The volume of malwares is growing at an exponential speed nowadays. This huge growth makes it extremely hard to analyse malware manually. Most existing signatures extracting methods are based on string signatures, and string matching is not accurate and time consuming. Therefore, this paper presents AutoMal, a system for automatically extracting signatures from large-scale malwares. Firstly, the system proposes to represent the network flows by using feature hashing, which can dramatically reduce the high-dimensional feature spaces that are general in malware analysis. Then, we design a clustering and median filtering method to classify the malware vectors into different types. Finally, it introduces the signature generation algorithm based on Bayesian method. The system can extract both the byte signature and the hash signature of malwares from its network flow with low false positive and zero false negative. Our evaluation shows that AutoMal can generate strongly noise-resisted signatures that exactly depict the characteristics of malware.
Multipath routing is thought of as a promising direction of the current routing system as it can improve the network performance in terms of reliability and throughput. However, there are some challenging problems to solve towards Internet-wide multipath routing. One of them is the dramatically increasing control message overhead caused by network dynamics. More message overhead will consume more computing resources and more storage. Meanwhile, more message overhead will lead to slower convergence process for routing protocols due to longer processing time.In this paper, we present MORT to solve the above problem. MORT is based on a technique called "information hiding". The "information hiding" technique allows routers in network to hide some routing information such as link failures and link cost changes to other routers without introducing any serious bad effect to the routing protocols. Multipath routing protocols embedded with MORT will have fewer routing message overhead and shorter routing convergence time when facing network events such as link failures and link recoveries. In the simulations, we apply MORT to a newly presented multipath protocol to show that MORT can reduce message overhead significantly as well as shortening the routing convergence time.
With the rapid development of various types of space applications, space information network faces more and more challenges about the quality of service. How to provide end-to-end QoS based on the limited resources of space information network becomes one of the research focuses. In this paper, a method of dynamic deprivable bandwidth allocation (DDBA) is proposed for delay-sensitive specific applications. Applications are classified to three service levels according to the sensitivity of the delay. High level of services can deprive the bandwidth which has been allocated to the low level of services under certain situation. The results of the simulation illustrate that DDBA improves the use efficiency of the limited bandwidth compared to those typical bandwidth allocation algorithms. Furthermore, the DDBA can also reduce the delay of high level DS services and depress the lost rate.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.