Network flow watermarking(NFW) is usually used for flow *** actively modulating some features of the carrier traffic,NFW can establish the correspondence between different network *** the face of strict demands of net...
详细信息
Network flow watermarking(NFW) is usually used for flow *** actively modulating some features of the carrier traffic,NFW can establish the correspondence between different network *** the face of strict demands of network traffic tracing,current watermarking methods cannot work efficiently due to the dependence on specific protocols,demand for large quantities of packets,weakness on resisting network channel interferences and so *** this end,we propose a robust network flow watermarking method based on IP packet sequence,called as *** is designed to utilize the packet sequence as watermark carrier with IP identification field which is insensitive to time jitter and suitable for all IP based *** enhance the robustness against packet loss and packet reordering,the detection sequence set is constructed in terms of the variation range of packet sequence,correcting the possible errors caused by the network *** improve the detection accuracy,the long watermark information is divided into several short sequences to embed in turn and assembled during *** a large number of experiments on the Internet,the overall detection rate and accuracy of IP-Pealing reach 99.91% and 99.42%*** comparison with the classical network flow watermarking methods,such as PROFW,IBW,ICBW,WBIPD and SBTT,the accuracy of IP-Pealing is increased by 13.70% to 54.00%.
For nonlinear feedback shift registers(NFSRs), their greatest common subfamily may be not unique. Given two NFSRs, the authors only consider the case that their greatest common subfamily exists and is unique. If the g...
详细信息
For nonlinear feedback shift registers(NFSRs), their greatest common subfamily may be not unique. Given two NFSRs, the authors only consider the case that their greatest common subfamily exists and is unique. If the greatest common subfamily is exactly the set of all sequences which can be generated by both of them, the authors can determine it by Grbner basis theory. Otherwise, the authors can determine it under some conditions and partly solve the problem.
IP geolocation is essential for the territorial analysis of sensitive network entities,location-based services(LBS)and network fraud *** has important theoretical significance and application ***-based IP geolocation ...
详细信息
IP geolocation is essential for the territorial analysis of sensitive network entities,location-based services(LBS)and network fraud *** has important theoretical significance and application ***-based IP geolocation is a hot research ***,the existing IP geolocation algorithms cannot effectively utilize the distance characteristics of the delay,and the nodes’connection relation,resulting in high geolocation *** is challenging to obtain the mapping between delay,nodes’connection relation,and geographical *** on the idea of network representation learning,we propose a representation learning model for IP nodes(IP2vec for short)and apply it to street-level IP ***2vec model vectorizes nodes according to the connection relation and delay between nodes so that the IP vectors can reflect the distance and topological proximity between IP *** steps of the street-level IP geolocation algorithm based on IP2vec model are as follows:Firstly,we measure landmarks and target IP to obtain delay and path information to construct the network ***,we use the IP2vec model to obtain the IP vectors from the network ***,we train a neural network to fit the mapping relation between vectors and locations of ***,the vector of target IP is fed into the neural network to obtain the geographical location of target *** algorithm can accurately infer geographical locations of target IPs based on delay and topological proximity embedded in the IP *** cross-validation experimental results on 10023 target IPs in New York,Beijing,Hong Kong,and Zhengzhou demonstrate that the proposed algorithm can achieve street-level *** with the existing algorithms such as Hop-Hot,IP-geolocater and SLG,the mean geolocation error of the proposed algorithm is reduced by 33%,39%,and 51%,respectively.
Taking the schemes based on different formulas of secure key rate as examples, we give a fair comparison between typical protocols under Universal composable(UC) security frame. Through analyzing the relationship of s...
详细信息
Taking the schemes based on different formulas of secure key rate as examples, we give a fair comparison between typical protocols under Universal composable(UC) security frame. Through analyzing the relationship of security parameters in post-processing stage and final secure key rate, we achieve the unified quantification between protocols based on Gottesman-Lo-L¨utkenhausPreskill(GLLP) formula and the ones under UC *** on the above research, the impact of different sending lengths and secure parameters on secure key rate is investigated. Besides, we analyze the conditions of fair comparison, and for the first time we give a fair comparison between the protocols based on GLLP formula and smooth entropy. By typical efficiency comparisons, we summarize the way for improving secure key rate in the light intensity choice and the single bit error rate estimation method.
Location based services(LBS)are widely utilized,and determining the location of users’IP is the foundation for *** by unstable delay and insufficient landmarks,the existing geolocation algorithms have problems such a...
详细信息
Location based services(LBS)are widely utilized,and determining the location of users’IP is the foundation for *** by unstable delay and insufficient landmarks,the existing geolocation algorithms have problems such as low geolocation accuracy and uncertain geolocation error,difficult to meet the requirements of LBS for accuracy and reliability.A new IP geolocation algorithm based on router error training is proposed in this manuscript to improve the accuracy of geolocation results and obtain the current geolocation error ***,bootstrapping is utilized to divide the landmark data into training set and verification set,and/24 subnet distribution is utilized to extend the training ***,the path detection is performed on nodes in the three data sets respectively to extract the metropolitan area network(MAN)of the target city,and the geolocation result and error of each router in MAN are obtained by training the detection ***,the MAN is utilized to get the target’s *** on China’s 24,254 IP geolocation experiments,the proposed algorithm has higher geolocation accuracy and lower median error than existing typical geolocation algorithms LBG,SLG,NNG and RNBG,and in most cases the difference is less than 10km between estimated error and actual error.
