基于硬件虚拟化技术的隐藏进程检测技术*

随着越来越多的PC用户习惯于从互联网上下载和执行各类软件,潜在的自隐藏恶意代码已成为亟待解决的安全问题,而进程隐藏是这类恶意代码最常用也是最基本的规避检测的自隐藏技术。针对这个问题,提出了一种新的基于硬件虚拟化技术的隐藏进程检测技术——Libra。Libra通过构造一个轻量级的虚拟机监视器（libra virtual machine monitor,LibraVMM）实现了从虚拟层隐式获取真实进程列表（true process list, TPL）的新技术。与已有的基于虚拟机技术的解决方案相比,Libra     

基于攻击特征签名的自动生成

签名可以基于攻击特征的相关信息生成。在栈上针对控制流攻击中对函数调用返回值和函数调用指针的攻击以及非控制流中对与判断相关联的数据的攻击,结合动态分析技术生成二进制签名。首先,识别出漏洞相关指令;然后,用虚拟机监控运行上述指令;最后,修改虚拟机以在监控到恶意写行为时报警并生成签名。同时生成的补丁文件记录恶意写指令以便后继执行时跳过。签名可迅速分发给其他主机,在轻量级虚拟机上监测程序运行。实验表明,二进制签名具有准确、精简的优点,可以防御多态攻击,同时具有较低漏报率,结合使用轻量级虚拟机可使签名生成和后继检测都快速高效。     

一种针对Xen超级调用的入侵防护方法

云计算技术已飞速发展并被广泛应用,虚拟化作为云计算的重要支撑,提高了平台对资源的利用效率与管理能力。作为一款开源虚拟化软件,Xen独特的设计思想与优良的虚拟化性能使其被许多云服务商采用,然而Xen虚拟机监视器同样面临着许多安全问题。Xen为虚拟机提供的特权接口可能被虚拟机恶意代码利用,攻击者可以借此攻击Xen或者运行其上的虚拟机。文章针对Xen向虚拟机提供的超级调用接口面临被恶意虚拟机内核代码利用的问题,提出了一种基于执行路径的分析方法,用以追溯发起该超级调用的虚拟机执行路径,与一个最初的路径训练集进行对比,可以避免超级调用被恶意虚拟机内核代码利用。该方法通过追溯虚拟机内核堆栈信息,结合指令分析与虚拟机内核符号表信息,实现了虚拟化平台下对虚拟机执行路径的动态追踪与重构。在Xen下进行实验,通过创建新的虚拟机并让其单独运行来获得训练集,训练集中包含所有发起该超级调用的虚拟机路径信息。在随后虚拟机运行过程中针对该超级调用动态构造出对应的虚拟机执行路径,将其与训练集对比,避免非正常执行路径的超级调用发生。     

私有云平台上的虚拟机进程安全检测

针对网络防火墙在私有云平台安全防护上的单调与缺陷, 提出了一种基于进程资源监控的安全监测方法(PAMon)。首先利用虚拟机监控器获取平台上虚拟机的物理资源信息; 然后通过映射表重构进程资源信息; 再对重构的进程信息从关键进程、进程隐藏和进程占用资源异常三方面分析恶意进程; 最后对分析出的恶意进程进行了适当的处理。实验结果表明, PAMon不仅可以有效地检测出恶意程序, 而且反馈给防火墙的信息可以进一步增强网络防火墙的防御能力。     

用户级多任务的两种实现方法

在分析了系统级多任务需要哪些硬件支持的基础上。提出了进程扩展型虚拟机和指令解释器型虚拟机的概念，给出这两种虚拟机如何模拟支持多任务的硬件机制的方法，以及在虚拟机上建立和切换多个任务的方法，该技术可以用于在上述两类虚拟机上构建自己的支持多任务的操作系统内核．     

