- 博客(0)
- 资源 (55)
- 收藏
- 关注
.NET 高级代码审计(第一课)XmlSerializer 反序列漏洞
在.NET 框架中的 XmlSerializer 类是一种很棒的工具,它是将高度结构化的 XML 数据
映射为 .NET 对象。XmlSerializer 类在程序中通过单个 API 调用来执行 XML 文档和对
象之间的转换。转换的映射规则在 .NET 类中通过元数据属性来表示,如果程序开发人
员使用 Type 类的静态方法获取外界数据,并调用 Deserialize 反序列化 xml 数据就会
触发反序列化漏洞攻击(例如 DotNetNuke 任意代码执行漏洞 CVE-2017-9822),本
文笔者从原理和代码审计的视角做了相关脑图介绍和复现。
2019-03-07
Cost-sensitive Support Vector Machines
代价敏感支持向量机
A new procedure for learning cost-sensitive SVM(CS-SVM) classifiers is proposed. The SVM hinge loss is extended to the cost sensitive setting, and the CS-SVM is derived as the minimizer of the associated risk. The extension of the hinge loss draws on recent connections between risk minimization and probability elicitation. These connections are generalized to cost-sensitive classification, in a manner that guarantees consistency with the cost- sensitive Bayes risk, and associated Bayes decision rule. This ensures that optimal decision rules, under the new hinge loss, implement the Bayes-optimal cost-sensitive classification boundary. Minimization of the new hinge loss is shown to be a generalization of the classic SVM optimization problem, and can be solved by identical procedures. The dual problem of CS-SVM is carefully scrutinized by means of regularization theory and sensitivity analysis and the CS-SVM algorithm is substantiated. The proposed algorithm is also extended to cost-sensitive learning with example dependent costs. The minimum cost sensitive risk is proposed as the performance measure and is connected to ROC analysis through vector optimization. The resulting algorithm avoids the shortcomings of previous approaches to cost-sensitive SVM design, and is shown to have superior experimental performance on a large number of cost sensitive and imbalanced datasets.
2019-02-01
知其所以然驱动开发教程:1.环境的搭建(虚拟机+WinDbg).rar
1.环境的搭建(虚拟机+WinDbg).rar
知其所以然驱动开发教程:1.环境的搭建(虚拟机+WinDbg).rar
2010-05-29
史上最好 明小子 扫描后台 数据库
明小子 主程序 大家都有了吧?必备
以防有人说插马,就不上主程序,直接上数据库,下载覆盖就行了!
原程序数据大小为4**K,我这个900K,大家好用就顶!
2009-12-27
Acunetix Web Vulnerability Scanner 6.5使用说明.pdf
Acunetix Web Vulnerability Scanner 6.5使用说明.pdf
2009-12-15
Acunetix Web Vulnerability Scanner 6.5_getting_started
Acunetix Web Vulnerability Scanner 6.5_getting_started
2009-12-15
Virtuoso Spectre RF Tools Lab Book.pdf
Virtuoso Spectre RF Tools Lab Book.pdf
Virtuoso Spectre RF Tools Lab Book.pdf
2009-11-25
空空如也
TA创建的收藏夹 TA关注的收藏夹
TA关注的人