自动替代虚假点数据的数据处理方法

本文给出自动剔除虚假点并使用合理值加以替代的方法。     

机械加工中假废品的研究

通过实例分析，给出快速判定易产生假废品的范围的办法，与传统的方法比，节省了检查人员与工人的时间，提高了劳动效率。具有操作简梗、切实可靠等特点.     

入侵检测系统中报警验证模块的设计与实现

传统入侵检测系统虽然可以根据特征匹配的方法检测出攻击企图,却无法验证攻击企图是否成功,生成的报警不仅数量巨大而且误警率很高。该文提出一种结合漏洞扫描工具对入侵检测系统生成的报警进行验证的方法,根据被攻击主机是否包含能使攻击成功的漏洞来判定攻击能否成功,对攻击的目标主机不存在对应漏洞的报警降低优先级,从而提高报警质量。说明了报警验证模型各部分的设计和实现方法,系统运行结果显示该方法能有效地压缩报警量,降低误警率,帮助管理员从大量数据中找到最应该关注的真实报警。     

异常入侵检测系统虚警率问题研究

入侵检测系统的虚警率影响检测结果的可信性.通过分析入侵检测系统的可信问题及异常入侵检测系统的虚警率问题,提出了降低虚警率的方法:基于进程检测行为的入侵检测方法、多检测系统协作工作模式.重点描述了基于人工免疫思想,动态构建正常系统轮廓,抑制虚警率的方法,并对其进行了仿真实验.实验表明,本方法可以提高检测效率,有效降低系统虚警率.     

基于可拓学的网络安全报警分析技术研究*

用户的网络管理需要建立一种新型的综合网络安全管理解决方案,即统一网络安全管理。特别关注于其中的一个关键功能——报警分析。其思路是以IDS报警为中心,将报警分析过程分解为包含报警评估与报警相关的两级关联分析模式。为了有效克服现今IDS报警分析技术中存在的问题和局限,顺应网络安全管理的统一化趋势,引入在解决矛盾问题方面极具优势的可拓学,以保证网络安全报警分析各种功能在技术上的实现。     

Association Rule Mining Frequent-Pattern-Based Intrusion Detection in Network

In the network security system, intrusion detection plays a significant role. The network security system detects the malicious actions in the network and also conforms the availability, integrity and confidentiality of data information resources. Intrusion identification system can easily detect the false positive alerts. If large number of false positive alerts are created then it makes intrusion detection system as difficult to differentiate the false positive alerts from genuine attacks. Many research works have been done. The issues in the existing algorithms are more memory space and need more time to execute the transactions of records. This paper proposes a novel framework of network security Intrusion Detection System (IDS) using Modified Frequent Pattern (MFP-Tree) via K-means algorithm. The accuracy rate of Modified Frequent Pattern Tree (MFPT)-K means method in finding the various attacks are Normal 94.89%, for DoS based attack 98.34%, for User to Root (U2R) attacks got 96.73%, Remote to Local (R2L) got 95.89% and Probe attack got 92.67% and is optimal when it is compared with other existing algorithms of K-Means and APRIORI.     

The impact of false warnings on partial and full lane departure warnings effectiveness and acceptance in car driving

In the past, lane departure warnings (LDWs) were demonstrated to improve driving behaviours during lane departures but little is known about the effects of unreliable warnings. This experiment focused on the influence of false warnings alone or in combination with missed warnings and warning onset on assistance effectiveness and acceptance. Two assistance unreliability levels (33 and 17%) and two warning onsets (partial and full lane departure) were manipulated in order to investigate interaction. Results showed that assistance, regardless unreliability levels and warning onsets, improved driving behaviours during lane departure episodes and outside of these episodes by favouring better lane-keeping performances. Full lane departure and highly unreliable warnings, however, reduced assistance efficiency. Drivers’ assistance acceptance was better for the most reliable warnings and for the subsequent warnings. The data indicate that imperfect LDWs (false warnings or false and missed warnings) further improve driving behaviours compared to no assistance.

Practitioner Summary: This study revealed that imperfect lane departure warnings are able to significantly improve driving performances and that warning onset is a key element for assistance effectiveness and acceptance. The conclusion may be of particular interest for lane departure warning designers.     

Adaptive picking of microseismic event arrival using a power spectrum envelope

An automatic, adaptive, spectrogram-based algorithm for picking the arrival time of microseismic data is proposed. The algorithm provides a significant improvement in the ratio of detected events to false triggers and in the resolution of the microseismic structure. It mainly addresses the problem of automatic picking when the signal-to-noise ratio (S/N) is low and so false and missed triggers frequently occur. It combines the short time average/long time average (STA/LTA) algorithm with an envelope algorithm. It also constructs an envelope from a time-frequency representation of the signal. The threshold is set dynamically, according to the existing noise level and the S/N ratio. The algorithm also uses the fixed LTA value to represent the noise level for a seismic record. It is applied to pick the arrival times of P-waves of local events recorded at eight stations.     

Input-output properties of the Page-Hinkley detector

We consider the stochastic input-output properties of a simple non-linear dynamical system, the so-called Page-Hinkley detector, playing a key role in change detection, and also in queuing theory. We show that for L-mixing inputs with negative expectation the output process of this system is L-mixing. The result is applied to get an upper bound for the false alarm rate. The proof is then adapted to get a similar result for the case of random i.i.d. inputs. Possible extensions and open problems are given in the discussion.     

An improved SVD-based watermarking technique for copyright protection

The drawbacks of SVD-based image watermarking are false positive, robust and transparency. The former can be overcome by embedding the principal components of the watermark into the host image, the latter is dependent on how much the quantity (i.e., scaling factor) of the principal components is embedded. For the existing methods, the scaling factor is a fixed value; actually, it is image-dependent. Different watermarks need the different scaling factors, although they are embedded in the same host image. In this paper, two methods are proposed to improve the reliability and robustness. To improve the reliability, for the first method, the principal components of the watermark are embedded into the host image in discrete cosine transform (DCT); and for the second method, those are embedded into the host image in discrete wavelets transform (DWT). To improve the robustness, the particle swarm optimization (PSO) is used for finding the suitable scaling factors. The experimental results demonstrate that the performance of the proposed methods outperforms than those of the existing methods.