The rapid advancement of IT technology has enabled the quick discovery,sharing and collection of quality information,but has also increased cyberattacks at a fast pace at the same time.There exists no means to block t...The rapid advancement of IT technology has enabled the quick discovery,sharing and collection of quality information,but has also increased cyberattacks at a fast pace at the same time.There exists no means to block these cyberattacks completely,and all security policies need to consider the possibility of external attacks.Therefore,it is crucial to reduce external attacks through preventative measures.In general,since routers located in the upper part of a firewall can hardly be protected by security systems,they are exposed to numerous unblocked cyberattacks.Routers block unnecessary services and accept necessary ones while taking appropriate measures to reduce vulnerability,block unauthorized access,and generate relevant logs.Most logs created through unauthorized access are caused by SSH brute-force attacks,and therefore IP data of the attack can be collected through the logs.This paper proposes a model to detect SSH brute-force attacks through their logs,collect their IP address,and control access from that IP address.In this paper,we present a model that extracts and fragments the specific data required from the packets of collected routers in order to detect indiscriminate SSH input attacks.To do so,the model multiplies a user’s access records in each packet by weights and adds them to the blacklist according to a final calculated result value.In addition,the model can specify the internal IP of an attack attempt and defend against the first 29 destination IP addresses attempting the attack.展开更多
This paper provides a calculating method which can be used in calculation of the kill probability attack area for every AAM. At first, attack area of AAM and kill probability of every characteristic point are obtained...This paper provides a calculating method which can be used in calculation of the kill probability attack area for every AAM. At first, attack area of AAM and kill probability of every characteristic point are obtained by combining trajectory calculation with kill probability calculation. Then, coordinates of a fire point relative to standard kill probability value in terms of standardization method are found. At last, equivalent kill probability curve equations are formulated by means of curve fitting method.展开更多
Federated Learning(FL),a burgeoning technology,has received increasing attention due to its privacy protection capability.However,the base algorithm FedAvg is vulnerable when it suffers from so-called backdoor attacks...Federated Learning(FL),a burgeoning technology,has received increasing attention due to its privacy protection capability.However,the base algorithm FedAvg is vulnerable when it suffers from so-called backdoor attacks.Former researchers proposed several robust aggregation methods.Unfortunately,due to the hidden characteristic of backdoor attacks,many of these aggregation methods are unable to defend against backdoor attacks.What's more,the attackers recently have proposed some hiding methods that further improve backdoor attacks'stealthiness,making all the existing robust aggregation methods fail.To tackle the threat of backdoor attacks,we propose a new aggregation method,X-raying Models with A Matrix(XMAM),to reveal the malicious local model updates submitted by the backdoor attackers.Since we observe that the output of the Softmax layer exhibits distinguishable patterns between malicious and benign updates,unlike the existing aggregation algorithms,we focus on the Softmax layer's output in which the backdoor attackers are difficult to hide their malicious behavior.Specifically,like medical X-ray examinations,we investigate the collected local model updates by using a matrix as an input to get their Softmax layer's outputs.Then,we preclude updates whose outputs are abnormal by clustering.Without any training dataset in the server,the extensive evaluations show that our XMAM can effectively distinguish malicious local model updates from benign ones.For instance,when other methods fail to defend against the backdoor attacks at no more than 20%malicious clients,our method can tolerate 45%malicious clients in the black-box mode and about 30%in Projected Gradient Descent(PGD)mode.Besides,under adaptive attacks,the results demonstrate that XMAM can still complete the global model training task even when there are 40%malicious clients.Finally,we analyze our method's screening complexity and compare the real screening time with other methods.The results show that XMAM is about 10–10000 times faster than the existing methods.展开更多
