The integrated linkage control problem based on attack detection is solved with the analyses of the security model including firewall, intrusion detection system (IDS) and vulnerability scan by game theory. The Nash...The integrated linkage control problem based on attack detection is solved with the analyses of the security model including firewall, intrusion detection system (IDS) and vulnerability scan by game theory. The Nash equilibrium for two portfolios of only deploying IDS and vulnerability scan and deploying all the technologies is investigated by backward induction. The results show that when the detection rates of IDS and vulnerability scan are low, the firm will not only inspect every user who raises an alarm, but also a fraction of users that do not raise an alarm; when the detection rates of IDS and vulnerability scan are sufficiently high, the firm will not inspect any user who does not raise an alarm, but only inspect a fraction of users that raise an alarm. Adding firewall into the information system impacts on the benefits of firms and hackers, but does not change the optimal strategies of hackers, and the optimal investigation strategies of IDS are only changed in certain cases. Moreover, the interactions between IDS & vulnerability scan and firewall & IDS are discussed in detail.展开更多
Association rules are useful for determining correlations between items. Applying association rules to intrusion detection system (IDS) can improve the detection rate, but false positive rate is also increased. Weight...Association rules are useful for determining correlations between items. Applying association rules to intrusion detection system (IDS) can improve the detection rate, but false positive rate is also increased. Weighted association rules are used in this paper to mine intrustion models, which can increase the detection rate and decrease the false positive rate by some extent. Based on this, the structure of host-based IDS using weighted association rules is proposed.展开更多
Plenty of dams in China are in danger while there are few effective methods for underwater dam inspections of hidden problems such as conduits,cracks and inanitions.The dam safety inspection remotely operated vehicle(...Plenty of dams in China are in danger while there are few effective methods for underwater dam inspections of hidden problems such as conduits,cracks and inanitions.The dam safety inspection remotely operated vehicle(DSIROV) is designed to solve these problems which can be equipped with many advanced sensors such as acoustical,optical and electrical sensors for underwater dam inspection.A least-square parameter estimation method is utilized to estimate the hydrodynamic coefficients of DSIROV,and a four degree-of-freedom(DOF) simulation system is constructed.The architecture of DSIROV's motion control system is introduced,which includes hardware and software structures.The hardware based on PC104 BUS,uses AMD ELAN520 as the controller's embedded CPU and all control modules work in VxWorks real-time operating system.Information flow of the motion system of DSIROV,automatic control of dam scanning and dead-reckoning algorithm for navigation are also discussed.The reliability of DSIROV's control system can be verified and the control system can fulfill the motion control mission because embankment checking can be demonstrated by the lake trials.展开更多
This paper briefly reviews other people’s works on negative selection algorithm and their shortcomings. With a view to the real problem to be solved, authors bring forward two assumptions, based on which a new immune...This paper briefly reviews other people’s works on negative selection algorithm and their shortcomings. With a view to the real problem to be solved, authors bring forward two assumptions, based on which a new immune algorithm, multi-level negative selection algorithm, is developed. In essence, compared with Forrest’s negative selection algorithm, it enhances detector generation efficiency. This algorithm integrates clonal selection process into negative selection process for the first time. After careful analyses, this algorithm was applied to network intrusion detection and achieved good results.展开更多
Active worms can cause widespread damages at so high a speed that effectively precludes human-directed reaction, and patches for the worms are always available after the damages have been caused, which has elevated th...Active worms can cause widespread damages at so high a speed that effectively precludes human-directed reaction, and patches for the worms are always available after the damages have been caused, which has elevated them self to a first-class security threat to Metropolitan Area Networks (MAN). Multi-agent system for Worm Detection and Containment in MAN (MWDCM) is presented to provide a first-class automatic reaction mechanism that automatically applies containment strategies to block the propagation of the worms and to protect MAN against worm scan that wastes a lot of network bandwidth and crashes the routers. Its user agent is used to detect the known worms. Worm detection agent and worm detection correlation agent use two-stage based decision method to detect unknown worms. They adaptively study the accessing in the whole network and dynamically change the working parameters to detect the unknown worms. MWDCM confines worm infection within a macro-cell or a micro-cell of the metropolitan area networks, the rest of the accesses and hosts continue functioning without disruption. MWDCM integrates Worm Detection System (WDS) and network management system. Reaction measures can be taken by using Simple Network Management Protocol (SNMP) interface to control broadband access server as soon as the WDS detect the active worm. MWDCM is very effective in blocking random scanning worms. Simulation results indicate that high worm infection rate of epidemics can be avoided to a degree by MWDCM blocking the propagation of the worms.展开更多
