发布求助
文献互助 智能选刊 最新文献

Proceedings of the 30th Annual Computer Security Applications Conference最新文献

筛选
英文 中文
Advanced Wi-Fi attacks using commodity hardware 使用普通硬件的高级Wi-Fi攻击
Proceedings of the 30th Annual Computer Security Applications Conference Pub Date : 2014-12-08 DOI: 10.1145/2664243.2664260
M. Vanhoef, F. Piessens
{"title":"Advanced Wi-Fi attacks using commodity hardware","authors":"M. Vanhoef, F. Piessens","doi":"10.1145/2664243.2664260","DOIUrl":"https://doi.org/10.1145/2664243.2664260","url":null,"abstract":"We show that low-layer attacks against Wi-Fi can be implemented using user-modifiable firmware. Hence cheap off-the-shelf Wi-Fi dongles can be used carry out advanced attacks. We demonstrate this by implementing five low-layer attacks using open source Atheros firmware. The first attack consists of unfair channel usage, giving the user a higher throughput while reducing that of others. The second attack defeats countermeasures designed to prevent unfair channel usage. The third attack performs continuous jamming, making the channel unusable for other devices. For the fourth attack we implemented a selective jammer, allowing one to jam specific frames already in the air. The fifth is a novel channel-based Man-in-the-Middle (MitM) attack, enabling reliable manipulation of encrypted traffic. These low-layer attacks facilitate novel attacks against higher-layer protocols. To demonstrate this we show how our MitM attack facilitates attacks against the Temporal Key Integrity Protocol (TKIP) when used as a group cipher. Since a substantial number of networks still use TKIP as their group cipher, this shows that weaknesses in TKIP have a higher impact than previously thought.","PeriodicalId":104443,"journal":{"name":"Proceedings of the 30th Annual Computer Security Applications Conference","volume":"29 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-12-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116191630","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 120
Interrupt-oriented bugdoor programming: a minimalist approach to bugdooring embedded systems firmware 面向中断的bug门编程:对嵌入式系统固件进行bug门检查的一种极简方法
Proceedings of the 30th Annual Computer Security Applications Conference Pub Date : 2014-12-08 DOI: 10.1145/2664243.2664268
Samuel Junjie Tan, S. Bratus, T. Goodspeed
{"title":"Interrupt-oriented bugdoor programming: a minimalist approach to bugdooring embedded systems firmware","authors":"Samuel Junjie Tan, S. Bratus, T. Goodspeed","doi":"10.1145/2664243.2664268","DOIUrl":"https://doi.org/10.1145/2664243.2664268","url":null,"abstract":"We demonstrate a simple set of interrupt-related vulnerability primitives that, despite being apparently innocuous, give attackers full control of a microcontroller platform. We then present a novel, minimalist approach to constructing deniable bugdoors for microcontroller firmware, and contrast this approach with the current focus of exploitation research on demonstrations of maximum computational power that malicious computation can achieve. Since the introduction of Return-oriented programming, an ever-increasing number of targets have been demonstrated to unintentionally yield Turing-complete computation environments to attackers controlling the target's various input channels, under ever more restrictive sets of limitations. Yet although modern OS defensive measures indeed require complex computations to bypass, this focus on maximum expressiveness of exploit programming models leads researchers to overlook other research directions for platforms that lack strong defensive measure but occur in mission-critical systems, namely, microcontrollers. In these systems, common exploiter goals such as sensitive code and data exfiltration or arbitrary code execution do not typically require complex computation; instead, a minimal computation is preferred and a simple set of vulnerability primitives typically suffices. We discuss examples of vulnerabilities and the new kinds of tools needed to avoid them in future firmware.","PeriodicalId":104443,"journal":{"name":"Proceedings of the 30th Annual Computer Security Applications Conference","volume":"15 4","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-12-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"120847563","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 8
CPS: driving cyber-physical systems to unsafe operating conditions by timing DoS attacks on sensor signals CPS:通过定时对传感器信号进行DoS攻击,将网络物理系统驱动到不安全的操作条件
Proceedings of the 30th Annual Computer Security Applications Conference Pub Date : 2014-12-08 DOI: 10.1145/2664243.2664290
M. Krotofil, A. Cárdenas, Bradley Manning, Jason W. Larsen
{"title":"CPS: driving cyber-physical systems to unsafe operating conditions by timing DoS attacks on sensor signals","authors":"M. Krotofil, A. Cárdenas, Bradley Manning, Jason W. Larsen","doi":"10.1145/2664243.2664290","DOIUrl":"https://doi.org/10.1145/2664243.2664290","url":null,"abstract":"DoS attacks on sensor measurements used for industrial control can cause the controller of the process to use stale data. If the DoS attack is not timed properly, the use of stale data by the controller will have limited impact on the process; however, if the attacker is able to launch the DoS attack at the correct time, the use of stale data can cause the controller to drive the system to an unsafe state. Understanding the timing parameters of the physical processes does not only allow an attacker to construct a successful attack but also to maximize its impact (damage to the system). In this paper we use Tennessee