Mitigating increasing cyberattack incidents may require strategies such as reinforcing organizations’ networks with Honeypots and effectively analyzing attack traffic for detection of zero-day attacks and vulnerabili...Mitigating increasing cyberattack incidents may require strategies such as reinforcing organizations’ networks with Honeypots and effectively analyzing attack traffic for detection of zero-day attacks and vulnerabilities. To effectively detect and mitigate cyberattacks, both computerized and visual analyses are typically required. However, most security analysts are not adequately trained in visualization principles and/or methods, which is required for effective visual perception of useful attack information hidden in attack data. Additionally, Honeypot has proven useful in cyberattack research, but no studies have comprehensively investigated visualization practices in the field. In this paper, we reviewed visualization practices and methods commonly used in the discovery and communication of attack patterns based on Honeypot network traffic data. Using the PRISMA methodology, we identified and screened 218 papers and evaluated only 37 papers having a high impact. Most Honeypot papers conducted summary statistics of Honeypot data based on static data metrics such as IP address, port, and packet size. They visually analyzed Honeypot attack data using simple graphical methods (such as line, bar, and pie charts) that tend to hide useful attack information. Furthermore, only a few papers conducted extended attack analysis, and commonly visualized attack data using scatter and linear plots. Papers rarely included simple yet sophisticated graphical methods, such as box plots and histograms, which allow for critical evaluation of analysis results. While a significant number of automated visualization tools have incorporated visualization standards by default, the construction of effective and expressive graphical methods for easy pattern discovery and explainable insights still requires applied knowledge and skill of visualization principles and tools, and occasionally, an interdisciplinary collaboration with peers. We, therefore, suggest the need, going forward, for non-classical graphical methods for visualizing attack patterns and communicating analysis results. We also recommend training investigators in visualization principles and standards for effective visual perception and presentation.展开更多
Mixed integer linear programming(MILP) approach for simultaneous gross error detection and data reconciliation has been proved as an efficient way to adjust process data with material,energy,and other balance constrai...Mixed integer linear programming(MILP) approach for simultaneous gross error detection and data reconciliation has been proved as an efficient way to adjust process data with material,energy,and other balance constrains.But the efficiency will decrease significantly when this method is applied in a large-scale problem because there are too many binary variables involved.In this article,an improved method is proposed in order to generate gross error candidates with reliability factors before data rectification.Candidates are used in the MILP objective function to improve the efficiency and accuracy by reducing the number of binary variables and giving accurate weights for suspected gross errors candidates.Performance of this improved method is compared and discussed by applying the algorithm in a widely used industrial example.展开更多
本文介绍的指针法传递数据专用于 APPLE 型微机程序之间的数据传递。使用指针法,前一程序的各类数据都可以传递给后续程序。使用户有可能把各个程序的程序行与数据分放在高分辨率图形显示屏幕存储区的下方和上方。与不用指针法的绘图程...本文介绍的指针法传递数据专用于 APPLE 型微机程序之间的数据传递。使用指针法,前一程序的各类数据都可以传递给后续程序。使用户有可能把各个程序的程序行与数据分放在高分辨率图形显示屏幕存储区的下方和上方。与不用指针法的绘图程序相比,内存可利用单元成倍增加,绘图功能可增强,数据量可以更大。这样安排内存,是 CHAIN 命令和一般数据文件所不能实现的。因此,特别适合于绘图程序的连接与用据传递。指针法已理想地服务于作者的绘图系统中。展开更多
文摘Mitigating increasing cyberattack incidents may require strategies such as reinforcing organizations’ networks with Honeypots and effectively analyzing attack traffic for detection of zero-day attacks and vulnerabilities. To effectively detect and mitigate cyberattacks, both computerized and visual analyses are typically required. However, most security analysts are not adequately trained in visualization principles and/or methods, which is required for effective visual perception of useful attack information hidden in attack data. Additionally, Honeypot has proven useful in cyberattack research, but no studies have comprehensively investigated visualization practices in the field. In this paper, we reviewed visualization practices and methods commonly used in the discovery and communication of attack patterns based on Honeypot network traffic data. Using the PRISMA methodology, we identified and screened 218 papers and evaluated only 37 papers having a high impact. Most Honeypot papers conducted summary statistics of Honeypot data based on static data metrics such as IP address, port, and packet size. They visually analyzed Honeypot attack data using simple graphical methods (such as line, bar, and pie charts) that tend to hide useful attack information. Furthermore, only a few papers conducted extended attack analysis, and commonly visualized attack data using scatter and linear plots. Papers rarely included simple yet sophisticated graphical methods, such as box plots and histograms, which allow for critical evaluation of analysis results. While a significant number of automated visualization tools have incorporated visualization standards by default, the construction of effective and expressive graphical methods for easy pattern discovery and explainable insights still requires applied knowledge and skill of visualization principles and tools, and occasionally, an interdisciplinary collaboration with peers. We, therefore, suggest the need, going forward, for non-classical graphical methods for visualizing attack patterns and communicating analysis results. We also recommend training investigators in visualization principles and standards for effective visual perception and presentation.
基金Supported by the National High Technology Research and Development Program of China (2007AA40702 and 2007AA04Z191)
文摘Mixed integer linear programming(MILP) approach for simultaneous gross error detection and data reconciliation has been proved as an efficient way to adjust process data with material,energy,and other balance constrains.But the efficiency will decrease significantly when this method is applied in a large-scale problem because there are too many binary variables involved.In this article,an improved method is proposed in order to generate gross error candidates with reliability factors before data rectification.Candidates are used in the MILP objective function to improve the efficiency and accuracy by reducing the number of binary variables and giving accurate weights for suspected gross errors candidates.Performance of this improved method is compared and discussed by applying the algorithm in a widely used industrial example.
文摘本文介绍的指针法传递数据专用于 APPLE 型微机程序之间的数据传递。使用指针法,前一程序的各类数据都可以传递给后续程序。使用户有可能把各个程序的程序行与数据分放在高分辨率图形显示屏幕存储区的下方和上方。与不用指针法的绘图程序相比,内存可利用单元成倍增加,绘图功能可增强,数据量可以更大。这样安排内存,是 CHAIN 命令和一般数据文件所不能实现的。因此,特别适合于绘图程序的连接与用据传递。指针法已理想地服务于作者的绘图系统中。