With the rapid developments of information technology,various industries become much more dependent on networks.Driven by economic interests and the game between countries reflected by growing cyberspace confrontation...With the rapid developments of information technology,various industries become much more dependent on networks.Driven by economic interests and the game between countries reflected by growing cyberspace confrontations,evasive network attacks on information infrastructures with high-tech,high concealment and longterm sustainability become severe threats to national security.In this paper,we propose a novel two-phased method for the detection of evasive network attacks which exploit or pretend to be common legal encryption services in order to escape security inspection.Malicious communications which camouflage themselves as legal encryption application are identified in the SSL'session structure verification phase firstly,and then by serverside X.509 certificate based anomaly detection,suspicious attack behaviors are further distinguished effectively.Experiment results show that our method is very useful for detecting the network activities of certain unknown threats or new malwares.Besides,the proposed method can be applied to other similar services easily.展开更多
Ocean information management is of great importance as it has been employed in many areas of ocean science and technology. However, the developments of Ocean Information Systems(OISs) often suffer from low efficiency ...Ocean information management is of great importance as it has been employed in many areas of ocean science and technology. However, the developments of Ocean Information Systems(OISs) often suffer from low efficiency because of repetitive work and continuous modifications caused by dynamic requirements. In this paper, the basic requirements of OISs are analyzed first, and then a novel platform DPOI is proposed to improve development efficiency and enhance software quality of OISs by providing off-the-shelf resources. In the platform, the OIS is decomposed hierarchically into a set of modules, which can be reused in different system developments. These modules include the acquisition middleware and data loader that collect data from instruments and files respectively, the database that stores data consistently, the components that support fast application generation, the web services that make the data from distributed sources syntactical by use of predefined schemas and the configuration toolkit that enables software customization. With the assistance of the development platform, the software development needs no programming and the development procedure is thus accelerated greatly. We have applied the development platform in practical developments and evaluated its efficiency in several development practices and different development approaches. The results show that DPOI significantly improves development efficiency and software quality.展开更多
Objectives:From the view of everyday practices and the socio-technical coordination lens,this study aimed to analyz the gap between creators’intention and the users’implementation(mainly nursing staff and social wor...Objectives:From the view of everyday practices and the socio-technical coordination lens,this study aimed to analyz the gap between creators’intention and the users’implementation(mainly nursing staff and social workers)of an alert system in assisted living communities.Methods:Qualitative methods were employed by way of five user interviews and focus groups with six system developers.Modeling instruments were applied for data collection to analyze the different clinical workflows versus the expectations of the system development team.Results:Results indicate that the clinical workflow changed over time,which led to a mismatch of nurse care coordination,social practices,and technology use.The results show different mental models of the socio-technical practice.Applying the coordination theory,the following recommendations could be developed to overcome the mismatch.First,it is recommended that nursing staff set goals together.Second,a communication rhythmwith the nursing staff and developer teams should be established,with guided questions to facilitate the conversation,to shed light on the different workflows and the difference in social practices when using sensor technologies or alert systems.Third,a checklist for new employees should be created so they know how and on which devices to use the alert system.Fourth,the user experience with the alert system should be improved(e.g.,an improved user interface).Conclusions:This work indicates recommendations to close the mental model gap to overcome the mismatch between optimal use of the alert system and how the nursing staff is actually using it.展开更多
With the constructions of "intelligence city", intelligent life quietly came to the people. As the "cell" of the city, the construction of intelligence community arises. Resident service system and e-government ap...With the constructions of "intelligence city", intelligent life quietly came to the people. As the "cell" of the city, the construction of intelligence community arises. Resident service system and e-government application system have been used in the traditional information community, but these systems are independent of each other, lack of interconnectedness, which results in the phenomenon of information isolated island. Intelligence community integrated information service platform can integrate information service resources and provide residents with efficient and convenient life. From the meaning, operation mode, we can design the cooperative, open and extensible system architecture.展开更多
To improve the quality of multimedia services and stimulate secure sensing in Internet of Things applications, such as healthcare and traffic monitoring, mobile crowdsensing(MCS) systems must address security threats ...To improve the quality of multimedia services and stimulate secure sensing in Internet of Things applications, such as healthcare and traffic monitoring, mobile crowdsensing(MCS) systems must address security threats such as jamming, spoofing and faked sensing attacks during both sensing and information exchange processes in large-scale dynamic and heterogeneous networks. In this article, we investigate secure mobile crowdsensing and present ways to use deep learning(DL) methods, such as stacked autoencoder, deep neural networks, convolutional neural networks, and deep reinforcement learning, to improve approaches to MCS security, including authentication, privacy protection, faked sensing countermeasures, intrusion detection and anti-jamming transmissions in MCS. We discuss the performance gain of these DLbased approaches compared to traditional security schemes and identify the challenges that must be addressed to implement these approaches in practical MCS systems.展开更多
基金supported by the National Science and Technology Support Program under Grant No.2012BAH46B02 and 2012BAH45B01the National High Technology Research and Development Program(863 Program) of China under Grant No.2011AA010703the Strategic Priority Research Program of the Chinese Academy of Sciences under Grant No.XDA06030200
文摘With the rapid developments of information technology,various industries become much more dependent on networks.Driven by economic interests and the game between countries reflected by growing cyberspace confrontations,evasive network attacks on information infrastructures with high-tech,high concealment and longterm sustainability become severe threats to national security.In this paper,we propose a novel two-phased method for the detection of evasive network attacks which exploit or pretend to be common legal encryption services in order to escape security inspection.Malicious communications which camouflage themselves as legal encryption application are identified in the SSL'session structure verification phase firstly,and then by serverside X.509 certificate based anomaly detection,suspicious attack behaviors are further distinguished effectively.Experiment results show that our method is very useful for detecting the network activities of certain unknown threats or new malwares.Besides,the proposed method can be applied to other similar services easily.
