基于深度学习的分布式安全日志分析方法

为了提高日志分析是当前进行入侵检测和安全防御的重要手段。针对传统基于规则的分析方法中误报、漏报较高,应对海量日志分析效率过低的问题,该文章提出了一种基于深度学习的分布式安全日志分析方法,通过将深度学习算法与现有黑白名单、规则匹配以及统计策略等技术结合,进行日志分析,检测网络中的安全威胁。系统采用分布式的存储和计算平台,能够进行离线和实时两种日志分析模式,可以满足大多数场景下海量的日志数据分析需求。     

基于并行计算的海量日志分析系统实现

通过深入研究日志的类型和特点,设计并实现了一套基于并行计算的海量日志文件分析系统。该系统采用集群方式并行地收集日志文件,采用分布式文件系统存储,最终利用并行计算对日志进行分析处理。该系统实现了日志采集、分析的完全自动化处理,在系统部署之后能够有效地进行系统安全的维护、系统性能的优化、系统故障的排查。该系统结合云计算提高了日志分析的效率,解决了海量日志处理过程中存在的问题,为海量日志分析提供了一个完整有效的解决方案。     

基于并行计算的海量日志分析系统实现

通过深入研究日志的类型和特点,设计并实现了一套基于并行计算的海量日志文件分析系统.该系统采用集群方式并行地收集日志文件,采用分布式文件系统存储,最终利用并行计算对日志进行分析处理.该系统实现了日志采集、分析的完全自动化处理,在系统部署之后能够有效地进行系统安全的维护、系统性能的优化、系统故障的排查.该系统结合云计算提高了日志分析的效率,解决了海量日志处理过程中存在的问题,为海量日志分析提供了一个完整有效的解决方案.     

一种基于数据划分实现分布式SPARQL查询的方法

当海量RDF数据存储在分布式平台上时,数据划分的策略将直接影响海量数据的查询效率。为了提高分布式平台上的海量数据查询效率,提出一种基于分布式平台的有效数据划分方法。该方法根据RDF数据图的特征将数据分布在集群的各个节点上,并在此基础上对SPARQL查询语句进行分解,实现高效的分布式查询。算法在云平台上实现,并在真实的RDF数据集上对算法进行了测试。实验结果证明,与基准方法相比,该算法在查询效率上有很大的提高。     

基于SQL-on-Hadoop查询引擎的日志挖掘及其应用

随着计算机和网络技术的迅猛发展以及数据获取手段的不断丰富,海量数据的实时处理需求日益增多,传统的日志分析技术在处理海量数据时存在计算瓶颈。大数据时代下,随着开放式处理平台的发展,能够处理大规模且多样化数据的大数据处理系统应运而生。为了让原有的业务能够充分利用Hadoop的优势,本文首先研究了基于大数据技术的网络日志分析方法,构建了网络日志分析平台以实现万亿级日志采集、解析、存储和高效、灵活的查询与计算。对比分析了Hive、Impala和Spark SQL这3种具有代表性的SQL-on-Hadoop查询系统实例,并展示了这类系统的性能特点。采用TPC-H测试基准对它们的决策支持能力进行测试及评估,通过对实验数据的分析和解释得到了若干有益的结论。实现了海量日志数据计算与分析在证券领域的几种典型应用,为进一步的研究工作奠定了基础。     

海量结构化数据存储检索系统

Big Data是近年在云计算领域中出现的一种新型数据,传统关系型数据库系统在数据存储规模、检索效率等方面不再适用.目前的分布式No-SQL数据库可以提供分布式数据存储环境,但是无法支持多列查询.设计并实现分布式海量结构化数据存储检索系统(MDSS).系统采用列存储结构,采用集中分布式B+Tree索引和局部索引相结合的方法提高检索效率.在此基础上讨论复杂查询条件的任务分解机制,支持大数据的多属性检索、模糊检索以及统计分析等查询功能.实验结果表明,提出的分布式结构化数据管理技术和查询任务分解机制可以显著提高分布式条件下大数据集的查询效率,适合应用在日志类数据、流记录数据等海量结构化数据的存储应用场合.     

