Most insider attacks done by people who have the knowledge and technical know-how of launching such attacks. This topic has long been studied and many detection techniques were proposed to deal with insider threats. This short paper summarized and classified insider threat detection techniques based on strategies used for detection.
{"title":"Classification of Insider Threat Detection Techniques","authors":"Ameya Sanzgiri, D. Dasgupta","doi":"10.1145/2897795.2897799","DOIUrl":"https://doi.org/10.1145/2897795.2897799","url":null,"abstract":"Most insider attacks done by people who have the knowledge and technical know-how of launching such attacks. This topic has long been studied and many detection techniques were proposed to deal with insider threats. This short paper summarized and classified insider threat detection techniques based on strategies used for detection.","PeriodicalId":427043,"journal":{"name":"Proceedings of the 11th Annual Cyber and Information Security Research Conference","volume":"21 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-04-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130147728","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The Fermi National Accelerator Laboratory (FNAL) is facing the challenge of providing scientific data access and grid submission to scientific collaborations that span the globe but are hosted at FNAL. Researchers in these collaborations are currently required to register as FNAL users and obtain FNAL credentials to access grid resources to perform their scientific computations. These requirements burden researchers with managing additional authentication credentials, and put additional load on FNAL for managing user identities. Our design integrates the existing InCommon federated identity infrastructure, CILogon Basic CA, and MyProxy with the FNAL grid submission system to provide secure access for users from diverse experiments and collaborations without requiring each user to have authentication credentials from FNAL. The design automates the handling of certificates, so users do not need to manage them manually. Although the initial implementation is for FNAL's grid submission system, the design and the core of the implementation are general and could be applied to other distributed computing systems.
{"title":"Bringing Federated Identity to Grid Computing","authors":"J. Teheran, D. Dykstra, Mine Altunay","doi":"10.1145/2897795.2897807","DOIUrl":"https://doi.org/10.1145/2897795.2897807","url":null,"abstract":"The Fermi National Accelerator Laboratory (FNAL) is facing the challenge of providing scientific data access and grid submission to scientific collaborations that span the globe but are hosted at FNAL. Researchers in these collaborations are currently required to register as FNAL users and obtain FNAL credentials to access grid resources to perform their scientific computations. These requirements burden researchers with managing additional authentication credentials, and put additional load on FNAL for managing user identities. Our design integrates the existing InCommon federated identity infrastructure, CILogon Basic CA, and MyProxy with the FNAL grid submission system to provide secure access for users from diverse experiments and collaborations without requiring each user to have authentication credentials from FNAL. The design automates the handling of certificates, so users do not need to manage them manually. Although the initial implementation is for FNAL's grid submission system, the design and the core of the implementation are general and could be applied to other distributed computing systems.","PeriodicalId":427043,"journal":{"name":"Proceedings of the 11th Annual Cyber and Information Security Research Conference","volume":"3 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-04-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"117032073","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
This paper outlines a set of 10 cyber security concerns associated with Industrial Control Systems (ICS). The concerns address software and hardware development, implementation, and maintenance practices, supply chain assurance, the need for cyber forensics in ICS, a lack of awareness and training, and finally, a need for test beds which can be used to address the first 9 cited concerns. The concerns documented in this paper were developed based on the authors' combined experience conducting research in this field for the US Department of Homeland Security, the National Science Foundation, and the Department of Defense. The second half of this paper documents a virtual test bed platform which is offered as a tool to address the concerns listed in the first half of the paper. The paper discusses various types of test beds proposed in literature for ICS research, provides an overview of the virtual test bed platform developed by the authors, and lists future works required to extend the existing test beds to serve as a development platform.
