数字图像水印攻击方法新分类*

分析了数字图像水印攻击方法及对策,提出了一种新的数字图像水印攻击分类,可以完善已有攻击分类.数字水印基准测试软件为数字水印算法提供一种评测标准.在文献[7,8]的基础上,介绍了新的数字水印攻击基准Certimark,并对Checkmark和Stirmark中典型的射影攻击和旋转攻击进行了分析比较.     

基于混合网络结构的可控型蠕虫网络系统

研究和建立了一种可控型的蠕虫网络,设计了广播网络与树状网络相结合的混合网络结构,讨论组网、通信和控制方案,并对性能作了分析,有助于对蠕虫网络的认识和防治.     

In Silico Logical Modelling to Uncover Cooperative Interactions in Cancer

The multistep development of cancer involves the cooperation between multiple molecular lesions, as well as complex interactions between cancer cells and the surrounding tumour microenvironment. The search for these synergistic interactions using experimental models made tremendous contributions to our understanding of oncogenesis. Yet, these approaches remain labour-intensive and challenging. To tackle such a hurdle, an integrative, multidisciplinary effort is required. In this article, we highlight the use of logical computational models, combined with experimental validations, as an effective approach to identify cooperative mechanisms and therapeutic strategies in the context of cancer biology. In silico models overcome limitations of reductionist approaches by capturing tumour complexity and by generating powerful testable hypotheses. We review representative examples of logical models reported in the literature and their validation. We then provide further analyses of our logical model of Epithelium to Mesenchymal Transition (EMT), searching for additional cooperative interactions involving inputs from the tumour microenvironment and gain of function mutations in NOTCH.     

近30年全球大停电事故发生的深层次原因分析及启示

2019年以来,委内瑞拉、阿根廷、美国、印尼、英国等多国相继发生多起大停电事故,电网安全成为各方关注的焦点与舆论热点。通过梳理近30年138件主要大停电事件,发现2008年后大停电进入高发期,主要经济体是大停电事故的“重灾区”。自然灾害原因占比56%,影响范围相对明确可控;电力管理体制原因占31%,易与其他诱发因素伴发,具有全局性、系统性影响,可能危害到整个国家和地区的能源安全;意外或人为事故原因占10%;网络攻击成为新兴原因占3%,具有隐蔽性、复杂性强、防御难度大、物理伤害大等特点。深入剖析4类大停电事故发生的原因,根据中国国情和网情,提出防范中国大停电事故发生的措施和建议。     

基于拓扑篡改的电力市场虚假数据注入攻击方案

从攻击者的角度出发,在直流状态估计框架下提出了一种基于拓扑篡改的虚假数据注入攻击(FDIA)方案.首先,通过分析攻击后由网络拓扑处理器计算所得拓扑结构与传感器测量结果的一致性以及对比攻击前、后的残差,给出可以躲避拓扑误差处理检测以及残差检测的隐蔽攻击定义;然后,基于上述定义以及攻击向量列空间的隐蔽条件,提出一种FDIA方案,通过求解凸规划问题实现在保证隐蔽性的同时获得最大发电收益;最后,基于标准IEEE 9节点及14节点系统对所提方案的有效性进行验证.结果表明,与现有FDIA方案相比,所提将拓扑篡改与FDIA相结合的攻击方案具有更强的隐蔽性且获利更大.     

基于改进自注意力机制生成对抗网络的智能电网GPS欺骗攻击防御方法

为了避免全球定位系统欺骗攻击(GSA)对相量测量装置造成的危害,提出了一种基于改进自注意力机制生成对抗网络(SAGAN)的智能电网GSA防御方法.首先,通过引入深度学习参数,构建了改进网络-物理模型,利用历史数据计算得到当前时刻的量测值.然后,在SAGAN的生成器和判别器网络中分别融入一个时间注意力模块,提出了一种用于实现网络-物理模型的改进SAGAN防御方法.通过训练改进SAGAN,得到一对判别器和生成器,利用判别器检测采集的量测值是否遭受GSA,当检测到攻击时,利用生成器生成的数据替换欺骗数据,从而实现智能电网对GSA的主动防御.最后,基于IEEE 14节点和IEEE 118节点系统进行仿真测试,结果验证了所提方法的可行性和有效性.     