Under virtualization idea based on large-scale dismantling and sharing, the implementing of network interconnection of calculation components and storage components by loose coupling, which are tightly coupling in tra...Under virtualization idea based on large-scale dismantling and sharing, the implementing of network interconnection of calculation components and storage components by loose coupling, which are tightly coupling in traditional server, achieves computing capacity, storage capacity and service capacity distri- bution according to need in application-level. Under the new server model, the segregation and protection of user space and system space as well as the security monitoring of virtual resources are the important factors of ultimate security guarantee. This article presents a large-scale and expansible distributed invasion detection system of virtual computing environment based on virtual machine. The system supports security monitoring management of global resources and provides uniform view of security attacks under virtual computing environment, thereby protecting the user applications and system security under capacity services domain.展开更多
Influenza A virus poses a great threat to global health, and oseltamivir (trade marked as Tamiflu), which targets influenza surface glycoprotein neuraminidase (NA), is used clinically as a major anti-influenza treatme...Influenza A virus poses a great threat to global health, and oseltamivir (trade marked as Tamiflu), which targets influenza surface glycoprotein neuraminidase (NA), is used clinically as a major anti-influenza treatment. However, certain substitutions in NA can render an influenza virus resistant to this drug. In this study, using a lentiviral pseudotyping system, which alleviates the safety concerns of studying highly pathogenic influenza viruses such as avian influenza H5N1, that utilizes influenza surface glycoproteins (hemagglutinin or HA, and NA) and an HIV-core combined with a luciferase reporter gene as a surrogate assay, we first assessed the functionality of NA by measuring pseudovirion release in the absence or presence of oseltamivir. We demonstrated that oseltamivir displays a dose-dependent inhibition on NA activity. In contrast, a mutant NA (H274Y) is more resistant to oseltamivir treatment. In addition, the effects of several previously reported substitution NA mutants were examined as well. Our results demonstrate that this lentivirus-based pseudotyping system provides a quick, safe, and effective way to assess resistance to neuraminidase inhibitors. And we believe that as new mutations appear in influenza isolates, their impact on the effectiveness of current and future anti-NA can be quickly and reliably evaluated by this assay.展开更多
基金The National Natural Science Foundation of China(No.71071033)the Innovation Project of Jiangsu Postgraduate Education(No.CX10B_058Z)
文摘The integrated linkage control problem based on attack detection is solved with the analyses of the security model including firewall, intrusion detection system (IDS) and vulnerability scan by game theory. The Nash equilibrium for two portfolios of only deploying IDS and vulnerability scan and deploying all the technologies is investigated by backward induction. The results show that when the detection rates of IDS and vulnerability scan are low, the firm will not only inspect every user who raises an alarm, but also a fraction of users that do not raise an alarm; when the detection rates of IDS and vulnerability scan are sufficiently high, the firm will not inspect any user who does not raise an alarm, but only inspect a fraction of users that raise an alarm. Adding firewall into the information system impacts on the benefits of firms and hackers, but does not change the optimal strategies of hackers, and the optimal investigation strategies of IDS are only changed in certain cases. Moreover, the interactions between IDS & vulnerability scan and firewall & IDS are discussed in detail.
文摘Association rules are useful for determining correlations between items. Applying association rules to intrusion detection system (IDS) can improve the detection rate, but false positive rate is also increased. Weighted association rules are used in this paper to mine intrustion models, which can increase the detection rate and decrease the false positive rate by some extent. Based on this, the structure of host-based IDS using weighted association rules is proposed.
基金Project(20100480964) supported by China Postdoctoral Science FoundationProjects(2002AA420090,2008AA092301) supported by the National High Technology Research and Development Program of China
文摘Plenty of dams in China are in danger while there are few effective methods for underwater dam inspections of hidden problems such as conduits,cracks and inanitions.The dam safety inspection remotely operated vehicle(DSIROV) is designed to solve these problems which can be equipped with many advanced sensors such as acoustical,optical and electrical sensors for underwater dam inspection.A least-square parameter estimation method is utilized to estimate the hydrodynamic coefficients of DSIROV,and a four degree-of-freedom(DOF) simulation system is constructed.The architecture of DSIROV's motion control system is introduced,which includes hardware and software structures.The hardware based on PC104 BUS,uses AMD ELAN520 as the controller's embedded CPU and all control modules work in VxWorks real-time operating system.Information flow of the motion system of DSIROV,automatic control of dam scanning and dead-reckoning algorithm for navigation are also discussed.The reliability of DSIROV's control system can be verified and the control system can fulfill the motion control mission because embankment checking can be demonstrated by the lake trials.