Eastman challenge process to study an attacker that has to identify (in realtime) the optimal timing to launch a DoS attack. The choice of time to begin an attack is forward-looking, requiring the attacker to consider each opportunity against the possibility of a better opportunity in the future, and this lends itself to the theory of optimal stopping problems. In particular we study the applicability of the Best Choice Problem (also known as the Secretary Problem), quickest change detection, and statistical process outliers. Our analysis can be used to identify specific sensor measurements that need to be protected, and the time that security or safety teams required to respond to attacks, before they cause major damage.","PeriodicalId":104443,"journal":{"name":"Proceedings of the 30th Annual Computer Security Applications Conference","volume":"45 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-12-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125520152","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 42
Using automatic speech recognition for attacking acoustic CAPTCHAs: the trade-off between usability and security 使用自动语音识别攻击声学验证码:可用性和安全性之间的权衡
Proceedings of the 30th Annual Computer Security Applications Conference Pub Date : 2014-12-08 DOI: 10.1145/2664243.2664262
H. Meutzner, Viet-Hung Nguyen, Thorsten Holz, D. Kolossa
{"title":"Using automatic speech recognition for attacking acoustic CAPTCHAs: the trade-off between usability and security","authors":"H. Meutzner, Viet-Hung Nguyen, Thorsten Holz, D. Kolossa","doi":"10.1145/2664243.2664262","DOIUrl":"https://doi.org/10.1145/2664243.2664262","url":null,"abstract":"A common method to prevent automated abuses of Internet services is utilizing challenge-response tests that distinguish human users from machines. These tests are known as CAPTCHAs (Completely Automated Public Turing Tests to Tell Computers and Humans Apart) and should represent a task that is easy to solve for humans, but difficult for fraudulent programs. To enable access for visually impaired people, an acoustic CAPTCHA is typically provided in addition to the better-known visual CAPTCHAs. Recent security studies show that most acoustic CAPTCHAs, albeit difficult to solve for humans, can be broken via machine learning. In this work, we suggest using speech recognition rather than generic classification methods for better analyzing the security of acoustic CAPTCHAs. We show that our attack based on an automatic speech recognition system can successfully defeat reCAPTCHA with a significantly higher success rate than reported in previous studies. A major difficulty in designing CAPTCHAs arises from the trade-off between human usability and robustness against automated attacks. We present and analyze an alternative CAPTCHA design that exploits specific capabilities of the human auditory system, i.e., auditory streaming and tolerance to reverberation. Since state-of-the-art speech recognition technology still does not provide these capabilities, the resulting CAPTCHA is hard to solve automatically. A detailed analysis of the proposed CAPTCHA shows a far better trade-off between usability and security than the current quasi-standard approach of reCAPTCHA.","PeriodicalId":104443,"journal":{"name":"Proceedings of the 30th Annual Computer Security Applications Conference","volume":"63 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-12-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127902617","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 18
Challenges and implications of verifiable builds for security-critical open-source software 对安全至关重要的开源软件的可验证构建的挑战和影响
Proceedings of the 30th Annual Computer Security Applications Conference Pub Date : 2014-12-08 DOI: 10.1145/2664243.2664288
Xavier de Carné de Carnavalet, Mohammad Mannan
{"title":"Challenges and implications of verifiable builds for security-critical open-source software","authors":"Xavier de Carné de Carnavalet, Mohammad Mannan","doi":"10.1145/2664243.2664288","DOIUrl":"https://doi.org/10.1145/2664243.2664288","url":null,"abstract":"The majority of computer users download compiled software and run it directly on their machine. Apparently, this is also true for open-sourced software -- most users would not compile the available source, and implicitly trust that the available binaries have been compiled from the published source code (i.e., no backdoor has been inserted in the binary). To verify that the official binaries indeed correspond to the released source, one can compile the source of a given application, and then compare the locally generated binaries with the developer-provided official ones. However, such simple verification is non-trivial to achieve in practice, as modern compilers, and more generally, toolchains used in software packaging, have not been designed with verifiability in mind. Rather, the output of compilers is often dependent on parameters that can be strongly tied to the building environment. In this paper, we analyze a widely-used encryption tool, TrueCrypt, to verify its official binary with the corresponding source. We first manually replicate a close match to the official binaries of sixteen most recent versions of TrueCrypt for Windows up to v7.1a, and then explain the remaining differences that can solely be attributed to non-determinism in the build process. Our analysis provides the missing guarantee on official binaries that they are indeed backdoor-free, and makes audits on TrueCrypt's source code more meaningful. Also, we uncover several sources of non-determinism in TrueCrypt's compilation process; these findings may help create future verifiable build processes.","PeriodicalId":104443,"journal":{"name":"Proceedings of the 30th Annual Computer Security Applications Conference","volume":"472 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-12-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122210429","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 16
