The nature of adhoc networks makes them vulnerable to security attacks. Many security technologies such as intrusion prevention and intrusion detection are passive in response to intrusions in that their countermea- s...The nature of adhoc networks makes them vulnerable to security attacks. Many security technologies such as intrusion prevention and intrusion detection are passive in response to intrusions in that their countermea- sures are only to protect the networks, and there is no automated network-wide counteraction against detected intrusions, the architecture of cooperation intrusion response based multi-agent is propose. The architecture is composed of mobile agents. Monitor agent resides on every node and monitors its neighbor nodes. Decision agent collects information from monitor nodes and detects an intrusion by security policies. When an intruder is found in the architecture, the block agents will get to the neighbor nodes of the intruder and form the mobile firewall to isolate the intruder. In the end, we evaluate it by simulation.展开更多
Tackling the problems of underground water storage in collieries in arid regions requires knowledge of the effect of water intrusion and loading rate on the mechanical properties of and crack development in coal–rock...Tackling the problems of underground water storage in collieries in arid regions requires knowledge of the effect of water intrusion and loading rate on the mechanical properties of and crack development in coal–rock combinations. Fifty-four coal–rock combinations were prepared and split equally into groups containing different moisture contents(dry, natural moisture and saturated) to conduct acoustic emission testing under uniaxial compression with loading rates ranging from 0.1 mm/min to 0.6 mm/min. The results show that the peak stress and strength-softening modulus, elastic modulus, strain-softening modulus, and post-peak modulus partly decrease with increasing moisture content and loading rate. In contrast, peak strain increases with increasing moisture content and fluctuates with rising loading rate. More significantly, the relationship between stiffness and stress, combined with accumulated counts of acoustic emission, can be used to precisely predict all phases of crack propagation. This is helpful in studying the impact of moisture content and loading rate on crack propagation and accurately calculating mechanical properties. We also determined that the stress thresholds of crack closure, crack initiation, and crack damage do not vary with changes of moisture content and loading rate, constituting 15.22%, 32.20%, and 80.98% of peak stress, respectively. These outcomes assist in developing approaches to water storage in coal mines, determining the necessary width of waterproof coal–rock pillars, and methods of supporting water-enriched roadways, while also advances understanding the mechanical properties of coal–rock combinations and laws of crack propagation.展开更多
Infrared target intrusion detection has significant applications in the fields of military defence and intelligent warning.In view of the characteristics of intrusion targets as well as inspection difficulties,an infr...Infrared target intrusion detection has significant applications in the fields of military defence and intelligent warning.In view of the characteristics of intrusion targets as well as inspection difficulties,an infrared target intrusion detection algorithm based on feature fusion and enhancement was proposed.This algorithm combines static target mode analysis and dynamic multi-frame correlation detection to extract infrared target features at different levels.Among them,LBP texture analysis can be used to effectively identify the posterior feature patterns which have been contained in the target library,while motion frame difference method can detect the moving regions of the image,improve the integrity of target regions such as camouflage,sheltering and deformation.In order to integrate the advantages of the two methods,the enhanced convolutional neural network was designed and the feature images obtained by the two methods were fused and enhanced.The enhancement module of the network strengthened and screened the targets,and realized the background suppression of infrared images.Based on the experiments,the effect of the proposed method and the comparison method on the background suppression and detection performance was evaluated,and the results showed that the SCRG and BSF values of the method in this paper had a better performance in multiple data sets,and it’s detection performance was far better than the comparison algorithm.The experiment results indicated that,compared with traditional infrared target detection methods,the proposed method could detect the infrared invasion target more accurately,and suppress the background noise more effectively.展开更多
A novel method for detecting anomalous program behavior is presented, which is applicable to hostbased intrusion detection systems that monitor system call activities. The method constructs a homogeneous Markov chain ...A novel method for detecting anomalous program behavior is presented, which is applicable to hostbased intrusion detection systems that monitor system call activities. The method constructs a homogeneous Markov chain model to characterize the normal behavior of a privileged program, and associates the states of the Markov chain with the unique system calls in the training data. At the detection stage, the probabilities that the Markov chain model supports the system call sequences generated by the program are computed. A low probability indicates an anomalous sequence that may result from intrusive activities. Then a decision rule based on the number of anomalous sequences in a locality frame is adopted to classify the program's behavior. The method gives attention to both computational efficiency and detection accuracy, and is especially suitable for on-line detection. It has been applied to practical host-based intrusion detection systems.展开更多
