An attempt has been made to develop a distributed software infrastructure model for onboard data fusion system simulation, which is also applied to netted radar systems, onboard distributed detection systems and advan...An attempt has been made to develop a distributed software infrastructure model for onboard data fusion system simulation, which is also applied to netted radar systems, onboard distributed detection systems and advanced C3I systems. Two architectures are provided and verified: one is based on pure TCP/IP protocol and C/S model, and implemented with Winsock, the other is based on CORBA (common object request broker architecture). The performance of data fusion simulation system, i.e. reliability, flexibility and scalability, is improved and enhanced by two models. The study of them makes valuable explore on incorporating the distributed computation concepts into radar system simulation techniques.展开更多
Injection of water to enhance oil production is commonplace, and improvements in understanding the process are economically important. This study examines predictive models of the injection-to-production ratio. First...Injection of water to enhance oil production is commonplace, and improvements in understanding the process are economically important. This study examines predictive models of the injection-to-production ratio. Firstly, the error between the fitting and actual injection-production ratio is calculated with such methods as the injection-production ratio and water-oil ratio method, the material balance method, the multiple regression method, the gray theory GM (1,1) model and the back-propogation (BP) neural network method by computer applications in this paper. The relative average errors calculated are respectively 1.67%, 1.08%, 19.2%, 1.38% and 0.88%. Secondly, the reasons for the errors from different prediction methods are analyzed theoretically, indicating that the prediction precision of the BP neural network method is high, and that it has a better self-adaptability, so that it can reflect the internal relationship between the injection-production ratio and the influencing factors. Therefore, the BP neural network method is suitable to the prediction of injection-production ratio.展开更多
Today's Internet architecture provides only "best effort" services,thus it cannot guarantee quality of service(QoS) for applications.Software Defined Network(SDN)is a new approach to computer networking ...Today's Internet architecture provides only "best effort" services,thus it cannot guarantee quality of service(QoS) for applications.Software Defined Network(SDN)is a new approach to computer networking that separates control plane and forwarding planes,and has the advantage of centralized control and programmability.In this paper,we propose HiQoS that provides QoS guarantees using SDN.Moreover,HiQoS makes use of multiple paths between source and destination and queuing mechanisms to guarantee QoS for different types of traffic.Experimental results show that our HiQoS scheme can reduce delay and increase throughput to guarantee QoS.Very importantly,HiQoS recovers from link failure very quickly by rerouting traffic from failed path to other available path.展开更多
Autonomic networking is one of the hot research topics in the research area of future network architectures.In this paper, we introduce context-aware and autonomic attributes into DiffServ QoS framework, and propose a...Autonomic networking is one of the hot research topics in the research area of future network architectures.In this paper, we introduce context-aware and autonomic attributes into DiffServ QoS framework, and propose a novel autonomic packet marking(APM) algorithm.In the proposed autonomic QoS framework, APM is capable of collecting various QoS related contexts, and adaptively adjusting its behavior to provide better QoS guarantee according to users' requirements and network conditions.Simulation results show that APM provides better performance than traditional packet marker, and significantly improves user's quality of experience.展开更多
The backdoor or information leak of Web servers can be detected by using Web Mining techniques on some abnormal Web log and Web application log data. The security of Web servers can be enhanced and the damage of illeg...The backdoor or information leak of Web servers can be detected by using Web Mining techniques on some abnormal Web log and Web application log data. The security of Web servers can be enhanced and the damage of illegal access can be avoided. Firstly, the system for discovering the patterns of information leakages in CGI scripts from Web log data was proposed. Secondly, those patterns for system administrators to modify their codes and enhance their Web site security were provided. The following aspects were described: one is to combine web application log with web log to extract more information,so web data mining could be used to mine web log for discovering the information that firewall and Information Detection System cannot find. Another approach is to propose an operation module of web site to enhance Web site security. In cluster server session, Density -Based Clustering technique is used to reduce resource cost and obtain better efficiency.展开更多
In order to achieve fast synchronization of the modulation hopping system, a synchronization scheme called short code to guide long code is adopted, and the initial synchronization hops and service hops are designed i...In order to achieve fast synchronization of the modulation hopping system, a synchronization scheme called short code to guide long code is adopted, and the initial synchronization hops and service hops are designed in detail.According to the system requirements for short code in the properties of time-varying, safety and balance, an algorithm to design wide-gap chaos short code based on TOD is proposed.Synchronization performance analysis shows that the algorithm has good performance, the initial synchronization time and the later entering network synchronization time are short, additionally, maximum synchronization time difference and synchronization maintaining time are long, all of which meet the needs of normal communications, and further verify the synchronization scheme feasible.展开更多