多核平台下XEN虚拟机动态调度算法研究

虚拟机调度算法对并行任务的执行效率考虑不够充分。现代处理器平台具备了多个可用的计算核心,使多个虚拟机并发执行成为了现实。针对多核平台下的并行虚拟机调度优化问题,提出一种基于任务特征虚拟机CON-Credit调度算法。该算法在调度并行任务时,使用动态方式对计算机核心进行分配,采用传统的虚拟机调度算法为执行普通任务的虚拟机进行分配;采用定制的同步算法给执行并行任务的虚拟机分进分配。相关实验显示,CON-Credit调度算法能显著提高并行任务的执行效率。     

基于多目标演化算法的云计算虚拟机分配策略研究

分析云计算虚拟机资源模型,针对模型中虚拟机与物理机的映射关系以及虚拟机多资源因子、多优化目标的特点,将虚拟机分配问题转化成多维装箱问题,引入多目标演化算法进行求解。算法设计了基于组的虚拟机分配链式编码和染色体评估函数,并根据编码设计了两种交叉算子和智能变异算子,通过引入基于超体积的种群更新机制,设计了基于SMS-EMOA的云计算虚拟机分配算法。为验证SMS-EMOA的性能,分别使用优先匹配启发式算法、基于物理节点数量的单目标简单遗传算法、SMS-EMOA进行了模拟。实验结果表明,基于SMS-EMOA的虚拟机分配算法在性能上更优。     

J2EE开发常用框架

目前的J2EE应用中,普遍采用了多层的架构。本文总结了一种基于J2EE的轻量级多层架构,即目前比较流行的Struts+Spring+Hibernate组合框架:Struts框架可分为以下四个主要部分,其中三个就和MVC模式紧密相关:1、模型(Model),2、视图(View),3、控制器(Controller),4、一堆用来做XML文件解析的工具包。Spring可以实现对Struts、Hibernate的无缝链接,适用于业务层;持久层中采用了Hibernate这一功能强大的ORM映射工具。Hibernate是一个开放源代码的对象关系映射框架,它对JDBC进行了轻量级的对象封装,使得Java程序员可以使用对象编程思维来操纵数据库。文中讨论了轻量级多层架构的应用,并在具体的案例中,充分结合Struts,Spring,Hibernate与J2EE体系结构过程中的性能,利用了Java语言的反射机制,对其中的重要组件进行了配置,又从软件层次结构的角度考虑了该种组合架构应该注意的问题,例如可扩展性问题,在实际的项目中取得了很好的效果。     

基于云科学工作流调度的代价与能效优化算法

为了降低云环境中科学工作流调度的执行代价与数据中心能耗,提出了一种基于能效感知的工作流调度代价最优化算法CWCO-EA。算法在满足截止时间约束下,以最小化工作流执行代价与降低能耗为目标,将工作流的任务调度划分为四步执行。首先,通过代价效用的概念设计虚拟机选择策略,实现了子makespan约束下的任务与最优虚拟机间的映射;其次,通过串行与并行任务合并策略,同步降低了工作流的执行代价与能耗;然后,通过空闲虚拟机重用机制,改善了租用虚拟机的利用率,进一步提高了能效;最后,通过任务松驰策略实现了租用虚拟机的能力回收,节省了能耗。通过四种科学工作流的仿真实验,结果表明,CWCO-EA算法比较同类型算法,在满足截止时间的同时,可以同步降低工作流的执行代价与执行能耗。     

一个基于虚拟机的日志审计和分析系统

SNARE是Linux操作系统的一个日志审计和分析工具,但它容易受到攻击。提出了一个新的方法被用来保护它免受攻击。运用虚拟机监控器的功能,SNARE被移植到运行在虚拟机监控器Xen上的两个虚拟机中,SNARE的两个主要部分——Linux内核补丁和审计后台进程被分隔而分别放入两个被Xen强隔离的虚拟机。Xen提供了两个虚拟机间共享内存的机制,运用这一机制,运行在一个虚拟机上的Linux内核补丁记录并转移审计日志到运行在另一个虚拟机上的审计后台进程。与传统的SNARE相比,新方法使攻击者毁坏或篡改这些日志更加困难。初步的评估表明这个原型是简单而有效的。     

