共查询到20条相似文献,搜索用时 171 毫秒
1.
一种检测傀儡进程的方法研究 总被引:1,自引:1,他引:0
文章描述了上兴木马进程伪装欺骗的过程,分析了上兴木马将常规进程内存内容替换变为傀儡进程,用傀儡进程运行木马的原理,提出了用句柄分析法对抗傀儡进程的方法,并用两种实验的方法验证了句柄分析法的正确性。 相似文献
2.
传统的逆向分析方法在分析多进程架构软件时具有较多难以克服的困难, 针对这个问题提出了基于TEMU的进程间通信过程逆向方法。利用动态二进制分析平台TEMU记录多进程程序函数调用信息, 结合进程间通信函数的关联规则从函数调用信息中提取进程间通信的通信方法、通信数据和通信协作机制。根据该方法设计并实现了一个原型系统, 对多款多进程架构软件进行测试, 测试结果表明, 该方法能够准确提取多进程架构软件的进程间通信过程, 对多进程架构软件逆向起到了很大的辅助作用。 相似文献
3.
针对分布式系统环境下,计算资源代理对其子进程监控的方法单一,且不能准确获取子进程运行状态的问题,提出了一种根据子进程的窗口句柄定时检测子进程运行状态的方法。该方法首先根据子进程的不同类型采用不同的方法获取子进程的窗口句柄,然后根据子进程的窗口句柄定时获取子进程的运行状态,最后将传统的等待子进程退出的方法引入到本应用中。运行结果表明,本方法可以及时准确检测出Windows环境下子进程的运行状态,并在子进程异常退出时,可以准确地获取其异常退出码。 相似文献
4.
为了避免Windows平台上的恶意进程破坏系统资源,提出了通过拦截Windows进程的创建过程,并检查进程执行文件的路径来验证进程是否合法的方法。该方法以软件驱动的方式运行在系统内核态,并结合使用路径树模型来提高进程合法性验证的效率。通过该方法可以有效地拦截进程的创建过程,并验证进程执行文件路径的合法性。系统从而能够在恶意进程完成创建之前,杀死恶意进程,避免系统资源遭受破坏。 相似文献
5.
6.
7.
阐述了Linux中创建守护进程的原理、方法及其注意事项。并以SOCKET服务程序作为守护进程程序示例。详细分析了创建守护进程的程序设计方法与技巧, 相似文献
8.
9.
10.
针对现有进程分析方法存在的缺陷,提出了一种在Windows平台虚拟环境下分析进程的方法。该方法首先在宿主机下分析虚拟机的内存,捕捉当前线程,并通过内核数据结构得到当前线程所在进程, 然后通过页目录表物理地址计算进程页面,对内存进行清零来结束进程。实例分析表明本方法在保护宿主机安全的同时,能快速监测到程序,并且可以有效地结束进程。 相似文献
11.
The operation of machines typically requires attention to instruments that signal the state of the machine. One safeguard against primary instrument malfunction is to provide backup instruments, but this works only if the operators react to malfunction by switching attention to the backups. Little is known about the effect of negative outcomes or feedback on allocation of attention to backup instruments. Four experiments demonstrated that prior practice causes operators of a simulated machine to adapt to instrument malfunction by changing to a suboptimal decision rule rather than by reallocating attention to a different set of instruments. This fallacy appears linked to the operators' failures to notice feedback that they should switch during the simulations and operators' failures to correctly interpret outcome feedback following the simulations. The results raise theoretical questions and warn interface designers not to overrate backup instruments. 相似文献
12.
《Ergonomics》2012,55(4):441-475
The operation of machines typically requires attention to instruments that signal the state of the machine. One safeguard against primary instrument malfunction is to provide backup instruments, but this works only if the operators react to malfunction by switching attention to the backups. Little is known about the effect of negative outcomes or feedback on allocation of attention to backup instruments. Four experiments demonstrated that prior practice causes operators of a simulated machine to adapt to instrument malfunction by changing to a suboptimal decision rule rather than by reallocating attention to a different set of instruments. This fallacy appears linked to the operators' failures to notice feedback that they should switch during the simulations and operators' failures to correctly interpret outcome feedback following the simulations. The results raise theoretical questions and warn interface designers not to overrate backup instruments. 相似文献
13.
Lobna Hlaoua Karen Pinel-Sauvagnat Mohand Boughanem 《International Journal on Digital Libraries》2010,11(1):1-24
Relevance feedback (RF) is a technique that allows to enrich an initial query according to the user feedback. The goal is to express more precisely the user’s needs. Some open issues arise when considering semi-structured documents like XML documents. They are mainly related to the form of XML documents which mix content and structure information and to the new granularity of information. Indeed, the main objective of XML retrieval is to select relevant elements in XML documents instead of whole documents. Most of the RF approaches proposed in XML retrieval are simple adaptation of traditional RF to the new granularity of information. They usually enrich queries by adding terms extracted from relevant elements instead of terms extracted from whole documents. In this article, we describe a new approach of RF that takes advantage of two sources of evidence: the content and the structure. We propose to use the query term proximity to select terms to be added to the initial query and to use generic structures to express structural constraints. Both sources of evidence are used in different combined forms. Experiments were carried out within the INEX evaluation campaign and results show the effectiveness of our approaches. 相似文献
14.