Vulnerability-testing Oriented Petri Net (VOPN), a vulnerability testing model for communication protocol is brought forward first, which is combined Petri Net system with protocol Syntax analysis. Then vulnerabilit...Vulnerability-testing Oriented Petri Net (VOPN), a vulnerability testing model for communication protocol is brought forward first, which is combined Petri Net system with protocol Syntax analysis. Then vulnerability testing of implementation of HTTP protocol based on VOPN is made and the process is analyzed to prove the feasibility of the model.展开更多
The Binary-based attestation (BA) mechanism presented by the Trusted Computing Group can equip the application with the capability of genuinely identifying configurations of remote system. However, BA only supports ...The Binary-based attestation (BA) mechanism presented by the Trusted Computing Group can equip the application with the capability of genuinely identifying configurations of remote system. However, BA only supports the attestation for specific patterns of binary codes defined by a trusted party, mostly the software vendor, for a particular version of a software. In this paper, we present a Source-Code Oriented Attestation (SCOA) framework to enable custom built application to be attested to in the TCG attestation architecture. In SCOA, security attributes are bond with the source codes of an application instead of its binaries codes. With a proof chain generated by a Trusted Building System to record the building procedure, the challengers can determine whether the binary interacted with is genuinely built from a particular set of source codes. Moreover, with the security attribute certificates assigned to the source codes, they can determine the trustworthiness of the binary. In this paper, we present a TBS implementation with virtualization.展开更多
Existing detection methods against SYN flooding attacks are effective only at the later stages when attacking signatures are obvious.In this paper an early stage detecting method(ESDM) is proposed.The ESDM is a simple...Existing detection methods against SYN flooding attacks are effective only at the later stages when attacking signatures are obvious.In this paper an early stage detecting method(ESDM) is proposed.The ESDM is a simple but effective method to detect SYN flooding attacks at the early stage.In the ESDM the SYN traffic is forecasted by autoregressive integrated moving average model, and non-parametric cumulative sum algorithm is used to find the SYN flooding attacks according to the forecasted traffic.Trace-driven simulations show that ESDM is accurate and efficient to detect the SYN flooding attacks.展开更多
This paper discussed the necessity of establishing a computer network in a mining railway transport management system. The network structure and the system security design, associated with the real development conditi...This paper discussed the necessity of establishing a computer network in a mining railway transport management system. The network structure and the system security design, associated with the real development condition of a mining area, were brought forward, and the system evaluation was given.展开更多
文摘An attempt has been made to develop a distributed software infrastructure model for onboard data fusion system simulation, which is also applied to netted radar systems, onboard distributed detection systems and advanced C3I systems. Two architectures are provided and verified: one is based on pure TCP/IP protocol and C/S model, and implemented with Winsock, the other is based on CORBA (common object request broker architecture). The performance of data fusion simulation system, i.e. reliability, flexibility and scalability, is improved and enhanced by two models. The study of them makes valuable explore on incorporating the distributed computation concepts into radar system simulation techniques.
文摘Injection of water to enhance oil production is commonplace, and improvements in understanding the process are economically important. This study examines predictive models of the injection-to-production ratio. Firstly, the error between the fitting and actual injection-production ratio is calculated with such methods as the injection-production ratio and water-oil ratio method, the material balance method, the multiple regression method, the gray theory GM (1,1) model and the back-propogation (BP) neural network method by computer applications in this paper. The relative average errors calculated are respectively 1.67%, 1.08%, 19.2%, 1.38% and 0.88%. Secondly, the reasons for the errors from different prediction methods are analyzed theoretically, indicating that the prediction precision of the BP neural network method is high, and that it has a better self-adaptability, so that it can reflect the internal relationship between the injection-production ratio and the influencing factors. Therefore, the BP neural network method is suitable to the prediction of injection-production ratio.
基金supported partly by NSFC(National Natural Science Foundation of China)under grant No.61371191 and No.61472389
文摘Today's Internet architecture provides only "best effort" services,thus it cannot guarantee quality of service(QoS) for applications.Software Defined Network(SDN)is a new approach to computer networking that separates control plane and forwarding planes,and has the advantage of centralized control and programmability.In this paper,we propose HiQoS that provides QoS guarantees using SDN.Moreover,HiQoS makes use of multiple paths between source and destination and queuing mechanisms to guarantee QoS for different types of traffic.Experimental results show that our HiQoS scheme can reduce delay and increase throughput to guarantee QoS.Very importantly,HiQoS recovers from link failure very quickly by rerouting traffic from failed path to other available path.