TroGuard: context-aware protection against web-based socially engineered trojans TroGuard:上下文感知保护,防止基于网络的社会工程木马
Proceedings of the 30th Annual Computer Security Applications Conference Pub Date : 2014-12-08 DOI: 10.1145/2664243.2664270
Rui Han, Alejandro Mesa, Mihai Christodorescu, S. Zonouz
{"title":"TroGuard: context-aware protection against web-based socially engineered trojans","authors":"Rui Han, Alejandro Mesa, Mihai Christodorescu, S. Zonouz","doi":"10.1145/2664243.2664270","DOIUrl":"https://doi.org/10.1145/2664243.2664270","url":null,"abstract":"Despite the increasing number of social engineering attacks through web browser applications, detection of socially engineered trojan downloads by enticed victim users remains a challenging endeavor. In this paper, we present TroGuard, a semi-automated web-based trojan detection solution, that notifies the user if the application she downloaded behaves differently than what she expected at download time. TroGuard builds on the hypothesis that in spite of millions of currently downloadable executables on the Internet, almost all of them provide functionalities from a limited set. Additionally, because each functionality, e.g., text editor, requires particular system resources, it exhibits a unique system-level activity pattern. During an offline process, TroGuard creates a profile dictionary of various functionalities. This profile dictionary is then used to warn the user if she downloads an executable whose observed activity does not match its advertised functionality (extracted through automated analysis of the download website). Our experimental results prove the above mentioned premise empirically and show that TroGuard can identify real-world socially engineered trojan download attacks effectively.","PeriodicalId":104443,"journal":{"name":"Proceedings of the 30th Annual Computer Security Applications Conference","volume":"18 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-12-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122219998","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
It's the psychology stupid: how heuristics explain software vulnerabilities and how priming can illuminate developer's blind spots 这是愚蠢的心理学:启发式如何解释软件漏洞,启动如何照亮开发人员的盲点
Proceedings of the 30th Annual Computer Security Applications Conference Pub Date : 2014-12-08 DOI: 10.1145/2664243.2664254
Daniela Oliveira, Marissa Rosenthal, Nicole Morin, Kuo-Chuan Yeh, Justin Cappos, Yanyan Zhuang
{"title":"It's the psychology stupid: how heuristics explain software vulnerabilities and how priming can illuminate developer's blind spots","authors":"Daniela Oliveira, Marissa Rosenthal, Nicole Morin, Kuo-Chuan Yeh, Justin Cappos, Yanyan Zhuang","doi":"10.1145/2664243.2664254","DOIUrl":"https://doi.org/10.1145/2664243.2664254","url":null,"abstract":"Despite the security community's emphasis on the importance of building secure software, the number of new vulnerabilities found in our systems is increasing. In addition, vulnerabilities that have been studied for years are still commonly reported in vulnerability databases. This paper investigates a new hypothesis that software vulnerabilities are blind spots in developer's heuristic-based decision-making processes. Heuristics are simple computational models to solve problems without considering all the information available. They are an adaptive response to our short working memory because they require less cognitive effort. Our hypothesis is that as software vulnerabilities represent corner cases that exercise unusual information flows, they tend to be left out from the repertoire of heuristics used by developers during their programming tasks. To validate this hypothesis we conducted a study with 47 developers using psychological manipulation. In this study each developer worked for approximately one hour on six vulnerable programming scenarios. The sessions progressed from providing no information about the possibility of vulnerabilities, to priming developers about unexpected results, and explicitly mentioning the existence of vulnerabilities in the code. The results show that (i) security is not a priority in software development environments, (ii) security is not part of developer's mindset while coding, (iii) developers assume common cases for their code, (iv) security thinking requires cognitive effort, (v) security education helps, but developers can have difficulties correlating a particular learned vulnerability or security information with their current working task, and (vi) priming or explicitly cueing about vulnerabilities on-the-spot is a powerful mechanism to make developers aware about potential vulnerabilities.","PeriodicalId":104443,"journal":{"name":"Proceedings of the 30th Annual Computer Security Applications Conference","volume":"5 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-12-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131410261","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 56
Exploring and mitigating privacy threats of HTML5 geolocation API 探索和减轻HTML5地理定位API的隐私威胁
Proceedings of the 30th Annual Computer Security Applications Conference Pub Date : 2014-12-08 DOI: 10.1145/2664243.2664247