Mobile ad hoc networking (MANET) has become an exciting and important technology in recent years, because of the rapid proliferation of wireless devices. Mobile ad hoc networks is highly vulnerable to attacks due to...Mobile ad hoc networking (MANET) has become an exciting and important technology in recent years, because of the rapid proliferation of wireless devices. Mobile ad hoc networks is highly vulnerable to attacks due to the open medium, dynamically changing network topology, cooperative algorithms, and lack of centralized monitoring and management point. The traditional way of protecting networks with firewalls and encryption software is no longer sufficient and effective for those features. A distributed intrusion detection approach based on timed automata is given. A cluster-based detection scheme is presented, where periodically a node is elected as the monitor node for a cluster. These monitor nodes can not only make local intrusion detection decisions, but also cooperatively take part in global intrusion detection. And then the timed automata is constructed by the way of manually abstracting the correct behaviours of the node according to the routing protocol of dynamic source routing (DSR). The monitor nodes can verify the behaviour of every nodes by timed automata, and validly detect real-time attacks without signatures of intrusion or trained data. Compared with the architecture where each node is its own IDS agent, the approach is much more efficient while maintaining the same level of effectiveness. Finally, the intrusion detection method is evaluated through simulation experiments.展开更多
To solve the problem that current intrusion detection model needs large-scale data in formulating the model in real-time use, an intrusion detection system model based on grey theory (GTIDS) is presented. Grey theor...To solve the problem that current intrusion detection model needs large-scale data in formulating the model in real-time use, an intrusion detection system model based on grey theory (GTIDS) is presented. Grey theory has merits of fewer requirements on original data scale, less limitation of the distribution pattern and simpler algorithm in modeling. With these merits GTIDS constructs model according to partial time sequence for rapid detect on intrusive act in secure system. In this detection model rate of false drop and false retrieval are effectively reduced through twice modeling and repeated detect on target data. Furthermore, GTIDS framework and specific process of modeling algorithm are presented. The affectivity of GTIDS is proved through emulated experiments comparing snort and next-generation intrusion detection expert system (NIDES) in SRI international.展开更多
Anomaly detection has been an active research topic in the field of network intrusion detection for many years. A novel method is presented for anomaly detection based on system calls into the kernels of Unix or Linux...Anomaly detection has been an active research topic in the field of network intrusion detection for many years. A novel method is presented for anomaly detection based on system calls into the kernels of Unix or Linux systems. The method uses the data mining technique to model the normal behavior of a privileged program and uses a variable-length pattern matching algorithm to perform the comparison of the current behavior and historic normal behavior, which is more suitable for this problem than the fixed-length pattern matching algorithm proposed by Forrest et al. At the detection stage, the particularity of the audit data is taken into account, and two alternative schemes could be used to distinguish between normalities and intrusions. The method gives attention to both computational efficiency and detection accuracy and is especially applicable for on-line detection. The performance of the method is evaluated using the typical testing data set, and the results show that it is significantly better than the anomaly detection method based on hidden Markov models proposed by Yan et al. and the method based on fixed-length patterns proposed by Forrest and Hofmeyr. The novel method has been applied to practical hosted-based intrusion detection systems and achieved high detection performance.展开更多
An abstraction and an investigation to the worth of dendritic cells (DCs) ability to collect, process and present antigens are presented. Computationally, this ability is shown to provide a feature reduction mechanism...An abstraction and an investigation to the worth of dendritic cells (DCs) ability to collect, process and present antigens are presented. Computationally, this ability is shown to provide a feature reduction mechanism that could be used to reduce the complexity of a search space, a mechanism for development of highly specialized detector sets as well as a selective mechanism used in directing subsets of detectors to be activated when certain danger signals are present. It is shown that DCs, primed by different danger signals, provide a basis for different anomaly detection pathways. Different antigen-peptides are developed based on different danger signals present, and these peptides are presented to different adaptive layer detectors that correspond to the given danger signal. Experiments are then undertaken that compare current approaches, where a full antigen structure and the whole repertoire of detectors are used, with the proposed approach. Experiment results indicate that such an approach is feasible and can help reduce the complexity of the problem by significant levels. It also improves the efficiency of the system, given that only a subset of detectors are involved during the detection process. Having several different sets of detectors increases the robustness of the resulting system. Detectors developed based on peptides are also highly discriminative, which reduces the false positives rates, making the approach feasible for a real time environment.展开更多