基金Supported by the National Grand Fundamental Research 973 Program of China under Grant No. 2009CB320504the National High Technology Development 863 Program of China under Grant No.2007AA01Z206 and No.2009AA01Z210the EU FP7 Project EFIPSANS (INFSO-ICT-215549)
文摘Autonomic networking is one of the hot research topics in the research area of future network architectures.In this paper, we introduce context-aware and autonomic attributes into DiffServ QoS framework, and propose a novel autonomic packet marking(APM) algorithm.In the proposed autonomic QoS framework, APM is capable of collecting various QoS related contexts, and adaptively adjusting its behavior to provide better QoS guarantee according to users' requirements and network conditions.Simulation results show that APM provides better performance than traditional packet marker, and significantly improves user's quality of experience.
文摘The backdoor or information leak of Web servers can be detected by using Web Mining techniques on some abnormal Web log and Web application log data. The security of Web servers can be enhanced and the damage of illegal access can be avoided. Firstly, the system for discovering the patterns of information leakages in CGI scripts from Web log data was proposed. Secondly, those patterns for system administrators to modify their codes and enhance their Web site security were provided. The following aspects were described: one is to combine web application log with web log to extract more information,so web data mining could be used to mine web log for discovering the information that firewall and Information Detection System cannot find. Another approach is to propose an operation module of web site to enhance Web site security. In cluster server session, Density -Based Clustering technique is used to reduce resource cost and obtain better efficiency.
基金supported by the Doctor Sustention Foundation of Telecommunication Engineering Institute,Air Force Engineering University (No.KDYBSJJ08605)the Key Laboratory Foundation of National Defense Science and Technology (No.9140c860302)
文摘In order to achieve fast synchronization of the modulation hopping system, a synchronization scheme called short code to guide long code is adopted, and the initial synchronization hops and service hops are designed in detail.According to the system requirements for short code in the properties of time-varying, safety and balance, an algorithm to design wide-gap chaos short code based on TOD is proposed.Synchronization performance analysis shows that the algorithm has good performance, the initial synchronization time and the later entering network synchronization time are short, additionally, maximum synchronization time difference and synchronization maintaining time are long, all of which meet the needs of normal communications, and further verify the synchronization scheme feasible.
文摘Vulnerability-testing Oriented Petri Net (VOPN), a vulnerability testing model for communication protocol is brought forward first, which is combined Petri Net system with protocol Syntax analysis. Then vulnerability testing of implementation of HTTP protocol based on VOPN is made and the process is analyzed to prove the feasibility of the model.
基金This work is under support of National Natural Science Foundation of China under grant No. 60873238.
文摘The Binary-based attestation (BA) mechanism presented by the Trusted Computing Group can equip the application with the capability of genuinely identifying configurations of remote system. However, BA only supports the attestation for specific patterns of binary codes defined by a trusted party, mostly the software vendor, for a particular version of a software. In this paper, we present a Source-Code Oriented Attestation (SCOA) framework to enable custom built application to be attested to in the TCG attestation architecture. In SCOA, security attributes are bond with the source codes of an application instead of its binaries codes. With a proof chain generated by a Trusted Building System to record the building procedure, the challengers can determine whether the binary interacted with is genuinely built from a particular set of source codes. Moreover, with the security attribute certificates assigned to the source codes, they can determine the trustworthiness of the binary. In this paper, we present a TBS implementation with virtualization.
基金supported by the National High-Tech Research and Development Plan of China under Grant No. 2006AA01Z448 (863)the Key Science and Technology Research project of Ministry of Education of China under Grant No. 108013+1 种基金the Foundation for Innovative Research Groups of the National Natural Science Foundation of China under Grant No. 60821001the National Information Security Plan of China under Grant No.2007A14 (242)
文摘Existing detection methods against SYN flooding attacks are effective only at the later stages when attacking signatures are obvious.In this paper an early stage detecting method(ESDM) is proposed.The ESDM is a simple but effective method to detect SYN flooding attacks at the early stage.In the ESDM the SYN traffic is forecasted by autoregressive integrated moving average model, and non-parametric cumulative sum algorithm is used to find the SYN flooding attacks according to the forecasted traffic.Trace-driven simulations show that ESDM is accurate and efficient to detect the SYN flooding attacks.
文摘This paper discussed the necessity of establishing a computer network in a mining railway transport management system. The network structure and the system security design, associated with the real development condition of a mining area, were brought forward, and the system evaluation was given.
