Entity

Time filter

Source Type


Xie K.,Shandong University | Yang Y.,Shandong University | Yang Y.,Beijing University of Posts and Telecommunications | Yang Y.,Northeastern University China | And 4 more authors.
Scientific World Journal | Year: 2014

In order to meet the demands of operation monitoring of large scale, autoscaling, and heterogeneous virtual resources in the existing cloud computing, a new method of live virtual machine (VM) migration detection algorithm based on the cellular neural networks (CNNs), is presented. Through analyzing the detection process, the parameter relationship of CNN is mapped as an optimization problem, in which improved particle swarm optimization algorithm based on bubble sort is used to solve the problem. Experimental results demonstrate that the proposed method can display the VM migration processing intuitively. Compared with the best fit heuristic algorithm, this approach reduces the processing time, and emerging evidence has indicated that this new approach is affordable to parallelism and analog very large scale integration (VLSI) implementation allowing the VM migration detection to be performed better. © 2014 Kang Xie et al. Source


Lei X.,Beijing University of Posts and Telecommunications | Fan W.,Communication University of China | Huang W.,Communication University of China | Yang Y.,Beijing University of Posts and Telecommunications | Li Z.,National Cybernet Security Ltd.
Open Automation and Control Systems Journal | Year: 2015

In this paper, we propose a systematic approach for automatically detecting and elimination redundant Eflags to optimize intermediate language (IL). We analyzed a broad spectrum of different IL and resulted that a number of IL expose all side effects explicitly by default and not all the Eflags are relevant with subsequent analysis. Therefore, we propose a unified approach, invertible analysis, to reduce the volume of IL. Our approach does not rely on any concrete IL, and thus can identify redundant Eflags in the IL. Moreover, we devised a method using flag relevant chain dependency analysis to remove redundant Eflags and shrink the IL. We developed a prototype, and conducted extensive experiments using representative samples from various categories. We demonstrated that our approach could diminish the volume of Vine IL obviously, and provide accurate representation about the assembly code. © Lei et al. Source


Wang Y.,Beijing University of Posts and Telecommunications | Gu L.-Z.,Beijing University of Posts and Telecommunications | Li Z.-X.,National Cybernet Security Ltd. | Yang Y.-X.,Beijing University of Posts and Telecommunications
Journal of China Universities of Posts and Telecommunications | Year: 2013

This paper presents a new method for protocol reverse engineering, which combines both the dynamic and static binary analysis. Our work not only does precise positioning on the field and its length, but also gives the field attributes accurately. According to different instructions and the current program structure, we can infer the message format validly. To prove the method is sound and effective, we build a prototype tool - NetProtocolFinder, and select some documented protocol and undocumented protocol messages as the test instances respectively. Results of our experiments show that the tool can not only extract the message format from protocols effectively, but also speculate the state machine model through relevant field attributes conveniently. © 2013 The Journal of China Universities of Posts and Telecommunications. Source


Liu J.,Beijing University of Posts and Telecommunications | Gu L.-Z.,Beijing University of Posts and Telecommunications | Niu X.-X.,Beijing University of Posts and Telecommunications | Yang Y.-X.,Beijing University of Posts and Telecommunications | Li Z.-X.,National Cybernet Security Ltd.
Beijing Youdian Daxue Xuebao/Journal of Beijing University of Posts and Telecommunications | Year: 2015

The traditional network security events analysis methods depend more on human interventions. To address this problem, an automatic and self-adaptive method is presented. The neural network models are used to classify amounts of security events according to various attack scenarios, which can reduce much human intervention. The rule items are extracted from the classification results. And the correlation rules are generated automatically from these items using genetic algorithm. Experiments demonstrate that the method can classify the network security events and generate association rules automatically, so that the degree of automation can be improved. It is an effective enhancement and improvement to the traditional methods. ©, 2015, Beijing University of Posts and Telecommunications. All right reserved. Source


Yang Y.-B.,Beijing University of Posts and Telecommunications | Huang W.,Communication University of China | Li Z.-X.,National Cybernet Security Ltd. | Hu Z.-M.,Beijing University of Posts and Telecommunications
Beijing Ligong Daxue Xuebao/Transaction of Beijing Institute of Technology | Year: 2015

Code obfuscation was employed to prevent the software reverse analysis and protect the important information effectively by strengthening the restore difficult. bf (branch function) algorithm is obfuscation algorithm effective for the static disassembly, but the bf jump is a constant address, so it is easy to be restored. The proposed algorithm based on the bf algorithm improved the defect and enhanced the confusing complexity for the static disassembly, reusing the junk instruction to relocate the bf function jump address and hide the second jump address. In the experiment, the test samples were obfuscated by bf algorithm and the proposed algorithm separately and the static disassembly tool IDA Pro was used for testing, the experimental results show that the new algorithm has significantly improvement in performance and security. ©, 2015, Beijing Institute of Technology. All right reserved. Source

Discover hidden collaborations