To improve the attack detection capability of content centric network(CCN),we propose a detection method of interest flooding attack(IFA)making use of the feature of self-similarity of traffic and the information entr...To improve the attack detection capability of content centric network(CCN),we propose a detection method of interest flooding attack(IFA)making use of the feature of self-similarity of traffic and the information entropy of content name of interest packet.On the one hand,taking advantage of the characteristics of self-similarity is very sensitive to traffic changes,calculating the Hurst index of the traffic,to identify initial IFA attacks.On the other hand,according to the randomness of user requests,calculating the information entropy of content name of the interest packets,to detect the severity of the IFA attack,is.Finally,based on the above two aspects,we use the bilateral detection method based on non-parametric CUSUM algorithm to judge the possible attack behavior in CCN.The experimental results show that flooding attack detection method proposed for CCN can not only detect the attack behavior at the early stage of attack in CCN,but also is more accurate and effective than other methods.展开更多
Cloud computing(CC)is an advanced technology that provides access to predictive resources and data sharing.The cloud environment represents the right type regarding cloud usage model ownership,size,and rights to acces...Cloud computing(CC)is an advanced technology that provides access to predictive resources and data sharing.The cloud environment represents the right type regarding cloud usage model ownership,size,and rights to access.It introduces the scope and nature of cloud computing.In recent times,all processes are fed into the system for which consumer data and cache size are required.One of the most security issues in the cloud environment is Distributed Denial of Ser-vice(DDoS)attacks,responsible for cloud server overloading.This proposed sys-tem ID3(Iterative Dichotomiser 3)Maximum Multifactor Dimensionality Posteriori Method(ID3-MMDP)is used to overcome the drawback and a rela-tively simple way to execute and for the detection of(DDoS)attack.First,the pro-posed ID3-MMDP method calls for the resources of the cloud platform and then implements the attack detection technology based on information entropy to detect DDoS attacks.Since because the entropy value can show the discrete or aggregated characteristics of the current data set,it can be used for the detection of abnormal dataflow,User-uploaded data,ID3-MMDP system checks and read risk measurement and processing,bug ratingfile size changes,orfile name changes and changes in the format design of the data size entropy value.Unique properties can be used whenever the program approaches any data error to detect abnormal data services.Finally,the experiment also verifies the DDoS attack detection capability algorithm.展开更多
This paper considers the problem of generating a flight trajectory for a single fixed-wing unmanned combat aerial vehicle (UCAV) performing an air-to-surface multi-target attack (A/SMTA) mission using satellite-gu...This paper considers the problem of generating a flight trajectory for a single fixed-wing unmanned combat aerial vehicle (UCAV) performing an air-to-surface multi-target attack (A/SMTA) mission using satellite-guided bombs. First, this problem is formulated as a variant of the traveling salesman problem (TSP), called the dynamic-constrained TSP with neighborhoods (DCT- SPN). Then, a hierarchical hybrid approach, which partitions the planning algorithm into a roadmap planning layer and an optimal control layer, is proposed to solve the DCTSPN. In the roadmap planning layer, a novel algorithm based on an updatable proba- bilistic roadmap (PRM) is presented, which operates by randomly sampling a finite set of vehicle states from continuous state space in order to reduce the complicated trajectory planning problem to planning on a finite directed graph. In the optimal control layer, a collision-free state-to-state trajectory planner based on the Gauss pseudospectral method is developed, which can generate both dynamically feasible and optimal flight trajectories. The entire process of solving a DCTSPN consists of two phases. First, in the offline preprocessing phase, the algorithm constructs a PRM, and then converts the original problem into a standard asymmet- ric TSP (ATSP). Second, in the online querying phase, the costs of directed edges in PRM are updated first, and a fast heuristic searching algorithm is then used to solve the ATSP. Numerical experiments indicate that the algorithm proposed in this paper can generate both feasible and near-optimal solutions quickly for online purposes.展开更多
Underground mine fire always exists since the mining activity was practiced.It poses a severe safety hazard to the mine workers and may also cause a tremendous economic loss to the mines.Methods for controlling and ex...Underground mine fire always exists since the mining activity was practiced.It poses a severe safety hazard to the mine workers and may also cause a tremendous economic loss to the mines.Methods for controlling and extinguishing fires in underground mine have long been studied and there have been significant improvements.In order to know clearly about the firefighting technology used,this paper summarizes most of the underground mine firefighting methods used in the United States the past 150 years.This paper describes not only the accepted firefighting theories,but also the technologies,both direct and indirect attacking,in accordance to regulations or codes,with special attention is given to the indirect attack method and its related technologies.Further research needed is also briefly discussed at the end of this paper.展开更多
