|
1.
|
AN IMMUNITY-BASED SECURITY ARCHITECTURE FOR MOBILE AD HOC NETWORKS
|
|
|
|
|
|
|
Yi Ping Zhong Yiping Zhang Shiyong《电子科学学刊(英文版)》,2006年第23卷第3期
|
|
|
This paper focuses on investigating immunological principles in designing a multi-agent security architecture for intrusion detection and response in mobile ad hoc networks. In this approach, the immunity-based agents monitor the situation in the network. These agents can take appropriate actions according to the underlying security policies. Specifically, their activities are coordinated in a hierarchical fashion while sensing, communicating, decision and generating responses. Such an agent can learn and adapt to its environment dynamically and can detect both known and unknown intrusions. The proposed intrusion detection architecture is designed to be flexible, extendible, and adaptable that can perform real-time monitoring. This paper provides the conceptual view and a general framework of the proposed system. In the end, the architecture is illustrated by an example to show it can prevent the attack efficiently.
|
|
2.
|
Application of detecting algorithm based on network
|
|
|
|
|
|
|
张凤斌 杨永田 江子扬 孙冰心《哈尔滨工业大学学报(英文版)》,2004年第11卷第3期
|
|
|
Because currently intrusion detection systems cannot detect undefined intrusion behavior effectively,according to the robustness and adaptability of the genetic algorithms, this paper integrates the genetic algorithms into an intrusion detection system, and a detection algorithm based on network traffic is proposed. This algorithm is a real-time and self-study algorithm and can detect undefined intrusion behaviors effectively.
|
|
3.
|
Intrusion response goals and corresponding strategies
|
|
|
|
|
|
|
穆成坡 韩操正 帅冰《北京理工大学学报(英文版)》,2012年第21卷第2期
|
|
|
The effects of strategy on the network security defense and the related research on intrusion response strategy are briefly presented,with the focus on the status and function of intrusion response strategy in the intrusion response decision-making.Some specific response strategies for specific response goals are presented as well.The relevant knowledge of the planning,and a classification of response tasks are proposed.The intrusion response planning methods and models based on hierarchical task network(HTN) are described in detail.On this basis,the model of combining the response measure decision-making with the response time decision-making is expounded.The proposed model can integrate response strategy into response decision-making mechanism.In addition,the results of the intrusion response experiments are provided to verify the ability of using different response strategies to achieve different response goals.At last,the application needs of response strategy in network security are analyzed,and the approaches of the response strategy applied in intrusion response system are summarized.
|
|
4.
|
An Intrusion Detection System Model Based on Immune Principle and Performance Analysis 被引次数:5
|
|
|
|
|
|
|
CHEN Zhi-xian~1 WANG Ru-chuan~《中国邮电高校学报(英文版)》,2005年第12卷第1期
|
|
|
1 Introduction With the rapid development of Internet, network securityhas gotten the increasing focus of government, enterprise,even the individuals. But with the continuously spread ofnetwork application, attacks and destroys aiming at it in crease steadily also. Intrusion detection is a kind of networksecurity technique to detect any damage or attempt to tamperthe secrecy, integrality and usability of system. IntrusionDetection System (IDS) is an automated system for t…
|
|
5.
|
EARLY WARNING MODEL OF NETWORK INTRUSION BASED ON D-S EVIDENCE THEORY 被引次数:1
|
|
|
|
|
|
|
TianJunfeng ZhaiJianqiang DuRuizhong HuangJiancai《电子科学学刊(英文版)》,2005年第22卷第3期
|
|
|
Application of data fusion technique in intrusion detection is the trend of nextgeneration Intrusion Detection System (IDS). In network security, adopting security early warning technique is feasible to effectively defend against attacks and attackers. To do this, correlative information provided by IDS must be gathered and the current intrusion characteristics and situation must be analyzed and estimated. This paper applies D-S evidence theory to distributed intrusion detection system for fusing information from detection centers, making clear intrusion situation, and improving the early warning capability and detection efficiency of the IDS accordingly.
|
|
6.
|
A Simulation Environment for Intrusion Detection System in IEC 61850 Based Substation Automation System
|
|
|
|
|
|
|
YooJin Kwon Seongho Ju Yonghun Lim《计算机技术与应用:英文》,2013年第7期
|
|
|
Greater complexity and interconnectivity across systems embracing electrical power technologies has meant that cyber-security issues have attracted significant attention. In this paper a simulation environment for intrusion detection system in IEC 61850 standard-based substation automation system is provided to test simulated attacks on IEDs (intelligent electronic devices). Intrusion detection is the process of detecting malicious attacker, so it is an effective and mature security mechanism to protect electrical facility. However, it is not harnessed when securing IEC 61850 automated substation. To prove the detection capability of the system testing environment was developed to analyze and test attacks simulated with different test cases. It shows that the simulation environment works accordingly to various network traffic scenarios and eventually proves the functionality of intrusion detection system to be later deployed in the real IEC 61850 based substation automation system site.
