Proceedings of the 32nd Annual Conference on Computer Security Applications最新文献_第2页

Timing-based reconnaissance and defense in software-defined networks 软件定义网络中基于时间的侦察和防御

Proceedings of the 32nd Annual Conference on Computer Security Applications Pub Date : 2016-12-05 DOI: 10.1145/2991079.2991081

J. Sonchack, Anurag Dubey, Adam J. Aviv, Jonathan M. Smith, Eric Keller

{"title":"Timing-based reconnaissance and defense in software-defined networks","authors":"J. Sonchack, Anurag Dubey, Adam J. Aviv, Jonathan M. Smith, Eric Keller","doi":"10.1145/2991079.2991081","DOIUrl":"https://doi.org/10.1145/2991079.2991081","url":null,"abstract":"Software-defined Networking (SDN) enables advanced network applications by separating a network into a data plane that forwards packets and a control plane that computes and installs forwarding rules into the data plane. Many SDN applications rely on dynamic rule installation, where the control plane processes the first few packets of each traffic flow and then installs a dynamically computed rule into the data plane to forward the remaining packets. Control plane processing adds delay, as the switch must forward each packet and meta-information to a (often centralized) control server and wait for a response specifying how to handle the packet. The amount of delay the control plane imposes depends on its load, and the applications and protocols it runs. In this work, we develop a non- intrusive timing attack that exploits this property to learn about a SDN network's configuration. The attack analyzes the amount of delay added to timing pings that are specially crafted to invoke the control plane, while transmitting other packets that may invoke the control plane, depending on the network's configuration. We show, in a testbed with physical OpenFlow switches and controllers, that an attacker can probe the network at a low rate for short periods of time to learn a bevy of sensitive information about networks with > 99% accuracy, including host communication patterns, ACL entries, and network monitoring settings. We also implement and test a practical defense: a timeout proxy, which normalizes control plane delay by providing configurable default responses to control plane requests that take too long. The proxy can be deployed on unmodified OpenFlow switches. It reduced the attack accuracy to below 50% in experiments, and can be configured to have minimal impact on non-attack traffic.","PeriodicalId":419419,"journal":{"name":"Proceedings of the 32nd Annual Conference on Computer Security Applications","volume":"41 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-12-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125054906","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 38

Code obfuscation against symbolic execution attacks 针对符号执行攻击的代码混淆

Proceedings of the 32nd Annual Conference on Computer Security Applications Pub Date : 2016-12-05 DOI: 10.1145/2991079.2991114

Sebastian Banescu, C. Collberg, Vijay Ganesh, Zack Newsham, A. Pretschner

{"title":"Code obfuscation against symbolic execution attacks","authors":"Sebastian Banescu, C. Collberg, Vijay Ganesh, Zack Newsham, A. Pretschner","doi":"10.1145/2991079.2991114","DOIUrl":"https://doi.org/10.1145/2991079.2991114","url":null,"abstract":"Code obfuscation is widely used by software developers to protect intellectual property, and malware writers to hamper program analysis. However, there seems to be little work on systematic evaluations of effectiveness of obfuscation techniques against automated program analysis. The result is that we have no methodical way of knowing what kinds of automated analyses an obfuscation method can withstand. This paper addresses the problem of characterizing the resilience of code obfuscation transformations against automated symbolic execution attacks, complementing existing works that measure the potency of obfuscation transformations against human-assisted attacks through user studies. We evaluated our approach over 5000 different C programs, which have each been obfuscated using existing implementations of obfuscation transformations. The results show that many existing obfuscation transformations, such as virtualization, stand little chance of withstanding symbolic-execution based deobfuscation. A crucial and perhaps surprising observation we make is that symbolic-execution based deobfuscators can easily deobfuscate transformations that preserve program semantics. On the other hand, we present new obfuscation transformations that change program behavior in subtle yet acceptable ways, and show that they can render symbolic-execution based deobfuscation analysis ineffective in practice.","PeriodicalId":419419,"journal":{"name":"Proceedings of the 32nd Annual Conference on Computer Security Applications","volume":"11 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-12-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"117296728","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 128

