共查询到20条相似文献,搜索用时 343 毫秒
1.
2.
云计算因其资源的弹性和可拓展性,在为用户提供各项服务时,相对于传统方式占据了先机。在用户考虑是否转向云计算时,一个极其重要的安全风险是:攻击者可以通过共享的云资源对云用户发起针对虚拟机的高效攻击。虚拟机作为云服务的基本资源,攻击者在攻击或者租用了某虚拟机之后,通过在其中部署恶意软件,并针对云内其他虚拟机发起更大范围的攻击行为,如分布式拒绝服务型攻击。为防止此种情况的发生,提出基于软件定义网络的纵深防御系统,以及时检测可疑虚拟机并控制其发出的流量,抑制来自该虚拟机的攻击行为并减轻因攻击所受到的影响。该系统以完全无代理的非侵入方式检测虚拟机状态,且基于软件定义网络,对同主机内虚拟机间或云主机间的网络流量进行进程级的监控。实验结果表明了该系统的有效性。 相似文献
3.
DoS攻击是威胁IPv4网络安全的重要问题之一.随着IPv6的发展,相关安全问题也逐步体现并影响IPv6网络的正常运行.该文指出利用IPv6和隧道主机的多地址性,攻击者可获得大量合法IPv6地址,通过伪装成多个虚拟主机实施对目标设备的DoS攻击.这种攻击具有大量的可用地址范围,且受控于同一真实主机,通过不断使用新地址和多地址间配合,可避开以IP为单位的传统检测与防御策略,并可有效放大攻击节点数目或减少实际攻击节点数量.为此提出了基于地址特征分类的防御框架(defense framework based on addresses classification,DFAC).通过分类不同地址特征,构造特征子集,在特征子集基础上实施对虚拟主机攻击的检测和防御,解决虚拟主机引发的放大问题.原型系统实验结果表明,DFAC有效地降低了上述DoS攻击对系统负载的影响. 相似文献
4.
随着互联网技术的迅速发展,越来越多网络安全问题日益突显出来。研究表明DoS/DDoS攻击是目前最为严重的网络安全问题之一,SYN Flood攻击又是DoS/DDoS攻击中最为常见的攻击。首先简要介绍了SYN Flood攻击的原理,然后通过研究近年来国内外学术界对SYN Flood攻击的研究成果,总结了针对SYN Flood攻击的三类防御策略:基于退让和负反馈的防御策略,基于TCP协议栈缺陷的防御策略和基于数据流的防御策略,并分别分析了各类型防御策略的主要防御方法。 相似文献
5.
张淼季新生艾健健刘文彦扈红超霍树民 《网络与信息安全学报》2017,3(10):35-43
云计算的资源共享模式,在极大提高资源利用率的同时,也带来了诸多安全问题,如虚拟机间的共存攻击。特别是当用户使用单一的操作系统时,攻击者可以在较小的开销下,攻破用户的全部虚拟机,从而窃取隐私和数据。针对这一安全威胁,利用不同操作系统漏洞存在差异的特点,提出一种基于操作系统多样性的虚拟机安全部署策略。该方法首先为申请虚拟机的用户推荐一种多样性程度最高的操作系统配置选择;然后通过一种安全的部署策略,最大化地发挥多样性的特点,使攻击者需要付出更大的开销。实验结果表明,与单一操作系统配置的方法相比,该方法至少可以降低33.46%的攻击效益。 相似文献
6.
7.
提出一种面向多租户的关键虚拟机动态迁移方法。首先,根据租户对虚拟机的安全需求设定关键虚拟机的比例,减少虚拟机动态迁移的数量;然后,通过虚拟机之间共存时间约束条件最大化降低虚拟机动态迁移的频率;最后,以最小化迁移开销作为虚拟机迁移的目标函数,进一步降低虚拟机迁移带来的开销。实验表明,与现有的防御方法相比,该方法在有效防御侧信道攻击的前提下,能够减少对网络服务性能的影响,降低虚拟机迁移的成本,更加适用于大规模的网络场景。 相似文献
8.
9.
10.
考虑DoS攻击对电力信息物理系统的影响,提出一种电力网络控制系统脆弱节点的检测方法和防御策略,采用分布式控制架构设计传感器和RTU的传输路径.通过求解最稀疏矩阵优化问题,提出一种识别并保护电力通信网脆弱节点和边的方法,保证系统实现安全稳定运行.进一步提出一种可以抵御DoS攻击的电力网络控制系统拓扑设计方法,研究系统遭受DoS攻击时能恢复稳定的电力网络控制系统拓扑连接方式. IEEE 9节点系统用于仿真验证,充分验证了算法的可行性和可靠性,并针对该9节点电力网络控制系统,给出了具体的网络攻击防御策略. 相似文献
11.
European Community policy and the market 总被引:1,自引:0,他引:1
C. Lloyd 《Journal of Computer Assisted Learning》1993,9(2):86-91
Abstract This paper starts with some reflections on the policy considerations and priorities which are shaping European Commission (EC) research programmes. Then it attempts to position the current projects which seek to capitalise on information and communications technologies for learning in relation to these priorities and the apparent realities of the marketplace. It concludes that while there are grounds to be optimistic about the contribution EC programmes can make to the efficiency and standard of education and training, they are still too technology driven. 相似文献
12.