几种添加剂对模型石膏性能的影响

研究了N型减水剂、硅溶胶等添加剂对模型石膏凝结时间、强度、吸水率、溶蚀率等性能的影响,并确定了有关性能与添加量之间的关系,得出了最佳添加量。     

Long-term performance of cement paste during combined calcium leaching-sulfate attack: kinetics and size effect

This paper presents experimental results obtained on cement paste samples (water/cement ratio of 0.4) subjected to a low-concentration (15 mmol/l) external sulfate attack during several weeks. Chemical and microstructural analyses include the continuous monitoring of calcium loss and sulfate consumption within the cement paste, periodic layer by layer X-ray diffraction (XRD)/energy-dispersive spectrometer (EDS) analyses of the solid constituents of the cement matrix (ettringite, portlandite, gypsum) within the calcium-depleted part of the samples. Scanning electron microscopy (SEM) and visual observations are used to follow the crack pattern evolution during the external sulfate attack. The relation between the size of the specimen and crack initiation/development is investigated experimentally by performing tests on samples with different thickness/diameter ratios.     

基于MTPM和DPM的多无人机协同广域目标搜索滚动时域决策

传统的协同搜索决策方法在目标引导和机间协同方面存在不足. 研究建立了基于分布概率预测的目标概率图（Target probability map,TPM）初始化方法和基于贝叶斯准则的目标概率图动态更新方法,形成了修正目标概率图（Modified TPM,MTPM）及其运算机理.考虑对任务子区域进行可控回访,定义了数字信息素图（Digital pheromone map,DPM）,建立了数字信息素图使用方法及更新机理.设计了基于MTPM和DPM的寻优指标,建立了基于滚动时域控制的协同搜索决策方法（MTPM-DPM-RHC method,MDR）.仿真表明: 1） MTPM能有效降低对目标的虚警率和漏检率;2） DPM能有效实现对任务区域可控回访;3） MDR方法的遍历能力、重访能力和目标搜索效率均优于已有方法.     

Data-mining based SQL injection attack detection using internal query trees

Detecting SQL injection attacks (SQLIAs) is becoming increasingly important in database-driven web sites. Until now, most of the studies on SQLIA detection have focused on the structured query language (SQL) structure at the application level. Unfortunately, this approach inevitably fails to detect those attacks that use already stored procedure and data within the database system. In this paper, we propose a framework to detect SQLIAs at database level by using SVM classification and various kernel functions. The key issue of SQLIA detection framework is how to represent the internal query tree collected from database log suitable for SVM classification algorithm in order to acquire good performance in detecting SQLIAs. To solve the issue, we first propose a novel method to convert the query tree into an n-dimensional feature vector by using a multi-dimensional sequence as an intermediate representation. The reason that it is difficult to directly convert the query tree into an n-dimensional feature vector is the complexity and variability of the query tree structure. Second, we propose a method to extract the syntactic features, as well as the semantic features when generating feature vector. Third, we propose a method to transform string feature values into numeric feature values, combining multiple statistical models. The combined model maps one string value to one numeric value by containing the multiple characteristic of each string value. In order to demonstrate the feasibility of our proposals in practical environments, we implement the SQLIA detection system based on PostgreSQL, a popular open source database system, and we perform experiments. The experimental results using the internal query trees of PostgreSQL validate that our proposal is effective in detecting SQLIAs, with at least 99.6% of the probability that the probability for malicious queries to be correctly predicted as SQLIA is greater than the probability for normal queries to be incorrectly predicted as SQLIA. Finally, we perform additional experiments to compare our proposal with syntax-focused feature extraction and single statistical model based on feature transformation. The experimental results show that our proposal significantly increases the probability of correctly detecting SQLIAs for various SQL statements, when compared to the previous methods.