An important problem in wireless communication networks (WCNs) is that they have a minimum number of resources, which leads to high-security threats. An approach to find and detect the attacks is the intrusion detecti...An important problem in wireless communication networks (WCNs) is that they have a minimum number of resources, which leads to high-security threats. An approach to find and detect the attacks is the intrusion detection system (IDS). In this paper, the fuzzy lion Bayes system (FLBS) is proposed for intrusion detection mechanism. Initially, the data set is grouped into a number of clusters by the fuzzy clustering algorithm. Here, the Naive Bayes classifier is integrated with the lion optimization algorithm and the new lion naive Bayes (LNB) is created for optimally generating the probability measures. Then, the LNB model is applied to each data group, and the aggregated data is generated. After generating the aggregated data, the LNB model is applied to the aggregated data, and the abnormal nodes are identified based on the posterior probability function. The performance of the proposed FLBS system is evaluated using the KDD Cup 99 data and the comparative analysis is performed by the existing methods for the evaluation metrics accuracy and false acceptance rate (FAR). From the experimental results, it can be shown that the proposed system has the maximum performance, which shows the effectiveness of the proposed system in the intrusion detection.展开更多
Network security problems bring many imperceptible threats to the integrity of data and the reliability of device services,so proposing a network intrusion detection model with high reliability is of great research si...Network security problems bring many imperceptible threats to the integrity of data and the reliability of device services,so proposing a network intrusion detection model with high reliability is of great research significance for network security.Due to the strong generalization of invalid features during training process,it is more difficult for single autoencoder intrusion detection model to obtain effective results.A network intrusion detection model based on the Ensemble of Denoising Adversarial Autoencoder(EDAAE)was proposed,which had higher accuracy and reliability compared to the traditional anomaly detection model.Using the adversarial learning idea of Adversarial Autoencoder(AAE),the discriminator module was added to the original model,and the encoder part was used as the generator.The distribution of the hidden space of the data generated by the encoder matched with the distribution of the original data.The generalization of the model to the invalid features was also reduced to improve the detection accuracy.At the same time,the denoising autoencoder and integrated operation was introduced to prevent overfitting in the adversarial learning process.Experiments on the CICIDS2018 traffic dataset showed that the proposed intrusion detection model achieves an Accuracy of 95.23%,which out performs traditional self-encoders and other existing intrusion detection models methods in terms of overall performance.展开更多
Static secure techniques, such as firewall, hierarchy filtering, distributed disposing,layer management, autonomy agent, secure communication, were introduced in distributed intrusion detection. The self-protection ag...Static secure techniques, such as firewall, hierarchy filtering, distributed disposing,layer management, autonomy agent, secure communication, were introduced in distributed intrusion detection. The self-protection agents were designed, which have the distributed architecture,cooperate with the agents in intrusion detection in a loose-coupled manner, protect the security of intrusion detection system, and respond to the intrusion actively. A prototype self-protection agent was implemented by using the packet filter in operation system kernel. The results show that all the hosts with the part of network-based intrusion detection system and the whole intrusion detection system are invisible from the outside and network scanning, and cannot apperceive the existence of network-based intrusion detection system. The communication between every part is secure. In the low layer, the packet streams are controlled to avoid the buffer leaks exist ing in some system service process and back-door programs, so as to prevent users from misusing and vicious attack like Trojan Horse effectively.展开更多
There are a variety of scientific techniques useful to know the subsurface resistivity in order to estimate the saline water intrusion effect during tsunami.The electrical resistivity methods involve the measurement o...There are a variety of scientific techniques useful to know the subsurface resistivity in order to estimate the saline water intrusion effect during tsunami.The electrical resistivity methods involve the measurement of the apparent resistivity of the soil and rock as a function of depth(vertical resistivity sounding) or lateral position(resistivity profiling).The resistivity of the soil is a complicated function of porosity, permeability,ionic content of pore fluids and展开更多
In this paper,we introduce an adaptive clustering algorithm for intrusion detection based on wavecluster which was introduced by Gholamhosein in 1999 and used with success in image processing.Because of the non-statio...In this paper,we introduce an adaptive clustering algorithm for intrusion detection based on wavecluster which was introduced by Gholamhosein in 1999 and used with success in image processing.Because of the non-stationary characteristic of network traffic,we extend and develop an adaptive wavecluster algorithm for intrusion detection.Using the multiresolution property of wavelet transforms,we can effectively identify arbitrarily shaped clusters at different scales and degrees of detail,moreover,applying wavelet transform removes the noise from the original feature space and make more accurate cluster found.Experimental results on KDD-99 intrusion detection dataset show the efficiency and accuracy of this algorithm.A detection rate above 96% and a false alarm rate below 3% are achieved.展开更多
