WNN-Based Network Security Situation Quantitative Prediction Method and Its Optimization

The accurate and real-time prediction of network security situation is the premise and basis of preventing intrusions and attacks in a large-scale network. In order to predict the security situation more accurately, a quantitative prediction method of network security situation based on Wavelet Neural Network with Genetic Algorithm （GAWNN） is proposed. After analyzing the past and the current network security situation in detail, we build a network security situation prediction model based on wavelet neural network that is optimized by the improved genetic algorithm and then adopt GAWNN to predict the non-linear time series of network security situation. Simulation experiments prove that the proposed method has advantages over Wavelet Neural Network （WNN） method and Back Propagation Neural Network （BPNN） method with the same architecture in convergence speed, functional approximation and prediction accuracy. What is more, system security tendency and laws by which security analyzers and administrators can adjust security policies in near real-time are revealed from the prediction results as early as possible.     

可信计算及其关键技术研究

The dependability is the latest and highest techno-target used to evaluate the performance quality of a dis-tributed computing system in open network environment, it includes traditional reliability, availability, robustness,survivability, security, data integrity and software protecting ability, etc. A dependable system should not only be provided with fault tolerance ability, but also withstand from risk and recover from disaster, its realization foun dationis the high availability of the information transmission Jaetwork and survivability, fault tolerance and security safe-guard of the system. This paper presents a survey of the survivability mechanisms such as long-distance backup, clus-ter and system recovery, while discussing the techniques of fault tolerance design and information network system se-curity safeguard, and analyzing the information redundant dispersal strategy and model for survivability and security safeguard.     

Robust power control method for wireless sensor networks with static output feedback

This paper proposed distributed strategies for the joint control of power and data rates in a wireless sensor network. By adapting a linear state-space model to describe the network dynamics, the power controller with static output feedback is designed in the case that the transmission signal are not always available and the estimation of the unmeasured states constitutes a crucial task in the network. The existence of the power controller is formulated as the feasibility of the convex optimization problem, which can be solved via a linear matrix inequality (LMI) approach. The proposed algorithm also caters to the uncertainties in the network dynamics. Numerical examples are given to illustrate the effectiveness of the proposed methods.     

Analytical Investigation on Computer Network Security System of Colleges and Universities

With the development of network technology,computer systems of colleges and universities gradually use network management and services,which provides comprehensive and convenient information access and management conditions.How ever,in the network environment,the security of the system faces security threats like virus,malicious software and human at tack,which may make the network data of the computer system damaged and tampered,or even lead to network system paraly sis,breakdown of system concerning management and payment,missing and stealing of confidential documents.Therefore,it is of important application significance to promote the security of computer network systems of colleges and universities.This paper conducts comprehensive analysis on the security system of computer network systems of colleges and universities,elaborates its R&D and application status and puts forward specific schemes of prevention and solutions,which provides suggestions and refer ence for its construction.     

Performance study of selective encryption in comparison to full encryption for still visual images

Securing digital images is becoming an important concern in today＇s information security due to the extensive use of secure images that are either transmitted over a network or stored on disks. Image encryption is the most effective way to fulfil confidentiality and protect the privacy of images. Nevertheless, owing to the large size and complex structure of digital images, the computational overhead and processing time needed to carry out full image encryption prove to be limiting factors that inhibit it of being used more heavily in real time. To solve this problem, many recent studies use the selective encryption approach to encrypt significant parts of images with a hope to reduce the eneryption overhead. However, it is necessary to realistically evaluate its performance compared to full encryption. In this paper, we study the performance and efficiency of image segmentation methods used in the selective encryption approach, such as edges and face detection methods, in determining the most important parts of visual images. Experiments were performed to analyse the computational results obtained by selective image encryption compared to full image encryption using symmetric encryption algorithms. Experiment results have proven that the selective encryption approach based on edge and face detection can significantly reduce the time of encrypting still visual images as compared to full encryption. Thus, this approach can be considered a good alternative in the implementation of real-time applications that require adequate security levels.     

