基于支持向量机和Hurst指数的集成入侵检测研究

提出了一种将SVM算法与Hurst指数相结合的入侵检测方法—集成入侵检测。DARPA上的测试结果表明,该方法不仅能够发现网络中已知的攻击,还能够确定网络中未知的攻击,提高了入侵检测的效率。     

基于样本密度的SVM及其在入侵检测中的应用

针对网络数据集过于庞大，学习速度过慢的问题，提出了一种基于空间块和样本密度的SVM算法，并将其应用到入侵检测中。该算法根据样本的局部密度选择训练样本，减少参加训练的样本数量，提高学习速度。实验结果表明，该算法在保证检测精度的同时，学习速度快于传统SVM入侵检测方法。     

基于遗传规划和集成学习的恶意软件检测

近年来恶意软件不断地发展变化,导致单一检测模型的准确率较低,使用集成学习组合多种模型可以提高检测效果,但集成模型中基学习器的准确性和多样性难以平衡。为此,提出一种基于遗传规划的集成模型生成方法,遗传规划可以将特征处理和构建集成模型两个阶段集成到单个程序树中,解决了传统恶意软件集成检测模型难以平衡个体准确率和多样性的问题。该方法以集成模型的恶意软件检出率作为种群进化依据,保证了基学习器的准确性;在构建集成模型时自动选择特征处理方法、分类算法和优化基学习器的超参数,通过输入属性扰动和算法参数扰动增加基学习器的多样性,根据优胜劣汰的思想进化生成具有高准确性和多样性的最优集成模型。在EMBER数据集上的结果表明,最优集成模型的检测准确率达到了98.88%;进一步的分析表明,该方法生成的模型具有较高的多样性和可解释性。     

PSO-SVM在网络入侵检测中的应用

为了提高网络入侵检测效果以加强网络安全性,提出一种网络状态特征和支持向量机(SVM)参数联合选择的网络入侵检测模型(PSO-SVM).以网络入侵检测正确率作为目标,特征子集和SVM参数作为约束条件建立数学模型,通过粒子群优化算法对模型进行求解,找到最优特征子集和SVM参数,利用KDD Cup 99数据集对算法性能进行测试.测试结果表明,相对于其它入侵检测算法,PSO-SVM可以找到更优特征子集和SVM参数,加快了检测速度,有效地提高了网络入侵检测正确率,为网络入侵检测提供了一种新的研究思路.     

粒子群优化支持向量机的入侵检测算法

为了提高网络入侵的检测正确率,针对网络入侵检测中特征选择问题,将二值粒子群优化算法(BPSO)用于网络入侵特征选择,结合支持向量机(SVM)提出了一种基于BPSO-SVM的网络入侵检测算法。该算法将网络入侵检测转化为多分类问题,采用wrapper特征选择模型,以SVM为分类器,通过样本训练分类器,根据分类结果,利用BPSO算法在特征空间中进行全局搜索,选择最优特征集进行分类。实验结果表明,BPSO-SVM有效降低了特征维数,显著提高了网络入侵的检测正确率,还大大缩短了检测时间。     

网络入侵检测中的支持向量机主动学习算法

入侵检测系统已经成为网络安全技术的重要组成部分,然而传统的异常入侵检测技术需要通过对大量训练样本的学习,才能达到较高的检测精度,而大量训练样本集的获取在现实网络环境中是比较困难的。文章研究在网络入侵检测中,采用基于支持向量机(SVM)的主动学习算法,解决训练样本获取代价过大带来的问题。文中通过基于SVM的主动学习算法与传统的被动学习算法的对比实验,显示出主动学习算法与传统的学习算法相比,能有效地减少学习样本,极大地提高入侵检测系统的分类性能。     

混合杂草算法优化支持向量机的网络入侵检测

为了提高网络入侵检测的正确率,提出一种混合入侵杂草HIWO(hybrid invasive weed optimization)算法优化SVM的网络入侵检测模型(HIWO-SVM)。该模型将SVM参数编码为入侵杂草,并以网络入侵检测率作为杂草种子适应度函数,然后通过模拟杂草入侵种子的空间扩散、生长、繁殖和竞争等过程找到SVM的最优参数。在寻优过程中引入遗传算法交叉操作以增强HIWO算法跳出局部极值的能力,最后根据最优参数建立网络入侵检测模型。在Matlab 2012平台采用KDD CUP 99数据集仿真测试,结果表明HIWO-SVM可以获得满意的网络入侵检测效果。     

基于半监督学习的入侵检测系统

在入侵检测方法中,半监督学习作为一种特殊的学习形式,结合了监督学习与非监督学习在检测已知模式数据与未知模式数据方面各自的优点.据此,为进一步提高入侵检测系统的检测准确性,提出一种结合SVM与KMO(online kmeans)算法各自优点的半监督入侵检测模型.该模型首先利用SVM算法对全部的输入数据进行区分,然后将其认为的合法数据集用KMO算法分类,以该结果作为决策模块的输入并做出最终的响应.实验显示,文中模型比单独使用其中的任一种方法具有更高的检测准确率.由此可见,该模型对于实际的入侵检测系统具有实用价值.     