This paper analyzes the influence of the global positionong system(GPS)spoofing attack(GSA)on phasor measurement units(PMU)measurements.We propose a detection method based on improved Capsule Neural Network(CapsNet)to...This paper analyzes the influence of the global positionong system(GPS)spoofing attack(GSA)on phasor measurement units(PMU)measurements.We propose a detection method based on improved Capsule Neural Network(CapsNet)to handle this attack.In the improved CapsNet,the gated recurrent unit(GRU)is added to the front of the full connection layer of the CapsNet.The improved CapsNet trains and updates the network parameters according to the historical measurements of the smart grid.The detection method uses different structures to extract the temporal and spatial features of the measurements simultaneously,which can accurately distinguish the attacked data from the normal data,to improve the detection accuracy.Finally,simulation experiments are carried out on IEEE 14-,IEEE 118-bus systems.The experimental results show that compared with other detection methods,our method is proved to be more efficient.展开更多
Three kinds of vulnerabilities that may exist in some of current virtualization-based security monitoring systems were proposed: page mapping problem,lack of overall protection,and inherent limitations. Aiming at the...Three kinds of vulnerabilities that may exist in some of current virtualization-based security monitoring systems were proposed: page mapping problem,lack of overall protection,and inherent limitations. Aiming at these vulnerabilities,relative attack methods were presented in detail. Our experiments show that the attack methods,such as page mapping attack,data attack,and non-behavior detection attack,can attack simulated or original security monitors successfully. Defenders,who need to effectively strengthen their security monitors,can get an inspiration from these attack methods and find some appropriate solutions.展开更多
A numerical investigation of the structure of the vortical flowfield over delta wings at high angles of attack in longitudinal and with small sideslip angle is presented. Three-dimensional Navier-Stokes numerical simu...A numerical investigation of the structure of the vortical flowfield over delta wings at high angles of attack in longitudinal and with small sideslip angle is presented. Three-dimensional Navier-Stokes numerical simulations were carried out to predict the complex leeward-side flowfield characteristics that are dominated by the effect of the breakdown of the leading-edge vortices. The methods that analyze the flowfield structure quantitatively were given by using flowfield data from the computational results. In the region before the vortex breakdown, the vortex axes are approximated as being straight line. As the angle of attack increases, the vortex axes are closer to the root chord, and farther away from the wing surface. Along the vortex axes, as the adverse pressure gradients occur, the axial velocity decreases, that is, A is negativee, so the vortex is unstable, and it is possible to breakdown. The occurrence of the breakdown results in the instability of lateral motion for a delta wing, and the lateral moment diverges after a small perturbation occurs at high angles of attack. However, after a critical angle of attack is reached the vortices breakdown completely at the wing apex, and the instability resulting from the vortex breakdown disappears.展开更多
In Industrial Control Systems (ICS), security issues are getting more and more attention. The number of hacking attacks per year is endless, and the attacks on industrial control systems are numerous. Programmable Log...In Industrial Control Systems (ICS), security issues are getting more and more attention. The number of hacking attacks per year is endless, and the attacks on industrial control systems are numerous. Programmable Logic Controller (PLC) is one of the main controllers of industrial processes. Since the industrial control system network is isolated from the external network, many people think that PLC is a safety device. However, virus attacks in recent years, such as Stuxnet, have confirmed the erroneousness of this idea. In this paper, we use the vulnerability of Siemens PLC to carry out a series of attacks, such as S7-200, S7-300, S7-400, S7-1200 and so on. We read the data from the PLC output and then rewrite the data and write it to the PLC. We tamper with the writing of data to achieve communication chaos. When we attack the primary station, all slave devices connected to the primary station will be in a state of communication confusion. The attack methods of us can cause delay or even loss of data in the communications from the Phasor Data Concentrator (PMU) to the data concentrator. The most important thing is that our attack method generates small traffic and short attack time, which is difficult to be identified by traditional detection methods.展开更多
This article discusses improvements in a puzzle authentication method that adopts the interface of the Puzzle and Dragons game [1] and is tolerant against video-recording attacks. A problem that the conventional puzzl...This article discusses improvements in a puzzle authentication method that adopts the interface of the Puzzle and Dragons game [1] and is tolerant against video-recording attacks. A problem that the conventional puzzle authentication methods face is that they are time consuming and have low success rate in authentication. We evaluated improvements of the interface to verify the usability of the improved system. The results suggested that the usability in terms of operation time and authentication success rate attained a level that was comparable with other leading methods in the field.展开更多
