共查询到20条相似文献,搜索用时 31 毫秒
1.
口语理解是人机对话系统的重要组成部分,而意图识别是口语理解中的一个子任务,而且至关重要。意图识别的准确性直接关系到语义槽填充的性能并且有助于后续对话系统的研究。考虑到人机对话系统中意图识别的困难,传统的机器学习方法无法理解用户话语的深层语义信息,主要对近些年应用在意图识别研究方面的深度学习方法进行分析、比较和总结,进一步思考如何将深度学习模型应用到多意图识别任务中,从而推动基于深度神经网络的多意图识别方法的研究。 相似文献
2.
针对Android恶意软件检测中数据不平衡导致检出率低的问题,提出一种基于Bagging-SVM(支持向量机)集成算法的Android恶意软件检测模型。首先,提取AndroidManifest.xml文件中的权限信息、意图信息和组件信息作为特征;然后,提出IG-ReliefF混合筛选算法用于数据集降维,采用bootstrap抽样构造多个平衡数据集;最后,采用平衡数据集训练基于Bagging算法的SVM集成分类器,通过该分类器完成Android恶意软件检测。在分类检测实验中,当良性样本和恶意样本数量平衡时,Bagging-SVM和随机森林算法检出率均高达99.4%;当良性样本和恶意样本的数量比为4:1时,相比随机森林和AdaBoost算法,Bagging-SVM算法在检测精度不降低的条件下,检出率提高了6.6%。实验结果表明所提模型在数据不平衡时仍具有较高的检出率和分类精度,可检测出绝大多数恶意软件。 相似文献
3.
P2P网络目前存在诋毁、夸大、协同作弊、策略性欺骗等恶意交易问题,而且恶意节点比例增加导致系统交易成功率下降速度过快。提出了一种具有检测机制的动态信任模型,该模型具有良好的收敛性。在模型中引入了服务广泛度评价机制、周期性策略相似度检测机制和评价相似度检测机制,较好地抑制了恶意节点的不良服务。通过与目前几个典型的全局信任模型的对比仿真实验,表明该模型在交易成功率方面有较大提高。 相似文献
4.
Webshell是针对Web应用系统进行持久化控制的最常用恶意后门程序,对Web服务器安全运行造成巨大威胁。对于 Webshell 检测的方法大多通过对整个请求包数据进行训练,该方法对网页型 Webshell 识别效果较差,且模型训练效率较低。针对上述问题,提出了一种基于多特征融合的Webshell恶意流量检测方法,该方法以Webshell的数据包元信息、数据包载荷内容以及流量访问行为3个维度信息为特征,结合领域知识,从3个不同维度对数据流中的请求和响应包进行特征提取;并对提取特征进行信息融合,形成可以在不同攻击类型进行检测的判别模型。实验结果表明,与以往研究方法相比,所提方法在正常、恶意流量的二分类上精确率得到较大提升,可达99.25%;训练效率和检测效率也得到了显著提升,训练时间和检测时间分别下降95.73%和86.14%。 相似文献
5.
近年来,随着人工智能的发展与智能设备的普及,人机智能对话技术得到了广泛的关注。口语语义理解是口语对话系统中的一项重要任务,而口语意图检测是口语语义理解中的关键环节。由于多轮对话中存在语义缺失、框架表示以及意图转换等复杂的语言现象,因此面向多轮对话的意图检测任务十分具有挑战性。为了解决上述难题,文中提出了基于门控机制的信息共享网络,充分利用了多轮对话中的上下文信息来提升检测性能。具体而言,首先结合字音特征构建当前轮文本和上下文文本的初始表示,以减小语音识别错误对语义表示的影响;其次,使用基于层级化注意力机制的语义编码器得到当前轮和上下文文本的深层语义表示,包含由字到句再到多轮文本的多级语义信息;最后,通过在多任务学习框架中引入门控机制来构建基于门控机制的信息共享网络,使用上下文语义信息辅助当前轮文本的意图检测。实验结果表明,所提方法能够高效地利用上下文信息来提升口语意图检测效果,在全国知识图谱与语义计算大会(CCKS2018)技术评测任务2的数据集上达到了88.1%的准确率(Acc值)和88.0%的综合正确率(F1值),相比于已有的方法显著提升了性能。 相似文献
6.
Behavior‐based detection and signature‐based detection are two popular approaches to malware (malicious software) analysis. The security industry, such as the sector selling antivirus tools, has been using signature and heuristic‐based technologies for years. However, this approach has been proven to be inefficient in identifying unknown malware strains. On the other hand, the behavior‐based malware detection approach has a greater potential in identifying previously unknown instances of malicious software. The accuracy of this approach relies on techniques to profile and recognize accurate behavior models. Unfortunately, with the increasing complexity of malicious software and limitations of existing automatic tools, the current behavior‐based approach cannot discover many newer forms of malware either. In this paper, we implement ‘holography platform’, a behavior‐based profiler on top of a virtual machine emulator that intercepts the system processes and analyzes the CPU instructions, CPU registers, and memory. The captured information is stored in a relational database, and data mining techniques are used to extract information. We demonstrate the breadth of the ‘holography platform’ by conducting two experiments: a packed binary behavior analysis and a malvertising (malicious advertising) incident tracing. Both tasks are known to be very difficult to do efficiently using existing methods and tools. We demonstrate how the precise behavior information can be easily obtained using the ‘holography platform’ tool. With these two experiments, we show that the ‘holography platform’ can provide security researchers and automatic malware detection systems with an efficient malicious software behavior analysis solution. Copyright © 2011 John Wiley & Sons, Ltd. 相似文献
7.