The Baishiquan and Pobei Early Permian mafic-ultramafic intrusions were emplaced into Proterozoic metamorphic rocks in the Central Tianshan and the Beishan Fold Belt,northern Xinjiang,NW China.The Baishiquan intrusion...The Baishiquan and Pobei Early Permian mafic-ultramafic intrusions were emplaced into Proterozoic metamorphic rocks in the Central Tianshan and the Beishan Fold Belt,northern Xinjiang,NW China.The Baishiquan intrusion comprises mainly gabbro,and mela-gabbro sills occur within and along the margins of the gabbro body.In the Pobei intrusion,two distinct gabbroic packages,a lower gabbro and the main gabbro,are intruded and overlain by small cumulate wehrlite bodies.展开更多
Reservoirs can be developed in the sediment gravity flows.However,high quality reservoirs are found widespread in sediment gravity flows of Gangzhong area,Huanghua depression,Bohai Bay Basin,East China.Characteristics...Reservoirs can be developed in the sediment gravity flows.However,high quality reservoirs are found widespread in sediment gravity flows of Gangzhong area,Huanghua depression,Bohai Bay Basin,East China.Characteristics and formation of these reservoirs are key problems to be solved.Through comprehensive analysis of thin section petrography,scanning electron microscopy and X-ray diffraction,two distinct rules were obtained.1) These high quality reservoirs have apparent characteristics:lithology consists mainly of medium-fine grained sands; moderately-well sorted and rounded; intergranular pores dominating >70% of the entire pores,surface per unit pore volume reaches 15%; average porosity is 21% and average permeability is 55×10-3 μm2.2) Types of sedimentary microfacies and dissolution strongly control on the formation of high quality reservoirs.Main channels and sandy braided bars have the best reservoir properties.Because that sediments are mainly medium-fine grained sands in high-energy environments.The favorable primary porosity and permeability may promote calcite cementation and help to produce more secondary pores.Besides,at the depth of 2500-3200 m,basically matching threshold of oil generation,organic acid expelled when organic matter became mature,and H+ released during clay mineral transformation.These both result in the dissolution of calcite cements and create large volume pores,then physical properties improve correspondingly.Moreover,deep hydrothermal fluid intrusion may also have impacts on the development of secondary pores.展开更多
Understanding the physical,mechanical behavior,and seepage characteristics of coal under hydro-mechanical coupling holds significant importance for ensuring the stability of surrounding rock formations and preventing ...Understanding the physical,mechanical behavior,and seepage characteristics of coal under hydro-mechanical coupling holds significant importance for ensuring the stability of surrounding rock formations and preventing gas outbursts.Scanning electron microscopy,uniaxial tests,and triaxial tests were conducted to comprehensively analyze the macroscopic and microscopic physical and mechanical characteristics of coal under different soaking times.Moreover,by restoring the stress path and water injection conditions of the protective layer indoors,we explored the coal mining dynamic behavior and the evolution of permeability.The results show that water causes the micro-surface of coal to peel off and cracks to expand and develop.With the increase of soaking time,the uniaxial and triaxial strengths were gradually decreased with nonlinear trend,and decreased by 63.31%and 30.95%after soaking for 240 h,respectively.Under different water injection pressure conditions,coal permeability undergoes three stages during the mining loading process and ultimately increases to higher values.The peak stress of coal,the deviatoric stress and strain at the permeability surge point all decrease with increasing water injection pressure.The results of this research can help improve the understanding of the coal mechanical properties and seepage evolution law under hydro-mechanical coupling.展开更多
Square piles of reinforced concrete(RC)in marine environments are susceptible to chloride-inducedcorrosion.A novel reverse-seepage technique(RST)is applied to square piles to block the intrusion of chlorides.Thisresea...Square piles of reinforced concrete(RC)in marine environments are susceptible to chloride-inducedcorrosion.A novel reverse-seepage technique(RST)is applied to square piles to block the intrusion of chlorides.Thisresearch introduces a computational model designed to predict the lifespan of corrosion initiation in reinforced concretesquare piles when applied reverse-seepage pressure.The model considers the impacts of chloride binding and the tripletime-dependence property among the permeability,the corrected surface chloride concentration,and the diffusioncoefficient.The proposed numerical model is solved using the alternating direction implicit(ADI)approach,and itsaccuracy and reliability are evaluated by contrasting the computational outcomes with the analytical solution andexperimental results.Furthermore,the primary factors contributing to the corrosion of reinforced concrete square pilesare analyzed.The results indicate that applying RST can decrease the chloride penetration depth and prolong the lifespanof corrosion initiation in square piles.The water-cement ratio and reverse seepage pressure are the most influentialfactors.A water pressure of 0.4 MPa can double the life of concrete,and the durable life of concrete with a water-cementratio of 0.3 can reach 100 years.展开更多
基金This project was supported by the National Natural Science Foundation of China (60672068)the National High Technology Development 863 Program of China (2006AA01Z436, 2007AA01Z452.)
