Abstract: The present disclosure relates to a system and method for vulnerability localization based on deep learning, which comprises, at a minimum, a processor configured to: analyze a code file under detection to obtain a first abstract syntax tree devoid of semantic information; build upon the first abstract syntax tree by incorporating data-flow edges and/or control-flow edges, thereby forming a second abstract syntax tree with semantic-flow enhancement; split the second abstract syntax tree to obtain a plurality of second abstract syntax sub-trees; and input these second abstract syntax sub-trees into a pre-established vulnerability detection and localization model.

Abstract: A method, system and processor for enhancing robustness of a source-code classification model based on invariant features is provided, wherein the method includes: combining non-robustness features to generate different style templates, converting codes in an input code training set into new codes of different styles to obtain a converted-code training set, merging the input-code and the converted-code training set into an expanded training set, and converting code texts in the expanded training set into code images; and converting the code images into required vectors, pairing samples of identical class randomly picked from the expanded training set and inputting the matched sample pairs into a feature extractor, iteratively updating the feature extractor and the matched sample pairs and extracting target characteristics, and training the extracted invariant features in a classifier to produce a trained model. The disclosed system includes a training set-expanding module and a model-training module.

Abstract: A method and system for recognizing TLS fingerprints based on finite-state machines is provided, wherein the system at least includes: a model inference module, for learning state machine models of target TLS implementations according to mapping information sent by a message mapping module; a fingerprint extracting module, for analyzing the state machine models and extracting multi-level fingerprints of the target TLS implementations; and a version recognizing module, for verifying the multi-level fingerprints for validity and/or recognizing version information of unknown TLS implementations. As compared to other network protocol identification systems, the present disclosure can identify and judge fine-grained information such as the specific implementation type and version of the specific TLS implementation. At the same time, the inventive method is highly automated, thereby ensuring good usability and scalability.

Abstract: The present invention provides an anti-trapdoor-leakage on-chain data restoration system, at least comprising: a blockchain node, for broadcasting transaction data of a request-initiating person to blockchain nodes and proposer nodes in other groups, respectively; and a proposer node, for performing computation of a Chameleon-Hash function using a key set that is generated by a key-generating module provided in the proposer node, packaging the transaction data to generate a new block, and distributing the new block to all the blockchain nodes so that the blockchain nodes update their respective underlying ledgers according to the new blocks broadcasted by the proposer. The system of the present invention not only realizes such functions as restoration and editing of the transaction data, but also protects operational security and reliability of blockchains.

Abstract: The present invention relates to a blockchain-based system and method for preventing unauthorized deletion of surveillance video, the system at least comprising: a plurality of camera components, for generating surveillance video; at least one video-recording node, for connecting to a blockchain network and randomly generating a key pair, splitting the video file received from the camera components into a plurality of video-file blocks and randomly sending them to participation nodes across the blockchain network for storage, and recording hash values of the stored video files and node information; and a blockchain network device, for updating the hash values of the video files uploaded by the video-recording nodes based on a smart contract. In the present invention, uploading and storing time for camera-videos is recorded by the smart contract as tamper-resistant time reference for law enforcement, protecting video data from malicious deletion at video-recording nodes without the need of redundant space.

Abstract: The present invention relates a device for improving robustness of deep-learning based detection of source-code vulnerability, the device at least comprises a code-converting module, a mapping module, and a neural-network module, wherein the mapping module is in data connection with the code-converting module, the mapping module is in data connection with the neural-network module, respectively, and the neural-network module includes at least two first classifiers, based on a received first training program source code, the mapping module maps a plurality of code snippets, and the neural-network module trains the at least two first classifiers according to a first sample vector. The present invention improves the robustness of detection of source-code vulnerability by performing classification training on the feature generators and the classifiers.

Abstract: A sample-difference-based method and system for interpreting a deep-learning model for code classification is provided, wherein the method includes a step of off-line training an interpreter: constructing code transformation for every code sample in a training set to generate difference samples; generating difference samples respectively through feature deletion and code snippets extraction and then calculating feature importance scores accordingly; and inputting the original code samples, the difference samples and the feature importance scores into a neural network to get a trained interpreter; and a step of on-line interpreting the code samples: using the trained interpreter to extract important features from the snippets, then using an influence-function-based method to identify training samples that are most contributive to prediction, comparing the obtained important features and the most contributive training samples, and generating interpretation results for the object samples.

Abstract: The present invention relates to system and method for user-controllable sharing of authorization for private data, wherein the system at least comprises: a blockchain node, for recording and verifying transaction information and/or completing payment, a client, for encrypting a symmetric key into a re-encryption key to be sent to an IPFS node, so that after a re-encryption request it sends to the IPFS node is verified as valid, the client sends the symmetric key to a server; the IPFS node, for calling a zero-knowledge proof verification contract from the blockchain node in response to the re-encryption request from the client, and performing authorization and verification; a server, for sending first encrypted data involving user authorization to the IPFS node, and/or acquiring the symmetric key sent by the client and capable of decrypting authorization data.

Abstract: The present invention provides a system for privacy protection during IoT secure data sharing and a method thereof. The present invention relates to IoT data sharing, wherein it allows users to securely share data encrypted through decentralized attribute-based encryption on a blockchain-based platform without disclosing their attribute permission, so that individual users will not be identified according to their attributes, thereby protecting user privacy. The present invention also enables users sharing encrypted data and achieving traceability and accountability in the event of privacy breach. The present invention further provides an approach to verifying user permission using an attribute-based zero-knowledge proof, so as to securely and reliably verify whether permission of a data user is real.