|
|
7.
|
Autonomic Performance and Power Control on Virtualized Servers: Survey,Practices, and Trends
|
|
|
|
|
|
|
周笑波 ;蒋昌俊《计算机科学技术学报》,2014年第29卷第4期
|
|
|
Modern datacenter servers hosting popular Internet services face significant and multi-facet challenges in performance and power control. The user-perceived performance is the result of a complex interaction of complex workloads in a very complex underlying system. Highly dynamic and bursty workloads of Internet services fluctuate over multiple time scales, which has a significant impact on processing and power demands of datacenter servers. High-density servers apply virtualization technology for capacity planning and system manageability. Such virtuMized computer systems are increasingly large and complex. This paper surveys representative approaches to autonomic performance and power control on virtualized servers, which control the quality of service provided by virtualized resources, improve the energy efficiency of the underlying system, and reduce the burden of complex system management from human operators. It then presents three designed self-adaptive resource management techniques based on machine learning and control for percentile-based response time assurance, non-intrusive energy-efficient performance isolation, and joint performance and power guarantee on virtualized servers. The techniques were implemented and evaluated in a testbed of virtualized servers hosting benchmark applications. Finally, two research trends are identified and discussed for sustainable cloud computing in green datacenters.
|
|
8.
|
An Instance-Learning-Based Intrusion-Detection System for Wireless Sensor Networks
|
|
|
|
|
|
|
Shuai Fu Xiaoyan Wang Jie Li《中兴通讯技术(英文版)》,2015年第2期
|
|
|
This paper proposes an instance?learning?based intrusion?detection system (IL?IDS) for wireless sensor networks (WSNs). The goal of the proposed system is to detect routing attacks on a WSN. Taking an ...
|
|
9.
|
IDSRadar: a real-time visualization framework for IDS alerts
|
|
|
|
|
|
|
ZHAO Ying ZHOU FangFang FAN XiaoPing LIANG Xing LIU YongGang《中国科学:信息科学(英文版)》,2013年第56卷第8期
|
|
|
Intrusion Detection Systems(IDS) is an automated cyber security monitoring system to sense malicious activities.Unfortunately,IDS often generates both a considerable number of alerts and false positives in IDS logs.Information visualization allows users to discover and analyze large amounts of information through visual exploration and interaction efficiently.Even with the aid of visualization,identifying the attack patterns and recognizing the false positives from a great number of alerts are still challenges.In this paper,a novel visualization framework,IDSRadar,is proposed for IDS alerts,which can monitor the network and perceive the overall view of the security situation by using radial graph in real-time.IDSRadar utilizes five categories of entropy functions to quantitatively analyze the irregular behavioral patterns,and synthesizes interactions,filtering and drill-down to detect the potential intrusions.In conclusion,IDSRadar is used to analyze the mini-challenges of the VAST challenge 2011 and 2012.
|
|
10.
|
Optoelectronic Detecting System for Inner Walls of Pipes
|
|
|
|
|
|
|
BAIBaoxing MAHong《半导体光子学与技术》,1998年第4卷第2期
|
|
|
This paper is concerned with a high characteristic image processing and recognition system that is used for inspecting real-time blemishes,streaks and cracks on the inner walls of high accuracy pipes .As a regular detector,the BP neural network is used for extracting features of the image inspected and classifying these images,it takes fully advantage of the function of artificial neural network ,such as the information distributed memory, large scale self-adapting parallel processing ,high fault-tolerant ability and so forth.Besides , an improved BP algorithm is used in the system for training the network ,and making the learning procedure of the net converges to the minimum of overall situation at high rate.
|
|
11.