Haptic rendering: introductory concepts

Haptic rendering allows users to "feel" virtual objects in a simulated environment. We survey current haptic systems and discuss some basic haptic-rendering algorithms. In the past decade we've seen an enormous increase in interest in the science of haptics. Haptics broadly refers to touch interactions (physical contact) that occur for the purpose of perception or manipulation of objects. These interactions can be between a human hand and a real object; a robot end-effector and a real object; a human hand and a simulated object (via haptic interface devices); or a variety of combinations of human and machine interactions with real, remote, or virtual objects. Rendering refers to the process by which desired sensory stimuli are imposed on the user to convey information about a virtual haptic object.     

基于GE View技术的虚拟机械臂对象设计

机械臂是机器人技术在生产领域中应用最广泛的自动化机械装置,其特点是能精确定位于二维或三维空间进行作业,其控制方式根据要实现的功能具有很大差别.因此,采用计算机技术实现虚拟的机械臂对象对于实践控制功能具有重要意义.通过阐述虚拟机械臂对象的设计步骤,介绍了利用GE View技术设计虚拟机械臂的过程和要点.分析了机械臂对象的功能定义、界面设计方法、信号和数据设计、正常和非正常控制下的动画设计.     

A rod-mass method of soft tissue modeling and three dimensional force vector estimation for tele-surgery training

In a tele-surgery training system, the transparency is extremely important so as to ensure the success of the operation and the safety of soft objects. Due to current technique limits, it is difficult to mount force sensors at the end of the slave manipulator. In this paper, we propose a novel rod-mass algorithm and construct the model of soft objects. Through the modeling process, the accurate three dimensional contact force vector between the end of the manipulator and the soft object can be estimated in real time. A virtual spring using Hooke s law is introduced to the novel mass–spring method. Applying an impedance model, the three dimensional contact force estimates can be calculated from the deformation of masses’ positions and velocities. In order to verify our methods, a virtual reality interaction platform is constructed including the Omni master manipulator, a four joints manipulators, a virtual reality display, and the soft object’s model. Numerical simulations and experiments are performed to verify the accuracy and the feasibility of soft objects grasping. Results show the high effectiveness and efficiencies of our methods.     

A control model for object virtualization in supply chain management

Due to the emergence of the Internet of Things, supply chain control can increasingly be based on virtual objects instead of on the direct observation of physical objects. Object virtualization allows the decoupling of control activities from the handling and observing of physical products and resources. Moreover, virtual objects can be enriched with information that goes beyond human observation. This will allow for more advanced control capabilities, e.g. concerning tracking and tracing, quality monitoring and supply chain (re)planning. This paper proposes a control model for object virtualization in supply chain management, which is based on a multiple case study in the Dutch floriculture. It includes a typology of distinct mechanisms for object virtualization, which discerns reference objects and future projections next to the representation of real physical objects. The control model helps to define feasible redesign options for the virtualization of supply chain control. It is also of value as a basis to define the requirements for information systems that enable these redesign options.     

Design and evaluation of virtual home objects with music interaction in smart homes

Well-designed virtual home objects and human-computer interactions (HCIs) can provide convenient ways to easily make use of home services for home inhabitants in smart homes. This work tries to design the virtual home objects with the ability of playing the music and implement a particular HCI interface accomplishing the music interaction with virtual home objects for deploying virtual home music services in smart homes. Each virtual home object is connected to a list of songs. When a home inhabitant holds a virtual home object and moves it as operating gestures upon the implemented HCI interface, the virtual home music service will be activated and the smart home will automatically play the favorite songs for its inhabitant. In this way, a highly interactive home music service for home inhabitants can be realized through the convenient operating interactions between the virtual home objects and the implemented HCI interface in smart homes.     