基于聚类混合采样与PSO-Stacking的车载CAN入侵检测方法

随着信息技术的快速发展以及智能网联汽车的日渐普及，由网络入侵引起的车联网安全事件正在逐年增加。针对车联网中车载控制器局域网络（CAN）存在的网络攻击问题，提出一种改进的车载CAN入侵检测方法。考虑到车载CAN中数据流量较大且各类别数据比例失衡，提出一种聚类混合采样方法来平衡数据，对于流量较大的数据，在聚类后进行欠采样以去除冗余，对于流量较小的数据，使用SMOTE方法合成数据。合并上述两部分数据并使用Tomek Links算法进行数据清洗。使用基于Gini系数的GBDT特征选择方法计算特征重要性，删除重要程度较低的特征以实现数据降维。在此基础上，使用粒子群优化算法对Stacking模型中的基学习器和元分类器进行调优，使用优化后的基学习器和元分类器构建Stacking模型并完成入侵检测。实验结果表明，该方法在主流车载CAN入侵数据集上的检测准确率为98.18%，优于常见的ANN、KNN、SVM、MTHIDS及MGA-DTC模型，且对DoS、Fuzzy等类别样本的检测精确度较高，漏报率较低，体现出较好的先进性和实用性。     

PSO-SVM算法在网络入侵检测中的研究

保证网络运行的安全性,防止外来攻击与破坏,进行准确检测.由于网络入侵具有不确性,针对复杂性和多样性,传统检测方法不能有效对这种特性进行识别,导致目前网络入侵检测准确率低.为了提高网络入侵检测准确率,将粒子群(PSO)算法引入到网络人侵检测中,用优化SVM参数.PSO-SVM将网络入侵检测数据输入到SVM中学习,将SVM参数作为PSO中的粒子,把网络人侵检测准确率作为PSO的目标函数,然后通过粒子之间相互协作得到SVM最优参数,最后对网络入侵数据进行检测并输出网络人侵检测结果.在Matlab平台上采用DRAP网络入侵数据集对PSO-SVM进行仿真.实验结果表明,改进的方法PSO-SVM检测速度快,检测准确率高,为网络安全提供可靠保障.     

Only connect: teaching, technology and telesis

Abstract This paper describes an approach to the design of interactive multimedia materials being developed in a European Community project. The developmental process is seen as a dialogue between technologists and teachers. This dialogue is often problematic because of the differences in training, experience and culture between them. Conditions needed for fruitful dialogue are described and the generic model for learning design used in the project is explained.     

European Community policy and the market

Abstract This paper starts with some reflections on the policy considerations and priorities which are shaping European Commission (EC) research programmes. Then it attempts to position the current projects which seek to capitalise on information and communications technologies for learning in relation to these priorities and the apparent realities of the marketplace. It concludes that while there are grounds to be optimistic about the contribution EC programmes can make to the efficiency and standard of education and training, they are still too technology driven.     

一种自适应子融合集成多分类器方法

融合集成方法已经广泛应用在模式识别领域,然而一些基分类器实时性能稳定性较差,导致多分类器融合性能差,针对上述问题本文提出了一种新的基于多分类器的子融合集成分类器系统。该方法考虑在度量层融合层次之上通过对各类基多分类器进行动态选择,票数最多的类别作为融合系统中对特征向量识别的类别,构成一种新的自适应子融合集成分类器方法。实验表明,该方法比传统的分类器以及分类融合方法识别准确率明显更高,具有更好的鲁棒性。     

煤矿井下安全监控分站的设计及其仿真实现

为了设计一种具有低成本、低功耗、易操作、功能强且可靠性高的煤矿井下安全分站,针对煤矿安全生产实际,文章提出了采用MCS-51系列单片机为核心、具有CAN总线通信接口的煤矿井下安全监控分站的设计方案;首先给出煤矿井下安全监控分站的整体构架设计,然后着重阐述模拟量输入信号处理系统的设计过程,最后说明单片机最小系统及其键盘、显示、报警、通信等各个组成部分的设计;为验证设计方案的可行性与有效性,使用Proteus软件对设计内容进行仿真验证,设计的煤矿井下安全监控分站具有瓦斯、温度等模拟量参数超标报警功能和电机开停、风门开闭等开关量指示功能;仿真结果表明:设计的煤矿井下安全监控分站具有一定的实际应用价值.     