An ultra-lightweight white-box encryption scheme for securing resource-constrained IoT devices 一种用于保护资源受限物联网设备的超轻量级白盒加密方案

Proceedings of the 32nd Annual Conference on Computer Security Applications Pub Date : 2016-12-05 DOI: 10.1145/2991079.2991086

Yang Shi, Wujing Wei, Zongjian He, Hongfei Fan

{"title":"An ultra-lightweight white-box encryption scheme for securing resource-constrained IoT devices","authors":"Yang Shi, Wujing Wei, Zongjian He, Hongfei Fan","doi":"10.1145/2991079.2991086","DOIUrl":"https://doi.org/10.1145/2991079.2991086","url":null,"abstract":"Embedded devices with constrained computational resources, such as wireless sensor network nodes, electronic tag readers, roadside units in vehicular networks, and smart watches and wristbands, are widely used in the Internet of Things. Many of such devices are deployed in untrustable environments, and others may be easy to lose, leading to possible capture by adversaries. Accordingly, in the context of security research, these devices are running in the white-box attack context, where the adversary may have total visibility of the implementation of the built-in cryptosystem with full control over its execution. It is undoubtedly a significant challenge to deal with attacks from a powerful adversary in white-box attack contexts. Existing encryption algorithms for white-box attack contexts typically require large memory use, varying from one to dozens of megabytes, and thus are not suitable for resource-constrained devices. As a countermeasure in such circumstances, we propose an ultra-lightweight encryption scheme for protecting the confidentiality of data in white-box attack contexts. The encryption is executed with secret components specialized for resource-constrained devices against white-box attacks, and the encryption algorithm requires a relatively small amount of static data, ranging from 48 to 92 KB. The security and efficiency of the proposed scheme have been theoretically analyzed with positive results, and experimental evaluations have indicated that the scheme satisfies the resource constraints in terms of limited memory use and low computational cost.","PeriodicalId":419419,"journal":{"name":"Proceedings of the 32nd Annual Conference on Computer Security Applications","volume":"6 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-12-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122044545","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 18

Sanitizing data is not enough!: towards sanitizing structural artifacts in flash media 清理数据是不够的!对闪存介质中的结构性工件进行消毒

Proceedings of the 32nd Annual Conference on Computer Security Applications Pub Date : 2016-12-05 DOI: 10.1145/2991079.2991101

Bo Chen, Shijie Jia, Luning Xia, Peng Liu

{"title":"Sanitizing data is not enough!: towards sanitizing structural artifacts in flash media","authors":"Bo Chen, Shijie Jia, Luning Xia, Peng Liu","doi":"10.1145/2991079.2991101","DOIUrl":"https://doi.org/10.1145/2991079.2991101","url":null,"abstract":"Conventional overwriting-based and encryption-based secure deletion schemes can only sanitize data. However, the past existence of the deleted data may leave artifacts in the layout at all layers of a computing system. These structural artifacts may be utilized by the adversary to infer sensitive information about the deleted data or even to fully recover them. The conventional secure deletion solutions unfortunately cannot sanitize them. In this work, we introduce truly secure deletion, a novel security notion that is much stronger than the conventional secure deletion. Truly secure deletion requires sanitizing both the obsolete data as well as the corresponding structural artifacts, so that the resulting storage layout after a delete operation is indistinguishable from that the deleted data never appeared. We propose TedFlash, a Truly secure deletion scheme for Flash-based block devices. TedFlash can successfully sanitize both the data and the structural artifacts, while satisfying the design constraints imposed for flash memory. Security analysis and experimental evaluation show that TedFlash can achieve the truly secure deletion guarantee with a small additional overhead compared to conventional secure deletion solutions.","PeriodicalId":419419,"journal":{"name":"Proceedings of the 32nd Annual Conference on Computer Security Applications","volume":"19 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-12-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126493277","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 19