文摘The nature of adhoc networks makes them vulnerable to security attacks. Many security technologies such as intrusion prevention and intrusion detection are passive in response to intrusions in that their countermea- sures are only to protect the networks, and there is no automated network-wide counteraction against detected intrusions, the architecture of cooperation intrusion response based multi-agent is propose. The architecture is composed of mobile agents. Monitor agent resides on every node and monitors its neighbor nodes. Decision agent collects information from monitor nodes and detects an intrusion by security policies. When an intruder is found in the architecture, the block agents will get to the neighbor nodes of the intruder and form the mobile firewall to isolate the intruder. In the end, we evaluate it by simulation.
基金Project(2014QNB31)supported by the Fundamental Research Funds for the Central Universities,ChinaProjects(51674248)supported by the National Natural Science Foundation of ChinaProject supported by the Priority Academic Program Development of Jiangsu Higher Education Institutions(PAPD),China
文摘Tackling the problems of underground water storage in collieries in arid regions requires knowledge of the effect of water intrusion and loading rate on the mechanical properties of and crack development in coal–rock combinations. Fifty-four coal–rock combinations were prepared and split equally into groups containing different moisture contents(dry, natural moisture and saturated) to conduct acoustic emission testing under uniaxial compression with loading rates ranging from 0.1 mm/min to 0.6 mm/min. The results show that the peak stress and strength-softening modulus, elastic modulus, strain-softening modulus, and post-peak modulus partly decrease with increasing moisture content and loading rate. In contrast, peak strain increases with increasing moisture content and fluctuates with rising loading rate. More significantly, the relationship between stiffness and stress, combined with accumulated counts of acoustic emission, can be used to precisely predict all phases of crack propagation. This is helpful in studying the impact of moisture content and loading rate on crack propagation and accurately calculating mechanical properties. We also determined that the stress thresholds of crack closure, crack initiation, and crack damage do not vary with changes of moisture content and loading rate, constituting 15.22%, 32.20%, and 80.98% of peak stress, respectively. These outcomes assist in developing approaches to water storage in coal mines, determining the necessary width of waterproof coal–rock pillars, and methods of supporting water-enriched roadways, while also advances understanding the mechanical properties of coal–rock combinations and laws of crack propagation.
基金This work was supported by the National Natural Science Foundation of China(grant number:61671470)the National Key Research and Development Program of China(grant number:2016YFC0802904)the Postdoctoral Science Foundation Funded Project of China(grant number:2017M623423).
文摘Infrared target intrusion detection has significant applications in the fields of military defence and intelligent warning.In view of the characteristics of intrusion targets as well as inspection difficulties,an infrared target intrusion detection algorithm based on feature fusion and enhancement was proposed.This algorithm combines static target mode analysis and dynamic multi-frame correlation detection to extract infrared target features at different levels.Among them,LBP texture analysis can be used to effectively identify the posterior feature patterns which have been contained in the target library,while motion frame difference method can detect the moving regions of the image,improve the integrity of target regions such as camouflage,sheltering and deformation.In order to integrate the advantages of the two methods,the enhanced convolutional neural network was designed and the feature images obtained by the two methods were fused and enhanced.The enhancement module of the network strengthened and screened the targets,and realized the background suppression of infrared images.Based on the experiments,the effect of the proposed method and the comparison method on the background suppression and detection performance was evaluated,and the results showed that the SCRG and BSF values of the method in this paper had a better performance in multiple data sets,and it’s detection performance was far better than the comparison algorithm.The experiment results indicated that,compared with traditional infrared target detection methods,the proposed method could detect the infrared invasion target more accurately,and suppress the background noise more effectively.
基金the National Grand Fundamental Research "973" Program of China (2004CB318109)the High-Technology Research and Development Plan of China (863-307-7-5)the National Information Security 242 Program ofChina (2005C39).