开放系统中实时中间件关键技术研究

The Real-Time Middleware is the best way to deal with open and real-time in the same time in open system. In this paper, the characteristic of open system, the policy of real-time implement in open system and the real-time CORBA specification and development are introduced, then the key technology of real-time CORBA in open system is discussed in detail according to the model of real-time CORBA including the technology of the real-time POA, real-time ORB, thread pool, pluggable network protocol, multiplexing and demultiplexing and presentation layer optimizations etc, which provides a viable method and research for open system real-time extension.     

Vulnerability impact analysis framework for network security

Monitoring and quantifying component behavior is key to make network systems security and robust. This paper proposes an online monitoring and analysis framework based on agents for monitoring, analyzing and quantifying network vulnerability in real time. It proposes an algorithm for valuation of network components to populate an asset list with ＂＇criticality＂ values for impact analysis, and presents impact factors calculating methods to quantify how attacks and faults impact network performance and services. System administrators can use the framework to analyze and proactively manage the effects of complex network faults and attacks and recover accordingly.     

Spam Short Messages Detection via Mining Social Networks

Short message service(SMS) is now becoming an indispensable way of social communication,and the problem of mobile spam is getting increasingly serious.We propose a novel approach for spam messages detection.Instead of conventional methods that focus on keywords or flow rate filtering,our system is based on mining under a more robust structure:the social network constructed with SMS.Several features,including static features,dynamic features and graph features,are proposed for describing activities of nodes in the network in various ways.Experimental results operated on real dataset prove the validity of our approach.     

Analysis of fault detection method based on predictive filter approach

Model-based methods are most popular in fault detection and have received consid-erable attention in the past two decades[1,2]. Based on them, many kinds of detection al-gorithms have been developed for fault detection and diagnosis[3,4]. Usually those algo-rithms are adaptive algorithms or have adaptive structures including neural networks and neuro-fuzzy networks. But the errors in the models may decrease the robustness of the methods and increase the false alarm rate. A real-time predictive…     

IDSRadar: a real-time visualization framework for IDS alerts

Intrusion Detection Systems(IDS) is an automated cyber security monitoring system to sense malicious activities.Unfortunately,IDS often generates both a considerable number of alerts and false positives in IDS logs.Information visualization allows users to discover and analyze large amounts of information through visual exploration and interaction efficiently.Even with the aid of visualization,identifying the attack patterns and recognizing the false positives from a great number of alerts are still challenges.In this paper,a novel visualization framework,IDSRadar,is proposed for IDS alerts,which can monitor the network and perceive the overall view of the security situation by using radial graph in real-time.IDSRadar utilizes five categories of entropy functions to quantitatively analyze the irregular behavioral patterns,and synthesizes interactions,filtering and drill-down to detect the potential intrusions.In conclusion,IDSRadar is used to analyze the mini-challenges of the VAST challenge 2011 and 2012.     

一种基于网络安全风险评估的入侵检测方法

针对传统的入侵检测系统存在报警数量大、误报率高等缺陷,提出了一种基于网络安全风险评估的入侵检测方法,该方法基于入侵检测结果,引入抗体浓度随入侵强度动态变化这一人工免疫理论的最新研究成果进行网络安全风险的计算,然后根据当前网络面临的实时安全风险动态设置报警策略。实验结果表明,该方法能够实时、定量地计算主机和网络所面临的风险,并极大地降低报警数量和误报率。     

一种基于人工免疫的网络安全风险检测方法

提出了一种针对大规模网络活动进行风险检测的方法。对网络安全环境下的自体非自体给出了定义，根据克隆选择，自体耐受等基本免疫原理，通过计算抗体浓度来检测网络活动中是否存在异常问题。实验表明，该方法具有实时性和定量计算性，是网络安全风险检测的一种有效解决方案。     

基于免疫危险理论的网络安全态势评估

为实时定量评估网络安全态势,提出了一种基于免疫危险理论的网络安全态势评估方法.通过研究免疫运行机制,定义了网络安全问题中的抗原、抗体和免疫细胞,描述了危险信号的判断规则,准确识别出了抗原.在分析免疫应答机制和免疫平衡机制中抗体浓度变化原因的基础上,给出了抗体浓度的计算方法.最后,结合抗体浓度与危险程度的关系,建立了基于抗体浓度的危险感知模型以实时定量评估网络安全态势.仿真实验表明,所提方法计算出的抗体浓度准确地反映了系统面临的危险程度,能够为网络管理提供有效的决策支持.     

