VTechWorks staff will be away for the Thanksgiving holiday beginning at noon on Wednesday, November 27, through Friday, November 29. We will resume normal operations on Monday, December 2. Thank you for your patience.

Browsing by Author "Ma, Qiang"

Now showing 1 - 2 of 2
  • Thumbnail Image
    Haloethane Reactions over the Chromia Cr₂O₃ (1012) Surface
    Ma, Qiang (Virginia Tech, 2005-08-11)
    Ethyl iodide and ethyl chloride have been used as reactants to produce ethyl fragments on the stoichiometric α-Cr₂O₃ (1012) surface by means of thermal dissociation. Ethyl iodide is dissociated giving iodine adatoms and ethyl fragments bound to surface Cr cation sites, while ethyl chloride is dissociated giving chlorine adatoms and ethyl fragments. No oxygenated products are observed in thermal desorption, suggesting the 3-coordinate lattice oxygen on the stoichiometric α-Cr₂O₃ (1012) surface is very stable, and no nucleophilic attack occurs at the carbon atoms on surface ethyl fragments. For both reactants, the only reaction products observed are ethylene gas (CH₂=CH₂), ethane gas (CH₃-CH₃), hydrogen gas (H₂) and halogen adatoms (Clads or Iads). In thermal desorption experiments, all the gas phase products from ethyl chloride are produced in a reaction-limited, high temperature desorption feature attributed to a rate limiting β-hydride elimination from surface ethyl fragments. Similar product desorption features are observed for the reaction of ethyl iodide. However, the reaction of ethyl iodide also produces ethylene and ethane via a low temperature, desorption-limited reaction channel. It is postulated that I adatoms produced in the reaction of ethyl iodide thermal desorption might somehow promote a low temperature route to products that Cl adatoms do not.
  • Thumbnail Image
    User-Behavior Based Detection of Infection Onset
    Xu, Kui; Yao, Danfeng (Daphne); Ma, Qiang; Crowell, Alexander (Department of Computer Science, Virginia Polytechnic Institute & State University, 2010)
    A major vector of computer infection is through exploiting software or design flaws in networked applications such as the browser. Malicious code can be fetched and executed on a victim’s machine without the user’s permission, as in drive-by download (DBD) attacks. In this paper, we describe a new tool called DeWare for detecting the onset of infection delivered through vulnerable applications. DeWare explores and enforces causal relationships between computer-related human behaviors and system properties, such as file-system access and process execution. Our tool can be used to provide real time protection of a personal computer, as well as for diagnosing and evaluating untrusted websites for forensic purposes. Besides the concrete DBD detection solution, we also formally define causal relationships between user actions and system events on a host. Identifying and enforcing correct causal relationships have important applications in realizing advanced and secure operating systems. We perform extensive experimental evaluation, including a user study with 21 participants, thousands of legitimate websites (for testing false alarms), as well as 84 malicious websites in the wild. Our results show that DeWare is able to correctly distinguish legitimate download events from unauthorized system events with a low false positive rate (< 1%).