|
Adaptive Modeling for Security Infrastructure Fault Response
|
|
|
|
|
|
|
崔中杰 姚淑萍 胡昌振《北京理工大学学报(英文版)》,2008年第17卷第1期
|
|
|
Based on the analysis of inherent limitations in existing security response decision-making systems,a dynamic adaptive model of fault response is presented.Several security fault levels were founded,which comprise the basic level,equipment level and mechanism level.Fault damage cost is calculated using the analytic hierarchy process.Meanwhile,the model evaluates the impact of different responses upon fault repair and normal operation.Response operation cost and response negative cost are introduced through quantitative calculation.This model adopts a comprehensive response decision of security fault in three principles-the maximum and minimum principle,timeliness principle,acquiescence principle,which assure optimal response countermeasure is selected for different situations.Experimental results show that the proposed model has good self-adaptation ability,timeliness and cost-sensitiveness.
|
|
12.
|
Research of Malicious Code Attack Effect Based on Synthetic Entropy Method
|
|
|
|
|
|
|
LI Peng WANG Ruchuan《电子学报:英文版》,2013年第3期
|
|
|
To resolve the problem of assessing the effect of a network attack, this paper combines cross entropy with network character entropy method and proposes scheme to evaluate the malicious code attack effect. It captures the related indicators in real time and normalizes the data so as to evaluate it at the same level. It adopts cross entropy method to pretreat the indicators adaptively. We calculate the weight coefficient and exploit network character entropy method to evaluate the attack with accuracy according to the importance of the indicators in the evaluation system. Experimental results and corresponding comparisons reveal that the proposed method can quantitatively determine the exact effect of the malicious code attack.
|
|
13.
|
Stable reinforcement learning with recurrent neural networks
|
|
|
|
|
|
|
James Nate KNIGHT Charles ANDERSON《控制理论与应用(英文版)》,2011年第9卷第3期
|
|
|
In this paper,we present a technique for ensuring the stability of a large class of adaptively controlled systems.We combine IQC models of both the controlled system and the controller with a method of filtering control parameter updates to ensure stable behavior of the controlled system under adaptation of the controller.We present a specific application to a system that uses recurrent neural networks adapted via reinforcement learning techniques.The work presented extends earlier works on stable reinforcement learning with neural networks.Specifically,we apply an improved IQC analysis for RNNs with time-varying weights and evaluate the approach on more complex control system.
|
|
14.
|
On environment-driven software model for Internetware 被引次数:6
|
|
|
|
|
|
|
Jian Lü XiaoXing Ma XianPing Tao Chun Cao Yu Huang and Ping Yu《中国科学F辑(英文版)》,2008年第51卷第6期
|
|
|
Internetware is envisioned as a general software paradigm for the application style of resources integration and sharing in the open, dynamic and uncertain platforms such as the Internet. Continuing the agent-based Internetware model presented in a previous paper, in this paper, after an analysis of the behavioral patterns and the technical challenges of environment-driven applications, a software-structuring model is proposed for environment-driven Internetware applications. A series of explorations on the enabling techniques for the model, especially the modeling, management and utilization of context information are presented. Several proto-typical systems have also been built to prove the concepts and evaluate the techniques. These research efforts make a further step toward the Internetware paradigm by providing an initial framework for the construction of context-aware and self-adaptive software application systems in the open network environment.
|
|
15.
|
Employing Computational Intelligence to Generate More Intelligent and Energy Efficient Living Spaces
|
|
|
|
|
|
|
Hani Hagras《国际自动化与计算杂志》,2008年第5卷第1期
|
|
|
Our living environments are being gradually occupied with an abundant number of digital objects that have networking and computing capabilities. After these devices are plugged into a network, they initially advertise their presence and capabilities in the form of services so that they can be discovered and, if desired, exploited by the user or other networked devices. With the increasing number of these devices attached to the network, the complexity to configure and control them increases, which may lead to major processing and communication overhead. Hence, the devices are no longer expected to just act as primitive stand-alone appliances that only provide the facilities and services to the user they are designed for, but also offer complex services that emerge from unique combinations of devices. This creates the necessity for these devices to be equipped with some sort of intelligence and self-awareness to enable them to be self-configuring and self-programming. However, with this "smart evolution", the cognitive load to configure and control such spaces becomes immense. One way to relieve this load is by employing artificial intelligence (AI) techniques to create an intelligent "presence" where the system will be able to recognize the users and autonomously program the environment to be energy efficient and responsive to the user's needs and behaviours. These AI mechanisms should be embedded in the user's environments and should operate in a non-intrusive manner. This paper will show how computational intelligence (CI), which is an emerging domain of AI, could be employed and embedded in our living spaces to help such environments to be more energy efficient, intelligent, adaptive and convenient to the users.
|
|
16.
