In practical seismic exploration, internal multiples generated when the wave impedance of medium is strong, and seismic records are recorded. The method of virtual event repress internal multiples is to move scattered...In practical seismic exploration, internal multiples generated when the wave impedance of medium is strong, and seismic records are recorded. The method of virtual event repress internal multiples is to move scattered points from underground to the surface, similar to the method of the surface-related multiple elimination (SRME). The method of SRME belongs to the prediction-subtraction approaches to eliminate internal multiples, prediction method is based on building a brand new way of seismic wave propagation (virtual reflection and virtual event), so that it has forward and backward wave propagation, and through convolution with significant wave to predict the internal multiples. Due to required data needing field information of full-wave, the authors use Seislet transform interpolating the missing data to ensure the premise of internal multiples prediction. The test data show that the above method has achieved good results.展开更多
APT attacks are prolonged and have multiple stages, and they usually utilize zero-day or one-day exploits to be penetrating and stealthy. Among all kinds of security tech- niques, provenance tracing is regarded as an ...APT attacks are prolonged and have multiple stages, and they usually utilize zero-day or one-day exploits to be penetrating and stealthy. Among all kinds of security tech- niques, provenance tracing is regarded as an important approach to attack investigation, as it discloses the root cause, the attacking path, and the results of attacks. However, existing techniques either suffer from the limitation of only focusing on the log type, or are high- ly susceptible to attacks, which hinder their applications in investigating APT attacks. We present CAPT, a context-aware provenance tracing system that leverages the advantages of virtualization technologies to transparently collect system events and network events out of the target machine, and processes them in the specific host which introduces no space cost to the target. CAPT utilizes the contexts of collected events to bridge the gap between them, and provides a panoramic view to the attack investigation. Our evaluation results show that CAPT achieves the efi'ective prov- enance tracing to the attack cases, and it only produces 0.21 MB overhead in 8 hours. With our newly-developed technology, we keep the run-time overhead averages less than 4%.展开更多
基金Supported by the National Natural Science Foundation of China(40974054,41174080)the National Basic Research Program of China(973 Program)(2009CB219301)+1 种基金the National Innovation Research Project for Exploration and Development of Oil Shale(OSP-02,OSR-02)the National Public Benefit Scientific Research Foundation of China(201011078)
文摘In practical seismic exploration, internal multiples generated when the wave impedance of medium is strong, and seismic records are recorded. The method of virtual event repress internal multiples is to move scattered points from underground to the surface, similar to the method of the surface-related multiple elimination (SRME). The method of SRME belongs to the prediction-subtraction approaches to eliminate internal multiples, prediction method is based on building a brand new way of seismic wave propagation (virtual reflection and virtual event), so that it has forward and backward wave propagation, and through convolution with significant wave to predict the internal multiples. Due to required data needing field information of full-wave, the authors use Seislet transform interpolating the missing data to ensure the premise of internal multiples prediction. The test data show that the above method has achieved good results.
基金partially supported by the NSFC-General Technology Basic Research Joint Fund (U1536204)the National Key Technologies R&D Program (2014BAH41B00)+3 种基金the National Nature Science Foundation of China (61672394 61373168 61373169)the National High-tech R&D Program of China (863 Program) (2015AA016004)
文摘APT attacks are prolonged and have multiple stages, and they usually utilize zero-day or one-day exploits to be penetrating and stealthy. Among all kinds of security tech- niques, provenance tracing is regarded as an important approach to attack investigation, as it discloses the root cause, the attacking path, and the results of attacks. However, existing techniques either suffer from the limitation of only focusing on the log type, or are high- ly susceptible to attacks, which hinder their applications in investigating APT attacks. We present CAPT, a context-aware provenance tracing system that leverages the advantages of virtualization technologies to transparently collect system events and network events out of the target machine, and processes them in the specific host which introduces no space cost to the target. CAPT utilizes the contexts of collected events to bridge the gap between them, and provides a panoramic view to the attack investigation. Our evaluation results show that CAPT achieves the efi'ective prov- enance tracing to the attack cases, and it only produces 0.21 MB overhead in 8 hours. With our newly-developed technology, we keep the run-time overhead averages less than 4%.
