DDoS防御与反应技术研究

DDoS(DistributedDenialofService)攻击是Internet面临的最大威胁之一。该文综合分析了近年来DDoS防御与反应技术的研究成果,指出了现有方法的不足,讨论了新的防御机制应具有的特性,给出了新的研究方向和需要重点研究的内容。     

可控网络攻击源追踪技术研究

提出一种新的基于网络入侵检测的攻击源追踪方法．给出了系统模型，深入分析了攻击链路集合构造和攻击链路上下游关系的确定方法，在此基础上提出攻击路径构造算法．实验结果表明，该系统能够在可控网络环境下实时、准确地对攻击源进行追踪．和已有方法相比，新的方法在实用性、追踪的准确性、系统的可扩展性等方面有明显提高．     

离心泵蜗壳内压力脉动特性数值分析

为揭示离心泵蜗壳流道内的压力脉动变化规律,采用雷诺时均方法(RANS),对3种工况下的离心泵内部三维非定常湍流流场进行数值计算,分析同一蜗壳断面不同位置以及沿蜗壳周向不同点的压力脉动特性。结果表明:蜗壳流道内具有非常明显的压力脉动,在各种工况下压力脉动的主频均是叶片通过频率;同一蜗壳断面上的压力脉动从蜗壳底部到蜗壳背面先减小后增大,蜗壳底部监测点的高频脉动成分较多;沿蜗壳周向,随着圆周角的增大,压力脉动减弱,隔舌附近压力脉动幅度最大,且高频脉动成分明显增加。     

不同叶片冲角离心泵内流诱导振动噪声研究

基于离心泵流动诱导振动噪声的试验测试系统,测量了不同叶片进口冲角模型泵在全流量范围内的振动和噪声信号并对其进行了处理和分析。研究结果表明:叶片进口冲角存在一个最优值,使离心泵的性能最佳;模型泵内部流动诱导的振动对泵体的影响最大,随着叶片进口冲角的增加,在各流量下模型泵噪声信号的轴频和叶频能量峰值均没有明显变化规律,但当叶片进口冲角为9°时,在1750～2250Hz频段内的噪声信号消失。     

深水SDPSO平台油水置换储卸油系统排出水含油量研究北大核心CSCD

深水立柱式干树钻井生产储卸油平台(SDPSO)平台是一种具有采油与储卸油功能的新型多功能深水浮式平台,油水置换储油技术是其核心技术,为保证平台投产后不会对海洋环境造成污染,需对平台油水置换储油系统排出水的含油量进行研究。为阐明置换次数、平台运动和环境温度等对储油舱底部水中含油量的影响,按1∶15的缩尺比设计建造了一座深水SDPSO平台储油系统中尺度模型试验(简称“中试”)装置,根据上述试验目的设计了多组试验工况,并将中试得到的水中含油量数据与多组小尺度模型试验(简称“小试”)得到的数据进行了对比,探讨了模型试验的尺度效应对试验结果的影响。结果表明:深水SDPSO平台储油系统模型试验的尺度效应不明显,缩尺比对储油舱内水中含油量的试验结果影响不大;储油舱内水中含油量不会随着置换次数的增加而明显升高;风、浪、流导致的平台运动会增大储油舱内水中含油量;环境温度降低时,平台储油舱内水中含油量也会随之增大;平台储存重质油相比储存中质油,储油舱内水中含油量会有一定幅度升高;平台中心井能有效地起到分离油水的作用,从中心井排出到舱外的水中含油量远低于国内外含油污水排放标准。本文研究结果揭示了平台储油系统油水置换工艺的可行性,为深水SDPSO的研发提供了借鉴。     

一个改进的路由器包转发模型

本文提出并实现了一个改进的路由器包转发模型,该模型解决了传统模型在系统过载时吞吐量下降和延迟剧增的问题,并避免了传统模型中多级队列导致的包转发延迟.实际测试表明路由器的性能得到显著提高,证明了改进模型的优越性.     

一种新型换热装置的性能试验研究

针对地热资源较好的地区,通常先利用其进行ORC发电,发电后利用尾水的能量进行供暖,达到充分利用地热资源的目的.冷凝器是该系统的重要组成部分,冷凝器的换热效果直接影响系统运行效率.针对该类型的地热能梯级利用系统,提出一种新型蒸发式冷凝器,并搭建单管实验台,研究换热性能,进而对该地热能梯级利用系统进行优化,提高地热能综合利...     

Experimental investigation and numerical analysis of unsteady attached sheet- cavitating flows in a centrifugal pump

This paper studies the attached sheet cavitation in centrifugal pumps. A pump casted from Perspex is used as the test subject. The cavitation bubbles were observed in the entrance of the impeller and the drops of the head coefficients were measured under different operating conditions. A Filter-Based Model (FBM), derived from the RNG k – ? model, and a modified Zwart model are adopted in the numerical predictions of the unsteady cavitating flows in the pump. The simulations are carried out and the results are compared with experimental results for 3 different flow coefficients, from 0.077 to 0.114. Under four operating conditions, qualitative comparisons are made between experimental and numerical cavitation patterns, as visualized by a high-speed camera and described as isosurfaces of the vapour volume fraction α_v = 0.1. It is shown that the simulation can truly represent the development of the attached sheet cavitation in the impeller. At the same time, the curves for the drops of the head coefficients obtained from experiments and calculations are also quantitatively compared, which shows that the decline of the head coefficients at every flow coefficient is correctly captured, and the prediction accuracy is high. In addition, the detailed analysis is made on the vapour volume fraction contours on the plane of span is 0.5 and the loading distributions around the blade section at the midspan. It is shown that the FBM model and the modified Zwart model are effective for the numerical simulation of the cavitating flow in centrifugal pumps. The analysis results can also be used as the basis for the further research of the attached sheet cavitation and the improvement of centrifugal pumps.     

An Attack-Finding Algorithm for Security Protocols

This paper proposes an automatic attack construction algorithm in order to find potential attacks on ecurity protocols.It is based on a dynamic strand space model,which enhances the original strand space model by introducing active nodes on strands so as to characterize the dynamic procedure of protocol execution.With exact causal dependency relations between messages considered in the model,this algorithm can avoid state space explo-sion caused by asynchronous composition.In order to get a finite state space,a new method called strand-added on demand is exploited,which extends a bundle in an incremental manner without requiring explicit configuration of protocol execution parameters.A finer granularity model of term structure is also introduced, in which subterms are divided into check subterms and data subterms .Moreover,data subterms can be further classified based on the compatible data subterm relation to obtain automatically the finite set of valid acceptable terms for an honest principal.In this algorithm,terms core is designed to represent the intruder‘s knowledge compactly,and forward search technology is used to simulate attack patterns easily.Using this algorithm,a new attack on the Dolve-Yao protocol can be found,which is even more harmful beeause the secret is revealed before the session terminates.