Decomposition of MAC address structure for granular device inference 分解MAC地址结构的粒度设备推理

Proceedings of the 32nd Annual Conference on Computer Security Applications Pub Date : 2016-12-05 DOI: 10.1145/2991079.2991098

Jeremy Martin, Erik C. Rye, Robert Beverly

{"title":"Decomposition of MAC address structure for granular device inference","authors":"Jeremy Martin, Erik C. Rye, Robert Beverly","doi":"10.1145/2991079.2991098","DOIUrl":"https://doi.org/10.1145/2991079.2991098","url":null,"abstract":"Common among the wide variety of ubiquitous networked devices in modern use is wireless 802.11 connectivity. The MAC addresses of these devices are visible to a passive adversary, thereby presenting security and privacy threats - even when link or application-layer encryption is employed. While it is well-known that the most significant three bytes of a MAC address, the OUI, coarsely identify a device's manufacturer, we seek to better understand the ways in which the remaining low-order bytes are allocated in practice. From a collection of more than two billion 802.11 frames observed in the wild, we extract device and model information details for over 285K devices, as leaked by various management frames and discovery protocols. From this rich dataset, we characterize overall device populations and densities, vendor address allocation policies and utilization, OUI sharing among manufacturers, discover unique models occurring in multiple OUIs, and map contiguous address blocks to specific devices. Our mapping thus permits fine-grained device type and model predictions for unknown devices solely on the basis of their MAC address. We validate our inferences on both ground-truth data and a third-party dataset, where we obtain high accuracy. Our results empirically demonstrate the extant structure of the low-order MAC bytes due to manufacturer's sequential allocation policies, and the security and privacy concerns therein.","PeriodicalId":419419,"journal":{"name":"Proceedings of the 32nd Annual Conference on Computer Security Applications","volume":"14 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-12-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128713264","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 47

Intelligent, automated red team emulation 智能，自动红队模拟

Proceedings of the 32nd Annual Conference on Computer Security Applications Pub Date : 2016-12-05 DOI: 10.1145/2991079.2991111

A. Applebaum, Doug Miller, Blake E. Strom, Chris Korban, Ross Wolf

{"title":"Intelligent, automated red team emulation","authors":"A. Applebaum, Doug Miller, Blake E. Strom, Chris Korban, Ross Wolf","doi":"10.1145/2991079.2991111","DOIUrl":"https://doi.org/10.1145/2991079.2991111","url":null,"abstract":"Red teams play a critical part in assessing the security of a network by actively probing it for weakness and vulnerabilities. Unlike penetration testing - which is typically focused on exploiting vulnerabilities - red teams assess the entire state of a network by emulating real adversaries, including their techniques, tactics, procedures, and goals. Unfortunately, deploying red teams is prohibitive: cost, repeatability, and expertise all make it difficult to consistently employ red team tests. We seek to solve this problem by creating a framework for automated red team emulation, focused on what the red team does post-compromise - i.e., after the perimeter has been breached. Here, our program acts as an automated and intelligent red team, actively moving through the target network to test for weaknesses and train defenders. At its core, our framework uses an automated planner designed to accurately reason about future plans in the face of the vast amount of uncertainty in red teaming scenarios. Our solution is custom-developed, built on a logical encoding of the cyber environment and adversary profiles, using techniques from classical planning, Markov decision processes, and Monte Carlo simulations. In this paper, we report on the development of our framework, focusing on our planning system. We have successfully validated our planner against other techniques via a custom simulation. Our tool itself has successfully been deployed to identify vulnerabilities and is currently used to train defending blue teams.","PeriodicalId":419419,"journal":{"name":"Proceedings of the 32nd Annual Conference on Computer Security Applications","volume":"16 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-12-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127641658","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 60

CPAC: securing critical infrastructure with cyber-physical access control CPAC:通过网络物理访问控制保护关键基础设施

