基于BAM网络的航空雷达在线入侵诊断方法研究

针对传统的航空雷达网络面临的入侵威胁,以及雷达网络存在的入侵诊断检测效率较低,数据匹配速度较慢等问题,提出了一种基于BAM网络的航空雷达在线入侵诊断方法,构建航空雷达在线入侵诊断模型,对航空雷达网络中的外部数据进行预处理,并获取数据特征以及数据特征的可辨识属性矩阵和决策辨识函数,计算测试参数集的所有特征向量,从而使入侵检测算子的匹配量减少,以此提升数据匹配效率,实现对外部入侵数据的过滤检测,从而对雷达数据网络进行在线监控,有效抵御外部异常数据的入侵,保证了航空雷达网络的安全性。仿真结果表明本文方法有效提高了航空雷达网络的在线数据检测匹配速度,诊断准确率达到93.3%,且对航空雷达的入侵诊断检测效率、误报率、漏报率等方面都有明显改善。     

基于双向联想记忆网络的航空雷达在线入侵诊断方法研究

针对传统的航空雷达网络面临的入侵威胁,以及雷达网络存在的入侵诊断检测效率较低,数据匹配速度较慢等问题,提出了一种基于双向联想记忆网络的航空雷达在线入侵诊断方法,构建航空雷达在线入侵诊断模型,对航空雷达网络中的外部数据进行预处理,并获取数据特征以及数据特征的可辨识属性矩阵和决策辨识函数,计算测试参数集的所有特征向量,从而使入侵检测算子的匹配量减少,以此提升数据匹配效率,实现对外部入侵数据的过滤检测,从而对雷达数据网络进行在线监控,有效抵御外部异常数据的入侵,保证了航空雷达网络的安全性;仿真结果表明文章方法有效提高了航空雷达网络的在线数据检测匹配速度,诊断准确率达到93.3%,且对航空雷达的入侵诊断检测效率、误报率、漏报率等方面都有明显改善。     

一种公共网络攻击数据挖掘智能算法研究

公共网络的开放性和自组织特性导致网络容易受到病毒干扰和入侵攻击,对攻击数据的准确高效挖掘能确保网络安全。传统方法采用时频指向性波束特征聚类方法实现攻击数据挖掘,在信噪比较低时攻击数据准确挖掘概率较低。提出一种基于自适应滤波检测和时频特征提取的公共网络攻击数据挖掘智能算法。首先进行公共网络攻击数据的信号拟合和时间序列分析,对含噪的攻击数据拟合信号进行自适应滤波检测,提高信号纯度,对滤波输出数据进行时频特征提取,实现攻击数据的准确挖掘。仿真结果表明,采用该算法进行网络攻击数据挖掘,对攻击数据特征的准确检测性能较高,对干扰的抑制性能较强,能有效实现网络安全防御。     

分布式网络异常攻击检测模型仿真分析

针对传统的异常攻击检测方法主要以异常攻击行为规则与网络数据隶属度大小进行判别,只能针对已知异常攻击进行检测,对新型异常攻击,检测算法率低,计算数据量大的问题。提出一种新的分布式网络异常攻击检测方式,通过对分布式网络内数据进行迭代聚类将正常和异常数据进行分类,建立矩阵映射模型进行数据矩阵对比,初步对异常攻击数据进行判断。在矩阵中建立粒子密度函数,通过粒子密度变化计算其异常攻击概率,最后对其数据进行加权和波滤确定数据异常攻击特征,建立攻击检测模型。仿真实验表明,优化的分布式网络异常攻击检测模型提高了异常数据攻击检测的自适应性,在网络信号受到攻击信号干扰情况下,仍然能够准确检测出带有攻击特征的小网络异常数据。有效提高了分布式网络的检测正确率,加快了检测速度和稳定性。     