Hyungsub Kim, Sangho Lee, Jong Kim
{"title":"Exploring and mitigating privacy threats of HTML5 geolocation API","authors":"Hyungsub Kim, Sangho Lee, Jong Kim","doi":"10.1145/2664243.2664247","DOIUrl":"https://doi.org/10.1145/2664243.2664247","url":null,"abstract":"The HTML5 Geolocation API realizes location-based services via theWeb by granting web sites the geographical location information of user devices. However, the Geolocation API can violate a user's location privacy due to its coarse-grained permission and location models. The API provides either exact location or nothing to web sites even when they only require approximate location. In this paper, we first conduct case studies on numerous web browsers and web sites to explore how they implement and utilize the Geolocation API. We detect 14 vulnerable web browsers and 603 overprivileged web sites that can violate a user's location privacy. To mitigate the privacy threats of the Geolocation API, we propose a novel scheme that (1) supports fine-grained permission and location models, and (2) recommends appropriate privacy settings to each user by inspecting the location sensitivity of each web page. Our scheme can accurately estimate each web page's necessary geolocation degree (estimation accuracy: ~93.5%). We further provide suggestions to improve the Geolocation API.","PeriodicalId":104443,"journal":{"name":"Proceedings of the 30th Annual Computer Security Applications Conference","volume":"4 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-12-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115681522","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 6
Assisted deletion of related content 协助删除相关内容
Proceedings of the 30th Annual Computer Security Applications Conference Pub Date : 2014-12-08 DOI: 10.1145/2664243.2664287
H. Ritzdorf, N. Karapanos, Srdjan Capkun
{"title":"Assisted deletion of related content","authors":"H. Ritzdorf, N. Karapanos, Srdjan Capkun","doi":"10.1145/2664243.2664287","DOIUrl":"https://doi.org/10.1145/2664243.2664287","url":null,"abstract":"On primary storage systems content is often replicated, converted or modified, and the users quickly lose control over its dispersal on the system. Deleting content related to a particular project from the system therefore becomes a labor-intensive task for the user. In this paper we present IRCUS, a system that assists the user in securely removing project-related content, but does not require changes to the user's behavior or to any of the system components, such as the file system, kernel or applications. IRCUS transparently integrates within the user's system, operates in user-space and stores the resulting metadata alongside the files. We implemented and evaluated our system and show that its overhead and accuracy are acceptable for practical use and deployment.","PeriodicalId":104443,"journal":{"name":"Proceedings of the 30th Annual Computer Security Applications Conference","volume":"142 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-12-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127316560","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 12
Leveraging semantic signatures for bug search in binary programs 利用语义签名在二进制程序中进行bug搜索
Proceedings of the 30th Annual Computer Security Applications Conference Pub Date : 2014-12-08 DOI: 10.1145/2664243.2664269
Jannik Pewny, Felix Schuster, Lukas Bernhard, Thorsten Holz, C. Rossow
{"title":"Leveraging semantic signatures for bug search in binary programs","authors":"Jannik Pewny, Felix Schuster, Lukas Bernhard, Thorsten Holz, C. Rossow","doi":"10.1145/2664243.2664269","DOIUrl":"https://doi.org/10.1145/2664243.2664269","url":null,"abstract":"Software vulnerabilities still constitute a high security risk and there is an ongoing race to patch known bugs. However, especially in closed-source software, there is no straightforward way (in contrast to source code analysis) to find buggy code parts, even if the bug was publicly disclosed. To tackle this problem, we propose a method called Tree Edit Distance Based Equational Matching (TEDEM) to automatically identify binary code regions that are \"similar\" to code regions containing a reference bug. We aim to find bugs both in the same binary as the reference bug and in completely unrelated binaries (even compiled for different operating systems). Our method even works on proprietary software systems, which lack source code and symbols. The analysis task is split into two phases. In a preprocessing phase, we condense the semantics of a given binary executable by symbolic simplification to make our approach robust against syntactic changes across different binaries. Second, we use tree edit distances as a basic block-centric metric for code similarity. This allows us to find instances of the same bug in different binaries and even spotting its variants (a concept called vulnerability extrapolation). To demonstrate the practical feasibility of the proposed method, we implemented a prototype of TEDEM that can find real-world security bugs across binaries and even across OS boundaries, such as in MS Word and the popular messengers Pidgin (Linux) and Adium (Mac OS).","PeriodicalId":104443,"journal":{"name":"Proceedings of the 30th Annual Computer Security Applications Conference","volume":"5 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-12-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125366503","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 117
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信