{"title":"Addressing Critical Industrial Control System Cyber Security Concerns via High Fidelity Simulation","authors":"R. Vaughn, T. Morris","doi":"10.1145/2897795.2897819","DOIUrl":"https://doi.org/10.1145/2897795.2897819","url":null,"abstract":"This paper outlines a set of 10 cyber security concerns associated with Industrial Control Systems (ICS). The concerns address software and hardware development, implementation, and maintenance practices, supply chain assurance, the need for cyber forensics in ICS, a lack of awareness and training, and finally, a need for test beds which can be used to address the first 9 cited concerns. The concerns documented in this paper were developed based on the authors' combined experience conducting research in this field for the US Department of Homeland Security, the National Science Foundation, and the Department of Defense. The second half of this paper documents a virtual test bed platform which is offered as a tool to address the concerns listed in the first half of the paper. The paper discusses various types of test beds proposed in literature for ICS research, provides an overview of the virtual test bed platform developed by the authors, and lists future works required to extend the existing test beds to serve as a development platform.","PeriodicalId":427043,"journal":{"name":"Proceedings of the 11th Annual Cyber and Information Security Research Conference","volume":"13 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-04-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128174573","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
M. Co, J. Davidson, Jason Hiser, J. Knight, A. Nguyen-Tuong, Westley Weimer, Jonathan Burket, Gregory L. Frazier, T. Frazier, B. Dutertre, Ian A. Mason, N. Shankar, S. Forrest
Cyber security research has produced numerous artificial diversity techniques such as address space layout randomization, heap randomization, instruction-set randomization, and instruction location randomization. To be most effective, these techniques must be high entropy and secure from information leakage which, in practice, is often difficult to achieve. Indeed, it has been demonstrated that well-funded, determined adversaries can often circumvent these defenses. To allow use of low-entropy diversity, prevent information leakage, and provide provable security against attacks, previous research proposed using low-entropy but carefully structured artificial diversity to create variants of an application and then run these constructed variants within a fault-tolerant environment that runs each variant in parallel and cross check results to detect and mitigate faults. If the variants are carefully constructed, it is possible to prove that certain classes of attack are not possible. This paper presents an overview and status of a cyber fault tolerant system that uses a low overhead multi-variant execution environment and precise static binary analysis and efficient rewriting technology to produce structured variants which allow automated verification techniques to prove security properties of the system. Preliminary results are presented which demonstrate that the system is capable of detecting unknown faults and mitigating attacks.
{"title":"Double Helix and RAVEN: A System for Cyber Fault Tolerance and Recovery","authors":"M. Co, J. Davidson, Jason Hiser, J. Knight, A. Nguyen-Tuong, Westley Weimer, Jonathan Burket, Gregory L. Frazier, T. Frazier, B. Dutertre, Ian A. Mason, N. Shankar, S. Forrest","doi":"10.1145/2897795.2897805","DOIUrl":"https://doi.org/10.1145/2897795.2897805","url":null,"abstract":"Cyber security research has produced numerous artificial diversity techniques such as address space layout randomization, heap randomization, instruction-set randomization, and instruction location randomization. To be most effective, these techniques must be high entropy and secure from information leakage which, in practice, is often difficult to achieve. Indeed, it has been demonstrated that well-funded, determined adversaries can often circumvent these defenses. To allow use of low-entropy diversity, prevent information leakage, and provide provable security against attacks, previous research proposed using low-entropy but carefully structured artificial diversity to create variants of an application and then run these constructed variants within a fault-tolerant environment that runs each variant in parallel and cross check results to detect and mitigate faults. If the variants are carefully constructed, it is possible to prove that certain classes of attack are not possible. This paper presents an overview and status of a cyber fault tolerant system that uses a low overhead multi-variant execution environment and precise static binary analysis and efficient rewriting technology to produce structured variants which allow automated verification techniques to prove security properties of the system. Preliminary results are presented which demonstrate that the system is capable of detecting unknown faults and mitigating attacks.","PeriodicalId":427043,"journal":{"name":"Proceedings of the 11th Annual Cyber and Information Security Research Conference","volume":"29 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-04-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125213170","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Stack canaries are a well-known and effective technique for detecting and defeating stack overflow attacks. However, they are not perfect. For programs compiled using gcc, the reference canary value is randomly generated at program invocation and fixed throughout execution. Moreover, for software running on the Linux operating system, canary values are inherited from the parent process and only changed if/when the child process exec()s a different program. Researchers and others have exploited these behaviors to craft real-world attacks that bypass the protections of stack canaries. This paper describes a moving-target stack canary technique that prevents such attacks. The Dynamic Canary Randomization technique (DCR) rerandomizes stack canaries at runtime. DCR is applied directly to the binary using a static binary rewriter (i.e., it does not require access to the program's source code). DCR operates with minimal overhead and gives the user the flexibility to specify the conditions under which to rerandomize the canary. DCR is an improvement over existing canary rerandomizers because it allows rerandomization to be applied at any point during execution and at any frequency. We show that DCR improves software security by demonstrating its ability to prevent real-world attacks on well-known software (e.g., nginx) "protected" by traditional stack canaries.
