采用信息增益率的混合入侵检测模型设计

针对现有混合入侵检测模型仅定性选取特征而导致检测精度较低的问题，同时为了充分结合误用检测模型和异常检测模型的优势，提出一种采用信息增益率的混合入侵检测模型.首先，利用信息增益率定量地选择特征子集，最大程度地保留样本信息；其次，采用余弦时变粒子群算法确定支持向量机参数构建误用检测模型，使其更好地平衡粒子在全局和局部的搜索能力，然后，选取灰狼算法确定单类支持向量机参数构建异常检测模型，以此来提高对最优参数的搜索效率和精细程度，综合提高混合入侵检测模型对攻击的检测效果；最后，通过两种数据集进行仿真实验，验证了所提混合入侵检测模型具有较好的检测性能.     

Compensation paradox: the influence of monetary rewards on user behaviour

Many e-commerce companies collect users’ personal data for marketing purposes despite privacy concerns. Information-collecting companies often offer a monetary reward to users to alleviate privacy concerns and ease the collection of personal information. This study focused on the negative effects of monetary rewards on both information privacy concerns (IPC) and information disclosure. A survey approach was used to collect data and 370 final responses were analysed using a two-way analysis of variance and a binomial logistic regression model. The results show that monetary rewards increase IPC when an information-collecting company requires sensitive information. Additional results indicate that building trust is a more effective way of collecting personal data. This study identifies how organisations can best execute information-collection activities and contributes additional insights for academia and practitioners.     

网络安全事件的关联分析方法的比较研究

随着当前攻击手段和技术的日益复杂化,一次入侵事件往往需要多个步骤才能完成,这些步骤都是彼此相关的。但是传统的入侵检测集中于检测底层的入侵或异常,所检测到的结果也仅仅是一次完整入侵的一部分,所以不能将不同的报警结合起来以发现入侵的逻辑步骤或者入侵背后的攻击策略。关联分析技术将不同分析器上产生的报警进行融合与关联分析,极大地减少了报警的数量,降低了入侵检测的误报率,并且适当的减少了入侵检测的漏报率。文中在对网络安全事件关联分析方法的系统结构进行分析后,着重介绍了当前比较流行的几种网络安全事件关联分析方法,最后对各种方法进行了比较研究。     

A motivational model of rural students' intentions to persist in, versus drop out of, high school.

Using self-determination theory, the authors tested a motivational model to explain the conditions under which rural students formulate their intentions to persist in, versus drop out of, high school. The model argues that motivational variables underlie students' intentions to drop out and that students' motivation can be either supported in the classroom by autonomy-supportive teachers or frustrated by controlling teachers. LISREL analyses of questionnaire data from 483 rural high school students showed that the provision of autonomy support within classrooms predicted students' self-determined motivation and perceived competence. These motivational resources, in turn, predicted students' intentions to persist, versus drop out, and they did so even after controlling for the effect of achievement. (PsycINFO Database Record (c) 2010 APA, all rights reserved)     

渭河口拦门沙形成及消失条件

在分析了黄、渭河部分测站的水文资料之后，研究渭河口拦门沙形成及消失条件，为减轻渭河下游的淤积寻找方法。     

A connectionist implementation of the theory of planned behavior: Association of beliefs with exercise intention.

The theory of planned behavior suggests attitudes are a product of salient beliefs. This study examined whether aggregating salient beliefs was plausible within a more biologically centered information-processing environment. A neural network was used to examine associations among beliefs relating to exercise intention. Data on intentions and behavioral, normative, and control beliefs from 114 respondents were used to train (by error backpropagation) a neural network to associate beliefs with intention. The R2 between the network's estimated and self-reported intention was .66. The network's representation comprised 6 belief profiles associated with high, moderate, or low behavioral intention. The neural network accommodated complex relationships among beliefs and belief-intention associations and indicated how high-level constructs such as attitudes may be viewed as the best fit (compromise state) between aroused beliefs. (PsycINFO Database Record (c) 2010 APA, all rights reserved)     

基于统计阈值的Snort规则集动态产生的设计与实现

Snort作为开源的入侵检测系统,利用定义的静态规则集合实现对网络的入侵事件的检测。本文分析入侵检测系统的基本原理和模型,阐述Snort入侵检测系统部署到网络时,其静态规则集的配置方法,根据统计流量阈值和告警频率阈值动态产生动态规则集的方法,改进并提高了部署Snort应有的灵活性。     

一种基于网络安全风险评估的入侵检测方法

针对传统的入侵检测系统存在报警数量大、误报率高等缺陷,提出了一种基于网络安全风险评估的入侵检测方法,该方法基于入侵检测结果,引入抗体浓度随入侵强度动态变化这一人工免疫理论的最新研究成果进行网络安全风险的计算,然后根据当前网络面临的实时安全风险动态设置报警策略。实验结果表明,该方法能够实时、定量地计算主机和网络所面临的风险,并极大地降低报警数量和误报率。     

一种基于有向二分图模型和贝叶斯网络的入侵检测方法

针对入侵检测中存在的非确定性推理问题,文章提出一种基于二分图模型和贝叶斯网络的入侵检测方法,该方法利用二分有向图模型表示入侵和相关特征属性之间的因果拓扑关系,利用训练数据中获取模型的概率参数,最后使用最大可能解释对转化后的推理问题进行推理,并通过限定入侵同时发生的数目来提高检测效率。实验表明,该方法具有较高的检测率和很好的鲁棒性。     

基于模糊数据挖掘和遗传算法的网络入侵检测技术

文章通过开发一套新的网络入侵检测系统来证实应用模糊逻辑和遗传算法的数据挖掘技术的有效性;这个系统联合了基于模糊数据挖掘技术的异常检测和基于专家系统的滥用检测,在开发异常检测的部分时,利用模糊数据挖掘技术来从正常的行为存储模式中寻找差异,遗传算法用来调整模糊隶属函数和选择一个合适的特征集合,滥用检测部分用于寻找先前行为描述模式,这种模式很可能预示着入侵,网络的通信量和系统的审计数据被用做两个元件的输入;此系统的系统结构既支持异常检测又支持滥用检测、既适用于个人工作站又可以适用于复杂网络。