大数据环境下网络非法入侵检测系统设计

大数据环境下,非法入侵检测是保证计算机安全的重要手段。通过非法入侵检测,保证计算机免遭网络中木马病毒等的攻击,因此对大数据环境下网络非法入侵检测进行系统设计是必要的。目前大多数网络非法入侵检测系统是通过归纳当前网络非法入侵检测系统存在的优缺点,指出网络非法入侵检测系统存在的问题,确定其发展方向。但这种方法存在系统结构复杂,不利于维护和使用的问题。为此,提出一种基于PB神经网络的大数据环境下网络非法入侵检测系统设计方法,首先在分析大数据环境下网络非法入侵检测系统功能的基础上,对系统的模块进行设计,并分析各模块所实现的功能,在此基础上,对大数据环境下网络非法入侵检测系统的性能指标、采样芯片、USB接口控制芯片、FPGA、电源管理芯片等硬件进行设计选型,完成系统的硬件设计,并且通过PB神经网络算法提高大数据环境下网络非法入侵检测系统检测的准确性,并给出基于BP神经网络算法的入侵检测实现过程,从而实现大数据环境下网络非法入侵检测系统设计。实验证明,所提方法设计的大数据环境下网络非法入侵检测系统运行速度较快,能够及时准确对网络非法入侵行为进行检测,推动该领域的研究发展。     

基于RGBD图像和卷积神经网络的快速道路检测

针对移动平台有限的计算资源以及基于彩色图像的道路检测方法在极端光照情况下及路面类型变化时存在的不足,提出了一种融合彩色图像和视差图像的基于9层卷积神经网络的快速道路检测算法。提出一种数据输入层预处理方法,将视差图变换为视差梯度图以强化地面特征,降低网络深度需求。所提两种网络结构为双通道后融合网络和单通道前融合网络,分别用于卷积特征分析和快速道路检测。实验使用KITTI道路检测数据集并人为划分为普通和困难两组数据集,对该算法进行实验对比和分析,结果表明:与基于彩色图像的卷积神经网络方法相比,该算法在普通数据集上最大F1指标(MaxF1)提升了1.61%,在困难数据集上MaxF1提升了11.58%,算法检测速度可达26frame/s,可有效克服光照、阴影、路面类型变化等影响。     

基于特征选择的网络入侵检测模型研究

为了有效从收集的恶意数据中选择特征去分析,保障网络系统的安全与稳定,需要进行网络入侵检测模型研究。但目前方法是采用遗传算法找出网络入侵的特征子集,再利用粒子群算法进行进一步选择,找出最优的特征子集,最后利用极限学习机对网络入侵进行分类,但该方法准确性较低。为此,提出一种基于特征选择的网络入侵检测模型研究方法。该方法首先以增强寻优性能为目标对网络入侵检测进行特征选择,结合分析出的特征选择利用特征属性的Fisher比构造出特征子集的评价函数,然后结合计算出的特征子集评价函数进行支持向量机完成对基于特征选择的网络入侵检测模型研究方法。仿真实验表明,利用支持向量机对网络入侵进行检测能有效地提高入侵检测的速度以及入侵检测的准确性。     

基于一维卷积神经网络的光纤周界入侵模式识别

针对干涉型分布式光纤传感系统,在通过Mel倒谱系数方法提取扰动信号频域特征进行模式识别的研究基础上,提出了一种基于一维卷积神经网络的光纤入侵模式识别方法。利用还原信号的分级阈值判断并提取入侵信号,有效减少了分帧方法导致的计算时间;构建了基于入侵信号傅里叶变换后的频域信息的一维卷积神经网络,自适应地提取扰动的信号频域特征。搭建了基于直线型Sagnac干涉结构的入侵检测系统,利用大量实验采集的样本数据集对网络进行训练,得到了较好的分类识别结果,测试集的平均识别率达到了96.5%,并对训练后网络的卷积核以及经过卷积核后的入侵信号进行了分析。zscore标准化后,一维卷积神经网络能够识别信号频域中的部分特征,对频率成分复杂的树枝拍打信号识别效果提升较大。     

基于半监督稀疏多流形嵌入的高光谱影像分类

提出了一种半监督稀疏多流形嵌入方法,并应用于高光谱影像分类.该方法充分利用少量标记和大量无标记样本,采用稀疏表示方法得到样本的稀疏系数,并选取来自同一流形的点作为近邻点,然后构建相似图来表征多流形结构,得到样本在每个流形上低维鉴别特征,增加来自同一流形的数据点聚集性,进而提升分类性能.本文方法在PaviaU和Salinas两个高光谱数据集上的总体分类准确度分别达到84.91%和89.74%,相较于其他方法明显提高了地物分类性能.     