基金Project (No. 60073034) supported by the National Natural Sci-ence Foundation of China
文摘This paper briefly reviews other people’s works on negative selection algorithm and their shortcomings. With a view to the real problem to be solved, authors bring forward two assumptions, based on which a new immune algorithm, multi-level negative selection algorithm, is developed. In essence, compared with Forrest’s negative selection algorithm, it enhances detector generation efficiency. This algorithm integrates clonal selection process into negative selection process for the first time. After careful analyses, this algorithm was applied to network intrusion detection and achieved good results.
基金Partially supported by the Teaching and Research Award for Outstanding Young Teachers in High Education Institutions of MOE, China (No.200065).
文摘Active worms can cause widespread damages at so high a speed that effectively precludes human-directed reaction, and patches for the worms are always available after the damages have been caused, which has elevated them self to a first-class security threat to Metropolitan Area Networks (MAN). Multi-agent system for Worm Detection and Containment in MAN (MWDCM) is presented to provide a first-class automatic reaction mechanism that automatically applies containment strategies to block the propagation of the worms and to protect MAN against worm scan that wastes a lot of network bandwidth and crashes the routers. Its user agent is used to detect the known worms. Worm detection agent and worm detection correlation agent use two-stage based decision method to detect unknown worms. They adaptively study the accessing in the whole network and dynamically change the working parameters to detect the unknown worms. MWDCM confines worm infection within a macro-cell or a micro-cell of the metropolitan area networks, the rest of the accesses and hosts continue functioning without disruption. MWDCM integrates Worm Detection System (WDS) and network management system. Reaction measures can be taken by using Simple Network Management Protocol (SNMP) interface to control broadband access server as soon as the WDS detect the active worm. MWDCM is very effective in blocking random scanning worms. Simulation results indicate that high worm infection rate of epidemics can be avoided to a degree by MWDCM blocking the propagation of the worms.
基金Supported by the High Technology Research and Development Programme of China (No. 2003AA1Z2070 ) and the National Natural Science Foundation of China (No. 90412013).
文摘Under virtualization idea based on large-scale dismantling and sharing, the implementing of network interconnection of calculation components and storage components by loose coupling, which are tightly coupling in traditional server, achieves computing capacity, storage capacity and service capacity distri- bution according to need in application-level. Under the new server model, the segregation and protection of user space and system space as well as the security monitoring of virtual resources are the important factors of ultimate security guarantee. This article presents a large-scale and expansible distributed invasion detection system of virtual computing environment based on virtual machine. The system supports security monitoring management of global resources and provides uniform view of security attacks under virtual computing environment, thereby protecting the user applications and system security under capacity services domain.
文摘Influenza A virus poses a great threat to global health, and oseltamivir (trade marked as Tamiflu), which targets influenza surface glycoprotein neuraminidase (NA), is used clinically as a major anti-influenza treatment. However, certain substitutions in NA can render an influenza virus resistant to this drug. In this study, using a lentiviral pseudotyping system, which alleviates the safety concerns of studying highly pathogenic influenza viruses such as avian influenza H5N1, that utilizes influenza surface glycoproteins (hemagglutinin or HA, and NA) and an HIV-core combined with a luciferase reporter gene as a surrogate assay, we first assessed the functionality of NA by measuring pseudovirion release in the absence or presence of oseltamivir. We demonstrated that oseltamivir displays a dose-dependent inhibition on NA activity. In contrast, a mutant NA (H274Y) is more resistant to oseltamivir treatment. In addition, the effects of several previously reported substitution NA mutants were examined as well. Our results demonstrate that this lentivirus-based pseudotyping system provides a quick, safe, and effective way to assess resistance to neuraminidase inhibitors. And we believe that as new mutations appear in influenza isolates, their impact on the effectiveness of current and future anti-NA can be quickly and reliably evaluated by this assay.