Avoiding semantic and temporal gaps in developing software intensive systems

Development of software intensive systems (systems) in practice involves a series of self-contained phases for the lifecycle of a system. Semantic and temporal gaps, which occur among phases and among developer disciplines within and across phases, hinder the ongoing development of a system because of the interdependencies among phases and among disciplines. Such gaps are magnified among systems that are developed at different times by different development teams, which may limit reuse of artifacts of systems development and interoperability among the systems. This article discusses such gaps and a systems development process for avoiding them.     

Designing economic np control charts: A programmed simulation approach

This paper presents control charts models and the necessary simulation software for the location of economic values of the control parameters. The simulation program is written in FORTRAN, requires only 10K of main storage, and can run on most mini and micro computers. Two models are presented - one describes the process when it is operating at full capacity and the other when the process is operating under capacity. The models allow the product quality to deteriorate to a further level before an existing out-of-control state is detected, and they can also be used in situations where no prior knowledge exists of the out-of-control causes and the resulting proportion defectives.     

The development of robot art

Going through a few examples of robot artists who are recognized worldwide, we try to analyze the deepest meaning of what is called “robot art” and the related art field definition. We also try to highlight its well-marked borders, such as kinetic sculptures, kinetic art, cyber art, and cyberpunk. A brief excursion into the importance of the context, the message, and its semiotics is also provided, case by case, together with a few hints on the history of this discipline in the light of an artistic perspective. Therefore, the aim of this article is to try to summarize the main characteristics that might classify robot art as a unique and innovative discipline, and to track down some of the principles by which a robotic artifact can or cannot be considered an art piece in terms of social, cultural, and strictly artistic interest. This work was presented in part at the 13th International Symposium on Artificial Life and Robotics, Oita, Japan, January 31–February 2, 2008     

View-based model-driven architecture for enhancing maintainability of data access services

In modern service-oriented architectures, database access is done by a special type of services, the so-called data access services (DAS). Though, particularly in data-intensive applications, using and developing DAS are very common today, the link between the DAS and their implementation, e.g. a layer of data access objects (DAOs) encapsulating the database queries, still is not sufficiently elaborated, yet. As a result, as the number of DAS grows, finding the desired DAS for reuse and/or associated documentation can become an impossible task. In this paper we focus on bridging this gap between the DAS and their implementation by presenting a view-based, model-driven data access architecture (VMDA) managing models of the DAS, DAOs and database queries in a queryable manner. Our models support tailored views of different stakeholders and are scalable with all types of DAS implementations. In this paper we show that our view-based and model driven architecture approach can enhance software development productivity and maintainability by improving DAS documentation. Moreover, our VMDA opens a wide range of applications such as evaluating DAS usage for DAS performance optimization. Furthermore, we provide tool support and illustrate the applicability of our VMDA in a large-scale case study. Finally, we quantitatively prove that our approach performs with acceptable response times.     

Explanation and prediction: an architecture for default and abductive reasoning

Although there are many arguments that logic is an appropriate tool for artificial intelligence, there has been a perceived problem with the monotonicity of classical logic. This paper elaborates on the idea that reasoning should be viewed as theory formation where logic tells us the consequences of our assumptions. The two activities of predicting what is expected to be true and explaining observations are considered in a simple theory formation framework. Properties of each activity are discussed, along with a number of proposals as to what should be predicted or accepted as reasonable explanations. An architecture is proposed to combine explanation and prediction into one coherent framework. Algorithms used to implement the system as well as examples from a running implementation are given.     

A pragmatic multi-method investigation of discrepant technological events: Coping,attributions, and ‘accidental’ learning

Discrepant technological events or situations that entail a problem, a misunderstanding or a difficulty with the Information Technology (IT) being employed, are common in the workplace, and can lead to frustration and avoidance behaviors. Little is known, however, about how individuals cope with these events. This paper examines these events by using a multi-method pragmatic approach informed by coping theory. The results of two studies – a critical incident study and an experiment – serve to build and test, respectively, a theoretical model that posits that individuals use a variety of strategies when dealing with these events: they experience negative emotions, make external attributions, and adopt engagement coping strategies directed at solving the event, eventually switching to a disengagement coping strategy when they feel they have no control over the situation. Furthermore, users’ efforts may result in ‘accidental’ learning as they try to overcome the discrepant IT events through engagement coping. The paper ends with a discussion of the results in light of existing literature, future opportunities for research, and implications for practice.