基于免疫的网络入侵检测与风险预测模型

借鉴人工免疫思想,提出一种动态网络入侵检测与预测模型,给出网络攻击检测过程、抗体浓度计算方法及基于时间序列的自回归滑动平均模型的风险预测过程。实验结果表明,该模型可实时定量地分析网络当前的安全态势并对网络面临的风险做出预测,对于突变性网络风险预测效果优于GM(1, 1)模型,且与实际风险状况较接近,具有较高预测精度。     

基于多核构架的高速实时网络风险评估模型

针对复杂高速网络环境风险评估面临的性能瓶颈以及实时准确性低的问题,提出了多核构架的网络风险评估模型。该模型利用多核网络处理平台资源,提出了高速并行处理网络流量构架和实时入侵检测均衡算法。同时以人工免疫为基础,模拟了人体记忆细胞对外部抗原的免疫过程,采用克隆选择算法增扩抗体浓度,为实时风险评估提供理论依据。理论分析和仿真实验结果表明,该模型能够定量实时评估高速网络环境风险,能够保证处理性能和评估准确性。     

基于抗体浓度的实时网络风险控制系统的设计与实现

系统采用人工免疫理论,通过对传统入侵检测系统Snort的实时检测结果进行分析,根据抗体浓度随网络入侵强度动态变化的特点,计算出当前网络风险值,反映出当前网络所面临的各类攻击和整体风险状况;Snort依赖规则匹配对数据包进行检测,由于检测过程未考虑当前的网络风险状况,对所有的匹配都发出报警,存在误报率过高的问题,系统针对不同攻击的危险程度设定报警阈值和丢包阈值,降低Snort的误报率;并根据风险值大小,采取通过、报警、丢包阻断等响应措施。实验表明,该系统能够准确计算出主机和网络所面临的实时风险,降低Snort误报率,并能根据风险值大小制定有效的响应措施     

基于免疫网络的信息安全风险评估模型

风险评估是评价网络信息系统安全的有效措施之一。该文基于免疫网络可动态实时诊断的特性,提出一种新的信息安全风险评估模型,给出模型中各项指标的定量计算方法,以评估整个信息系统的风险值。该模型能够综合考虑评估要素的相互关联,针对风险动态更新,进行实时监控。实验验证了其评估信息系统安全状态的有效性。     

模块化免疫神经网络平衡态检测模型*

基于神经网络原理、免疫系统和遗传算法的相关机理,构造了一个网络安全平衡器。该平衡器建立了抗原与抗体平衡态检测的数学模型、抗原与抗体的促进和抑制函数,提出了安全平衡态的概念,给出了抗原与抗体浓度的计算公式和模块化多层分类处理模型,利用促进、抑制函数和遗传算法适应度函数使已受攻击的网络再次达到一种新的安全平衡状态,这为网络安全提供了一个新的途径。理论证明网络安全方案是有效的。     

一种基于免疫的网络安全风险评估方法*

给出了网络安全环境下自体、非自体、抗体、抗原和检测器的定义,建立了检测器的生命周期模型和克隆选择过程,提出了其计算方法。实验结果表明,该方法能实时、定量地评估网络安全风险,是网络安全风险在线检测中一种较为有效的解决方案。     

基于免疫Agent的网络安全模型

借鉴现代免疫学理论，是解决网络安全问题的新的有效途径。分析了生物的免疫应答机理，利用B细胞网络模型与Agent技术，设计了一个基于免疫Agent的网络安全模型。该模型由产生多样性抗体、识加自我和识别非我等过程实现，并且具有分布性、健壮性和自适应性等特点。