|
基于轻负载代理的协同分布式入侵检测系统 被引次数:4
|
|
|
|
|
|
|
张琨 刘凤玉《计算机科学》,2003年第30卷第6期
|
|
|
The LAFCDIDS(Lightweight Agent for Collaborative Distribution Intrusion Detection System)presented in this paper is a distributed intrusion detection system with the ability of collaborative detection in real time.The hierarchy architecture of agents and the ability of collaborative detection in real time are evident characteristics of the LAFCDIDS.Lightweight agent and agent sensitivity are LAFCDIDS‘‘s new concepts,which can reduce the overload of protected system,shorten the period of intrusion detection,and are suitable for monitoring the distributed collaborating attacks.
|
|
17.
|
Adaptive output feedback control for nonlinear time-delay systems using neural network 被引次数:5
|
|
|
|
|
|
|
Weisheng CHEN Junmin LI《控制理论与应用(英文版)》,2006年第4卷第4期
|
|
|
This paper extends the adaptive neural network (NN) control approaches to a class of unknown output feedback nonlinear time-delay systems. An adaptive output feedback NN tracking controller is designed by backstepping technique. NNs are used to approximate unknown functions dependent on time delay, Delay-dependent filters are introduced for state estimation. The domination method is used to deal with the smooth time-delay basis functions. The adaptive bounding technique is employed to estimate the upper bound of the NN approximation errors. Based on Lyapunov- Krasovskii functional, the semi-global uniform ultimate boundedness of all the signals in the closed-loop system is proved, The feasibility is investigated by two illustrative simulation examples.
|
|
18.
|
具有预警功能的网络监管体系结构研究 被引次数:1
|
|
|
|
|
|
|
张险峰 张峰 秦志光 刘锦德《计算机科学》,2003年第30卷第11期
|
|
|
The architecture of network monitoring administration with precaution is presented. Related technologies and approaches to realize the architecture are analyzed and provided. The architecture consists of a precaution subsystem and a monitoring administration subsystem. With building an adaptive abnormal detection model and taking abnormal assessment approach, the precaution subsystem can forewarn the intrusion attempts and send the precaution information to the monitoring administration subsystem in real time. Then the monitoring administration subsystem can take some countermeasures in advance. Moreover, based on intrusion tolerance technology, the monitoring administration subsystem can reconfigure the resources and the security policies when facing active intrusions, so as to provide the expected users with timely services and ensure the security of the protected services as well.
|
|
19.
|
Model-based cross-layer monitoring and adaptation of multilayer systems
|
|
|
|
|
|
|
SONG Hui RAJ Amit HAJEBI Saeed CLARKE Aidan CLARKE Siobhn《中国科学:信息科学(英文版)》,2013年第56卷第8期
|
|
|
With the vision of "Internet as a computer", complex software-intensive systems running on the Internet, or the "Internetwares", can be also divided into multiple layers. Each layer has a different focus, implementation technique, and stakeholders. Monitoring and adaptation of such multilayer systems are challenging, because the mismatches and adaptations are interrelated across the layers. This interrelation makes it difficult to find out: 1) When a system change causes mismatches in one layer, how to identify all the cascaded mismatches on the other layers? 2) When an adaptation is performed at one layer, how to find out all the complementary adaptations required in other layers? This paper presents a model-based approach towards cross-layer monitoring and adaptation of multilayer systems. We provide standard meta-modelling languages for system experts to specify the concepts and constraints separately for each layer, as well as the relations among the concepts from different layers. Within each individual layer, we use run-time models to represent the system state specific to this layer, monitor the systems by evaluating model changes according to specified constraints, and support manual or semi-automated adaption by modifying the models. When a change happens in the run-time model for one layer, either caused by system changes or by the adaptation, we synchronize the models for other layers to identify cascaded mismatches and complementary adaptations across the layers. We illustrate the approach on a simulated crisis management system, and are using it on a number of ongoing projects.
|
|
20.
|
Neural-network adaptive controller for nonlinear systems and its application in pneumatic servo systems
|
|
|
|
|
|
|
Lu LU Fagui LIU Weixiang SHI《控制理论与应用(英文版)》,2008年第6卷第1期
|
|
|
In this paper, a novel control law is presented, which uses neural-network techniques to approximate the affine class nonlinear system having unknown or uncertain dynamics and noise disturbances. It adopts an adaptive control law to adjust the network parameters online and adds another control component according to H-infinity control theory to attenuate the disturbance. This control law is applied to the position tracking control of pneumatic servo systems. Simulation and experimental results show that the tracking precision and convergence speed is obviously superior to the results by using the basic BP-network controller and self-tuning adaptive controller.
|