Most web service systems are built in a static configuration web server or re dundant same web ***,traditional web service system make it easy for a cyber adversary to plan and launch *** improve the cyber security,mi...
详细信息
ISBN:
(纸本)9781509001668
Most web service systems are built in a static configuration web server or re dundant same web ***,traditional web service system make it easy for a cyber adversary to plan and launch *** improve the cyber security,mimic security defense where heterogeneity play an important role has been proposed to increase the difficulty for the adversary to launch successful *** this paper,we first present a formal description of heterogeneous web servers and a method how to measure the heterogeneity of web *** addition,we also present the scheduling strategy for heterogeneous web servers and demonstrate the effectiveness of this strategy in a general heterogeneous web service *** strategy of heterogeneous web servers scheduling can disrupt the vicious scan,deceive the judgment about vulnerability and prevent some vulnerabilities being found that make vulnerability attacks difficult.
Sparse LU decomposition is the core computation in the direct method that solves sparse systems of linear equations. Only little work has been conducted on parallelizing it on FPGAs. In this paper, we study paralleliz...
详细信息
ISBN:
(纸本)9781467328463;9781467328449
Sparse LU decomposition is the core computation in the direct method that solves sparse systems of linear equations. Only little work has been conducted on parallelizing it on FPGAs. In this paper, we study parallelization strategies for sparse LU decomposition on FPGAs. We first analyze how to parallelize the right-looking algorithm and find that this algorithm is not suitable for FPGAs. Then the left-looking algorithm is analyzed and considered as better candidate than the right-looking version. Our design derived from the left-looking algorithm is based on a simple yet efficient parallel computational model for FPGAs. Our design mainly consists of multiple parallel processing elements (PEs). A total of 14 PEs can be integrated into a Xilinx Virtex-5 XC5VLX330. Unlike related work, where their designs are applied to sparse matrices from particular application domains, our hardware design can be applied to any symmetric positive definite or diagonally dominant matrices.
In order to improve the attack efficiency of the New FORK-256 function, an algorithm based on Grover's quantum search algorithm and birthday attack is proposed. In this algorithm, finding a collision for arbitrary...
详细信息
In order to improve the attack efficiency of the New FORK-256 function, an algorithm based on Grover's quantum search algorithm and birthday attack is proposed. In this algorithm, finding a collision for arbitrary hash function only needs O(2m/3) expected evaluations, where m is the size of hash space value. It is proved that the algorithm can obviously improve the attack efficiency for only needing O(2 74.7) expected evaluations, and this is more efficient than any known classical algorithm, and the consumed space of the algorithm equals the evaluation.
With the development of the nonvolatile memory(NVM),using NVM in the design of the cache and scratchpad memory(SPM)has been *** paper presents a data variable allocation(DVA)algorithm based on the genetic algorithm fo...
详细信息
With the development of the nonvolatile memory(NVM),using NVM in the design of the cache and scratchpad memory(SPM)has been *** paper presents a data variable allocation(DVA)algorithm based on the genetic algorithm for NVM-based SPM to prolong the *** lifetime can be formulated indirectly as the write counts on each SPM *** the differences between global variables and stack variables,our optimization model has three *** constraints of the central processing unit(CPU)utilization and size are used for all variables,while no-overlay constraint is only used for stack *** satisfy the constraints of the optimization model,we use the greedy strategy to generate the initial population which can determine whether data variables are allocated to SPM and distribute them evenly on SPM ***,we use the Mälardalen worst case executive time(WCET)benchmark to evaluate our *** experimental results show that the DVA algorithm can not only obtain close-to-optimal solutions,but also prolong the lifetime by 9.17% on average compared with SRAM-based SPM.
Software defined networks(SDNs) are innovative network frameworks that have recently received wide attention. Their programming flexibility facilitates automatic network management and control, thus mitigating existin...
详细信息
Software defined networks(SDNs) are innovative network frameworks that have recently received wide attention. Their programming flexibility facilitates automatic network management and control, thus mitigating existing issues in the traditional network architecture. However, SDNs face several security risks,in particular denial-of-service(DoS) attacks, the most common and serious network attacks. To address such a threat, an SDN-DoS attack detection method is proposed based on fusing multiple flow features for describing the network catastrophe between the normal and the attack state. Several statistic attributes of SDN flow information are first chosen as detection features; subsequently, the cusp model is used to establish a catastrophe equilibrium surface for SDN states. After being trained, the cusp catastrophe model can be utilized to infer whether an SDN is under DoS attack. The experimental results demonstrate that the method can effectively and timely perceive SDN-DoS attacks, not only in simple networks but also in larger enterprise networks.
暂无评论