With the flooding of pornographic information on the Internet, how to keep people away from that offensive information is becoming one of the most important research areas in network information security. Some applica...With the flooding of pornographic information on the Internet, how to keep people away from that offensive information is becoming one of the most important research areas in network information security. Some applications which can block or filter such information are used. Approaches in those systems can be roughly classified into two kinds: metadata based and content based. With the development of distributed technologies, content based filtering technologies will play a more and more important role in filtering systems. Keyword matching is a content based method used widely in harmful text filtering. Experiments to evaluate the recall and precision of the method showed that the precision of the method is not satisfactory, though the recall of the method is rather high. According to the results, a new pornographic text filtering model based on reconfirming is put forward. Experiments showed that the model is practical, has less loss of recall than the single keyword matching method, and has higher precision.展开更多
Recently, attacks have become Denial-of-Service (DOS) the mainstream threat to the internet service availability. The filter-based packet filtering is a key technology to defend against such attacks. Relying on the ...Recently, attacks have become Denial-of-Service (DOS) the mainstream threat to the internet service availability. The filter-based packet filtering is a key technology to defend against such attacks. Relying on the filtering location, the proposed schemes can be grouped into Victim-end Filtering and Source-end Filtering. The first scheme uses a single filtering router to block the attack flows near the victim, but does not take the factor that the filters are scarce resource into account, which causes the huge loss of legitimate flows; considering each router could contribute a few filters, the other extreme scheme pushes the filtering location back into each attack source so as to obtain ample filters, but this may incur the severe network transmission delay due to the abused filtering routers. Therefore, in this paper, we propose a scalable filter-based packet filtering scheme to balance the number of filtering routers and the available filters. Through emulating DoS scenarios based on the synthetic and real-world Intemet topologies and further implementing the various filter-based packet filtering schemes on them, the results show that our scheme just uses fewer filtering routers to cut off all attack flows while minimizing the loss of legitimate flows.展开更多
文摘With the flooding of pornographic information on the Internet, how to keep people away from that offensive information is becoming one of the most important research areas in network information security. Some applications which can block or filter such information are used. Approaches in those systems can be roughly classified into two kinds: metadata based and content based. With the development of distributed technologies, content based filtering technologies will play a more and more important role in filtering systems. Keyword matching is a content based method used widely in harmful text filtering. Experiments to evaluate the recall and precision of the method showed that the precision of the method is not satisfactory, though the recall of the method is rather high. According to the results, a new pornographic text filtering model based on reconfirming is put forward. Experiments showed that the model is practical, has less loss of recall than the single keyword matching method, and has higher precision.
基金supported by the Doctoral Fund of Northeastern University of Qinhuangdao(No.XNB201410)the Fundamental Research Funds for the Central Universities(No.N130323005)+1 种基金the Natural Science Foundation of Hebei Province of China(No.F2015501122)the Doctoral Scientific Research Foundation of Liaoning Province(No.201501143)
文摘Recently, attacks have become Denial-of-Service (DOS) the mainstream threat to the internet service availability. The filter-based packet filtering is a key technology to defend against such attacks. Relying on the filtering location, the proposed schemes can be grouped into Victim-end Filtering and Source-end Filtering. The first scheme uses a single filtering router to block the attack flows near the victim, but does not take the factor that the filters are scarce resource into account, which causes the huge loss of legitimate flows; considering each router could contribute a few filters, the other extreme scheme pushes the filtering location back into each attack source so as to obtain ample filters, but this may incur the severe network transmission delay due to the abused filtering routers. Therefore, in this paper, we propose a scalable filter-based packet filtering scheme to balance the number of filtering routers and the available filters. Through emulating DoS scenarios based on the synthetic and real-world Intemet topologies and further implementing the various filter-based packet filtering schemes on them, the results show that our scheme just uses fewer filtering routers to cut off all attack flows while minimizing the loss of legitimate flows.
