基于蜜罐技术的计算机动态取证系统研究

提出了一种基于蜜罐的计算机动态取证方法.该方法通过蜜罐技术将入侵转移到一个虚拟的环境,不仅可以保护网络或主机不受攻击,而且还可以为证据的提取争取到更长的时间,从而获得更为真实的电子证据.实验结果表明:基于蜜罐的动态取证系统具有检测率高、误报率低、取证能力强的特性.     

能源互联网——信息与能源的基础设施一体化

能源是人类生存发展的重要物质基础,能源互联网作为未来可能的能源可持续发展解决方案正逐渐成为研究的热点和潮流。阐述了能源互联网的概念和特征,提出其基本架构,并从广域网,局域网和基础设施三个层面讨论信息与能源的基础设施一体化建设。综述了国内外能源互联网技术的发展现状,提出了能源路由器作为信息与能源的基础设施一体化的解决方案,并对基于能源路由器的能源互联网应用场景给出了详细描述。     

Hybrid-driven-based fuzzy secure filtering for nonlinear parabolic partial differential equation systems with cyber attacks

The problem of hybrid-driven fuzzy filtering for nonlinear semi-linear parabolic partial differential equation systems with dual cyber attacks is investigated. First, a Takagi-Sugeno (T-S) fuzzy model is employed to reconstruct the original nonlinear systems. Second, a hybrid-driven mechanism is applied for filter design to balance the systems' performance and the limited network resource consumption under dual cyber attacks composed of deception and denial of service attacks. Based on the Lyapunov direct method, sufficient conditions to guarantee the stability of the augmented system are obtained, and the parameters of the designed filter are earned with explicit form. Finally, a simulation example with robust analysis and comparative analysis is provided to illustrate the effectiveness of the proposed method.     

计算机犯罪与计算机犯罪取证技术发展的研究

如今的计算机和计算机网络充斥着各种犯罪活动,与现实生活中的犯罪活动不同的是,目前对网络犯罪的监管力度远远低于现实生活中的犯罪活动,并且由于计算机罪犯往往可以不受限制的获取进行犯罪所需的专业知识,实施犯案行为不受地域限制,并具有高隐蔽性的特征,所以增长十分迅速。计算机犯罪已经不是单靠防御就能解决问题,而是需要更多的主动性手段来打击和威慑计算机犯罪。     

实务中玩忽职守罪的认定

玩忽职守罪的认定主要考虑两个因素:一是国家机关工作人员玩忽职守的行为与公共财产、国家和人民的利益遭受重大损失具有刑法意义上的因果联系;二是"公共财产、国家和人民的利益遭受重大损失"中"利益"的界定。"利益"应该是受法律保护的利益,如果是非法利益因国家机关工作人员玩忽职守的行为遭受损失,那就不构成玩忽职守罪。     

Preventing Cloud Network from Spamming Attacks Using Cloudflare and KNN

Cloud computing is one of the most attractive and cost-saving models, which provides online services to end-users. Cloud computing allows the user to access data directly from any node. But nowadays, cloud security is one of the biggest issues that arise. Different types of malware are wreaking havoc on the clouds. Attacks on the cloud server are happening from both internal and external sides. This paper has developed a tool to prevent the cloud server from spamming attacks. When an attacker attempts to use different spamming techniques on a cloud server, the attacker will be intercepted through two effective techniques: Cloudflare and K-nearest neighbors (KNN) classification. Cloudflare will block those IP addresses that the attacker will use and prevent spamming attacks. However, the KNN classifiers will determine which area the spammer belongs to. At the end of the article, various prevention techniques for securing cloud servers will be discussed, a comparison will be made with different papers, a conclusion will be drawn based on different results.     

Decentralized dynamic event-triggered control for networked control systems under unreliable communication network and actuator saturation

In this paper, the stochastic stability of networked control systems (NCSs) with nonlinear perturbation and parameter uncertainties is studied. A decentralized dynamic event triggering scheme (DDETS) is introduced to reduce energy consumption and network transmission burden. Each channel can decide whether to transmit signals sampled by corresponding sensors through this mechanism. Due to the unreliability of communication network, a new mathematical model of NCSs based on multi-channel fading and hybrid cyber attacks is established, and the actuator is constrained by saturation. A sufficient condition for stochastic stability based on static controller is derived through Lyapunov stability theory, and two numerical examples are given to demonstrate the effectiveness of the method.     

基于智能合约的高对抗性僵尸网络研究

区块链技术的发展与应用使构建更为鲁棒和灵活的僵尸网络命令控制信道成为可能.为了更好地研究这类潜在的新型僵尸网络威胁,提出基于区块链智能合约的高对抗性僵尸网络模型——SCBot.SCBot模型采用分层混合拓扑结构,在僵尸子网层构建基于智能合约的命令传递信道,并建立可信度评估机制判别节点真实性,从流量和终端两大层面提升网络...     

计算机取证的工具体系

介绍了计算机取证所需的工具集，对相关的工具进行了比较，重点阐述了数据获取工具，给出了取证工具的国内外发展现况，最后指出了取证工具的发展趋势。     

基于电力信息物理系统实时仿真平台的网络安全仿真

随着信息流和能量流耦合程度的不断加深,现代电力系统已逐渐发展成为信息系统和物理系统深度耦合的电力信息物理系统。传统的只对物理系统进行仿真运算的方法已无法保证其仿真分析的准确性。文章从仿真分析的角度,在对比分析现有仿真方法的基础上,进行仿真工具和配合模式上的改进,并进一步加入中间人环节,搭建了一种新的考虑网络攻击的电力信息物理系统(cyber physical power system,CPPS)实时联合仿真平台。最后,基于该平台,以负荷控制业务为例,研究了网络攻击对电力物理系统的影响,深入分析CPPS中信息系统与物理系统的深层次耦合关系,仿真验证了所提平台的有效性和实时性。