基于TCP/IP的入侵检测评测技术研究

入侵检测系统的评测是入侵检测研究的一个重要方面。论文研究TCP/IP协议下如何利用协议的脆弱性按层次生成评测数据,在此基础上提出了分段混合评测的入侵检测评测方法。该方法的主要思想是数据混合和评测分段。相对以往的评测方法,由于数据混合,它的评测数据更丰富、更接近现实环境,而且可以自由添加;由于评测分段,简化了评测的实现,对正常网络的干扰很小,能够生成一些特定网络中无法生成的攻击。     

计算机网络安全扫描技术研究

随着互联网技术的发展,网络安全问题日益突出。作为一种主动防御手段,网络安全扫描技术在保护网络安全方面发挥着越来越大的作用。本文主要对主机探测,端口扫描,操作系统探测以及漏洞扫描等四种主要的网络安全扫描技术做了研究。     

基于OWASP的WEB应用安全检测与防范

Web应用发展迅速,但多数开发人员安全意识差,导致Web应用漏洞百出。针对web开发时的安全风险,提出了基于OWASP的统计和文档的WEB应用安全检查和防范的方法,来降低Web应用的安全风险,并通过银行项目中的实际应用,表明该方法不但能提高Web应用安全性,同时增强了开发人员的安全意识。     

基于区块链技术的网络安全漏洞检测系统设计

为解决传统网络安全漏洞扫描受限,导致网络应用环境的安全性承载能力较差的问题,设计基于区块链技术的网络安全漏洞检测系统;利用网络爬虫模块抓取任务管理模块所需的待检测信息参量,按照漏洞数据所属的具体类别,将其分别反馈至XSS检测模块、SQL检测模块与CSRF检测模块之中;在此基础上,定义区块信息的实际交易格式,联合各项智能化合约,实现对系统功能需求的定向化分析,并完成相关用例图的构建;通过上述软、硬件设备基础,完成基于区块链技术的网络安全漏洞检测系统设计;对比实验结果显示,与C/S型网络漏洞检测系统相比,基于区块链技术检测系统的安全性等级划分条件更加细致,扫描web漏洞覆盖范围也更为广泛,有助于网络应用环境安全性承载能力的稳定提升.     

融合信息熵与信任机制的防攻击推荐算法研究

由于对用户偏好信息的过分依赖,致使推荐系统易受到恶意攻击,从而影响系统的推荐质量。提出一个融合信息熵与信任机制的防攻击推荐算法。在考虑了托攻击与正常用户之间的评分变化幅度差异基础上,提出融合信息熵的相似性改进算法,同时引入信任更新机制,在推荐过程中将用户间信任度与相似度有机相结合,通过筛选推荐权重较高的邻居用户方法获得可靠推荐,从而降低恶意攻击对系统的影响。通过在真实数据集上实验表明该算法在提高推荐系统的准确性和脆弱性上有较好的表现。     

Backscatter from the data plane – Threats to stability and security in information-centric network infrastructure

Information-centric networking (ICN) raises data objects to first class routable entities in the network and changes the Internet paradigm from host-centric connectivity to data-oriented delivery. However, current approaches to content routing heavily rely on data-driven protocol events and thereby introduce a strong coupling of the control to the data plane in the underlying routing infrastructure. In this paper, threats to the stability and security of the content distribution system are analyzed in theory, simulations, and practical experiments. We derive relations between state resources and the performance of routers, and demonstrate how this coupling can be misused in practice. We further show how state-based forwarding tends to degrade by decorrelating resources. We identify intrinsic attack vectors present in current content-centric routing, as well as possibilities and limitations to mitigate them. Our overall findings suggest that major architectural refinements are required prior to global ICN deployment in the real world.     

一种基于模型检测的二进制程序脆弱性分析框架

针对二进制程序脆弱性分析的实际需求,提出了一种基于模型检测的二进制程序脆弱性分析框架。首先定义了二进制程序的抽象模型,描述了基于有限状态自动机的软件脆弱性形式化表示和基于事件系统的软件安全属性表示方法。在此基础上,提出了基于模型检测的脆弱性分析过程和算法。根据该分析框架,设计并实现了二进制程序脆弱性分析工具原型。通过脆弱性分析实验,详细说明了该框架的工作原理,验证了该分析方法的有效性。     

Web应用程序常见漏洞研究

本文主要介绍了Web应用程序的概念及漏洞的危害,并对Web应用程序的常见漏洞进行了深入分析,主要研究了SQL注入漏洞和XSS漏洞的成因及攻击过程。     

The vulnerability of structures to unforeseen events

A structure is vulnerable to an unforeseen event if it is not sufficiently robust. One insight into the lack of robustness is gained through the vulnerability of a structure to disproportionate collapse. In this paper, the importance of assessing the vulnerability of a structure to unforeseen events is highlighted and the nature of unforeseen events examined. A theory of structural vulnerability which examines the form of the structure to determine the most vulnerable sequence of failure events is briefly described. The potential for damage to propagate through a structure is examined through a new measure of hazard potential and vertical pushover analysis. An analysis of an example structure shows that such an approach is able to capture the weaknesses in a structure either due to form or external actions.     

Standardising vulnerability categories

Each vulnerability scanner (VS) represents, identifies and classifies vulnerabilities in its own way, thus making the different scanners difficult to study and compare. Despite numerous efforts by researchers and organisations to solve the disparity in vulnerability names used in the different VSs, vulnerability categories have still not been standardised. This paper highlights the importance of having a standard vulnerability category set. It also outlines an approach towards achieving this goal by generating a standard set of vulnerability categories. A data-clustering algorithm that employs artificial intelligence is used for this purpose. The significance of this research results from having an intelligent technique that aids in the generation of standardised vulnerability categories in a relatively fast way. In addition, the technique is generic in the sense that it allows one to accommodate any VS currently known on the market to create such vulnerability categories. Another benefit is that the approach followed in this paper allows one to also compare various VSs currently available on the market. A prototype is presented to verify the concept.