For a semi-supervised classification system, with the increase of the training samples number, the system needs to be continually updated. As the size of samples set is increasing, many unreliable samples will also be...For a semi-supervised classification system, with the increase of the training samples number, the system needs to be continually updated. As the size of samples set is increasing, many unreliable samples will also be increased. In this paper, we use fuzzy c-means (FCM) clustering to take out some samples that are useless, and extract the intersection between the original training set and the cluster after using FCM clustering. The intersection between every class and cluster is reliable samples which we are looking for. The experiment result demonstrates that the superiority of the proposed algorithm is remarkable.展开更多
Objective To detect unknown network worm at its early propagation stage. Methods On the basis of characteristics of network worm attack, the concept of failed connection flow (FCT) was defined. Based on wavelet packet...Objective To detect unknown network worm at its early propagation stage. Methods On the basis of characteristics of network worm attack, the concept of failed connection flow (FCT) was defined. Based on wavelet packet analysis of FCT time series, this method computed the energy associated with each wavelet packet of FCT time series, transformed the FCT time series into a series of energy distribution vector on frequency domain, then a trained K-nearest neighbor (KNN) classifier was applied to identify the worm. Results The experiment showed that the method could identify network worm when the worm started to scan. Compared to theoretic value, the identification error ratio was 5.69%. Conclusion The method can detect unknown network worm at its early propagation stage effectively.展开更多
Currently, cybersecurity and cyber resilience are emerging and urgent issues in nextgeneration air traffic surveillance systems, which depend primarily on Automatic Dependent Surveillance-Broadcast(ADS-B) owing to its...Currently, cybersecurity and cyber resilience are emerging and urgent issues in nextgeneration air traffic surveillance systems, which depend primarily on Automatic Dependent Surveillance-Broadcast(ADS-B) owing to its low cost and high accuracy. Unfortunately, ADS-B is prone to cyber-attacks. To verify the ADS-B positioning data of aircraft, multilateration(MLAT)techniques that use Time Differences of Arrivals(TDoAs) have been proposed. MLAT exhibits low accuracy in determining aircraft positions. Recently, a novel technique using a theoretically calculated TDoA fingerprint map has been proposed. This technique is less dependent on the geometry of sensor deployment and achieves better accuracy than MLAT. However, the accuracy of the existing technique is not sufficiently precise for determining aircraft positions and requires a long computation time. In contrast, this paper presents a reliable surveillance framework using an Actual TDoA-Based Augmentation System(ATBAS). It uses historically recorded real-data from the OpenSky network to train our TDoA fingerprint grid network. Our results show that the accuracy of the proposed ATBAS framework in determining the aircraft positions is significantly better than those of the MLAT and expected TDoA techniques by 56.93% and 48.86%, respectively. Additionally, the proposed framework reduced the computation time by 77% compared with the expected TDoA technique.展开更多
基金supported by the National Natural Science Foundation under Grant No.61175055 and No.61105059support of research funds of Sichuan Key Laboratory of Intelligent Network Information Processing under Grant No.SGXZD1002-10Si chuan Key Technology Research and Development Program under Grant No.2012GZ0019 and No.2011FZ0051
文摘For a semi-supervised classification system, with the increase of the training samples number, the system needs to be continually updated. As the size of samples set is increasing, many unreliable samples will also be increased. In this paper, we use fuzzy c-means (FCM) clustering to take out some samples that are useless, and extract the intersection between the original training set and the cluster after using FCM clustering. The intersection between every class and cluster is reliable samples which we are looking for. The experiment result demonstrates that the superiority of the proposed algorithm is remarkable.
基金This work was supported by National "863" programof China (No.2003AA148010) and National Torch Project of China (No.2005EB011484) .
文摘Objective To detect unknown network worm at its early propagation stage. Methods On the basis of characteristics of network worm attack, the concept of failed connection flow (FCT) was defined. Based on wavelet packet analysis of FCT time series, this method computed the energy associated with each wavelet packet of FCT time series, transformed the FCT time series into a series of energy distribution vector on frequency domain, then a trained K-nearest neighbor (KNN) classifier was applied to identify the worm. Results The experiment showed that the method could identify network worm when the worm started to scan. Compared to theoretic value, the identification error ratio was 5.69%. Conclusion The method can detect unknown network worm at its early propagation stage effectively.
文摘Currently, cybersecurity and cyber resilience are emerging and urgent issues in nextgeneration air traffic surveillance systems, which depend primarily on Automatic Dependent Surveillance-Broadcast(ADS-B) owing to its low cost and high accuracy. Unfortunately, ADS-B is prone to cyber-attacks. To verify the ADS-B positioning data of aircraft, multilateration(MLAT)techniques that use Time Differences of Arrivals(TDoAs) have been proposed. MLAT exhibits low accuracy in determining aircraft positions. Recently, a novel technique using a theoretically calculated TDoA fingerprint map has been proposed. This technique is less dependent on the geometry of sensor deployment and achieves better accuracy than MLAT. However, the accuracy of the existing technique is not sufficiently precise for determining aircraft positions and requires a long computation time. In contrast, this paper presents a reliable surveillance framework using an Actual TDoA-Based Augmentation System(ATBAS). It uses historically recorded real-data from the OpenSky network to train our TDoA fingerprint grid network. Our results show that the accuracy of the proposed ATBAS framework in determining the aircraft positions is significantly better than those of the MLAT and expected TDoA techniques by 56.93% and 48.86%, respectively. Additionally, the proposed framework reduced the computation time by 77% compared with the expected TDoA technique.