安卓恶意应用程序的检测目前存在着检测速度慢、检测率低等问题,本文针对这些问题提出了一种基于多特征融合的安卓恶意应用程序检测方法。从Android恶意应用的恶意行为特点出发,运用静态分析和动态分析互相结合的方法,提取出权限和组件、函数API调用序列、系统命令、网络请求等多维度特征,对维度较大的特征种类使用信息增益方法进行特征的筛选,取出最有用特征。本文还利用半敏感哈希算法的降维和保持相似度的特性,提出基于Simhash算法的特征融合方法,将原有的大维度的特征降维到相对较小的维度,并解决了特征的不平衡问题。融合后的特征使用GBDT算法和随机森林算法分类,检测恶意样本。实验对比分析得出本文使用的多种特征融合的方法在可以大大降低分类的训练时间,提高检测效率。 相似文献
8.
This paper describes research that addresses the problem of dialog management from a strong, context‐centric approach. We further present a quantitative method of measuring the importance of contextual cues when dealing with speech‐based human–computer interactions. It is generally accepted that using context in conjunction with a human input, such as spoken speech, enhances a machine's understanding of the user's intent as a means to pinpoint an adequate reaction. For this work, however, we present a context‐centric approach in which the use of context is the primary basis for understanding and not merely an auxiliary process. We employ an embodied conversation agent that facilitates the seamless engagement of a speech‐based information‐deployment entity by its human end user. This dialog manager emphasizes the use of context to drive its mixed‐initiative discourse model. A typical, modern automatic speech recognizer (ASR) was incorporated to handle the speech‐to‐text translations. As is the nature of these ASR systems, the recognition rate is consistently less than perfect, thus emphasizing the need for contextual assistance. The dialog system was encapsulated into a speech‐based embodied conversation agent platform for prototyping and testing purposes. Experiments were performed to evaluate the robustness of its performance, namely through measures of naturalness and usefulness, with respect to the emphasized use of context. The contribution of this work is to provide empirical evidence of the importance of conversational context in speech‐based human–computer interaction using a field‐tested context‐centric dialog manager. 相似文献
9.
Salam Al-E’mari Mohammed Anbar Yousef Sanjalawe Selvakumar Manickam Iznan Hasbullah 《计算机系统科学与工程》2022,40(1):87-102
Intrusion detection systems that have emerged in recent decades can identify a variety of malicious attacks that target networks by employing several detection approaches. However, the current approaches have challenges in detecting intrusions, which may affect the performance of the overall detection system as well as network performance. For the time being, one of the most important creative technological advancements that plays a significant role in the professional world today is blockchain technology. Blockchain technology moves in the direction of persistent revolution and change. It is a chain of blocks that covers information and maintains trust between individuals no matter how far apart they are. Recently, blockchain was integrated into intrusion detection systems to enhance their overall performance. Blockchain has also been adopted in healthcare, supply chain management, and the Internet of Things. Blockchain uses robust cryptography with private and public keys, and it has numerous properties that have leveraged security’s performance over peer-to-peer networks without the need for a third party. To explore and highlight the importance of integrating blockchain with intrusion detection systems, this paper provides a comprehensive background of intrusion detection systems and blockchain technology. Furthermore, a comprehensive review of emerging intrusion detection systems based on blockchain technology is presented. Finally, this paper suggests important future research directions and trending topics in intrusion detection systems based on blockchain technology. 相似文献
10.
11.
随着虚拟化技术的发展及其在云计算中的广泛应用, 传统的rootkit也开始利用硬件虚拟化技术来隐藏自己。为了对抗这一新型rootkit的攻击, 研究了传统rootkit检测方法在检测硬件虚拟化rootkit(HVMR)上的不足, 分析了现有的HVMR检测方法, 包括基于指令执行时间差异的检测方法、基于内存资源视图差异的检测方法、基于CPU异常和错误的检测方法, 以及基于指令计数的监测方法等。总结了这些检测方法的优缺点, 并在此基础上提出了两种通过扫描内存代码来检测HVMR恶意性的方法, 分别是基于hypervisor的恶意性检测方法和基于硬件的恶意性检测方法, 同时也预测了未来虚拟化检测技术的发展方向。 相似文献
12.