{"title":"Dynamic Canary Randomization for Improved Software Security","authors":"William H. Hawkins, Jason Hiser, J. Davidson","doi":"10.1145/2897795.2897803","DOIUrl":"https://doi.org/10.1145/2897795.2897803","url":null,"abstract":"Stack canaries are a well-known and effective technique for detecting and defeating stack overflow attacks. However, they are not perfect. For programs compiled using gcc, the reference canary value is randomly generated at program invocation and fixed throughout execution. Moreover, for software running on the Linux operating system, canary values are inherited from the parent process and only changed if/when the child process exec()s a different program. Researchers and others have exploited these behaviors to craft real-world attacks that bypass the protections of stack canaries. This paper describes a moving-target stack canary technique that prevents such attacks. The Dynamic Canary Randomization technique (DCR) rerandomizes stack canaries at runtime. DCR is applied directly to the binary using a static binary rewriter (i.e., it does not require access to the program's source code). DCR operates with minimal overhead and gives the user the flexibility to specify the conditions under which to rerandomize the canary. DCR is an improvement over existing canary rerandomizers because it allows rerandomization to be applied at any point during execution and at any frequency. We show that DCR improves software security by demonstrating its ability to prevent real-world attacks on well-known software (e.g., nginx) \"protected\" by traditional stack canaries.","PeriodicalId":427043,"journal":{"name":"Proceedings of the 11th Annual Cyber and Information Security Research Conference","volume":"376 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-04-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115360433","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
B. Smith, Whitney Caruthers, Dalton Stewart, P. Hawrylak, John Hale
Comprehensive network modeling remains a challenge for the security analyst. Complete coverage and depth of detail in network models is difficult to achieve for large and complex networks, especially when significant effort in manual elaboration is required. This paper describes an automated approach to network model acquisition using coordinated bump-in-the-wire devices. The system described here relieves a substantial burden from the modeler while offering improved visibility over competing solutions.
{"title":"Network Modeling for Security Analytics","authors":"B. Smith, Whitney Caruthers, Dalton Stewart, P. Hawrylak, John Hale","doi":"10.1145/2897795.2897817","DOIUrl":"https://doi.org/10.1145/2897795.2897817","url":null,"abstract":"Comprehensive network modeling remains a challenge for the security analyst. Complete coverage and depth of detail in network models is difficult to achieve for large and complex networks, especially when significant effort in manual elaboration is required. This paper describes an automated approach to network model acquisition using coordinated bump-in-the-wire devices. The system described here relieves a substantial burden from the modeler while offering improved visibility over competing solutions.","PeriodicalId":427043,"journal":{"name":"Proceedings of the 11th Annual Cyber and Information Security Research Conference","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-04-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128734879","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Today's systems are increasingly complex consisting of many components designed by multiple competing vendors. Trust management relies heavily on situational awareness of the operating environment, and comprehensive knowledge of components and their relationship to others. Outsourcing and modularity are necessary to reduce cost and increase manageability, but can make it difficult to gather enough information for valid trust decisions. Invalid trust assumptions could lead to vulnerabilities in the future. Furthermore, when components are integrated with information systems these difficulties can increase greatly. This paper presents how trust is applied to information systems, a trust framework based on Trusted Network Processors and an implementation of a trusted information system which allows disjointed component systems to communicate while preserving trust assumptions in a dynamically changing environment.
