China 
Africa 
Explore chapters and articles related to this topic
A Review on Live Memory Acquisition Approaches for Digital Forensics
Published in Mukesh Kumar Awasthi, Ravi Tomar, Maanak Gupta, Mathematical Modeling for Intelligent Systems, 2023
The Intel x86-64 architecture was introduced, which was identical to the IA-32 architecture but with 64-bit registers. It has a linear address space of up to 264 bytes and can accept 64-bit linear addresses. Only 48-bit linear addresses are used in the current version, which does not accommodate the full 64 bits. On these systems, virtual addresses are in canonical format, which means that 63:48 can be set to all 1s or all 0s depending on the status of bit 47. It also supports an additional level of paging structures called page map level 4 (PML4).
System Threats
Published in Nicholas Kolokotronis, Stavros Shiaeles, Cyber-Security Threats, Actors, and Dynamic Mitigation, 2021
Konstantinos-Panagiotis Grammatikakis, Nicholas Kolokotronis
Starting with the NT header and its two substructures: the COFF and optional headers, an analyst can gather basic information about the sample, including the following: The machine type for which the PE file is compiler for indicating the processor architecture. The three most important ones being: (i) the unknown machine type, implying that the contents of the file apply to all architectures, (ii) the i386 machine type, for x86 processors, and (iii) the AMD64 machine type, for x86-64 processors.The number of sections, which may indicate the application of packing/obfuscation techniques.The compilation date, allowing to correlate external information (e.g. from news articles, security bulletins, and social media messages) to the current incident—if the date seems to be reasonable and there are no signs of modification.The PE characteristics, indicating various attributes of the file, with the most important being: (i) the executable image flag, meaning that the file contents are directly executable10, (ii) the 32-bit machine flag, (iii) the system image flag, meaning that the PE file is a system file, and (iv) the dynamic-link library (DLL) flag.The targeted subsystem, indicating whether the sample is using the console or graphical user interfaces (CUI and GUI, respectively).
Narrowing the scope of failure prediction using targeted fault load injection
Published in Enterprise Information Systems, 2018
Paul L. Jordan, Gilbert L. Peterson, Alan C. Lin, Michael J. Mendenhall, Andrew J. Sellers
Unfortunately, previous G-SWFIT tools were incapable of injecting faults into elevated x86-64 Windows processes. Older tools were written for Java or x86 architectures (Duraes and Madeira 2006; Martins, Rubira, and Leme 2002; Natella et al. 2010; Sanches, Basso, and Moraes 2011). For this reason, this work introduces a modernized fault injection tool capable of injecting into x86-64 elevated system processes (such as the ‘lsass.exe’ process). This tool is called Windows Software Fault Injection Tool (W-SWFIT)1 and it implements two of the primary faults implemented by G-SWFIT. These faults simulate a missing function call as well as a missing variable assignment, as shown in Table 3.
Algorithm for identifying clients based on dynamic MAC addresses in narrowly targeted secure networks using deep learning neural networks
Published in International Journal of Parallel, Emergent and Distributed Systems, 2021
Alexander Tyutyunnik, Ekaterina Lobaneva, Alexey Lazarev
Main requirement for developed algorithm was architecture compatible processor for both x86-x64 and mobile processors of ARM family. Based on statistics of system software usage, developed software is aimed to work with ARM-64 architecture as a client and device with x86-64 processor based on Linux kernel as a server component [5]. A secondary requirement is the need to have root access to the file system of the hardware device, due to the fact that dynamic MAC address rewriting requires changes to system files. Among other things, root access is a necessary component for handling network interfaces. Also, the initial installation of packages intended for use with network interfaces is included in the required components.
Intelligent information flow management system in innovative scientific and industrial clusters
Published in International Journal of Parallel, Emergent and Distributed Systems, 2022
Artur Zaenchkovski, Alexey Lazarev, Dmitrii Tukaev, Victor Epifanov
To ensure the safety of operation, the EUI-64 address cell prediction module was included in the proposed system using a nonlinear autoregressive exogenous model along with the use of a reference model algorithm to minimise discrepancies between multiple instances of the neural network. The management of the developed system is organised using the Bootstrap framework. A solution will also be described for using the systems capabilities on multiprocessor operating systems ARM (routers, switches), x86-64 (personal computers, clusters).