Proceedings of the 32nd Annual Conference on Computer Security Applications Pub Date : 2016-12-05 DOI: 10.1145/2991079.2991126

Sriharsha Etigowni, D. Tian, Grant Hernandez, S. Zonouz, Kevin R. B. Butler

{"title":"CPAC: securing critical infrastructure with cyber-physical access control","authors":"Sriharsha Etigowni, D. Tian, Grant Hernandez, S. Zonouz, Kevin R. B. Butler","doi":"10.1145/2991079.2991126","DOIUrl":"https://doi.org/10.1145/2991079.2991126","url":null,"abstract":"Critical infrastructure such as the power grid has become increasingly complex. The addition of computing elements to traditional physical components increases complexity and hampers insight into how elements in the system interact with each other. The result is an infrastructure where operational mistakes, some of which cannot be distinguished from attacks, are more difficult to prevent and have greater potential impact, such as leaking sensitive information to the operator or attacker. In this paper, we present CPAC, a cyber-physical access control solution to manage complexity and mitigate threats in cyber-physical environments, with a focus on the electrical smart grid. CPAC uses information flow analysis based on mathematical models of the physical grid to generate policies enforced through verifiable logic. At the device side, CPAC combines symbolic execution with lightweight dynamic execution monitoring to allow non-intrusive taint analysis on programmable logic controllers in realtime. These components work together to provide a realtime view of all system elements, and allow for more robust and finer-grained protections than any previous solution to securing the grid. We implement a prototype of CPAC using Bachmann PLCs and evaluate several real-world incidents that demonstrate its scalability and effectiveness. The policy checking for a nation-wide grid is less than 150 ms, faster than existing solutions. We additionally show that CPAC can analyze potential component failures for arbitrary component failures, far beyond the capabilities of currently deployed systems. CPAC thus provides a solution to secure the modern smart grid from operator mistakes or insider attacks, maintain operational privacy, and support N - x contingencies.","PeriodicalId":419419,"journal":{"name":"Proceedings of the 32nd Annual Conference on Computer Security Applications","volume":"92 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-12-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130755273","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 39

Auror: defending against poisoning attacks in collaborative deep learning systems 傲罗:在协作深度学习系统中防御中毒攻击

Proceedings of the 32nd Annual Conference on Computer Security Applications Pub Date : 2016-12-05 DOI: 10.1145/2991079.2991125

Shiqi Shen, Shruti Tople, P. Saxena

{"title":"Auror: defending against poisoning attacks in collaborative deep learning systems","authors":"Shiqi Shen, Shruti Tople, P. Saxena","doi":"10.1145/2991079.2991125","DOIUrl":"https://doi.org/10.1145/2991079.2991125","url":null,"abstract":"Deep learning in a collaborative setting is emerging as a corner-stone of many upcoming applications, wherein untrusted users collaborate to generate more accurate models. From the security perspective, this opens collaborative deep learning to poisoning attacks, wherein adversarial users deliberately alter their inputs to mis-train the model. These attacks are known for machine learning systems in general, but their impact on new deep learning systems is not well-established. We investigate the setting of indirect collaborative deep learning --- a form of practical deep learning wherein users submit masked features rather than direct data. Indirect collaborative deep learning is preferred over direct, because it distributes the cost of computation and can be made privacy-preserving. In this paper, we study the susceptibility of collaborative deep learning systems to adversarial poisoning attacks. Specifically, we obtain the following empirical results on 2 popular datasets for handwritten images (MNIST) and traffic signs (GTSRB) used in auto-driving cars. For collaborative deep learning systems, we demonstrate that the attacks have 99% success rate for misclassifying specific target data while poisoning only 10% of the entire training dataset. As a defense, we propose Auror, a system that detects malicious users and generates an accurate model. The accuracy under the deployed defense on practical datasets is nearly unchanged when operating in the absence of attacks. The accuracy of a model trained using Auror drops by only 3% even when 30% of all the users are adversarial. Auror provides a strong guarantee against evasion; if the attacker tries to evade, its attack effectiveness is bounded.","PeriodicalId":419419,"journal":{"name":"Proceedings of the 32nd Annual Conference on Computer Security Applications","volume":"76 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-12-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132778222","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 220