Abstract: The present invention provides a system for privacy protection during IoT secure data sharing and a method thereof. The present invention relates to IoT data sharing, wherein it allows users to securely share data encrypted through decentralized attribute-based encryption on a blockchain-based platform without disclosing their attribute permission, so that individual users will not be identified according to their attributes, thereby protecting user privacy. The present invention also enables users sharing encrypted data and achieving traceability and accountability in the event of privacy breach. The present invention further provides an approach to verifying user permission using an attribute-based zero-knowledge proof, so as to securely and reliably verify whether permission of a data user is real.

Abstract: The present invention provides an anti-trapdoor-leakage on-chain data restoration system, at least comprising: a blockchain node, for broadcasting transaction data of a request-initiating person to blockchain nodes and proposer nodes in other groups, respectively; and a proposer node, for performing computation of a Chameleon-Hash function using a key set that is generated by a key-generating module provided in the proposer node, packaging the transaction data to generate a new block, and distributing the new block to all the blockchain nodes so that the blockchain nodes update their respective underlying ledgers according to the new blocks broadcasted by the proposer. The system of the present invention not only realizes such functions as restoration and editing of the transaction data, but also protects operational security and reliability of blockchains.

Abstract: An object of the present invention is to provide a conveyor belt rubber composition having excellent wear resistance and gouging resistance, a method for producing the conveyor belt rubber composition, a conveyor belt formed using the conveyor belt rubber composition, and a belt conveyor equipped with the conveyor belt. The present invention relates to a conveyor belt rubber composition containing a diene rubber containing less than 50 mass % of an aromatic vinyl-conjugated diene copolymer, wherein the aromatic vinyl-conjugated diene copolymer has a content of repeating units derived from an aromatic vinyl of 20 mass % or less, and a proportion of a vinyl structure in repeating units derived from a conjugated diene of 8 mol % or less.

Abstract: An object of the present invention is to provide a conveyor belt rubber composition having excellent cut resistance and wear resistance, a method for producing the conveyor belt rubber composition, a conveyor belt formed using the conveyor belt rubber composition, and a belt conveyor equipped with the conveyor belt. The present invention relates to a conveyor belt rubber composition containing a diene rubber containing 50 mass % or more of an aromatic vinyl-conjugated diene copolymer, wherein the aromatic vinyl-conjugated diene copolymer has a content of repeating units derived from an aromatic vinyl of more than 20 mass %, and a proportion of a vinyl structure in repeating units derived from a conjugated diene of 8 mol % or less.

Abstract: The present invention relates a device for improving robustness of deep-learning based detection of source-code vulnerability, the device at least comprises a code-converting module, a mapping module, and a neural-network module, wherein the mapping module is in data connection with the code-converting module, the mapping module is in data connection with the neural-network module, respectively, and the neural-network module includes at least two first classifiers, based on a received first training program source code, the mapping module maps a plurality of code snippets, and the neural-network module trains the at least two first classifiers according to a first sample vector. The present invention improves the robustness of detection of source-code vulnerability by performing classification training on the feature generators and the classifiers.

Abstract: The present disclosure involves a sidechain testing system and method for improving security and stability of a smart contract.

Abstract: The present invention addresses the problem of providing a rubber coating composition for use in a conveyor belt, the composition excelling in both peel force and rubber sticking and having excellent canvas adhesiveness, and of providing a laminate and a conveyor belt. The rubber coating composition for a conveyor belt of the present invention contains a diene-based rubber component, di-2-benzothiazolyl disulfide, silica, a cresol formaldehyde resin, and a modified etherified methylol melamine. The content amounts of each of the di-2-benzothiazolyl disulfide, silica, cresol formaldehyde resin, and modified etherified methylol melamine are all within predetermined ranges.

Abstract: The present disclosure involves a sidechain testing system and method for improving security and stability of a smart contract.

Abstract: The present invention addresses the problem of providing a rubber coating composition for use in a conveyor belt, the composition excelling in both peel force and rubber sticking and having excellent canvas adhesiveness, and of providing a laminate and a conveyor belt. The rubber coating composition for a conveyor belt of the present invention contains a diene-based rubber component, di-2-benzothiazolyl disulfide, silica, a cresol formaldehyde resin, and a modified etherified methylol melamine. The content amounts of each of the di-2-benzothiazolyl disulfide, silica, cresol formaldehyde resin, and modified etherified methylol melamine are all within predetermined ranges.

Abstract: The present invention provides a TrustZone-based security isolation system for shared library, the system at least comprising: a sandbox creator, a library controller, and an interceptor, the sandbox creator, in a normal world, dynamically creating a sandbox isolated from a Rich OS, the interceptor, intercepting corresponding system-calling information and/or Android framework APIs by means of inter-process stack inspection, the library controller, performing analysis based on the intercepted system-calling information and/or Android framework APIs, redirecting a library function to the sandbox, and switching calling states of the library function in the sandbox as well as setting up a library authority. The present invention has good versatility, low cost and high security. It realizes isolation of the library without increasing the trusted bases in the Secure World of the TrustZone, effectively reducing the risk of being attacked.

Abstract: The present invention involves with a cloud tenant oriented method and system for protecting privacy data. The method comprises at least the following steps: analyzing event handler information and/or behavioral signature information of request information and determining an execution mode, selecting at least one node without a behavioral signature plot to execute the tenant request and recording an execution result, generating a behavioral signature plot based on the execution result, and dynamically detecting security-sensitive behavior based on the behavioral signature plot. The present invention ensures data security during processing of security-sensitive data for cloud services by adopting a technology based on behavioral signatures, and prevents attackers from exploiting vulnerabilities and bypassing security control to conduct malicious operations.