一种基于骨架的可变形物体建模方法

提出了一种新的基于骨架的混合型的软组织建模方法，用于虚拟手术仿真及手术训练。介绍了通过自动的方法抽取物体的骨架，建立物体的表面物理模型、体物理模型以及对应的计算模型。还介绍了利用骨架进行碰撞检测及外力计算的方法并介绍了实验的软件结构及实验结果。     

基于虚拟机的轻量级医疗诊断系统的应用研究*

医疗诊断系统存在设计难度大、投入成本高、数据安全难以保障等问题。提出一种基于虚拟机和轻量级开发的解决方案,采用ASP.NET+Access+Ajax模式设计医疗诊断系统,并运行在VMWare虚拟机环境中。根据该方案设计了急腹症医疗诊断系统。实践表明,基于虚拟机的轻量级医疗诊断系统,具有开发难度适中、成本低、安全可靠、管理维护方便等优点。     

An object deputy model for realization of flexible and powerful objectbases

In object-oriented databases, data and methods are combined by objects and their classes. Information redundancies are removed by the notions of class hierarchy and inheritance. This contributes the realization of high-performance systems. However, the flexibility of object structures still remains a problem due to its encapsulation feature. In this paper, we introduce an object deputy model which extends conventional object-oriented models with the concepts of deputy objects and deputy classes. A deputy object has its own identifier and may possess its own attributes and methods. It can also have attributes that are computed from values stored within its source object, and can be associated with methods generated from these of the source object. The inheritances are realized by switching operations, which make it possible to realize controllable, selective and dynamic inheritance structures. Schemata of deputy objects are defined by deputy classes which can be derived by an object deputy algebra. An object can have many deputy objects, and several objects can share a single deputy object. Thus, objects can be indirectly divided and combined through their deputy objects. We show that several difficult database problems, such as flexible views, objects with more than one role, object migration, and multiple inheritance become much easier in this model. The data-knowledge coordination model developed for the integration of distributed databases and knowledge-bases can also be realized easily by the object deputy model. Finally, we discuss several advanced database applications of this model, such as geographic databases, virtual office systems, and distant education systems.     

基于分层区域合并的自然场景理解

针对自然场景理解问题,利用图像中的层次结构,提出了一种基于分层合并的图像场景理解方法。该方法通过不断合并相邻区域,直到合并出图像中的各个对象为止;最终得到一个合并森林,森林里的每棵树对应图像中的一个对象。我们设计了一个机器学习模型来描述合并过程、一种贪心推理方法来求解最优的合并森林以及一种基于最大间隔的学习方法来训练模型中的参数,同时采用分层聚类来进行参数的初始化。本文方法可以看成为图像语义理解而设计的一种深度学习方法。实验效果令人满意。     

Exploring legibility of augmented reality X-ray

Virtual objects can be visualized inside real objects using augmented reality (AR). This visualization is called AR X-ray because it gives the impression of seeing through the real object. In standard AR, virtual information is overlaid on top of the real world. To position a virtual object inside an object, AR X-ray requires partially occluding the virtual object with visually important regions of the real object. In effect, the virtual object becomes less legible compared to when it is completely unoccluded. Legibility is an important consideration for various applications of AR X-ray. In this research, we explored legibility in two implementations of AR X-ray, namely, edge-based and saliency-based. In our first experiment, we explored on the tolerable amounts of occlusion to comfortably distinguish small virtual objects. In our second experiment, we compared edge-based and saliency-based AR X-ray methods when visualizing virtual objects inside various real objects. Moreover, we benchmarked the legibility of these two methods against alpha blending. From our experiments, we observed that users have varied preferences for proper amounts of occlusion cues for both methods. The partial occlusions generated by the edge-based and saliency-based methods need to be adjusted depending on the lighting condition and the texture complexity of the occluding object. In most cases, users identify objects faster with saliency-based AR X-ray than with edge-based AR X-ray. Insights from this research can be directly applied to the development of AR X-ray applications.