FASE: functionality-aware security enforcement FASE:功能感知的安全实施

Proceedings of the 32nd Annual Conference on Computer Security Applications Pub Date : 2016-12-05 DOI: 10.1145/2991079.2991116

Petar Tsankov, Marco Pistoia, Omer Tripp, Martin T. Vechev, Pietro Ferrara

{"title":"FASE: functionality-aware security enforcement","authors":"Petar Tsankov, Marco Pistoia, Omer Tripp, Martin T. Vechev, Pietro Ferrara","doi":"10.1145/2991079.2991116","DOIUrl":"https://doi.org/10.1145/2991079.2991116","url":null,"abstract":"Dynamic information-flow enforcement systems automatically protect applications against confidentiality and integrity threats. Unfortunately, existing solutions cause undesirable side effects, if not crashes, due to unconstrained modification of run-time values (e.g. anonymizing sensitive identifiers even when these are used for authentication). To address this problem, we present Functionality-Aware Security Enforcement (FASE), a lightweight approach for ef?ciently securing applications without breaking their functionality. The key idea is to let developers specify functionality constraints and then use a run-time synthesizer to replace sensitive values with constraint-compliant ones. Concretely, FASE consists of: (i) an efficient fine-grained data-flow-tracking engine, (ii) a domain-specific language (DSL) for expressing functionality constraints, (iii) a synthesizer that derives constraint-compliant values at security-sensitive operations, and (iv) an enforcement mechanism that automatically repairs illicit flows at run time. We instantiated FASE to the problem of securing Android applications. Our experiments show that the FASE system is useful in practice: Its average run-time overhead is <12%; it avoids the crashes, side effects, and run-time errors exhibited by existing solutions; and the constraints in the FASE DSL are readable and concise.","PeriodicalId":419419,"journal":{"name":"Proceedings of the 32nd Annual Conference on Computer Security Applications","volume":"9 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-12-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127954246","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 2

Using image saliency and regions of interest to encourage stronger graphical passwords 利用图像显著性和兴趣区域鼓励使用更强的图形密码

Proceedings of the 32nd Annual Conference on Computer Security Applications Pub Date : 2016-12-05 DOI: 10.1145/2991079.2991108

Mohammad Alshehri, Heather Crawford

{"title":"Using image saliency and regions of interest to encourage stronger graphical passwords","authors":"Mohammad Alshehri, Heather Crawford","doi":"10.1145/2991079.2991108","DOIUrl":"https://doi.org/10.1145/2991079.2991108","url":null,"abstract":"A graphical password guiding image serves as a visual prompt to improve password memorability. However, passwords may be easily guessed if the guiding image contains hotspots, or commonly chosen (e.g., 'clickable') points that are predictable via automated means. In this paper, we propose a method to determine graphical password guiding image suitability in terms of potential password strength. Our method uses image saliency to measure image suitability; the higher the saliency, the more suitable the image. Next, we evaluate the regions of interest (e.g., circles, faces, corners, etc.) of suitable images to predict the strength of resultant graphical passwords. We provide support for our method in two ways: first, we analyzed the guiding images and resulting graphical password strength from an existing dataset and secondly, we conducted our own user study to measure the usability and memorability of the same guiding images in terms of registration, login and recall times. We found that the more visually salient the image, the stronger the resulting graphical passwords in terms of entropy with little or no effect on usability and memorability. Furthermore, users tended to select more suitable images even when given the choice of less suitable images. Thus, our approach may be used to improve the strength of graphical passwords before the user chooses a single point or action simply by excluding unsuitable guiding images.","PeriodicalId":419419,"journal":{"name":"Proceedings of the 32nd Annual Conference on Computer Security Applications","volume":"38 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-12-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127569451","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 4