One's model of skill determines what one expects from neural network modelling and how one proposes to go about enhancing
expertise. We view skill acquisition as a progression from acting on the basis of a rough theory of a domain in terms of facts
and rules to being able to respond appropriately to the current situation on the basis of neuron connections changed by the
results of responses to the relevant aspects of many past situations. Viewing skill acquisition in this ways suggests how
one can avoid the problem currently facing AI of how to train a network to make human-like generalizations. In training a
network one must progress, as the human learner does, from rules and facts to wholistic responses. As to future work, from
our perspective one should not try to enhance expertise as in traditional AI by attempting to construct improved theories
of a domain, but rather by improving the learner's access to the relevant aspects of a domain so as to facilitate learning
from experience. 相似文献
15.
关于Web Page语义挖掘的目的主要是在现有网络挖掘的基础上对挖掘内容加上语义的表述从而达到提高挖掘的效果.主要先处理挖掘的数据源,然后对数据进行语义标注,建立本体,将本体实例化,形成语义数据库,利用现有的挖掘算法实现挖掘结果.最终得到相对于现有挖掘效果得到提高的结论. 相似文献
16.
所述六足仿生机器人基于SoC FPGA平台实现,结合了机械结构设计、六足步态控制、蓝牙传输技术、弯曲传感器、OpenCL图像处理加速、VR显示等诸多技术。ARM部分作为主控,存储摄像头视频图像,并调用FPGA模块对图像处理加速,通过路由器架设的局域网向VR眼镜输出视频流信息。FPGA部分用于接收蓝牙信号,驱动机器人手臂运动,摄像头拍摄角度切换以及六足行进。实际操作时操作者需佩戴自制的数据手套和VR眼镜。操作数据手套上的方向按键可控制机器人移动。数据手套的每个手指上安装有弯曲传感器,用于控制机械手臂跟随人手实时运动。VR眼镜中放置一个智能手机作为显示终端,实时显示机器人摄像头获取的画面。经过多次实际测试,操作者佩戴VR眼镜及数据手套均可远程操控机器人抓取置于复杂地形中的水瓶。 相似文献
17.
R. T. McIvor A. G. McCloskey P. K. Humphreys L. P. Maguire 《Expert systems with applications》2004,27(4):533-547
In the global market place, many companies have had to adapt their strategies to meet significant challenges. A strategy adopted by some companies has been international expansion via acquisitions. The need for expert knowledge to determine an appropriate company to acquire has been complicated by the sheer size of the global market place. The costs associated with this in relation to time and personnel have created the need for a computerised expert system to be developed. This paper endeavours to show how a proposed fuzzy based system can assist in the identification of a company for acquisition. The authors discuss the manipulation of the magnitude of fuzzy membership functions to communicate priorities within the system. The fuzzy system is designed to assist financial experts in identifying a suitable company for acquisition in the corporate acquisition process. This includes the deliberate weighting of certain inputs and results above others in the decision-making process. The system attempts to learn and simulate the human precedence given to particular financial statistics in company analysis. The system uses the magnitude of the fuzzy membership functions to reflect the human precedence given to each financial ratio. This enables a particular company's strengths and weakness to be considered while concurrently considering their significance and relevance to the acquiring organisation. The system will enable a larger number of companies to be analysed in a more time and cost-effective manner. The development of this system is intended to illustrate that a fuzzy system can aid the financial experts of an acquiring organisation in the global acquisition process. 相似文献
18.
During the test phase of new products in the fast food industry many factors have to be analyzed in order to ensure a smooth, full introduction into all the restaurants in the system. The impact of the new product on sales, service, inventory, quality, profit, and labor must be evaluated prior to system wide introduction. Arriving at a full and detailed answer to labor questions, involves the use of product cannibalization or attrition information, product preparation standards development, computer simulation to develop labor guidelines, as well as data collection for validation of the simulation results. An alternative to using computer simulation to develop labor guidelines is to use a spreadsheet application that enables the determination of the distribution of kitchen labor. This spreadsheet will determine the labor requirements at different sales levels prior to the product introduction in the test restaurants, as well as to system wide introduction. The first inputs to the spreadsheet use financial projections to develop initial labor guidelines for test restaurants to use. The next stage uses actual sales and cannibalization figures to determine labor guidelines prior to the rollout of the new product into all the restaurants in the system. 相似文献
19.
Ammar Amran Manmeet Kaur Mahinderjit Singh 《Information Security Journal: A Global Perspective》2018,27(2):119-131
Security warning is a form of computer dialog communication used to inform the users on the risks of allowing random applications to run on a computer system. Accordingly, it is specifically designed to impersonate a legitimate security alerting function (e.g., notify, warn, and advice) to a user about the consequence effect of an action. However, most of the computer users tend to ignore those security warnings conveying the same message over and over again. This eventually leads to habituation. Considering the fact that there is a significant lack of focus paid to address this issue, the main objective of this article is to describe and summarize the related studies on users’ habituation to the security warnings. This article presents a systematic literature review to explore the current key issues, challenges, and the possible solutions related to habituation effects in security warnings. It is expected that this article could contribute to a more complete understanding of the habituation effects in security warnings and eventually bring benefits to the research communities or general publics. 相似文献
20.
《Computers in human behavior》2002,18(3):285-296
The purpose of the current study was to assess the extent to which applicants preferred Web-based job postings to traditional paper-based materials. An integration of the traditional recruitment literature as well as the burgeoning literature related to the use of computer technology led to the development of two primary study hypotheses. First, applicants were expected to prefer Web-based job postings to more traditional paper postings. Second, applicants were expected to prefer jobs posted on Web pages of higher quality to those posted on pages of lower quality. Data collected from 92 undergraduate students provided support for the second hypothesis. Contrary to the first hypothesis, however, paper postings were preferred to those in a Web-based format. A discussion of the implications of these findings is presented along with recommendations for future research in the area. 相似文献