Abstract: Various embodiments provide a system, method, and device for generating a signature for Windows .NET binaries. The method incudes (i) generate a file signature based on code using a hashing technique, and (ii) classify a sample using the file signature based on the code.

Abstract: Automatic generation of a malware signature is disclosed. Code of a sample including packages and function names is parsed. Standard type packages and vendor type packages are filtered from the code of the sample to obtain main type packages. A signature using a fuzzy hash for the sample is generated based on the main type packages. A determination of whether the sample is malware is performed using the signature and a similarity score threshold.

Abstract: Scan time in diffusion-relaxation magnetic resonance imaging (“MRI”) is reduced by implementing time-division multiplexing (“TDM”). In general, time-shifted radio frequency (“RF”) pulses are used to excite two or more imaging volumes. These RF pulses are applied to induce separate echoes for each slice. Diffusion MRI data can thus be acquired with different echo times, or alternatively with the same echo time, in significantly reduced overall scan time. Multidimensional correlations between diffusion and relaxation parameters can be estimated from the resulting data.

Abstract: An in-kernel virtual machine (“VM”) instantiated in the kernel space of a physical or virtual machine (“machine”) attaches code hooks at a network interface of the machine. The code hooks redirect network traffic from the network interface to a module that generates feature values at the kernel space from protocol data units of network traffic received by the network interface. The machine passes the feature values from kernel space to user space via zero-copy shared memory and a machine learning model in the user space obtains network traffic verdicts as outputs from inputting the feature values. The machine passes the verdicts from user space to kernel space via the zero-copy shared memory and the in-kernel VM performs corrective action based on malicious verdicts.

Abstract: Automatic generation of a malware signature is disclosed. Code of a sample including packages and function names is parsed. Standard type packages and vendor type packages are filtered from the code of the sample to obtain main type packages. A signature using a fuzzy hash for the sample is generated based on the main type packages. A determination of whether the sample is malware is performed using the signature and a similarity score threshold.

Abstract: Automated fuzzy hash based signature collection is disclosed. A set of candidate fuzzy hashes corresponding to a set of false negative samples is received. A false positive reduction analysis is performed on the received set of candidate fuzzy hashes to generate a reduced set of fuzzy hashes. At least a portion of the reduced set of fuzzy hashes is clustered into a fuzzy hash cluster. A signature for a family of malware is generated based at least in part on the fuzzy hash cluster.

Abstract: A pickup is provided. The pickup is configured to be mounted to a bone conduction organ in the mouth, the pickup includes a detection module, and the detection module is configured to detect a vibration signal of the bone conduction organ. A communication device and a communication apparatus are also provided. The communication device includes a signal receiving module, a control module, and a communication module.

Abstract: A hearing aid intra-oral device, configured as an intra-orally placed bone conduction sound-transmitting device. The hearing aid intraoral device comprises a vibration apparatus and a detection apparatus, the vibration apparatus being configured to drive the bone conduction sound-transmitting device to vibrate, and the detection apparatus being configured to detect a vibration signal of the bone conduction sound-transmitting device.

Abstract: Automated fuzzy hash based signature collection is disclosed. A set of candidate fuzzy hashes corresponding to a set of false negative samples is received. A false positive reduction analysis is performed on the received set of candidate fuzzy hashes to generate a reduced set of fuzzy hashes. At least a portion of the reduced set of fuzzy hashes is clustered into a fuzzy hash cluster. A signature for a family of malware is generated based at least in part on the fuzzy hash cluster.

Abstract: A system has been created that represents a binary file with a combination of signatures that account for both structure as expressed by control flow and an abstraction of functionality as expressed by import behavior. The system analyses intra-subroutine control flow and calls to import code units. The system generates structure signatures for the subroutines based on the intra-subroutine control flows. The system also generates an import behavior signature based on calls to import code units and caller-callee relationships between the subroutines and the import code units. The system uses the structure signatures to identify the caller subroutines in generating the import behavior signature. The combination of structure signatures and import behavior signature allows for accurate determination of code similarity without the noise of superficial variations in code organization and other mutations or alterations that facilitate avoiding malware detection.

Abstract: Automatic generation of a malware signature is disclosed. Code of a sample including packages and function names is parsed. Standard type packages and vendor type packages are filtered from the code of the sample to obtain main type packages. A signature using a fuzzy hash for the sample is generated based on the main type packages. A determination of whether the sample is malware is performed using the signature and a similarity score threshold.

