Biblio

Binary analysis is pervasively utilized to assess software security and test vulnerabilities without accessing source codes. The analysis validity is heavily influenced by the inferring ability of information related to the code compilation. Among the compilation information, compiler type and optimization level, as the key factors determining how binaries look like, are still difficult to be inferred efficiently with existing tools. In this paper, we conduct a thorough empirical study on the binary's appearance under various compilation settings and propose a lightweight binary analysis tool based on the simplest machine learning method, called DIComP to infer the compiler and optimization level via most relevant features according to the observation. Our comprehensive evaluations demonstrate that DIComP can fully recognize the compiler provenance, and it is effective in inferring the optimization levels with up to 90% accuracy. Also, it is efficient to infer thousands of binaries at a millisecond level with our lightweight machine learning model (1MB).

In this paper, our aim is to detect illegal spectrum access behaviors. Firstly, we detect whether the channel is busy, and then if it is busy, recognizing whether there are illegal users. To get closer to the actual situation, we consider a more general scenario where multiple users are authorized to work on the same channel under certain interference control strategies, and build it as a ternary hypothesis test model using the generalized multi-hypothesis Neyman-Pearson criterion. Considering the various potential combination of multiple authorized users, the spectrum detection process utilizes a two-step detector. We adopt the Generalized Likelihood Ratio Test (GLRT) and the Rao test to detect illegal spectrum access behaviors. What is more, the Wald test is proposed which has a compromise between computational complexity and performance. The relevant formulas of the three detection schemes are derived. Finally, comprehensive and in-depth simulations are provided to verify the effectiveness of the proposed detection scheme that it has the best detection performance under different authorized sample numbers and different performance constraints. Besides, we illustrate the probability of detection of illegal behaviors under different parameters of illegal behaviors and different sets of AUs' states under the Wald test.

Modern vehicles are equipped with wireless communication technologies, allowing them to communicate with each other. Through Dedicated Short Range Communication (DSRC), vehicles periodically broadcast beacons messages for safety applications, which gives rise to disclosure of location privacy. A way to protect vehicles location privacy is to have their pseudonyms changed frequently. With restrict to limited resources (such as computation and storage), we propose a group based dynamic mix zone scheme, in which vehicles form a group when their pseudonyms are close to expire. Simulation results confirm that the proposed scheme can protect location privacy and alleviate the storage burden.

Vehicle trajectories are one of the most important data in location-based services. The quality of trajectories directly affects the services. However, in the real applications, trajectory data are not always sampled densely. In this paper, we study the problem of recovering the entire route between two distant consecutive locations in a trajectory. Most existing works solve the problem without using those informative historical data or solve it in an empirical way. We claim that a data-driven and probabilistic approach is actually more suitable as long as data sparsity can be well handled. We propose a novel route recovery system in a fully probabilistic way which incorporates both temporal and spatial dynamics and addresses all the data sparsity problem introduced by the probabilistic method. It outperforms the existing works with a high accuracy (over 80%) and shows a strong robustness even when the length of routes to be recovered is very long (about 30 road segments) or the data is very sparse.