Based on the structure of the side channel attacks (SCAs) to RSA cryptosystem can resist the fault attack and combine with the randomization method for the message and secret exponent, a new implementation scheme of...Based on the structure of the side channel attacks (SCAs) to RSA cryptosystem can resist the fault attack and combine with the randomization method for the message and secret exponent, a new implementation scheme of CRT-based (the Chinese remained theorem) RSA is proposed. The proposed scheme can prevent simple power analysis (SPA), differential power analysis (DPA) and time attack, and is compatible with the existing RSA-CRT cryptosystem as well. In addition, an improvement for resisting fault attack is proposed, which can reduce extra computation time.展开更多
Recently,machine learning algorithms have been used in the detection and classification of network attacks.The performance of the algorithms has been evaluated by using benchmark network intrusion datasets such as DAR...Recently,machine learning algorithms have been used in the detection and classification of network attacks.The performance of the algorithms has been evaluated by using benchmark network intrusion datasets such as DARPA98,KDD’99,NSL-KDD,UNSW-NB15,and Caida DDoS.However,these datasets have two major challenges:imbalanced data and highdimensional data.Obtaining high accuracy for all attack types in the dataset allows for high accuracy in imbalanced datasets.On the other hand,having a large number of features increases the runtime load on the algorithms.A novel model is proposed in this paper to overcome these two concerns.The number of features in the model,which has been tested at CICIDS2017,is initially optimized by using genetic algorithms.This optimum feature set has been used to classify network attacks with six well-known classifiers according to high f1-score and g-mean value in minimumtime.Afterwards,amulti-layer perceptron based ensemble learning approach has been applied to improve the models’overall performance.The experimental results showthat the suggested model is acceptable for feature selection as well as classifying network attacks in an imbalanced dataset,with a high f1-score(0.91)and g-mean(0.99)value.Furthermore,it has outperformed base classifier models and voting procedures.展开更多
Cloud computing involves remote server deployments with public net-work infrastructures that allow clients to access computational resources.Virtual Machines(VMs)are supplied on requests and launched without interacti...Cloud computing involves remote server deployments with public net-work infrastructures that allow clients to access computational resources.Virtual Machines(VMs)are supplied on requests and launched without interactions from service providers.Intruders can target these servers and establish malicious con-nections on VMs for carrying out attacks on other clustered VMs.The existing system has issues with execution time and false-positive rates.Hence,the overall system performance is degraded considerably.The proposed approach is designed to eliminate Cross-VM side attacks and VM escape and hide the server’s position so that the opponent cannot track the target server beyond a certain point.Every request is passed from source to destination via one broadcast domain to confuse the opponent and avoid them from tracking the server’s position.Allocation of SECURITY Resources accepts a safety game in a simple format as input andfinds the best coverage vector for the opponent using a Stackelberg Equilibrium(SSE)technique.A Mixed Integer Linear Programming(MILP)framework is used in the algorithm.The VM challenge is reduced by afirewall-based controlling mechanism combining behavior-based detection and signature-based virus detection.The pro-posed method is focused on detecting malware attacks effectively and providing better security for the VMs.Finally,the experimental results indicate that the pro-posed security method is efficient.It consumes minimum execution time,better false positive rate,accuracy,and memory usage than the conventional approach.展开更多
Deep learning model is vulnerable to adversarial examples in the task of image classification. In this paper, a cluster-based method for defending against adversarial examples is proposed. Each adversarial example bef...Deep learning model is vulnerable to adversarial examples in the task of image classification. In this paper, a cluster-based method for defending against adversarial examples is proposed. Each adversarial example before attacking a classifier is reconstructed by a clustering algorithm according to the pixel values. The MNIST database of handwritten digits was used to assess the defence performance of the method under the fast gradient sign method (FGSM) and the DeepFool algorithm. The defence model proposed is simple and the trained classifier does not need to be retrained.展开更多
基金supported by the Ministry of Education of the Republic of Korea and the National Research Foundation of Korea(NRF-2019S1A5C2A04083374).
文摘The rapid advancement of IT technology has enabled the quick discovery,sharing and collection of quality information,but has also increased cyberattacks at a fast pace at the same time.There exists no means to block these cyberattacks completely,and all security policies need to consider the possibility of external attacks.Therefore,it is crucial to reduce external attacks through preventative measures.In general,since routers located in the upper part of a firewall can hardly be protected by security systems,they are exposed to numerous unblocked cyberattacks.Routers block unnecessary services and accept necessary ones while taking appropriate measures to reduce vulnerability,block unauthorized access,and generate relevant logs.Most logs created through unauthorized access are caused by SSH brute-force attacks,and therefore IP data of the attack can be collected through the logs.This paper proposes a model to detect SSH brute-force attacks through their logs,collect their IP address,and control access from that IP address.In this paper,we present a model that extracts and fragments the specific data required from the packets of collected routers in order to detect indiscriminate SSH input attacks.To do so,the model multiplies a user’s access records in each packet by weights and adds them to the blacklist according to a final calculated result value.In addition,the model can specify the internal IP of an attack attempt and defend against the first 29 destination IP addresses attempting the attack.
文摘This paper provides a calculating method which can be used in calculation of the kill probability attack area for every AAM. At first, attack area of AAM and kill probability of every characteristic point are obtained by combining trajectory calculation with kill probability calculation. Then, coordinates of a fire point relative to standard kill probability value in terms of standardization method are found. At last, equivalent kill probability curve equations are formulated by means of curve fitting method.
基金Supported by the Fundamental Research Funds for the Central Universities(328202204)。
文摘Federated Learning(FL),a burgeoning technology,has received increasing attention due to its privacy protection capability.However,the base algorithm FedAvg is vulnerable when it suffers from so-called backdoor attacks.Former researchers proposed several robust aggregation methods.Unfortunately,due to the hidden characteristic of backdoor attacks,many of these aggregation methods are unable to defend against backdoor attacks.What's more,the attackers recently have proposed some hiding methods that further improve backdoor attacks'stealthiness,making all the existing robust aggregation methods fail.To tackle the threat of backdoor attacks,we propose a new aggregation method,X-raying Models with A Matrix(XMAM),to reveal the malicious local model updates submitted by the backdoor attackers.Since we observe that the output of the Softmax layer exhibits distinguishable patterns between malicious and benign updates,unlike the existing aggregation algorithms,we focus on the Softmax layer's output in which the backdoor attackers are difficult to hide their malicious behavior.Specifically,like medical X-ray examinations,we investigate the collected local model updates by using a matrix as an input to get their Softmax layer's outputs.Then,we preclude updates whose outputs are abnormal by clustering.Without any training dataset in the server,the extensive evaluations show that our XMAM can effectively distinguish malicious local model updates from benign ones.For instance,when other methods fail to defend against the backdoor attacks at no more than 20%malicious clients,our method can tolerate 45%malicious clients in the black-box mode and about 30%in Projected Gradient Descent(PGD)mode.Besides,under adaptive attacks,the results demonstrate that XMAM can still complete the global model training task even when there are 40%malicious clients.Finally,we analyze our method's screening complexity and compare the real screening time with other methods.The results show that XMAM is about 10–10000 times faster than the existing methods.
基金This work was supported by the National Natural Science Foundation of China No.61672101the Beijing Key Laboratory of Internet Culture and Digital Dissemination Research(ICDDXN004)Key Lab of Information Network Security,Ministry of Public Security,No.C18601.
文摘To improve the attack detection capability of content centric network(CCN),we propose a detection method of interest flooding attack(IFA)making use of the feature of self-similarity of traffic and the information entropy of content name of interest packet.On the one hand,taking advantage of the characteristics of self-similarity is very sensitive to traffic changes,calculating the Hurst index of the traffic,to identify initial IFA attacks.On the other hand,according to the randomness of user requests,calculating the information entropy of content name of the interest packets,to detect the severity of the IFA attack,is.Finally,based on the above two aspects,we use the bilateral detection method based on non-parametric CUSUM algorithm to judge the possible attack behavior in CCN.The experimental results show that flooding attack detection method proposed for CCN can not only detect the attack behavior at the early stage of attack in CCN,but also is more accurate and effective than other methods.
文摘Cloud computing(CC)is an advanced technology that provides access to predictive resources and data sharing.The cloud environment represents the right type regarding cloud usage model ownership,size,and rights to access.It introduces the scope and nature of cloud computing.In recent times,all processes are fed into the system for which consumer data and cache size are required.One of the most security issues in the cloud environment is Distributed Denial of Ser-vice(DDoS)attacks,responsible for cloud server overloading.This proposed sys-tem ID3(Iterative Dichotomiser 3)Maximum Multifactor Dimensionality Posteriori Method(ID3-MMDP)is used to overcome the drawback and a rela-tively simple way to execute and for the detection of(DDoS)attack.First,the pro-posed ID3-MMDP method calls for the resources of the cloud platform and then implements the attack detection technology based on information entropy to detect DDoS attacks.Since because the entropy value can show the discrete or aggregated characteristics of the current data set,it can be used for the detection of abnormal dataflow,User-uploaded data,ID3-MMDP system checks and read risk measurement and processing,bug ratingfile size changes,orfile name changes and changes in the format design of the data size entropy value.Unique properties can be used whenever the program approaches any data error to detect abnormal data services.Finally,the experiment also verifies the DDoS attack detection capability algorithm.
文摘This paper considers the problem of generating a flight trajectory for a single fixed-wing unmanned combat aerial vehicle (UCAV) performing an air-to-surface multi-target attack (A/SMTA) mission using satellite-guided bombs. First, this problem is formulated as a variant of the traveling salesman problem (TSP), called the dynamic-constrained TSP with neighborhoods (DCT- SPN). Then, a hierarchical hybrid approach, which partitions the planning algorithm into a roadmap planning layer and an optimal control layer, is proposed to solve the DCTSPN. In the roadmap planning layer, a novel algorithm based on an updatable proba- bilistic roadmap (PRM) is presented, which operates by randomly sampling a finite set of vehicle states from continuous state space in order to reduce the complicated trajectory planning problem to planning on a finite directed graph. In the optimal control layer, a collision-free state-to-state trajectory planner based on the Gauss pseudospectral method is developed, which can generate both dynamically feasible and optimal flight trajectories. The entire process of solving a DCTSPN consists of two phases. First, in the offline preprocessing phase, the algorithm constructs a PRM, and then converts the original problem into a standard asymmet- ric TSP (ATSP). Second, in the online querying phase, the costs of directed edges in PRM are updated first, and a fast heuristic searching algorithm is then used to solve the ATSP. Numerical experiments indicate that the algorithm proposed in this paper can generate both feasible and near-optimal solutions quickly for online purposes.
文摘Underground mine fire always exists since the mining activity was practiced.It poses a severe safety hazard to the mine workers and may also cause a tremendous economic loss to the mines.Methods for controlling and extinguishing fires in underground mine have long been studied and there have been significant improvements.In order to know clearly about the firefighting technology used,this paper summarizes most of the underground mine firefighting methods used in the United States the past 150 years.This paper describes not only the accepted firefighting theories,but also the technologies,both direct and indirect attacking,in accordance to regulations or codes,with special attention is given to the indirect attack method and its related technologies.Further research needed is also briefly discussed at the end of this paper.
文摘This paper analyzes the influence of the global positionong system(GPS)spoofing attack(GSA)on phasor measurement units(PMU)measurements.We propose a detection method based on improved Capsule Neural Network(CapsNet)to handle this attack.In the improved CapsNet,the gated recurrent unit(GRU)is added to the front of the full connection layer of the CapsNet.The improved CapsNet trains and updates the network parameters according to the historical measurements of the smart grid.The detection method uses different structures to extract the temporal and spatial features of the measurements simultaneously,which can accurately distinguish the attacked data from the normal data,to improve the detection accuracy.Finally,simulation experiments are carried out on IEEE 14-,IEEE 118-bus systems.The experimental results show that compared with other detection methods,our method is proved to be more efficient.
基金Supported by National 242 Plan Project(2005C48)the Technology Innovation Programme Major Projects of Beijing Institute of Technology(2011CX01015)
文摘Three kinds of vulnerabilities that may exist in some of current virtualization-based security monitoring systems were proposed: page mapping problem,lack of overall protection,and inherent limitations. Aiming at these vulnerabilities,relative attack methods were presented in detail. Our experiments show that the attack methods,such as page mapping attack,data attack,and non-behavior detection attack,can attack simulated or original security monitors successfully. Defenders,who need to effectively strengthen their security monitors,can get an inspiration from these attack methods and find some appropriate solutions.
基金Project supported by the Foundation of Aeronautical Science (No.99A53001)
文摘A numerical investigation of the structure of the vortical flowfield over delta wings at high angles of attack in longitudinal and with small sideslip angle is presented. Three-dimensional Navier-Stokes numerical simulations were carried out to predict the complex leeward-side flowfield characteristics that are dominated by the effect of the breakdown of the leading-edge vortices. The methods that analyze the flowfield structure quantitatively were given by using flowfield data from the computational results. In the region before the vortex breakdown, the vortex axes are approximated as being straight line. As the angle of attack increases, the vortex axes are closer to the root chord, and farther away from the wing surface. Along the vortex axes, as the adverse pressure gradients occur, the axial velocity decreases, that is, A is negativee, so the vortex is unstable, and it is possible to breakdown. The occurrence of the breakdown results in the instability of lateral motion for a delta wing, and the lateral moment diverges after a small perturbation occurs at high angles of attack. However, after a critical angle of attack is reached the vortices breakdown completely at the wing apex, and the instability resulting from the vortex breakdown disappears.
文摘In Industrial Control Systems (ICS), security issues are getting more and more attention. The number of hacking attacks per year is endless, and the attacks on industrial control systems are numerous. Programmable Logic Controller (PLC) is one of the main controllers of industrial processes. Since the industrial control system network is isolated from the external network, many people think that PLC is a safety device. However, virus attacks in recent years, such as Stuxnet, have confirmed the erroneousness of this idea. In this paper, we use the vulnerability of Siemens PLC to carry out a series of attacks, such as S7-200, S7-300, S7-400, S7-1200 and so on. We read the data from the PLC output and then rewrite the data and write it to the PLC. We tamper with the writing of data to achieve communication chaos. When we attack the primary station, all slave devices connected to the primary station will be in a state of communication confusion. The attack methods of us can cause delay or even loss of data in the communications from the Phasor Data Concentrator (PMU) to the data concentrator. The most important thing is that our attack method generates small traffic and short attack time, which is difficult to be identified by traditional detection methods.
文摘This article discusses improvements in a puzzle authentication method that adopts the interface of the Puzzle and Dragons game [1] and is tolerant against video-recording attacks. A problem that the conventional puzzle authentication methods face is that they are time consuming and have low success rate in authentication. We evaluated improvements of the interface to verify the usability of the improved system. The results suggested that the usability in terms of operation time and authentication success rate attained a level that was comparable with other leading methods in the field.
基金Project supported by the National Natural Science Foundation of China (Grant No.60573031)the Foundation of the National Laboratory for Modern Communications (Grant No.51436060205JW0305)
文摘Based on the structure of the side channel attacks (SCAs) to RSA cryptosystem can resist the fault attack and combine with the randomization method for the message and secret exponent, a new implementation scheme of CRT-based (the Chinese remained theorem) RSA is proposed. The proposed scheme can prevent simple power analysis (SPA), differential power analysis (DPA) and time attack, and is compatible with the existing RSA-CRT cryptosystem as well. In addition, an improvement for resisting fault attack is proposed, which can reduce extra computation time.
文摘Recently,machine learning algorithms have been used in the detection and classification of network attacks.The performance of the algorithms has been evaluated by using benchmark network intrusion datasets such as DARPA98,KDD’99,NSL-KDD,UNSW-NB15,and Caida DDoS.However,these datasets have two major challenges:imbalanced data and highdimensional data.Obtaining high accuracy for all attack types in the dataset allows for high accuracy in imbalanced datasets.On the other hand,having a large number of features increases the runtime load on the algorithms.A novel model is proposed in this paper to overcome these two concerns.The number of features in the model,which has been tested at CICIDS2017,is initially optimized by using genetic algorithms.This optimum feature set has been used to classify network attacks with six well-known classifiers according to high f1-score and g-mean value in minimumtime.Afterwards,amulti-layer perceptron based ensemble learning approach has been applied to improve the models’overall performance.The experimental results showthat the suggested model is acceptable for feature selection as well as classifying network attacks in an imbalanced dataset,with a high f1-score(0.91)and g-mean(0.99)value.Furthermore,it has outperformed base classifier models and voting procedures.
文摘Cloud computing involves remote server deployments with public net-work infrastructures that allow clients to access computational resources.Virtual Machines(VMs)are supplied on requests and launched without interactions from service providers.Intruders can target these servers and establish malicious con-nections on VMs for carrying out attacks on other clustered VMs.The existing system has issues with execution time and false-positive rates.Hence,the overall system performance is degraded considerably.The proposed approach is designed to eliminate Cross-VM side attacks and VM escape and hide the server’s position so that the opponent cannot track the target server beyond a certain point.Every request is passed from source to destination via one broadcast domain to confuse the opponent and avoid them from tracking the server’s position.Allocation of SECURITY Resources accepts a safety game in a simple format as input andfinds the best coverage vector for the opponent using a Stackelberg Equilibrium(SSE)technique.A Mixed Integer Linear Programming(MILP)framework is used in the algorithm.The VM challenge is reduced by afirewall-based controlling mechanism combining behavior-based detection and signature-based virus detection.The pro-posed method is focused on detecting malware attacks effectively and providing better security for the VMs.Finally,the experimental results indicate that the pro-posed security method is efficient.It consumes minimum execution time,better false positive rate,accuracy,and memory usage than the conventional approach.
基金the National NSF of China (61602125, 61772150, 61862011, 61862012)the China Postdoctoral Science Foundation (2018M633041)+5 种基金the NSF of Guangxi (2016GXNSFBA380153, 2017GXNSFAA198192, 2018GXNSFAA138116, 2018-GXNSFAA281232, 2018GXNSFDA281054)the Guangxi Science and Technology Plan Project (AD18281065)the Guangxi Key R&D Program (AB17195025)the Guangxi Key Laboratory of Cryptography and Information Security (GCIS201625, GCIS201704)the National Cryptography Development Fund of China (MMJJ20170217)the research start-up grants of Dongguan University of Technology, and the Postgraduate Education Innovation Project of Guilin University of Electronic Technology (2018YJCX51, 2019YCXS052).
文摘Deep learning model is vulnerable to adversarial examples in the task of image classification. In this paper, a cluster-based method for defending against adversarial examples is proposed. Each adversarial example before attacking a classifier is reconstructed by a clustering algorithm according to the pixel values. The MNIST database of handwritten digits was used to assess the defence performance of the method under the fast gradient sign method (FGSM) and the DeepFool algorithm. The defence model proposed is simple and the trained classifier does not need to be retrained.