Abstract: Scan time in diffusion-relaxation magnetic resonance imaging (“MRI”) is reduced by implementing time-division multiplexing (TDM). In general, time-shifted radio frequency (“RF”) pulses are used to excite two or more imaging volumes. These RF pulses are applied to induce separate echoes for each slice. Diffusion MRI data can thus be acquired with different echo times, or alternatively with the same echo time, in significantly reduced overall scan time. Multidimensional correlations between diffusion and relaxation parameters can be estimated from the resulting data.

Abstract: Provided is a bone conduction hearing aid device, including: a housing, a piezoelectric vibration assembly and a vibration transmission element, the piezoelectric vibration assembly and the vibration transmission element are both arranged in the housing, a first end of the vibration transmission element is connected with the piezoelectric vibration assembly, a second end of the vibration transmission element is connected with the housing, and the housing includes a vibration output portion that outputs vibration through contact.

Abstract: Provided is a bone conduction hearing aid device, including: a housing, a piezoelectric vibration assembly and a vibration transmission element, the piezoelectric vibration assembly and the vibration transmission element are both arranged in the housing, a first end of the vibration transmission element is connected with the piezoelectric vibration assembly, a second end of the vibration transmission element is connected with the housing, and the housing includes a vibration output portion that outputs vibration through contact.

Abstract: Automated fuzzy hash based signature collection is disclosed. A set of candidate fuzzy hashes corresponding to a set of false negative samples is received. A false positive reduction analysis is performed on the received set of candidate fuzzy hashes to generate a reduced set of fuzzy hashes. At least a portion of the reduced set of fuzzy hashes is clustered into a fuzzy hash cluster. A signature for a family of malware is generated based at least in part on the fuzzy hash cluster.

Abstract: An antenna pattern selection method includes a first communication device sending a plurality of packets to a second communication device. Then, the first communication device measures, in each of a plurality of antenna patterns, signal quality of a plurality of acknowledgment frames with which the second communication device separately responds to the plurality of packets, and finally selects a dominant antenna pattern from the plurality of antenna patterns based on signal quality corresponding to each of the plurality of antenna patterns. According to the antenna pattern selection method, when normal communication is not affected, the first communication device may determine, based on signal quality of an acknowledgment frame, whether an antenna pattern used by the first communication device is proper.

Abstract: A bone conduction hearing device, comprising an electronic assembly, a vibration component and a battery, the battery being configured to power the electronic assembly and the vibration component, the electronic assembly being configured to control the vibration of the vibration component, and the electronic assembly and the vibration component being configured to be placed inside an accommodation space formed between at least two adjacent molars and an alveolar bone.

Abstract: The present invention discloses an operation instruction scheduling method and device for a NAND flash memory device. The method comprises: performing task decomposition on the operation instruction of the NAND flash memory device, and sending an obtained task to a corresponding task queue; sending a current task to a corresponding arbitration queue according to a task type of the current task in the task queue; and scheduling a NAND interface for a to-be-executed task in the arbitration queue according to priority information of the arbitration queue. Embodiments of the present invention can efficiently realize operation instruction scheduling of a NAND flash memory device, improve flexibility of operation instruction scheduling of the NAND flash memory device, and improve overall performance of the NAND flash memory device.

Abstract: A bone conduction hearing device, comprising an electronic assembly, a vibration component and a battery, the battery being configured to power the electronic assembly and the vibration component, the electronic assembly being configured to control the vibration of the vibration component, and the electronic assembly and the vibration component being configured to be placed inside an accommodation space formed between at least two adjacent molars and an alveolar bone.

Abstract: The present invention discloses an operation instruction scheduling method and device for an NAND flash memory device. The method comprises: performing task decomposition on the operation instruction of the NAND flash memory device, and sending an obtained task to a corresponding task queue; sending a current task to a corresponding arbitration queue according to a task type of the current task in the task queue; and scheduling an NAND interface for a to-be-executed task in the arbitration queue according to priority information of the arbitration queue. Embodiments of the present invention can efficiently realize operation instruction scheduling of an NAND flash memory device, improve flexibility of operation instruction scheduling of the NAND flash memory device, and improve overall performance of the NAND flash memory device.