Visible to the public Biblio

Filters: Author is Wang, Juan  [Clear All Filters]
2023-07-21
Wang, Juan, Ma, Chenjun, Li, Ziang, Yuan, Huanyu, Wang, Jie.  2022.  ProcGuard: Process Injection Behaviours Detection Using Fine-grained Analysis of API Call Chain with Deep Learning. 2022 IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom). :778—785.

New malware increasingly adopts novel fileless techniques to evade detection from antivirus programs. Process injection is one of the most popular fileless attack techniques. This technique makes malware more stealthy by writing malicious code into memory space and reusing the name and port of the host process. It is difficult for traditional security software to detect and intercept process injections due to the stealthiness of its behavior. We propose a novel framework called ProcGuard for detecting process injection behaviors. This framework collects sensitive function call information of typical process injection. Then we perform a fine-grained analysis of process injection behavior based on the function call chain characteristics of the program, and we also use the improved RCNN network to enhance API analysis on the tampered memory segments. We combine API analysis with deep learning to determine whether a process injection attack has been executed. We collect a large number of malicious samples with process injection behavior and construct a dataset for evaluating the effectiveness of ProcGuard. The experimental results demonstrate that it achieves an accuracy of 81.58% with a lower false-positive rate compared to other systems. In addition, we also evaluate the detection time and runtime performance loss metrics of ProcGuard, both of which are improved compared to previous detection tools.

2023-05-12
Wang, Juan, Sun, Yuan, Liu, Dongyang, Li, Zhukun, Xu, GaoYang, Si, Qinghua.  2022.  Research on Locking Strategy of Large-Scale Security and Stability Control System under Abnormal State. 2022 7th International Conference on Power and Renewable Energy (ICPRE). :370–375.
With the high-speed development of UHV power grid, the characteristics of power grid changed significantly, which puts forward new requirements for the safe operation of power grid and depend on Security and Stability Control System (SSCS) greatly. Based on the practical cases, this paper analyzes the principle of the abnormal criteria of the SSCS and its influence on the strategy of the SSCS, points out the necessity of the research on the locking strategy of the SSCS under the abnormal state. Taking the large-scale SSCS for an example, this paper analysis different control strategies of the stations in the different layered, and puts forward effective solutions to adapt different system functions. It greatly improved the effectiveness and reliability of the strategy of SSCS, and ensure the integrity of the system function. Comparing the different schemes, the principles of making the lock-strategy are proposed. It has reference significance for the design, development and implementation of large-scale SSCS.
ISSN: 2768-0525