In contrast enhancement ultrasound (CEUS), the vasculature image can be formed from nonlinear echoes arising from microbubbles in a blood flow. The use of binary-coded pulse compression is promising for improving the contrast of CEUS images by suppressing background noise. However, the amplitudes of nonlinear echoes can be reduced, and sidelobes by nonlinear echoes can occur depending on the binary code. Optimal Golay codes with slight nonlinear-echo reduction and nonlinear sidelobe have been proposed. In this study, CEUS images obtained by optimal Golay pulse compression are evaluated through experiments using Sonazoid microbubbles flowing in a tissue-mimicking phantom.
Firmware formats vary from vendor to vendor, making it difficult to track which vendor or device the firmware belongs to, or to identify the firmware used in an embedded device. Current firmware analysis tools mainly distinguish firmware by static signatures in the firmware binary code. However, the extraction of a signature often requires careful analysis by professionals to obtain it and requires a significant investment of time and effort. In this paper, we use Doc2Vec to extract and process the character information in firmware, combine the file size, file entropy, and the arithmetic mean of bytes as firmware features, and implement the firmware classifier by combining the Extra Trees model. The evaluation is performed on 1,190 firmware files from 5 router vendors. The accuracy of the classifier is 97.18%, which is higher than that of current approaches. The results show that the proposed approach is feasible and effective.
Binary code homology analysis refers to detecting whether two pieces of binary code are compiled from the same piece of source code, which is a fundamental technique for many security applications, such as vulnerability search, plagiarism detection, and malware detection. With the increase in critical vulnerabilities in IoT devices, homology analysis is increasingly needed to perform cross-platform vulnerability searches. Existing methods for cross-platform binary code homology detection usually convert binary code to instruction sequences and do semantic embedding of the sequences as if they were natural language. However, the gap between natural language and binary code is large, and the spatial features of the binary code are easily lost by directly comparing the semantics. In this paper, we propose a GRU-based graph embedding method to compare the homology of binary functions. First, the attribute control flow graph (ACFG) is built for the assembly function, then the GRU-based graph embedding neural network is used to generate the embedding vector for the ACFG, and finally the homology of the binary code is determined by calculating the distance between the embedding vectors. The experimental results show that our method greatly improves the detection accuracy of negative samples compared with Gemini, the latest method based on graph embedding binary code similarity detection.
As satellite observation technology rapidly develops, the number of remote sensing (RS) images dramatically increases, and this leads RS image retrieval tasks to be more challenging in terms of speed and accuracy. Recently, an increasing number of researchers have turned their attention to this issue, as well as hashing algorithms, which map real-valued data onto a low-dimensional Hamming space and have been widely utilized to respond quickly to large-scale RS image search tasks. However, most existing hashing algorithms only emphasize preserving point-wise or pair-wise similarity, which may lead to an inferior approximate nearest neighbor (ANN) search result. To fix this problem, we propose a novel triplet ordinal cross entropy hashing (TOCEH). In TOCEH, to enhance the ability of preserving the ranking orders in different spaces, we establish a tensor graph representing the Euclidean triplet ordinal relationship among RS images and minimize the cross entropy between the probability distribution of the established Euclidean similarity graph and that of the Hamming triplet ordinal relation with the given binary code. During the training process, to avoid the non-deterministic polynomial (NP) hard problem, we utilize a continuous function instead of the discrete encoding process. Furthermore, we design a quantization objective function based on the principle of preserving triplet ordinal relation to minimize the loss caused by the continuous relaxation procedure. The comparative RS image retrieval experiments are conducted on three publicly available datasets, including UC Merced Land Use Dataset (UCMD), SAT-4 and SAT-6. The experimental results show that the proposed TOCEH algorithm outperforms many existing hashing algorithms in RS image retrieval tasks.
This paper investigates software attacks based on shellcode injection in Windows applications. The attack uses platform invoke to inject binary code by means of system calls. This creates a separate threat that carries the payload. The paper overviews protections against shellcode injection and thus analyzes the injection methods as well. Analysis models the injection of malicious code in a Windows app process. As a result, the paper proposes a step-by-step injection method. Experimental injection of user code in PowerShell is performed to test the method. The paper further shows the assembly code of the system call as an example of finding their IDs in the global system call table; it also shows part of the source code for the injection of binary executable code. Various counterattacks are proposed in the form of software control modules based on architecture drivers. The paper analyzes the feasibility of using dynamic invoke, which the authors plan to do later on.
At present, artificial intelligence has increasingly become the most promising and essential major. The interdisciplinary cooperation between the integrated circuit and artificial intelligence brings infinite possibilities. In the convolutional neural network area, in order to achieve the valuable output, the comparison between values is often encountered. The output is obtained by comparison between the result after the convolution calculation with the designed threshold. Therefore, our team not only design a 4-bit binary comparator hardware logic circuit to complete the task but also discuss and verify the feasibility and performance characteristics of the program from the perspective of energy and time delay. As for the overall framework, we design a convenient circuit that converts the complement code into the original code and chooses a CLA adder to accomplish this part. Using this kind of adder can ideally help us reduce the time delay at the expense of a complicated circuit schematic. In the comparator part, we design a high-quality circuit framework. The strategy of our circuit is to compare the relationship between the four-bit binary code and the threshold bit by bit from MSB to LSB, which performs better than the original 4-bit comparator, and we design two outputs that can legibly illustrate the relationship between two values. We use logic effort to discuss the normalized delay in our project. Besides, we find the connection between the energy and the delay by calculation. Finally, we design a trade-off function to make the optimization of energy and delay together with respect to voltage.