文摘A novel method for detecting anomalous program behavior is presented, which is applicable to hostbased intrusion detection systems that monitor system call activities. The method constructs a homogeneous Markov chain model to characterize the normal behavior of a privileged program, and associates the states of the Markov chain with the unique system calls in the training data. At the detection stage, the probabilities that the Markov chain model supports the system call sequences generated by the program are computed. A low probability indicates an anomalous sequence that may result from intrusive activities. Then a decision rule based on the number of anomalous sequences in a locality frame is adopted to classify the program's behavior. The method gives attention to both computational efficiency and detection accuracy, and is especially suitable for on-line detection. It has been applied to practical host-based intrusion detection systems.
基金the National High Technology Development "863" Program of China (2006AA01Z436, 2007AA01Z452)the National Natural Science Foundation of China(60702042).
文摘Mobile ad hoc networking (MANET) has become an exciting and important technology in recent years, because of the rapid proliferation of wireless devices. Mobile ad hoc networks is highly vulnerable to attacks due to the open medium, dynamically changing network topology, cooperative algorithms, and lack of centralized monitoring and management point. The traditional way of protecting networks with firewalls and encryption software is no longer sufficient and effective for those features. A distributed intrusion detection approach based on timed automata is given. A cluster-based detection scheme is presented, where periodically a node is elected as the monitor node for a cluster. These monitor nodes can not only make local intrusion detection decisions, but also cooperatively take part in global intrusion detection. And then the timed automata is constructed by the way of manually abstracting the correct behaviours of the node according to the routing protocol of dynamic source routing (DSR). The monitor nodes can verify the behaviour of every nodes by timed automata, and validly detect real-time attacks without signatures of intrusion or trained data. Compared with the architecture where each node is its own IDS agent, the approach is much more efficient while maintaining the same level of effectiveness. Finally, the intrusion detection method is evaluated through simulation experiments.
文摘To solve the problem that current intrusion detection model needs large-scale data in formulating the model in real-time use, an intrusion detection system model based on grey theory (GTIDS) is presented. Grey theory has merits of fewer requirements on original data scale, less limitation of the distribution pattern and simpler algorithm in modeling. With these merits GTIDS constructs model according to partial time sequence for rapid detect on intrusive act in secure system. In this detection model rate of false drop and false retrieval are effectively reduced through twice modeling and repeated detect on target data. Furthermore, GTIDS framework and specific process of modeling algorithm are presented. The affectivity of GTIDS is proved through emulated experiments comparing snort and next-generation intrusion detection expert system (NIDES) in SRI international.
基金supported by the National Grand Fundamental Research "973" Program of China (2004CB318109)the National High-Technology Research and Development Plan of China (2006AA01Z452)the National Information Security "242"Program of China (2005C39).
文摘Anomaly detection has been an active research topic in the field of network intrusion detection for many years. A novel method is presented for anomaly detection based on system calls into the kernels of Unix or Linux systems. The method uses the data mining technique to model the normal behavior of a privileged program and uses a variable-length pattern matching algorithm to perform the comparison of the current behavior and historic normal behavior, which is more suitable for this problem than the fixed-length pattern matching algorithm proposed by Forrest et al. At the detection stage, the particularity of the audit data is taken into account, and two alternative schemes could be used to distinguish between normalities and intrusions. The method gives attention to both computational efficiency and detection accuracy and is especially applicable for on-line detection. The performance of the method is evaluated using the typical testing data set, and the results show that it is significantly better than the anomaly detection method based on hidden Markov models proposed by Yan et al. and the method based on fixed-length patterns proposed by Forrest and Hofmeyr. The novel method has been applied to practical hosted-based intrusion detection systems and achieved high detection performance.
基金Project(50275150) supported by the National Natural Science Foundation of ChinaProjects(20040533035, 20070533131) supported by the National Research Foundation for the Doctoral Program of Higher Education of China
文摘An abstraction and an investigation to the worth of dendritic cells (DCs) ability to collect, process and present antigens are presented. Computationally, this ability is shown to provide a feature reduction mechanism that could be used to reduce the complexity of a search space, a mechanism for development of highly specialized detector sets as well as a selective mechanism used in directing subsets of detectors to be activated when certain danger signals are present. It is shown that DCs, primed by different danger signals, provide a basis for different anomaly detection pathways. Different antigen-peptides are developed based on different danger signals present, and these peptides are presented to different adaptive layer detectors that correspond to the given danger signal. Experiments are then undertaken that compare current approaches, where a full antigen structure and the whole repertoire of detectors are used, with the proposed approach. Experiment results indicate that such an approach is feasible and can help reduce the complexity of the problem by significant levels. It also improves the efficiency of the system, given that only a subset of detectors are involved during the detection process. Having several different sets of detectors increases the robustness of the resulting system. Detectors developed based on peptides are also highly discriminative, which reduces the false positives rates, making the approach feasible for a real time environment.