基于Hadoop的海量数据存储平台设计与开发

随着北部湾海洋生态资源的开发和利用,海量海洋科学数据飞速涌现出来,利用海量数据存储平台合理管理和存储这些科学数据显得极为重要.这里提出了一种基于分布式计算技术进行管理和存储海量海洋科学数据方法,构建了海量海洋科学数据存储平台解决方案,采用Linux集群技术,设计开发一个基于Hadoop的海量数据存储平台.系统由五大模块组成,有系统管理模块、并行加载存储模块、并行查询模块、数据字典模块、备份恢复模块,能够实现存储海量海洋科学数据.系统模块实现结果表明,该系统安全可靠、易维护、具有良好的可扩展性.     

基于数据仓库的海量搜索日志分析系统研究

针对传统分布式模型在海量日志并行处理时的可扩展性和并行程序编写困难的问题,提出了基于数据仓库的海量搜索日志分析系统架构.利用Hadoop分布式文件系统(HDFS)存储海量搜索日志,并对搜索日志进行清洗处理,采用impala对数据进行高速的处理,将处理后的统计结果导入到数据仓库中,使用Penta-hoBI对数据进行多维分析和统计报表.获取了关键词分析、查询频率、热词排行、查询词和时间分布、网站排名、用户统计等6个分析主题.分析结果对于搜索引擎的排序算法和系统优化都有一定的指导意义.     

一种基于Hive日志分析的大数据存储优化方法

从2002年起,某金融机构积累了大量的银行卡支付日志数据。随着业务的不断增长,数据集高速增长,原生的Hive的查询性能已经不能令人满意。文章研究了大数据及存储的现状,提出了一种基于存储日志的分析的Hive存储格式优化方法,通过该优化方法从查询时间和存储空间利用率两方面使系统性能得到提升,提升了查询效率。论文对该金融机构原有Hive存储系统通过基于存储日志分析的Hive存储格式优化方法进行改进,通过实际数据,充分证明了该方法的可行性。     

基于Spark平台的网络攻击检测系统

随着计算机技术和通信技术的飞速发展,网络安全形势也越来越严峻,如何在海量日志中发现安全攻击是个值得研究的问题,传统的日志分析方法效率低,难以发现一些高级的网络安全威胁。针对该问题,提出了基于分布式存储和Spark框架的网络日志分析系统架构,不仅有效利用了云环境中的计算存储资源,同时还大大提高了计算效率。     

煤矿井下安全监控分站的设计及其仿真实现

为了设计一种具有低成本、低功耗、易操作、功能强且可靠性高的煤矿井下安全分站,针对煤矿安全生产实际,文章提出了采用MCS-51系列单片机为核心、具有CAN总线通信接口的煤矿井下安全监控分站的设计方案;首先给出煤矿井下安全监控分站的整体构架设计,然后着重阐述模拟量输入信号处理系统的设计过程,最后说明单片机最小系统及其键盘、显示、报警、通信等各个组成部分的设计;为验证设计方案的可行性与有效性,使用Proteus软件对设计内容进行仿真验证,设计的煤矿井下安全监控分站具有瓦斯、温度等模拟量参数超标报警功能和电机开停、风门开闭等开关量指示功能;仿真结果表明:设计的煤矿井下安全监控分站具有一定的实际应用价值.     

Call for Papers The 6^th International Conference on Grid and Cooperative Computing

Recent years have seen rapid advances in various grid-related technologies, middleware, and applications. The GCC conference has become one of the largest scientific events worldwide in grid and cooperative computing. The 6th international conference on grid and cooperative computing (GCC2007) Sponsored by China Computer Federation (CCF),Institute of Computing Technology, Chinese Academy of Sciences (ICT) and Xinjiang University ,and in Cooperation with IEEE Computer Soceity ,is to be held from August 16 to 18, 2007 in Urumchi, Xinjiang, China.     

