To subvert recent advances in perimeter and host security, the attacker community has developed and employed various attack vectors to make a malware much stealthier than before to penetrate the target system and prolong its presence. Such advanced malware or "stealthy malware" makes use of various techniques to impersonate or abuse benign applications and legitimate system tools to minimize its footprints in the target system. It is thus difficult for traditional detection tools, such as malware scanners, to detect it, as the malware normally does not expose its malicious payload in a file and hides its malicious behaviors among the benign behaviors of the processes. In this paper, we present PROVDETECTOR, a provenancebased approach for detecting stealthy malware. Our insight behind the PROVDETECTOR approach is that although a stealthy malware attempts to blend into benign processes, its malicious behaviors inevitably interact with the underlying operating system (OS), which will be exposed to and captured by provenance monitoring. Based on this intuition, PROVDETECTOR first employs a novel selection algorithm to identify possibly malicious parts in the OS-level provenance data of a process. It then applies a neural embedding and machine learning pipeline to automatically detect any behavior that deviates significantly from normal behaviors. We evaluate our approach on a large provenance dataset from an enterprise network and demonstrate that it achieves very high detection performance of stealthy malware (an average F1 score of 0.974). Further, we conduct thorough interpretability studies to understand the internals of the learned machine learning models.
This work reports porous carbonyl iron particles/multiwalled carbon nanotubes-polydimethylsiloxane composites (PCMCs) with high flexibility and low density. In comparison to the solid product, the porous PCMC possesses a larger elongation and deformation. Because of the excellent magnetic-mechanic-electric coupling performance, the flexible composite exhibits bimode sensitivity to both the external stresses and magnetic field. Typically, the normalized resistance variation (Δ R/ R) of PCMC reaches 82.8% and 52.2% when the compression strain and tension strain are 60% and 50%, respectively. Moreover, the Δ R/ R induced by bending, twisting, and magnetostress also changes remarkably. When a 144 mT magnetic field is applied, the Δ R/ R of PCMC increases with 3.6%. To further understand the magnetic-mechanic-electric coupling mechanism, a conductive network sensing model is proposed and analyzed. Finally, on the basis of the bimode PCMC sensor array, a smart chessboard which can precisely discriminate special chesses with different masses and magnets is developed. This study provides a new fabrication method for next-generation three-dimensional smart sensors toward artificial electronics and soft robotics.
A novel versatile electrical skin (e-skin) with safeguarding and multisensing properties based on hybrid structures is developed by assembling Ag nanowires (AgNWs), polyester (PET) film with hybrid shear stiffening polymer/polydimethylsiloxane (SST/PDMS) matrix. The hybrid SST/PDMS polymer shows stable configuration. Storage modulus of the SST/PDMS increases from 5.5 kPa to 0.39 MPa when the shear frequency changes from 0.1 to 100 Hz, exhibiting typical rate-dependent behavior. e-Skin functions as a human-monitoring device by detecting various motions such as gentle touching, stroking, elbow bending, as well as speaking. More importantly, due to the shear stiffening characteristic, e-skin with high damping capacity exhibits safeguarding performance, which can dissipate impact force from 720 to 400 N and increase buffer time (from 0.9 to 2 ms). Meanwhile, distinguishable resistance values can reveal the level of harsh impact applied on the e-skin. In addition, the visible thermosensation effect of e-skin similar to chameleon epidermis is convenient for assessing environmental temperature. e-Skin arrays can precisely map the dynamic impact location and pressure distribution. Finally, the high electrical sensitivity and shear stiffening performance are attributed to the disturbance of AgNW effective conductive paths and dynamic BO bonds, respectively.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.