融合集成方法已经广泛应用在模式识别领域,然而一些基分类器实时性能稳定性较差,导致多分类器融合性能差,针对上述问题本文提出了一种新的基于多分类器的子融合集成分类器系统。该方法考虑在度量层融合层次之上通过对各类基多分类器进行动态选择,票数最多的类别作为融合系统中对特征向量识别的类别,构成一种新的自适应子融合集成分类器方法。实验表明,该方法比传统的分类器以及分类融合方法识别准确率明显更高,具有更好的鲁棒性。 相似文献
13.
张涛 《计算机测量与控制》2015,23(1):86-89
为了设计一种具有低成本、低功耗、易操作、功能强且可靠性高的煤矿井下安全分站,针对煤矿安全生产实际,文章提出了采用MCS-51系列单片机为核心、具有CAN总线通信接口的煤矿井下安全监控分站的设计方案;首先给出煤矿井下安全监控分站的整体构架设计,然后着重阐述模拟量输入信号处理系统的设计过程,最后说明单片机最小系统及其键盘、显示、报警、通信等各个组成部分的设计;为验证设计方案的可行性与有效性,使用Proteus软件对设计内容进行仿真验证,设计的煤矿井下安全监控分站具有瓦斯、温度等模拟量参数超标报警功能和电机开停、风门开闭等开关量指示功能;仿真结果表明:设计的煤矿井下安全监控分站具有一定的实际应用价值. 相似文献
14.
15.
潘丽 《自动化与仪器仪表》2014,(7):80-82
自然界的绝大部分信号都是以模拟的形式存在,因此模拟信号的采集转换存储在数字时代十分关键。文章讨论了在雷达信号处理领域基于AD9626的AD采集存储卡的设计原理、硬件结构和程序设计与芯片配置等问题,为今后相关领域的研究提供了可参考的方案。 相似文献
16.
Jacob Palme 《Software》1979,9(9):741-747
The COM teleconferencing system was designed to be easy to use for both beginners and people with much computer experience. A number of design choices in organizing the human-computer interface were considered very carefully. These design problems are not unique for teleconferencing applications, but will appear in many other developments of human-computer interfaces for non-computer specialists. This report discusses naming conventions, menu format, user commands, help facility and the treatment of ‘type ahead’ from the users. 相似文献
17.
David Poole 《Computational Intelligence》1989,5(2):97-110
Although there are many arguments that logic is an appropriate tool for artificial intelligence, there has been a perceived problem with the monotonicity of classical logic. This paper elaborates on the idea that reasoning should be viewed as theory formation where logic tells us the consequences of our assumptions. The two activities of predicting what is expected to be true and explaining observations are considered in a simple theory formation framework. Properties of each activity are discussed, along with a number of proposals as to what should be predicted or accepted as reasonable explanations. An architecture is proposed to combine explanation and prediction into one coherent framework. Algorithms used to implement the system as well as examples from a running implementation are given. 相似文献
18.
In modern service-oriented architectures, database access is done by a special type of services, the so-called data access services (DAS). Though, particularly in data-intensive applications, using and developing DAS are very common today, the link between the DAS and their implementation, e.g. a layer of data access objects (DAOs) encapsulating the database queries, still is not sufficiently elaborated, yet. As a result, as the number of DAS grows, finding the desired DAS for reuse and/or associated documentation can become an impossible task. In this paper we focus on bridging this gap between the DAS and their implementation by presenting a view-based, model-driven data access architecture (VMDA) managing models of the DAS, DAOs and database queries in a queryable manner. Our models support tailored views of different stakeholders and are scalable with all types of DAS implementations. In this paper we show that our view-based and model driven architecture approach can enhance software development productivity and maintainability by improving DAS documentation. Moreover, our VMDA opens a wide range of applications such as evaluating DAS usage for DAS performance optimization. Furthermore, we provide tool support and illustrate the applicability of our VMDA in a large-scale case study. Finally, we quantitatively prove that our approach performs with acceptable response times. 相似文献
19.
《控制理论与应用(英文版)》2014,(3)
正The control of civil,energy,and power systems presents significant new challenges for modeling and control theory.The purpose of this special issue is to provide a forum for researchers and practical engineers to discuss the recent advances in modeling and control technology development for civil,energy,and power systems.Prospective authors are invited to submit their original contributions with the focus on theory or applications of modeling,control 相似文献
20.
《浙江大学学报:C卷英文版》2014,(12)
正http://www.zju.edu.cn/jzus http://www.springerlink.com Aim The Journals of Zhejiang University-SCIENCE(A/B/C)are edited by the international board of distinguished Chinese and foreign scientists,and are aimed to present the latest developments and achievements in scientific research in China and overseas to the world’s scientific circles,especially to stimulate and promote academic exchange between Chinese and foreign scientists everywhere. 相似文献