View-based model-driven architecture for enhancing maintainability of data access services

In modern service-oriented architectures, database access is done by a special type of services, the so-called data access services (DAS). Though, particularly in data-intensive applications, using and developing DAS are very common today, the link between the DAS and their implementation, e.g. a layer of data access objects (DAOs) encapsulating the database queries, still is not sufficiently elaborated, yet. As a result, as the number of DAS grows, finding the desired DAS for reuse and/or associated documentation can become an impossible task. In this paper we focus on bridging this gap between the DAS and their implementation by presenting a view-based, model-driven data access architecture (VMDA) managing models of the DAS, DAOs and database queries in a queryable manner. Our models support tailored views of different stakeholders and are scalable with all types of DAS implementations. In this paper we show that our view-based and model driven architecture approach can enhance software development productivity and maintainability by improving DAS documentation. Moreover, our VMDA opens a wide range of applications such as evaluating DAS usage for DAS performance optimization. Furthermore, we provide tool support and illustrate the applicability of our VMDA in a large-scale case study. Finally, we quantitatively prove that our approach performs with acceptable response times.     

A pragmatic multi-method investigation of discrepant technological events: Coping,attributions, and ‘accidental’ learning

Discrepant technological events or situations that entail a problem, a misunderstanding or a difficulty with the Information Technology (IT) being employed, are common in the workplace, and can lead to frustration and avoidance behaviors. Little is known, however, about how individuals cope with these events. This paper examines these events by using a multi-method pragmatic approach informed by coping theory. The results of two studies – a critical incident study and an experiment – serve to build and test, respectively, a theoretical model that posits that individuals use a variety of strategies when dealing with these events: they experience negative emotions, make external attributions, and adopt engagement coping strategies directed at solving the event, eventually switching to a disengagement coping strategy when they feel they have no control over the situation. Furthermore, users’ efforts may result in ‘accidental’ learning as they try to overcome the discrepant IT events through engagement coping. The paper ends with a discussion of the results in light of existing literature, future opportunities for research, and implications for practice.     

The Distributed Time-Triggered Simulation Scheme: Core Principles and Supporting Execution Engine

Distributed real-time simulation is a young technology field but its practice is under increasing demands. In recent years the author and his collaborators have been establishing a new approach called the distributed time-triggered simulation (DTS) scheme which is conceptually simple and easy to use but widely applicable. The concept was initiated in the course of developing a new-generation object-oriented real-time programming scheme called the time-triggered message-triggered object (TMO) programming scheme. Some fundamental issues inherent in distributed real-time simulation that were learned during recent experimental studies are discussed along with some approaches for resolving the issues. An execution engine developed to support both the TMOs engaged in control computation and the TMOs engaged in DTS is also discussed along with its possible extensions that will enable significantly larger-scale DTSs.     

Software-Konfigurationsmanagement in großen Softwareprojekten

Zusammenfassung Mit zunehmender Größe der Softwaresysteme verschärfen sich die für die Software-Herstellung typischen Probleme: Beherrschen großer Objektmengen, Erhalten der Systemkonsistenz, Kontrolle der ständigen Änderungseinflüsse und Gewährleisten einer langen Lebensdauer. Die Disziplin Konfigurationsmanagement bildet den methodischen Ansatz, diese Probleme besser zu beherrschen. Software-Konfigurationsmanagement faßt die Herstellung von Softwaresystemen als eine Abfolge von kontrollierten Änderungen an gesicherten Zwischen- und Endergebnissen auf. Dargestellt werden die Objekte und Funktionen des Software-Konfigurationsmanagements sowie die hierfür in großen Software-Projekten benötigten Methoden, Instanzen und Hilfsmittel.     

Information for Authors

正http://www.zju.edu.cn/jzus http://www.springerlink.com Aim The Journals of Zhejiang University-SCIENCE(A/B/C)are edited by the international board of distinguished Chinese and foreign scientists,and are aimed to present the latest developments and achievements in scientific research in China and     

Editorial:Brain-machine interface(BMI) and cyborg intelligence

正Brain-machine interfaces(BMIs)aim at building a direct communication pathway between the brain and an external device,and represent an area of research where significant progress has been made during the past decade.Based on BMIs,mind information can be read out by neural signals to control     

Information for Authors

正http://www.zju.edu.cn/jzus http://www.springerlink.com Aim The Journals of Zhejiang University-SCIENCE(A/B/C)are edited by the international board of distinguished Chinese and foreign scientists,and are aimed to present the latest developments and achievements in scientific research in China and overseas to the world’s scientific circles,especially to stimulate     

SCIENCE CHINA Information Sciences SUBJECT INDEX TO VOLUME 57(2014)

正~~