舰载舷外雷达有源诱饵作战应用和效能分析

目前舰载舷外雷达有源诱饵被认为是对抗现代先进反舰导弹的有效方式,引起世界各个国家的重视。舰载舷外雷达有源诱饵通过有源欺骗干扰方式模拟被掩护舰船的雷达信号特征,引诱或欺骗敌跟踪和制导雷达。未来十年,有源诱饵将是对抗末制导威胁的舰艇防御措施的有益补充。本文简要介绍了国内外舰载舷外雷达有源诱饵研究发展状况,并分析了舰载舷外雷达有源诱饵干扰的基本原理,提出了诱饵布放的初步要求。     

俄罗斯网络战发展研究

作为传统军事强国的俄罗斯,在网络空间这一新型对抗领域中处于先天劣势,加之近年来全球网络空间竞争加剧,俄罗斯与西方国家日益交恶,因此,俄罗斯在重新升华对网络战、网络空间安全认识的同时,加强网络攻击武器装备和技术的研究,其攻击能力明显提高,攻击手段呈现出复杂化、智能化等特点.此外,俄罗斯通过打造国家互联网、军用互联网、国家...     

Attack–norm separation for detecting attack‐induced quality problems on computers and networks

Cyber attacks on computer and network systems induce system quality and reliability problems, and present a significant threat to the computer and network systems that we are heavily dependent on. Cyber attack detection involves monitoring system data and detecting the attack‐induced quality and reliability problems of computer and network systems caused by cyber attacks. Usually there are ongoing normal user activities on computer and network systems when an attack occurs. As a result, the observed system data may be a mixture of attack data and normal use data (norm data). We have established a novel attack–norm separation approach to cyber attack detection that includes norm data cancelation to improve the data quality as an important part of this approach. Aiming at demonstrating the importance of norm data cancelation, this paper presents a set of data modeling and analysis techniques developed to perform norm data cancelation before applying an existing technique of anomaly detection, the chi‐square distance monitoring (CSDM), to residual data obtained after norm data cancelation for cyber attack detection. Specifically, a Markov chain model of norm data and an artificial neural network (ANN) of norm data cancelation are developed and tested. This set of techniques is compared with using CSDM alone for cyber attack detection. The results show a significant improvement of detection performance by CSDM with norm data cancelation over CSDM alone. Copyright © 2006 John Wiley & Sons, Ltd.     

火控雷达认知抗干扰技术研究

认知雷达技术通过对周围环境的学习,实时调整雷达的工作参数,最优化雷达在特定场景下的工作性能,发挥雷达最大性能。火控雷达认知抗干扰技术是一种基于认知技术的雷达抗干扰设计方法,将认知技术融入火控雷达设计中。 文中针对火控雷达面临的复合干扰特别是主瓣干扰威胁问题,研究火控雷达认知抗干扰技术,智能化调整火控雷达工作参数,选择工作频率,优化发射波形,有效提升火控雷达抗干扰的能力。     

Multilayer Self-Defense System to Protect Enterprise Cloud

A data breach can seriously impact organizational intellectual property, resources, time, and product value. The risk of system intrusion is augmented by the intrinsic openness of commonly utilized technologies like TCP/IP protocols. As TCP relies on IP addresses, an attacker may easily trace the IP address of the organization. Given that many organizations run the risk of data breach and cyber-attacks at a certain point, a repeatable and well-developed incident response framework is critical to shield them. Enterprise cloud possesses the challenges of security, lack of transparency, trust and loss of controls. Technology eases quickens the processing of information but holds numerous risks including hacking and confidentiality problems. The risk increases when the organization outsources the cloud storage services through the vendor and suffers from security breaches and need to create security systems to prevent data networks from being compromised. The business model also leads to insecurity issues which derail its popularity. An attack mitigation system is the best solution to protect online services from emerging cyber-attacks. This research focuses on cloud computing security, cyber threats, machine learning-based attack detection, and mitigation system. The proposed SDN-based multilayer machine learning-based self-defense system effectively detects and mitigates the cyber-attack and protects cloud-based enterprise solutions. The results show the accuracy of the proposed machine learning techniques and the effectiveness of attack detection and the mitigation system.     

基于脆弱性变换的网络动态防御有效性分析方法

有效性分析对合理制订最优网络动态防御策略至关重要.首先利用随机抽样模型从脆弱性变换角度给出入侵成功概率计算公式,用于刻画变换空间、变换周期及脆弱性数量对网络入侵过程的影响;然后针对单、多脆弱性变换两种情况,分别给出相应的入侵成功概率极限定理并予以证明,同时给出两种情况下的最优变换空间计算方法;仿真结果表明,增大单条入侵路径上依次攻击的脆弱性数量、减小变换周期可持续提高网络动态防御有效性,而增大变换空间初始可以提升网络动态防御有效性,但是由于入侵成功概率会随变换空间的持续增大而逐渐收敛,在入侵成功概率收敛时,有效性无法持续提高.     

有源干扰星载SAR的技术研究

主要探讨了有源干扰星载SAR的技术措施———有源压制干扰和有源欺骗干扰。有源压制干扰主要包括阻塞干扰、瞄准式干扰和随机脉冲干扰;有源欺骗干扰主要包括转发式干扰、应答式干扰和散射波干扰。定性分析了各种干扰对SAR图像影响效果并对有源干扰所需干扰功率进行了定量计算。     

基于攻击预测的电力CPS安全风险评估

为准确评估当前电力信息物理系统（cyber physical system，CPS）的风险状态，针对信息、电力紧密耦合的特点，提出一种基于攻击预测的电力CPS风险评估方法。利用已检测到的攻击告警信息，基于隐马尔科夫模型（hidden Markov model，HMM）识别出可能的攻击场景，推测攻击者的攻击意图，分析其未来的攻击目标和概率。攻击预测结果表征着系统当前的攻击威胁状况，将其作为输入，结合传统的单域（信息域或物理域）风险评估方法计算单域风险，再基于电力CPS复杂网络模型评估跨域风险，融合二者的结果得到最终的风险值。基于智能配电网IEEE 33节点的仿真平台，对攻击预测方法以及安全风险评估方法进行了验证，证明了基于攻击预测的风险评估方法的可行性和合理性。     

近30年全球大停电事故发生的深层次原因分析及启示

2019年以来,委内瑞拉、阿根廷、美国、印尼、英国等多国相继发生多起大停电事故,电网安全成为各方关注的焦点与舆论热点.通过梳理近30年138件主要大停电事件,发现2008年后大停电进入高发期,主要经济体是大停电事故的重灾区.自然灾害原因占比56％,影响范围相对明确可控;电力管理体制原因占31％,易与其他诱发因素伴发...     

变电站自动化系统时间同步协同攻击的检测与防护方法

为了使攻击的后果最大化,受国家支持的攻击者可以使用时间同步的协同机制发起高度隐蔽的网络攻击,而无须进行通信.这可能会使多个变电站内的所有断路器同时跳闸,从而引发大停电.提出了一种基于时间加速的方法来检测时间同步的协同攻击.在变电站自动化系统年度检修期间,通过逐步加速系统时间来触发时间逻辑,以识别是否存在潜在的恶意软件....