文摘An important problem in wireless communication networks (WCNs) is that they have a minimum number of resources, which leads to high-security threats. An approach to find and detect the attacks is the intrusion detection system (IDS). In this paper, the fuzzy lion Bayes system (FLBS) is proposed for intrusion detection mechanism. Initially, the data set is grouped into a number of clusters by the fuzzy clustering algorithm. Here, the Naive Bayes classifier is integrated with the lion optimization algorithm and the new lion naive Bayes (LNB) is created for optimally generating the probability measures. Then, the LNB model is applied to each data group, and the aggregated data is generated. After generating the aggregated data, the LNB model is applied to the aggregated data, and the abnormal nodes are identified based on the posterior probability function. The performance of the proposed FLBS system is evaluated using the KDD Cup 99 data and the comparative analysis is performed by the existing methods for the evaluation metrics accuracy and false acceptance rate (FAR). From the experimental results, it can be shown that the proposed system has the maximum performance, which shows the effectiveness of the proposed system in the intrusion detection.
文摘Network security problems bring many imperceptible threats to the integrity of data and the reliability of device services,so proposing a network intrusion detection model with high reliability is of great research significance for network security.Due to the strong generalization of invalid features during training process,it is more difficult for single autoencoder intrusion detection model to obtain effective results.A network intrusion detection model based on the Ensemble of Denoising Adversarial Autoencoder(EDAAE)was proposed,which had higher accuracy and reliability compared to the traditional anomaly detection model.Using the adversarial learning idea of Adversarial Autoencoder(AAE),the discriminator module was added to the original model,and the encoder part was used as the generator.The distribution of the hidden space of the data generated by the encoder matched with the distribution of the original data.The generalization of the model to the invalid features was also reduced to improve the detection accuracy.At the same time,the denoising autoencoder and integrated operation was introduced to prevent overfitting in the adversarial learning process.Experiments on the CICIDS2018 traffic dataset showed that the proposed intrusion detection model achieves an Accuracy of 95.23%,which out performs traditional self-encoders and other existing intrusion detection models methods in terms of overall performance.
文摘Static secure techniques, such as firewall, hierarchy filtering, distributed disposing,layer management, autonomy agent, secure communication, were introduced in distributed intrusion detection. The self-protection agents were designed, which have the distributed architecture,cooperate with the agents in intrusion detection in a loose-coupled manner, protect the security of intrusion detection system, and respond to the intrusion actively. A prototype self-protection agent was implemented by using the packet filter in operation system kernel. The results show that all the hosts with the part of network-based intrusion detection system and the whole intrusion detection system are invisible from the outside and network scanning, and cannot apperceive the existence of network-based intrusion detection system. The communication between every part is secure. In the low layer, the packet streams are controlled to avoid the buffer leaks exist ing in some system service process and back-door programs, so as to prevent users from misusing and vicious attack like Trojan Horse effectively.
文摘There are a variety of scientific techniques useful to know the subsurface resistivity in order to estimate the saline water intrusion effect during tsunami.The electrical resistivity methods involve the measurement of the apparent resistivity of the soil and rock as a function of depth(vertical resistivity sounding) or lateral position(resistivity profiling).The resistivity of the soil is a complicated function of porosity, permeability,ionic content of pore fluids and
文摘In this paper,we introduce an adaptive clustering algorithm for intrusion detection based on wavecluster which was introduced by Gholamhosein in 1999 and used with success in image processing.Because of the non-stationary characteristic of network traffic,we extend and develop an adaptive wavecluster algorithm for intrusion detection.Using the multiresolution property of wavelet transforms,we can effectively identify arbitrarily shaped clusters at different scales and degrees of detail,moreover,applying wavelet transform removes the noise from the original feature space and make more accurate cluster found.Experimental results on KDD-99 intrusion detection dataset show the efficiency and accuracy of this algorithm.A detection rate above 96% and a false alarm rate below 3% are achieved.