基金supported in part by National Natural Science Foundation of China under grant No. 61170258 and 61379127National Ocean Public Benefit Research Foundation under grant No. 201305033-6 and 2011 05034-10+1 种基金Marine Renewable Energy Special Foundation under grant No. GHME2012ZC02Science and Technology Development Plan of Qingdao City under Grant No. 12-1-3-81-jh
文摘Ocean information management is of great importance as it has been employed in many areas of ocean science and technology. However, the developments of Ocean Information Systems(OISs) often suffer from low efficiency because of repetitive work and continuous modifications caused by dynamic requirements. In this paper, the basic requirements of OISs are analyzed first, and then a novel platform DPOI is proposed to improve development efficiency and enhance software quality of OISs by providing off-the-shelf resources. In the platform, the OIS is decomposed hierarchically into a set of modules, which can be reused in different system developments. These modules include the acquisition middleware and data loader that collect data from instruments and files respectively, the database that stores data consistently, the components that support fast application generation, the web services that make the data from distributed sources syntactical by use of predefined schemas and the configuration toolkit that enables software customization. With the assistance of the development platform, the software development needs no programming and the development procedure is thus accelerated greatly. We have applied the development platform in practical developments and evaluated its efficiency in several development practices and different development approaches. The results show that DPOI significantly improves development efficiency and software quality.
基金This work was supported by the National Library of Medicine grant #1R01LM01222.
文摘Objectives:From the view of everyday practices and the socio-technical coordination lens,this study aimed to analyz the gap between creators’intention and the users’implementation(mainly nursing staff and social workers)of an alert system in assisted living communities.Methods:Qualitative methods were employed by way of five user interviews and focus groups with six system developers.Modeling instruments were applied for data collection to analyze the different clinical workflows versus the expectations of the system development team.Results:Results indicate that the clinical workflow changed over time,which led to a mismatch of nurse care coordination,social practices,and technology use.The results show different mental models of the socio-technical practice.Applying the coordination theory,the following recommendations could be developed to overcome the mismatch.First,it is recommended that nursing staff set goals together.Second,a communication rhythmwith the nursing staff and developer teams should be established,with guided questions to facilitate the conversation,to shed light on the different workflows and the difference in social practices when using sensor technologies or alert systems.Third,a checklist for new employees should be created so they know how and on which devices to use the alert system.Fourth,the user experience with the alert system should be improved(e.g.,an improved user interface).Conclusions:This work indicates recommendations to close the mental model gap to overcome the mismatch between optimal use of the alert system and how the nursing staff is actually using it.
文摘With the constructions of "intelligence city", intelligent life quietly came to the people. As the "cell" of the city, the construction of intelligence community arises. Resident service system and e-government application system have been used in the traditional information community, but these systems are independent of each other, lack of interconnectedness, which results in the phenomenon of information isolated island. Intelligence community integrated information service platform can integrate information service resources and provide residents with efficient and convenient life. From the meaning, operation mode, we can design the cooperative, open and extensible system architecture.
基金supported in part by the National Natural Science Foundation of China under Grant 61671396 and 91638204in part by the open research fund of National Mobile Communications Research Laboratory,Southeast University(No.2018D08)in part by Science and Technology Innovation Project of Foshan City,China(Grant No.2015IT100095)
文摘To improve the quality of multimedia services and stimulate secure sensing in Internet of Things applications, such as healthcare and traffic monitoring, mobile crowdsensing(MCS) systems must address security threats such as jamming, spoofing and faked sensing attacks during both sensing and information exchange processes in large-scale dynamic and heterogeneous networks. In this article, we investigate secure mobile crowdsensing and present ways to use deep learning(DL) methods, such as stacked autoencoder, deep neural networks, convolutional neural networks, and deep reinforcement learning, to improve approaches to MCS security, including authentication, privacy protection, faked sensing countermeasures, intrusion detection and anti-jamming transmissions in MCS. We discuss the performance gain of these DLbased approaches compared to traditional security schemes and identify the challenges that must be addressed to implement these approaches in practical MCS systems.
