodal features, a feature fusion module called SA-JGmu was designed.This module utilized the self-attention mechanism to capture internal dependencies between features.It also leveraged the gating mechanism to enhance interactivity among different features.Additionally, weight-jumping links were introduced to further optimize the representational capabilities of the model.Experimental results on the Microsoft malware classification challenge dataset demonstrate that MFAGM achieves higher accuracy and F1 scores compared to other methods in the task of malware detection.

An unbalanced protocol recognition method based on the improved Residual U-Net was proposed to solve the challenge of network security posed by the increasing network attacks with the continuous development of the Internet.In the captured network traffic, a small proportion is constituted by malicious traffic, typically utilizing minority protocols.However, existing protocol recognition methods struggle to accurately identify these minority protocols when the class distribution of the protocol data is imbalanced.To address this issue, an unbalanced protocol recognition method was proposed, which utilized the improved Residual U-Net, incorporating a novel activation function and the Squeeze-and-Excitation Networks (SE-Net) to enhance the feature extraction capability.The loss function employed in the proposed model was the weighted Dice loss function.In cases where the recognition accuracies of the minority protocols were low, the loss function value would be high.Consequently, the optimization direction of the model would be dominated by the minority protocols, resulting in improved recognition accuracies for them.During the protocol recognition process, the network flow was extracted from the network traffic and preprocessed to convert it into a one-dimensional matrix.Subsequently, the protocol recognition model extracted the features of the protocol data, and the Softmax classifier predicted the protocol types.Experimental results demonstrate that the proposed protocol recognition model achieves more accurate recognition of the minority protocols compared to the comparison model, while also improving the recognition accuracies of the majority protocols.

With the widespread development of fifth-generation (5G) mobile communication technology, concerns regarding 5G network security have also increased.Blackbox fuzzing is a commonly used method for automated vulnerability discovery in software security.However, applying dynamic approaches like fuzzing to discover vulnerabilities in the complex design of 5G core network protocols poses challenges such as low efficiency, poor versatility, and lack of scalability.Therefore, a novel static method to examine the open-source solution of the 5G core network was proposed.Through this method, a series of memory leak security issues caused by improper variable life cycle management were identified, which can lead to denial-of-service attacks on the 5G core network.To summarize these weaknesses, a general vulnerability model and an automated vulnerability discovery method called HoI were presented, which utilized hybrid analysis based on control and data flow.By successfully discovering five zero-day bugs in Open5GS, an open-source solution for the 5G core network, vulnerabilities that cover practical application scenarios of multiple interface protocols in the 5G core network were identified.These vulnerabilities have wide-ranging impact, are highly detrimental, and can be easily exploited.They have been reported to the vendor and assigned four Common Vulnerabilities and Exposures (CVE) numbers, demonstrating the effectiveness of this automated vulnerability discovery method.

The application of deep neural networks in target detection has been widely adopted in various fields.However, the introduction of adversarial patch attacks, which add local perturbations to images to mislead deep neural networks, poses a significant threat to target detection systems based on vision techniques.To tackle this issue, an adversarial patch defense algorithm based on PatchTracker was proposed, leveraging the semantic differences between adversarial patches and image backgrounds.This algorithm comprised an upstream patch detector and a downstream data enhancement module.The upstream patch detector employed a YOLOV5 (you only look once-v5) model with attention mechanism to determine the locations of adversarial patches, thereby improving the detection accuracy of small-scale adversarial patches.Subsequently, the detected regions were covered with appropriate pixel values to remove the adversarial patches.This module effectively reduced the impact of adversarial examples without relying on extensive training data.The downstream data enhancement module enhanced the robustness of the target detector by modifying the model training paradigm.Finally, the image with removed patches was input into the downstream YOLOV5 target detection model, which had been enhanced through data augmentation.Cross-validation was performed on the public TT100K traffic sign dataset.Experimental results demonstrated that the proposed algorithm effectively defended against various types of generic adversarial patch attacks when compared to situations without defense measures.The algorithm improves the mean average precision (mAP) by approximately 65% when detecting adversarial patch images, effectively reducing the false negative rate of small-scale adversarial patches.Moreover, compared to existing algorithms, this approach significantly enhances the accuracy of neural networks in detecting adversarial samples.Additionally, the method exhibited excellent compatibility as it does not require modification of the downstream model structure.

In recent years, with the widespread attention received by its currency attributes from all sectors of society, blockchain technology has been rapidly developed.Being an emerging technology, blockchain technology possessed characteristics such as decentralization, immutability, and anonymity that found extensive applications in digital currency, supply chain management, electronic voting and other fields.In response to the government's call, universities across the country began offering blockchain courses.However, during the actual teaching process, common problems such as lack of educational resources and untimely curriculum updates were encountered.Many blockchain courses in universities remained at the theoretical level and lacked practical application and practice, resulting in poor learning effectiveness and difficulty in meeting societal needs.To address these problems, a blockchain curriculum construction scheme based on the PRIDE teaching model was proposed.This scheme combined the advantages of traditional teaching models with the characteristics of blockchain courses were combined, incorporating political teaching, research teaching, inspiration teaching, seminar teaching, and example teaching into blockchain courses.The aim was to improve students’ learning effectiveness and practical application abilities.Through years of teaching verification, it was proven that this scheme successfully resolved the issues existing in traditional blockchain courses and improved learning effectiveness and practical application abilities.Additionally, the scheme met the requirements for training cyberspace security talent, providing a strong talent guarantee for the development and application of blockchain technology in China while achieving significant teaching effects.