HTTP-flooding attack disables the victimized web server by sending a large number of HTTP Get requests.Recent research tends to detect HTTP-flooding with the anomaly-based approaches,which detect the HTTP-flooding by ...HTTP-flooding attack disables the victimized web server by sending a large number of HTTP Get requests.Recent research tends to detect HTTP-flooding with the anomaly-based approaches,which detect the HTTP-flooding by modeling the behavior of normal web surfers.However,most of the existing anomaly-based detection approaches usually cannot filter the web-crawling traces from unknown searching bots mixed in normal web browsing logs.These web-crawling traces can bias the base-line profile of anomaly-based schemes in their training phase,and further degrade their detection performance.This paper proposes a novel web-crawling tracestolerated method to build baseline profile,and designs a new anomaly-based HTTP-flooding detection scheme(abbr.HTTP-sCAN).The simulation results show that HTTP-sCAN is immune to the interferences of unknown webcrawling traces,and can detect all HTTPflooding attacks.展开更多
with the increasing popularity of cloud services,attacks on the cloud infrastructure also increase dramatically.Especially,how to monitor the integrity of cloud execution environments is still a difficult task.In this...with the increasing popularity of cloud services,attacks on the cloud infrastructure also increase dramatically.Especially,how to monitor the integrity of cloud execution environments is still a difficult task.In this paper,a real-time dynamic integrity validation(DIV) framework is proposed to monitor the integrity of virtual machine based execution environments in the cloud.DIV can detect the integrity of the whole architecture stack from the cloud servers up to the VM OS by extending the current trusted chain into virtual machine's architecture stack.DIV introduces a trusted third party(TTP) to collect the integrity information and detect remotely the integrity violations on VMs periodically to avoid the heavy involvement of cloud tenants and unnecessary information leakage of the cloud providers.To evaluate the effectiveness and efficiency of DIV framework,a prototype on KVM/QEMU is implemented,and extensive analysis and experimental evaluation are performed.Experimental results show that the DIV can efficiently validate the integrity of files and loaded programs in real-time,with minor performance overhead.展开更多
Based on general packet radio service(GPRS) and TCP/IP protocol,a wireless transmission system of vehicle inspection data is designed. Basic structure and work theory are expounded. SIM300 designed by SIMCOM is used f...Based on general packet radio service(GPRS) and TCP/IP protocol,a wireless transmission system of vehicle inspection data is designed. Basic structure and work theory are expounded. SIM300 designed by SIMCOM is used for client GPRS communication module. Using Winsock control of visual basic(VB),the client and server communication has been accomplished. By means of a client and server communications software,the remote wireless transmission of vehicle inspection data has been accomplished also. The server management software has been developed by using Microsoft SQL Server 2000 and VB6.0. Functions of software include import,inquiry,export and maintenance of test data.展开更多
The paper takes Web service composition document as the research object, through the analysis of the documents, the port and address on the Web server, to create a Web intrusion detection model. The core of the model ...The paper takes Web service composition document as the research object, through the analysis of the documents, the port and address on the Web server, to create a Web intrusion detection model. The core of the model will monitor the Web server host resources, and finally discusses in detail the design and implementation of resource monitoring system. Intrusion detection model proposed can effectively regulate the behavior of users in this paper, allowing users follow a pre-standard service to call service providers, largely to protect the security of Web services.展开更多
基金supported by National Key Basic Research Program of China(973 program)under Grant No.2012CB315905National Natural Science Foundation of China under grants 61172048,61100184,60932005 and 61201128the Fundamental Research Funds for the Central Universities under Grant No ZYGX2011J007
文摘HTTP-flooding attack disables the victimized web server by sending a large number of HTTP Get requests.Recent research tends to detect HTTP-flooding with the anomaly-based approaches,which detect the HTTP-flooding by modeling the behavior of normal web surfers.However,most of the existing anomaly-based detection approaches usually cannot filter the web-crawling traces from unknown searching bots mixed in normal web browsing logs.These web-crawling traces can bias the base-line profile of anomaly-based schemes in their training phase,and further degrade their detection performance.This paper proposes a novel web-crawling tracestolerated method to build baseline profile,and designs a new anomaly-based HTTP-flooding detection scheme(abbr.HTTP-sCAN).The simulation results show that HTTP-sCAN is immune to the interferences of unknown webcrawling traces,and can detect all HTTPflooding attacks.
基金Supported by the National Natural Science Foundation of China under Grant No. 61370068
文摘with the increasing popularity of cloud services,attacks on the cloud infrastructure also increase dramatically.Especially,how to monitor the integrity of cloud execution environments is still a difficult task.In this paper,a real-time dynamic integrity validation(DIV) framework is proposed to monitor the integrity of virtual machine based execution environments in the cloud.DIV can detect the integrity of the whole architecture stack from the cloud servers up to the VM OS by extending the current trusted chain into virtual machine's architecture stack.DIV introduces a trusted third party(TTP) to collect the integrity information and detect remotely the integrity violations on VMs periodically to avoid the heavy involvement of cloud tenants and unnecessary information leakage of the cloud providers.To evaluate the effectiveness and efficiency of DIV framework,a prototype on KVM/QEMU is implemented,and extensive analysis and experimental evaluation are performed.Experimental results show that the DIV can efficiently validate the integrity of files and loaded programs in real-time,with minor performance overhead.
文摘Based on general packet radio service(GPRS) and TCP/IP protocol,a wireless transmission system of vehicle inspection data is designed. Basic structure and work theory are expounded. SIM300 designed by SIMCOM is used for client GPRS communication module. Using Winsock control of visual basic(VB),the client and server communication has been accomplished. By means of a client and server communications software,the remote wireless transmission of vehicle inspection data has been accomplished also. The server management software has been developed by using Microsoft SQL Server 2000 and VB6.0. Functions of software include import,inquiry,export and maintenance of test data.
文摘The paper takes Web service composition document as the research object, through the analysis of the documents, the port and address on the Web server, to create a Web intrusion detection model. The core of the model will monitor the Web server host resources, and finally discusses in detail the design and implementation of resource monitoring system. Intrusion detection model proposed can effectively regulate the behavior of users in this paper, allowing users follow a pre-standard service to call service providers, largely to protect the security of Web services.