{"title":"Trusted Information Exchange Using Trusted Network Processors","authors":"S. Tucker","doi":"10.1145/2897795.2897809","DOIUrl":"https://doi.org/10.1145/2897795.2897809","url":null,"abstract":"Today's systems are increasingly complex consisting of many components designed by multiple competing vendors. Trust management relies heavily on situational awareness of the operating environment, and comprehensive knowledge of components and their relationship to others. Outsourcing and modularity are necessary to reduce cost and increase manageability, but can make it difficult to gather enough information for valid trust decisions. Invalid trust assumptions could lead to vulnerabilities in the future. Furthermore, when components are integrated with information systems these difficulties can increase greatly. This paper presents how trust is applied to information systems, a trust framework based on Trusted Network Processors and an implementation of a trusted information system which allows disjointed component systems to communicate while preserving trust assumptions in a dynamically changing environment.","PeriodicalId":427043,"journal":{"name":"Proceedings of the 11th Annual Cyber and Information Security Research Conference","volume":"13 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-04-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114182914","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Selecting an online software service for a given set of requirements can be based on the quality of results (i.e., relative ranking of the services) and associated recommendations (i.e., applicability of the suggested services). Prevalent approaches for product-based selection (e.g., the ones used by Amazon) and recommendations, such as Content-based Filtering (CBF) and Collaborative Filtering (CLF) do not typically consider information about products beyond primitive attribute-value pairs. Compared to a tangible physical product, a reusable and updatable software service cannot be effectively described using only a set of strict attribute-value pairs or using a sparse matrix of user-product relationship. This is because a software service has various programmatic, functional, and non-functional properties which potentially could also be dynamic in nature. Due to these challenges, it is not sufficient to apply product-based ranking and recommendation techniques to software services available from a marketplace. This research proposes an approach for better selection and recommendation of software services that enhances both CBF and CLF algorithms, using external reviews.
{"title":"Towards Selecting and Recommending Online Software Services by Evaluating External Attributes","authors":"Lahiru S. Gallege, R. Raje","doi":"10.1145/2897795.2897797","DOIUrl":"https://doi.org/10.1145/2897795.2897797","url":null,"abstract":"Selecting an online software service for a given set of requirements can be based on the quality of results (i.e., relative ranking of the services) and associated recommendations (i.e., applicability of the suggested services). Prevalent approaches for product-based selection (e.g., the ones used by Amazon) and recommendations, such as Content-based Filtering (CBF) and Collaborative Filtering (CLF) do not typically consider information about products beyond primitive attribute-value pairs. Compared to a tangible physical product, a reusable and updatable software service cannot be effectively described using only a set of strict attribute-value pairs or using a sparse matrix of user-product relationship. This is because a software service has various programmatic, functional, and non-functional properties which potentially could also be dynamic in nature. Due to these challenges, it is not sufficient to apply product-based ranking and recommendation techniques to software services available from a marketplace. This research proposes an approach for better selection and recommendation of software services that enhances both CBF and CLF algorithms, using external reviews.","PeriodicalId":427043,"journal":{"name":"Proceedings of the 11th Annual Cyber and Information Security Research Conference","volume":"50 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-04-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127347587","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Field Programmable Gate Arrays (FPGAs) are powerful and flexible pieces of hardware used in a variety of applications. These chips are used in monitoring network traffic, guidance systems, cryptographic calculations, medical devices, embedded systems, as well as many other varied uses. They can be used in a large number of ways as well as in a large number of areas, which allows for nearly limitless applications. Outside of being used as a cryptographic processor and network monitoring, these chips are not being used to directly provide software/hardware security. FPGAs are extremely widespread in addition to becoming more integrated into the systems that they are a part of. This leads to vulnerabilities in almost every system that uses these chips. One way to combat these FPGA based vulnerabilities in every system using them, is to implement a Moving Target Defense (MTD) on the chip itself. FPGA based MTD would allow each FPGA to enhance, rather than weaken, the security of a system. This paper incorporates previous applications of Field Programmable Gate Arrays, and explores potential software/hardware security implementations for these chips through the application of Moving Target Defenses.
