A scheme to construct signatures automatically for Snort from the data captured by honeypots is presented. With this scheme intrusion detection systems can be quickly updated to detect new intrusions soon when happen....A scheme to construct signatures automatically for Snort from the data captured by honeypots is presented. With this scheme intrusion detection systems can be quickly updated to detect new intrusions soon when happen. The idea is based on the observation that any traffic to and from honeypots represents abnormal activities, so data patterns extracted from these packets can be used by misuse detection system to identify new attacks. The algorithm of constructing rules is discussed. Experiment illustrates the effectiveness of the scheme.展开更多
In this paper, H∞ optimal model reduction for singular fast subsystems will be inves-tigated. First, error system is established to measure the error magnitude between the original andreduced systems, and it is demon...In this paper, H∞ optimal model reduction for singular fast subsystems will be inves-tigated. First, error system is established to measure the error magnitude between the original andreduced systems, and it is demonstrated that the new feature for model reduction of singular systemsis to make H∞ norm of the error system finite and minimal. The necessary and su?cient conditionis derived for the existence of the H∞ suboptimal model reduction problem. Next, we give an exactand practicable algorithm to get the parameters of the reduced subsystems by applying the matrixtheory. Meanwhile, the reduced system may be also impulsive. The advantages of the proposedalgorithm are that it is more ?exible in a straight-forward way without much extra computation, andthe order of the reduced systems is as minimal as possible. Finally, one illustrative example is givento illustrate the e?ectiveness of the proposed model reduction approach.展开更多
文摘A scheme to construct signatures automatically for Snort from the data captured by honeypots is presented. With this scheme intrusion detection systems can be quickly updated to detect new intrusions soon when happen. The idea is based on the observation that any traffic to and from honeypots represents abnormal activities, so data patterns extracted from these packets can be used by misuse detection system to identify new attacks. The algorithm of constructing rules is discussed. Experiment illustrates the effectiveness of the scheme.
文摘In this paper, H∞ optimal model reduction for singular fast subsystems will be inves-tigated. First, error system is established to measure the error magnitude between the original andreduced systems, and it is demonstrated that the new feature for model reduction of singular systemsis to make H∞ norm of the error system finite and minimal. The necessary and su?cient conditionis derived for the existence of the H∞ suboptimal model reduction problem. Next, we give an exactand practicable algorithm to get the parameters of the reduced subsystems by applying the matrixtheory. Meanwhile, the reduced system may be also impulsive. The advantages of the proposedalgorithm are that it is more ?exible in a straight-forward way without much extra computation, andthe order of the reduced systems is as minimal as possible. Finally, one illustrative example is givento illustrate the e?ectiveness of the proposed model reduction approach.