文摘The Baishiquan and Pobei Early Permian mafic-ultramafic intrusions were emplaced into Proterozoic metamorphic rocks in the Central Tianshan and the Beishan Fold Belt,northern Xinjiang,NW China.The Baishiquan intrusion comprises mainly gabbro,and mela-gabbro sills occur within and along the margins of the gabbro body.In the Pobei intrusion,two distinct gabbroic packages,a lower gabbro and the main gabbro,are intruded and overlain by small cumulate wehrlite bodies.
基金Project(2006CB202300)supported by the National Basic Research Program of China
文摘Reservoirs can be developed in the sediment gravity flows.However,high quality reservoirs are found widespread in sediment gravity flows of Gangzhong area,Huanghua depression,Bohai Bay Basin,East China.Characteristics and formation of these reservoirs are key problems to be solved.Through comprehensive analysis of thin section petrography,scanning electron microscopy and X-ray diffraction,two distinct rules were obtained.1) These high quality reservoirs have apparent characteristics:lithology consists mainly of medium-fine grained sands; moderately-well sorted and rounded; intergranular pores dominating >70% of the entire pores,surface per unit pore volume reaches 15%; average porosity is 21% and average permeability is 55×10-3 μm2.2) Types of sedimentary microfacies and dissolution strongly control on the formation of high quality reservoirs.Main channels and sandy braided bars have the best reservoir properties.Because that sediments are mainly medium-fine grained sands in high-energy environments.The favorable primary porosity and permeability may promote calcite cementation and help to produce more secondary pores.Besides,at the depth of 2500-3200 m,basically matching threshold of oil generation,organic acid expelled when organic matter became mature,and H+ released during clay mineral transformation.These both result in the dissolution of calcite cements and create large volume pores,then physical properties improve correspondingly.Moreover,deep hydrothermal fluid intrusion may also have impacts on the development of secondary pores.
基金Project(52225403)supported by the National Natural Science Foundation of ChinaProject(2023YFF0615401)supported by the National Key Research and Development Program of China+1 种基金Projects(2023NSFSC0004,2023NSFSC0790)supported by Science and Technology Program of Sichuan Province,ChinaProject(2021-CMCUKFZD001)supported by the Open Fund of State Key Laboratory of Coal Mining and Clean Utilization,China。
文摘Understanding the physical,mechanical behavior,and seepage characteristics of coal under hydro-mechanical coupling holds significant importance for ensuring the stability of surrounding rock formations and preventing gas outbursts.Scanning electron microscopy,uniaxial tests,and triaxial tests were conducted to comprehensively analyze the macroscopic and microscopic physical and mechanical characteristics of coal under different soaking times.Moreover,by restoring the stress path and water injection conditions of the protective layer indoors,we explored the coal mining dynamic behavior and the evolution of permeability.The results show that water causes the micro-surface of coal to peel off and cracks to expand and develop.With the increase of soaking time,the uniaxial and triaxial strengths were gradually decreased with nonlinear trend,and decreased by 63.31%and 30.95%after soaking for 240 h,respectively.Under different water injection pressure conditions,coal permeability undergoes three stages during the mining loading process and ultimately increases to higher values.The peak stress of coal,the deviatoric stress and strain at the permeability surge point all decrease with increasing water injection pressure.The results of this research can help improve the understanding of the coal mechanical properties and seepage evolution law under hydro-mechanical coupling.
基金Projects(52178371,52108355,52178321)supported by the National Natural Science Foundation of ChinaProject(202305)supported by the Research Project of Engineering Research Centre of Rock-Soil Drilling&Excavation and Protection,Ministry of Education,China。
文摘Square piles of reinforced concrete(RC)in marine environments are susceptible to chloride-inducedcorrosion.A novel reverse-seepage technique(RST)is applied to square piles to block the intrusion of chlorides.Thisresearch introduces a computational model designed to predict the lifespan of corrosion initiation in reinforced concretesquare piles when applied reverse-seepage pressure.The model considers the impacts of chloride binding and the tripletime-dependence property among the permeability,the corrected surface chloride concentration,and the diffusioncoefficient.The proposed numerical model is solved using the alternating direction implicit(ADI)approach,and itsaccuracy and reliability are evaluated by contrasting the computational outcomes with the analytical solution andexperimental results.Furthermore,the primary factors contributing to the corrosion of reinforced concrete square pilesare analyzed.The results indicate that applying RST can decrease the chloride penetration depth and prolong the lifespanof corrosion initiation in square piles.The water-cement ratio and reverse seepage pressure are the most influentialfactors.A water pressure of 0.4 MPa can double the life of concrete,and the durable life of concrete with a water-cementratio of 0.3 can reach 100 years.