Context-Aware Recommender Systems generate more relevant recommendations by adapting them to the specific contextual situation and have become one of the most active research areas in the recommender systems. However, there remains a key issue as how contextual information can be used to create intelligent and useful recommender systems. Use of too many context variables increases dimensionality that leads to loss of accuracy while few context variables fail to bring contextual effects in recommendations. To assist the development and use of context-aware capabilities, we propose a framework, RCFS-CARS that uses influential contexts, make their sets with appropriate relaxation to be applied on different parts of the algorithm. We also propose a strategy to detect the noisy ratings in the datasets and fix them to refine the recommendation results. The experimental results on two datasets reveal that the noise detection and correction process in RCFS-CARS method is much superior and effective in context-aware recommendation scenarios. 相似文献
13.
14.
Securing routing layer functions in mobile ad hoc networks is an important issue, which includes many challenges like how to enhance detection accuracy when facing the highly dynamic characteristic of such networks, and how to distinguish malicious accusations under a totally autonomous structure. In this paper, we propose Distributed Court System (DCS), a complete Intrusion Detection System that intends to solve these challenges in a low-cost and robust way. We do not deploy any centralized entity, but rely on the collaboration among the nodes neighbouring the suspected node, to integrate information, improve the detection accuracy, and reject dissemination of malicious accusation. Through mathematical analysis and simulation, the proposed DCS is proved to be effective in a highly mobile and hostile network environment. 相似文献
15.
16.
当前基于SVM的Android应用程序安全检测技术主要是通过将SVM算法与动静态分析方法相结合,应用于Android应用程序的漏洞和恶意软件的检测中,而恶意软件的检测又可分为恶意行为的检测和恶意代码的检测。故本文按SVM算法应用到的检测领域分类,分别对其应用于Android应用程序中的恶意行为检测、恶意代码检测和漏洞检测方面的研究进行分析与讨论,并总结了当前该领域中仍然存在的一些问题,给出了SVM算法和其应用于Android安全检测中的改进之处,最后对未来的发展进行了展望。 相似文献
17.
目前,恶意域名被广泛应用于远控木马、钓鱼欺诈等网络攻击中,传统恶意域名检测方法存在长距离依赖性问题,容易忽略上下文信息并且数据维度过大,无法高效、准确地检测恶意域名。提出了一种自编码网络(Autoencoder Network,AN)降维和长短期记忆神经网络(Long Short-Term Memory network,LSTM)检测恶意域名的深度学习方法。利用实现包含语义的词向量表示,解决了传统方法导致的数据表示稀疏及维度灾难问题。由word2vec构建词向量作为LSTM的输入,利用Attention机制对LSTM输入与输出之间的相关性进行重要度排序,获取文本整体特征,最后将局部特征与整体特征进行特征融合,使用softmax分类器输出分类结果。实验结果表明,该方法在恶意域名检测上具有较好的表现,比传统检测恶意域名方法具有更高的检测率和实时性。 相似文献
18.
网络诱骗是一种主动的网络安全防御技术,通过跟踪、监视网络入侵者的行为来分析入侵者的攻击意图和行为特征,从而掌握最新的安全技术.其中,如何捕获入侵者的数据是实施网络诱骗的关键问题.分析了现有的网络诱骗系统的数据捕获方法的不足,并在深入研究Linux共享库注射技术的基础上,提出了一种以该技术为核心的网络诱骗数据捕获方法,使得诱骗系统更难于被发现,提高了诱骗的质量.并结合其它技术,给出了一个以该方法为核心的诱骗系统的实现. 相似文献
19.
Smartphones centralize a great deal of users’ private information and are thus a primary target for cyber-attack. The main goal of the attacker is to try to access and exfiltrate the private information stored in the smartphone without detection. In situations where explicit information is lacking, these attackers can still be detected in an automated way by analyzing data streams (continuously sampled information such as an application’s CPU consumption, accelerometer readings, etc.). When clustered, anomaly detection techniques may be applied to the data stream in order to detect attacks in progress. In this paper we utilize an algorithm called pcStream that is well suited for detecting clusters in real world data streams and propose extensions to the pcStream algorithm designed to detect point, contextual, and collective anomalies. We provide a comprehensive evaluation that addresses mobile security issues on a unique dataset collected from 30 volunteers over eight months. Our evaluations show that the pcStream extensions can be used to effectively detect data leakage (point anomalies) and malicious activities (contextual anomalies) associated with malicious applications. Moreover, the algorithm can be used to detect when a device is being used by an unauthorized user (collective anomaly) within approximately 30 s with 1 false positive every two days. 相似文献
20.
木马已成为当前信息安全的重要威胁.研究了已有的恶意代码智能检测方法,针对已有的智能检测没有充分利用时序和空间信息的缺陷,提出集成时序和空间信息的木马行为智能检测.给出了时序特征和空间特征的提取方法,并给出空间特征的特征选择和约简过程,并在此基础上给出了成员分类器的集成决策.给出了总体设计方案,实验结果表明集成时序和空间信息的木马智能检测相对于单分类器能够得到较好的分类准确率. 相似文献