In this paper, an electrical resistance tomography(ERT) imaging method is used as a classifier, and then the Dempster-Shafer's evidence theory with fuzzy clustering is integrated to improve the ERT image quality. ...In this paper, an electrical resistance tomography(ERT) imaging method is used as a classifier, and then the Dempster-Shafer's evidence theory with fuzzy clustering is integrated to improve the ERT image quality. The fuzzy clustering is applied to determining the key mass function, and dealing with the uncertain, incomplete and inconsistent measured imaging data in ERT. The proposed method was applied to images with the same investigated object under eight typical current drive patterns. Experiments were performed on a group of simulations using COMSOL Multiphysics tool and measurements with a piece of porcine lung and a pair of porcine kidneys as test materials. Compared with any single drive pattern, the proposed method can provide images with a spatial resolution of about 10% higher, while the time resolution was almost the same.展开更多
Network intrusion forensics is an important extension to present security infrastructure,and is becoming the focus of forensics research field.However,comparison with sophisticated multi-stage attacks and volume of se...Network intrusion forensics is an important extension to present security infrastructure,and is becoming the focus of forensics research field.However,comparison with sophisticated multi-stage attacks and volume of sensor data,current practices in network forensic analysis are to manually examine,an error prone,labor-intensive and time consuming process.To solve these problems,in this paper we propose a digital evidence fusion method for network forensics with Dempster-Shafer theory that can detect efficiently computer crime in networked environments,and fuse digital evidence from different sources such as hosts and sub-networks automatically.In the end,we evaluate the method on well-known KDD Cup1999 dataset.The results prove our method is very effective for real-time network forensics,and can provide comprehensible messages for a forensic investigators.展开更多
Towards the problems of existing detection methods,a novel real-time detection method(DMFIF) based on fractal and information fusion is proposed.It focuses on the intrinsic macroscopic characteristics of network,which...Towards the problems of existing detection methods,a novel real-time detection method(DMFIF) based on fractal and information fusion is proposed.It focuses on the intrinsic macroscopic characteristics of network,which reflect not the "unique" abnormalities of P2P botnets but the "common" abnormalities of them.It regards network traffic as the signal,and synthetically considers the macroscopic characteristics of network under different time scales with the fractal theory,including the self-similarity and the local singularity,which don't vary with the topology structures,the protocols and the attack types of P2P botnet.At first detect traffic abnormalities of the above characteristics with the nonparametric CUSUM algorithm,and achieve the final result by fusing the above detection results with the Dempster-Shafer evidence theory.Moreover,the side effect on detecting P2P botnet which web applications generated is considered.The experiments show that DMFIF can detect P2P botnet with a higher degree of precision.展开更多
基金Supported by National Natural Science Foundation of China(No.61774014 and No.60772080)
文摘In this paper, an electrical resistance tomography(ERT) imaging method is used as a classifier, and then the Dempster-Shafer's evidence theory with fuzzy clustering is integrated to improve the ERT image quality. The fuzzy clustering is applied to determining the key mass function, and dealing with the uncertain, incomplete and inconsistent measured imaging data in ERT. The proposed method was applied to images with the same investigated object under eight typical current drive patterns. Experiments were performed on a group of simulations using COMSOL Multiphysics tool and measurements with a piece of porcine lung and a pair of porcine kidneys as test materials. Compared with any single drive pattern, the proposed method can provide images with a spatial resolution of about 10% higher, while the time resolution was almost the same.
基金supported by the National Natural Science Foundation of China under Grant No.60903166 the National High Technology Research and Development Program of China(863 Program) under Grants No.2012AA012506,No.2012AA012901,No.2012AA012903+9 种基金 Specialized Research Fund for the Doctoral Program of Higher Education of China under Grant No.20121103120032 the Humanity and Social Science Youth Foundation of Ministry of Education of China under Grant No.13YJCZH065 the Opening Project of Key Lab of Information Network Security of Ministry of Public Security(The Third Research Institute of Ministry of Public Security) under Grant No.C13613 the China Postdoctoral Science Foundation General Program of Science and Technology Development Project of Beijing Municipal Education Commission of China under Grant No.km201410005012 the Research on Education and Teaching of Beijing University of Technology under Grant No.ER2013C24 the Beijing Municipal Natural Science Foundation Sponsored by Hunan Postdoctoral Scientific Program Open Research Fund of Beijing Key Laboratory of Trusted Computing Funds for the Central Universities, Contract No.2012JBM030
文摘Network intrusion forensics is an important extension to present security infrastructure,and is becoming the focus of forensics research field.However,comparison with sophisticated multi-stage attacks and volume of sensor data,current practices in network forensic analysis are to manually examine,an error prone,labor-intensive and time consuming process.To solve these problems,in this paper we propose a digital evidence fusion method for network forensics with Dempster-Shafer theory that can detect efficiently computer crime in networked environments,and fuse digital evidence from different sources such as hosts and sub-networks automatically.In the end,we evaluate the method on well-known KDD Cup1999 dataset.The results prove our method is very effective for real-time network forensics,and can provide comprehensible messages for a forensic investigators.
基金supported by National High Technical Research and Development Program of China(863 Program)under Grant No.2011AA7031024GNational Natural Science Foundation of China under Grant No.90204014
文摘Towards the problems of existing detection methods,a novel real-time detection method(DMFIF) based on fractal and information fusion is proposed.It focuses on the intrinsic macroscopic characteristics of network,which reflect not the "unique" abnormalities of P2P botnets but the "common" abnormalities of them.It regards network traffic as the signal,and synthetically considers the macroscopic characteristics of network under different time scales with the fractal theory,including the self-similarity and the local singularity,which don't vary with the topology structures,the protocols and the attack types of P2P botnet.At first detect traffic abnormalities of the above characteristics with the nonparametric CUSUM algorithm,and achieve the final result by fusing the above detection results with the Dempster-Shafer evidence theory.Moreover,the side effect on detecting P2P botnet which web applications generated is considered.The experiments show that DMFIF can detect P2P botnet with a higher degree of precision.