{"title":"The Application of Moving Target Defense to Field Programmable Gate Arrays","authors":"John Dombrowski, T. Andel, J. McDonald","doi":"10.1145/2897795.2897820","DOIUrl":"https://doi.org/10.1145/2897795.2897820","url":null,"abstract":"Field Programmable Gate Arrays (FPGAs) are powerful and flexible pieces of hardware used in a variety of applications. These chips are used in monitoring network traffic, guidance systems, cryptographic calculations, medical devices, embedded systems, as well as many other varied uses. They can be used in a large number of ways as well as in a large number of areas, which allows for nearly limitless applications. Outside of being used as a cryptographic processor and network monitoring, these chips are not being used to directly provide software/hardware security. FPGAs are extremely widespread in addition to becoming more integrated into the systems that they are a part of. This leads to vulnerabilities in almost every system that uses these chips. One way to combat these FPGA based vulnerabilities in every system using them, is to implement a Moving Target Defense (MTD) on the chip itself. FPGA based MTD would allow each FPGA to enhance, rather than weaken, the security of a system. This paper incorporates previous applications of Field Programmable Gate Arrays, and explores potential software/hardware security implementations for these chips through the application of Moving Target Defenses.","PeriodicalId":427043,"journal":{"name":"Proceedings of the 11th Annual Cyber and Information Security Research Conference","volume":"12 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-04-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127464087","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
R. Johnston, Sun-il Kim, D. Coe, L. Etzkorn, J. Kulick, A. Milenković
Virtualization technology has become ubiquitous in the computing world. With it, a number of security concerns have been amplified as users run adjacently on a single host. In order to prevent attacks from both internal and external sources, the networking of such systems must be secured. Network intrusion detection systems (NIDSs) are an important tool for aiding this effort. These systems work by analyzing flow or packet information to determine malicious intent. However, it is difficult to implement a NIDS on a virtualized system due to their complexity. This is especially true for the Xen hypervisor: Xen has incredible heterogeneity when it comes to implementation, making a generic solution difficult. In this paper, we analyze the network data flow of a typical Xen implementation along with identifying features common to any implementation. We then explore the benefits of placing security checks along the data flow and promote a solution within the hypervisor itself.
{"title":"Xen Network Flow Analysis for Intrusion Detection","authors":"R. Johnston, Sun-il Kim, D. Coe, L. Etzkorn, J. Kulick, A. Milenković","doi":"10.1145/2897795.2897802","DOIUrl":"https://doi.org/10.1145/2897795.2897802","url":null,"abstract":"Virtualization technology has become ubiquitous in the computing world. With it, a number of security concerns have been amplified as users run adjacently on a single host. In order to prevent attacks from both internal and external sources, the networking of such systems must be secured. Network intrusion detection systems (NIDSs) are an important tool for aiding this effort. These systems work by analyzing flow or packet information to determine malicious intent. However, it is difficult to implement a NIDS on a virtualized system due to their complexity. This is especially true for the Xen hypervisor: Xen has incredible heterogeneity when it comes to implementation, making a generic solution difficult. In this paper, we analyze the network data flow of a typical Xen implementation along with identifying features common to any implementation. We then explore the benefits of placing security checks along the data flow and promote a solution within the hypervisor itself.","PeriodicalId":427043,"journal":{"name":"Proceedings of the 11th Annual Cyber and Information Security Research Conference","volume":"158 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-04-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131607724","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: