检索结果-内蒙古大学图书馆

arXiv 2023年

作者： Yun, Xiaochun Xie, Jiang Li, Shuhao Zhang, Yongzheng Sun, Peishuai National Computer Network Emergency Response Technical Team Coordination Center of China Beijing China Institute of Information Engineering Chinese Academy of Sciences Beijing China Key Laboratory of Network Assessment Technology University of Chinese Academy of Sciences Beijing China School of Cyber Security University of Chinese Academy of Sciences Beijing China

Malicious communication behavior is the network communication behavior generated by malware (botnet, spyware, etc.) after victim devices are infected. Experienced adversaries often hide malicious information in HTTP traffic to evade detection. However, related detection methods have inadequate generalization ability because they are usually based on artificial feature engineering and outmoded datasets. In this paper, we propose an HTTP-based Malicious Communication traffic Detection Model (HMCD-Model) based on generated adversarial flows and hierarchical traffic features. HMCD-Model consists of two parts. The first is a generation algorithm based on WGAN-GP to generate HTTP-based malicious communication traffic for data enhancement. The second is a hybrid neural network based on CNN and LSTM to extract hierarchical spatial-temporal features of HTTP-based traffic. In addition, we collect and publish a dataset, HMCT-2020, which consists of large-scale malicious and benign traffic during three years (2018-2020). Taking the data in HMCT-2020(18) as the training set and the data in other datasets as the test set, the experimental results show that the HMCD-Model can effectively detect unknown HTTP-based malicious communication traffic. It can reach F1 ≈ 98.66% in the dataset HMCT-2020(19-20), F1 ≈ 90.69% in the public dataset CIC-IDS-2017 and F1 ≈ 83.66% in the real traffic, which is 20+% higher than other representative methods on average. This validates that HMCD-Model has the ability to discover unknown HTTP-based malicious communication behavior. © 2023, CC0.

关键词： HTTP

来源：评论

学校读者我要写书评

暂无评论

HSTF-Model: an HTTP-based Trojan Detection Model via the Hierarchical Spatio-Temporal Features of Traffics

arXiv

引用

arXiv 2023年

作者： Xie, Jiang Li, Shuhao Yun, Xiaochun Zhang, Yongzheng Chang, Peng Institute of Information Engineering Chinese Academy of Sciences Beijing China Key Laboratory of Network Assessment Technology University of Chinese Academy of Sciences Beijing China School of Cyber Security University of Chinese Academy of Sciences Beijing China National Computer Network Emergency Response Technical Team/Coordination Center of China Beijing China

HTTP-based Trojan is extremely threatening, and it is difficult to be effectively detected because of its concealment and confusion. Previous detection methods usually are with poor generalization ability due to outdated datasets and reliance on manual feature extraction, which makes these methods always perform well under their private dataset, but poorly or even fail to work in real network environment. In this paper, we propose an HTTP-based Trojan detection model via the Hierarchical Spatio-Temporal Features of traffics (HSTF-Model) based on the formalized description of traffic spatio-temporal behavior from both packet level and flow level. In this model, we employ Convolutional Neural network (CNN) to extract spatial information and Long Short-Term Memory (LSTM) to extract temporal information. In addition, we present a dataset consisting of Benign and Trojan HTTP Traffic (BTHT-2018). Experimental results show that our model can guarantee high accuracy (the F1 of 98.62%∼99.81% and the FPR of 0.34%∼0.02% in BTHT-2018). More importantly, our model has a huge advantage over other related methods in generalization ability. HSTF-Model trained with BTHT-2018 can reach the F1 of 93.51% on the public dataset ISCX-2012, which is 20+% better than the best of related machine learning methods. © 2023, CC BY.

关键词： HTTP

来源：评论

学校读者我要写书评

暂无评论

A microservice based generic consensus engine for BaaS

A microservice based generic consensus engine for BaaS

引用

IEEE International Conference on Industrial technology (ICIT)

作者： Huiyang Li Xu Zhang Jing Li Dongbin Wang Beijing University of Posts and Telecommunications Beijing China School of Cyber Security National Engineering Laboratory for Mobile Network Security Beijing China Key Laboratory of Trustworthy Distributed Computing and Service (BUPT) Ministry of Education Beijing Tongbang Zhuoyi Technology Co. Ltd

ISBN: (纸本)9781728119496

Blockchain-as-a-Service (BaaS) has gradually serve as an infrastructure, providing underlying blockchain services for the rapid deployment and transaction on-chain of large-scale enterprise application scenarios. By hosting different blockchains in its underlying structure layers, BaaS platform satisfies the requirements of consensus algorithms in different scenarios, and still uses its own consensus algorithms in different blockchains, which has limited scalability and is difficult to satisfy the requirements of future applications. To deal with such problems, MGCE, a microservice based generic consensus engine for BaaS is proposed in this paper. It is a functional framework based on microservices architecture which can load the appropriate consensus algorithm and perform the consensus process of transactions for blockchain nodes according the different scenarios. The engine is composed of Consensus Node Group, Consensus Management and four functional modules, namely Consensus network, Transactions Pool, Consensus Protocol and Consensus Outcome. For microservice purpose, each functional module is deployed into a independently project, running in its own process, which is easy to modify and test, and interacts with other modules through the http APIs to complete the consensus process together. To test the function and performance of this engine, three common consensus algorithms have been implemented including Raft, BFT-SMART and PoW. Through experiments, it is proved that this engine could realize the loading and use of different consensus algorithms. Through the performance comparison between using the engine and with the direct use of each consensus algorithm, the results show that the overhead introducing the engine is acceptable. Through the operation result of three algorithms in different projects, the design of engine architecture could satisfy the microservice objective.

关键词： Costs Scalability Loading Microservice architectures Consensus algorithm Consensus protocol Engines

来源：评论

学校读者我要写书评

暂无评论

Automatic Search of Meet-in-the-Middle Differential Fault Analysis on AES-like Ciphers

IACR Transactions on Cryptographic Hardware and Embedded Sys...

引用

IACR Transactions on Cryptographic Hardware and Embedded Systems 2023年第4期2023卷 1-31页

作者： Yu, Qingyuan Dong, Xiaoyang Qin, Lingyue Kang, Yongze Jia, Keting Wang, Xiaoyun Zhang, Guoyan School of Cyber Science and Technology Shandong University Qingdao China Institute for Advanced Study BNRist Tsinghua University Beijing China BNRist Tsinghua University Beijing China Key Laboratory of Cryptologic Technology and Information Security Ministry of Education Shandong University Jinan China Institute for Network Sciences and Cyberspace BNRist Tsinghua University Beijing China Zhongguancun Laboratory Beijing China Shandong Institute of Blockchain Jinan China

Fault analysis is a powerful technique to retrieve secret keys by exploiting side-channel information. Differential fault analysis (DFA) is one of the most powerful threats utilizing differential information between correct and faulty ciphertexts and can recover keys for symmetric-key cryptosystems efficiently. Since DFA usually targets the first or last few rounds of the block ciphers, some countermeasures against DFA only protect the first and last few rounds for efficiency. Therefore, to explore how many rounds DFA can affect is very important to make sure how many rounds to protect in practice. At CHES 2011, Derbez et al. proposed an improved DFA on AES based on MitM approach, which covers one more round than previous DFAs. To perform good (or optimal) MitM DFA on block ciphers, the good (or optimal) attack configurations should be identified, such as the location where the faults inject, the matching point with differential relationship, and the two independent computation paths where two independent subsets of the key are involved. In this paper, we formulate the essential ideas of the construction of the attack, and translate the problem of searching for the best MitM DFA into optimization problems under constraints in Mixed-Integer-Linear-Programming (MILP) models. With the models, we achieve more powerful and practical DFA attacks on SKINNY, CRAFT, QARMA, PRINCE, PRINCEv2, and MIDORI with faults injected in 1 to 9 earlier rounds than the best previous DFAs. © 2023, Ruhr-University of Bochum. All rights reserved.

关键词： Side channel attack

来源：评论

学校读者我要写书评

暂无评论

Cross-heterogeneous Domain Authentication Scheme Based on Blockchain

引用

Journal of Artificial Intelligence and technology 2021年第2期1卷 92-100页

作者： Jing Liu Yixin Liu Yingxu Lai Rongchen Li Siyu Wu Sami Mian College of Computer Science Faculty of Information TechnologyBeijing University of TechnologyBeijing 100124China Shaanxi Key Laboratory of Network and System Security Xi’an 710071China Science and Technology on Information Assurance Laboratory Beijing 100072China Engineering Research Center of Intelligent Perception and Autonomous Control Ministry of EducationBeijing 100124China Fan Gongxiu Honors College Beijing University of TechnologyBeijing 100124China University of Pittsburgh PittsburghPA 15260USA

With the rising popularity of the Internet and the development of big data technology,an increasing number of organizations are opting to cooperate across domains to maximize their *** organizations use public key infrastructure to ensure security in accessing their data and ***,with the continuous development of identity-based encryption(IBE)technology,small-and medium-sized enterprises are increasingly using IBE to deploy internal authentication *** solve the problems that arise when crossing heterogeneous authentication domains and to guarantee the security of the certification process,we propose using blockchain technology to establish a reliable cross-domain authentication *** the distributed and tamper-resistant characteristics of the blockchain,we design a cross-domain authentication model based on blockchain to guarantee the security of the heterogeneous authentication process and present a cross-domain authentication protocol based on *** model does not change the internal trust structure of each authentication domain and is highly ***,on the premise of ensuring security,the process of verifying the signature of the root certificate in the traditional cross-domain authentication protocol is improved to verify the hash value of the root certificate,thereby improving the authentication *** developed prototype exhibits generality and simplicity compared to previous methods.

关键词： public key infrastructure identity-based encryption cross-domain authentication blockchain

来源：评论

学校读者我要写书评

暂无评论

Attentive Feature Focusing for Person Search by Natural Language 18th

Attentive Feature Focusing for Person Search by Natural La...

引用

18th International Forum of Digital Multimedia Communication, IFTC 2021

作者： Pan, Renjie Yang, Hua Yang, Xinxin Xiaodong, Mao Ye, Long Pan, Da The Institute of Image Communication and Network Engineering Department of Electronic Engineering Shanghai Jiao Tong University Shanghai China Shanghai Key Laboratory of Digital Media Processing and Transmission Shanghai Jiao Tong University Shanghai China Science and Technology Department of Shanghai Public Security Bureau Shanghai China State Key Laboratory of Media Convergence and Communication Communication University of China Beijing100024 China

ISBN: (纸本)9789811922657

Cross-modal Retrieval has made great improvement since social media and artificial intelligence is gradually changing our life style. Human interaction is no longer limited to a single mode. Cross-modal retrieval brings greater portability to users. Extracting more sufficient feature from multimedia data and better fusing the feature have become the focus of academic research. In response to these two issues, this paper applies deep learning as the foundation for person search by natural language, combining CNN and Transformer. Meanwhile, we utilize BERT, the most effective feature extraction network in Natural Language Processing and proposed a network architecture using attention mechanism. The framework is divided into a global branch and a fine-grained branch. At the same time, a human parsing network is designed to classify different parts of the characters to obtain feature representation in attribute level. In the visual-textual alignment, the k-reciprocal sampling algorithm is used to construct a more comprehensive sample pair. The proposed framework has achieved state-of-the-art performance in CUHK-PEDES, which proves its great capacity and prospect. © 2022, Springer Nature Singapore Pte Ltd.

关键词： network architecture

来源：评论

学校读者我要写书评

暂无评论

Ontology and Reinforcement Learning Based Intelligent Agent Automatic Penetration Test

Ontology and Reinforcement Learning Based Intelligent Agent ...

引用

2021 IEEE International Conference on Artificial Intelligence and Computer Applications, ICAICA 2021

作者： Qian, Kexiang Zhang, Daojuan Zhang, Peng Zhou, Zhihong Chen, Xiuzhen Duan, Shengxiong Institute of Information and Telecommunication Global Energy Interconnection Research Institute State Grid Key Laboratory of Information and Network Security Beijing China Shanghai Jiao Tong University Institute of Cyber Science and Technology Shanghai Key Laboratory of Integrated Administration Technologies for Information Security China Shanghai Jiao Tong University Institute of Cyber Science and Technology China

ISBN: (纸本)9781665418676

Penetration testing (PT) is the best method for vulnerabilities assessment and evaluating the security of the system under test, by planning and generating possible attack exploits, consist of a series of complex and time consuming trial-and-error stages. Many automated Pentest tools have made. Current Reinforce Learning (RL) based PT tools can do systematic and regular tests to save human resources. Without the aid of prior knowledge, RL-based penetration is somehow more like brute-force test. In this paper, we propose a novel ontology based BDI-agent RL automatic PT framework. By combining SWRL penetration testing knowledge base and RL in a BDI (belief-desire-intention) agent, the proposed model can make use of the ontology based knowledge base (prior knowledge) to optimize the planning problem in the uncertain and dynamic environment. Finally, the simulation on ASL simulation platform Jason proved the new BDI-agent auto-PT model can improve the accuracy and speed performance. © 2021 IEEE.

关键词： Ontology

来源：评论

学校读者我要写书评

暂无评论

Bioaccumulation and behavioral response patterns of crucian carp (Carassius carassius) after carbamazepine exposure and elimination

引用

Science of the Total Environment 2024年 951卷 175519页

作者： Liu, Wei Li, Zhao Li, Feilong Zhang, Yuan Ding, Sen State Environmental Protection Key Laboratory of Estuarine and Coastal Environment Chinese Research Academy of Environmental Sciences Beijing100012 China Technology Development Co. Ltd. Wuhan430071 China China National Environmental Monitoring Centre Beijing100012 China Guangdong Basic Research Center of Excellence for Ecological Security and Green Development Guangdong Provincial Key Laboratory of Water Quality Improvement and Ecological Restoration for Watersheds School of Ecology Environment and Resources Guangdong University of Technology Guangzhou510006 China

The antiepileptic drug carbamazepine (CBZ) has been widely detected in freshwater, yet its toxic actions in fish at multiple endpoints and the subsequent recovery patterns of the impacted are less discussed. This study investigated the bioaccumulation, physiological and behavioral changes of crucian carp (Carassius carassius) following CBZ exposure (G1 = 6.15 μg/L, G2 = 61.5 μg/L, G3 = 615 μg/L, G4 = 6150 μg/L) and subsequent recovery. Our results showed that CBZ was more likely to accumulate in the liver and brain than in the gills. A concentration-dependent phenomenon was observed;however, the residual CBZ decreased to similar levels after recovery. The behavioral indicators (i.e. feeding, social and spontaneous swimming) were significantly inhibited after 7-days of CBZ exposure, and only recovered at low concentration treatment (G1) after 7-days recovery in CBZ-free water. The acetylcholinesterase (AChE) activity in the brain and superoxide dismutase (SOD) activity in the liver and gills were induced after CBZ exposure and returned to normal levels after 7-days of recovery. In contrast, the inhibition of catalase (CAT) activity caused by CBZ exposure persisted in the high concentration treatment (G4) after recovery. Furthermore, correlation analysis indicated that changes in feeding behavior were closely related to the variation of CBZ concentrations in tissues, and the persistence of abnormal swimming and social behavior was closely related to gill CAT activity. These findings contribute to explore the toxic mechanisms of CBZ and highlight the recovery process and connections between various endpoints. © 2024 Elsevier B.V.

关键词： Macroinvertebrates

来源：评论

学校读者我要写书评

暂无评论

HIDG-based PSO Algorithm: Suspicious Sensor Selection for Power Grid Monitoring System Under Data Integrity Attack

HIDG-based PSO Algorithm: Suspicious Sensor Selection for Po...

引用

Electrical Engineering and Control Technologies (CEECT), Conference on

作者： Pandeng Li Zhihong Liang Yiwei Yang Liangyu Dong Yuhan Suo Yi Hao Electric Power Research Institute CSG Guangdong Provincial Key Laboratory of Power System Network Security Guangzhou Guangdong China China Industrial Control Systems Cyber Emergency Response Team Beijing China School of Automation Beijing Institute of Technology Beijing China

With the development of communication and sensing technology, it has become possible to monitor the operating status of the power grid system through a series of sensors. However, malicious adversaries may launch data integrity attacks to compromise the measurements of certain sensors, causing the grid monitoring system to fail to grasp the correct system operating status. To solve the NP-hard suspicious sensor selection problem, this paper proposes an efficient attack detection scheduling algorithm, the Particle Swarm Optimization algorithm based on historical information directional guidance (HIDG-based PSO algorithm). The proposed algorithm is utilized with its unique evolutionary mechanism, which reduces the computational power requirements for sensor selection. For the problem of uncertainty in evolutionary algorithms, this paper uses historical information to guide the selection of suspicious sensors at the current moment. The simulation results show that the proposed algorithm can efficiently select suspicious sensors, which will greatly improve the efficiency of attack detection and ensure the security of information fusion of the power grid monitoring system.

关键词：

来源：评论

学校读者我要写书评

暂无评论

A Hybrid Routing Algorithm based on Destruction Resistance Cost and Reliability in Flying Ad-Hoc networks 7

A Hybrid Routing Algorithm based on Destruction Resistance C...

引用

7th International Conference on Computer and Communications, ICCC 2021

作者： Guo, Kun Wang, Dongbin Zhi, Hui Gao, Yibo Zhang, Tao Lv, Tiejun Lu, Yueming Beijing University of Posts and Telecommunications Key Laboratory of Trustworthy Distributed Computing and Service Ministry of Education Beijing China Beijing University of Posts and Telecommunications National Engineering Laboratory For Mobile Network Beijing China TravelSky Technology Limited Beijing China Beijing University of Posts and Telecommunications Cyberspace Security Research Center Peng Cheng Laboratory Beijing China China Academy of Launch Vehicle Technology Beijing China

ISBN: (纸本)9781665409506

Existing routing algorithms in Flying Ad-Hoc Net- works (FANETs) lack the optimization consideration of destruction resistance cost caused by routing recovery when some nodes fail suddenly. In this paper, we propose a hybrid routing algorithm based on destruction resistance cost and reliability. Based on the real-time network topology and network state, the algorithm can provide a multi-parameters-based routing path with low destruction resistance cost for communication transmission. It can ensure that the main routing path can be quickly recovered after interruption and reduce the process of discovering new routing paths. We have constructed a variety of simulation scenarios to analyze the proposed algorithm and the existing algorithms. The simulation results show that the pro- posed algorithm has good performance in reducing destruction resistance cost. © 2021 IEEE.

关键词： Routing algorithms

来源：评论

学校读者我要写书评

暂无评论

建议与咨询留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

时间限定

文献类型

馆藏选择

核心期刊

语言

文献类型

帮助

文字说明：

检索规则说明：

检索范例：

分类表

所选分类

限定检索结果

文献类型

馆藏范围

日期分布

学科分类号

主题

机构

作者

语言

请选择保存的检索档案：

请选择收藏分类：

通借通还

建议与咨询 留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

时间限定

文献类型

馆藏选择

核心期刊

语言

文献类型

帮助

文字说明：

检索规则说明：

检索范例：

分类表

所选分类

限定检索结果

文献类型

馆藏范围

日期分布

学科分类号

主题

机构

作者

语言

请选择保存的检索档案： 新增检索档案 确定 取消

请选择收藏分类： 新增自定义分类 确定 取消

通借通还

建议与咨询留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

请选择保存的检索档案：

请选择收藏分类：