大口径光学非球面轮廓测量过程可视化研究

研究了大口径非球面光学元件表面轮廓测量过程可视化,并设计、开发了基于双向链接边表的软件系统。提出一种改进的双向链接边表数据结构完成三维模型加载方法,建立数据结构及其相关图形元作为软件的基础层。计算非球面曲面方程获得表面轮廓的数据生成图形场景节点,并自动生成曲面测量轨迹。在非接触检测平台上进行测试,对测量数据进行平滑处理,拟合出测量获得的非球面面形,完成面形精度和表面粗糙度的评价。实验结果表明,该可视化系统技术路线正确高效、稳定性好,为非球面检测数据及其综合分析仿真提供直观的可视化平台。     

An Efficient DenseNet-Based Deep Learning Model for Malware Detection

Recently, there has been a huge rise in malware growth, which creates a significant security threat to organizations and individuals. Despite the incessant efforts of cybersecurity research to defend against malware threats, malware developers discover new ways to evade these defense techniques. Traditional static and dynamic analysis methods are ineffective in identifying new malware and pose high overhead in terms of memory and time. Typical machine learning approaches that train a classifier based on handcrafted features are also not sufficiently potent against these evasive techniques and require more efforts due to feature-engineering. Recent malware detectors indicate performance degradation due to class imbalance in malware datasets. To resolve these challenges, this work adopts a visualization-based method, where malware binaries are depicted as two-dimensional images and classified by a deep learning model. We propose an efficient malware detection system based on deep learning. The system uses a reweighted class-balanced loss function in the final classification layer of the DenseNet model to achieve significant performance improvements in classifying malware by handling imbalanced data issues. Comprehensive experiments performed on four benchmark malware datasets show that the proposed approach can detect new malware samples with higher accuracy (98.23% for the Malimg dataset, 98.46% for the BIG 2015 dataset, 98.21% for the MaleVis dataset, and 89.48% for the unseen Malicia dataset) and reduced false-positive rates when compared with conventional malware mitigation techniques while maintaining low computational time. The proposed malware detection solution is also reliable and effective against obfuscation attacks.     

Multivariable Heuristic Approach to Intrusion Detection in Network Environments

The Internet is an inseparable part of our contemporary lives. This means that protection against threats and attacks is crucial for major companies and for individual users. There is a demand for the ongoing development of methods for ensuring security in cyberspace. A crucial cybersecurity solution is intrusion detection systems, which detect attacks in network environments and responds appropriately. This article presents a new multivariable heuristic intrusion detection algorithm based on different types of flags and values of entropy. The data is shared by organisations to help increase the effectiveness of intrusion detection. The authors also propose default values for parameters of a heuristic algorithm and values regarding detection thresholds. This solution has been implemented in a well-known, open-source system and verified with a series of tests. Additionally, the authors investigated how updating the variables affects the intrusion detection process. The results confirmed the effectiveness of the proposed approach and heuristic algorithm.     

Injection attack detection using machine learning for smart IoT applications

Smart cities are a rapidly growing IoT application. These smart cities mainly rely on wireless sensors to connect their different components (smart devices) together. Smart cities rely on the integration of IoT and 5G technologies, and this has created a demand for a massive IoT network of connected devices. The data traffic coming from indoor wireless networks (e.g., smart homes, smart hospitals, smart factories , or smart school buildings) contributes to over 80% of the total data traffic of the current IoT network. As smart cities and their applications grow, security and privacy challenges have become a major concern for billions of IoT smart devices. One reason for this could be the oversight of handling security issues of IoT devices by their manufacturers, which enables attackers to exploit the vulnerabilities in these devices by performing different types of attacks, e.g., DDoS and injection attacks. Intrusion detection is one way to detect and mitigate the risk of such attacks. In this paper, an intrusion detection method was proposed to detect injection attacks in IoT applications (e.g. smart cities). In this method, two types of feature selection techniques (constant removal and recursive feature elimination) were used and tested by a number of machine learning classifiers (i.e., SVM, Random Forest, and Decision Tree). The T-Test was conducted to evaluate the quality of this proposed feature selection method. Using the public dataset, AWID, the evaluation results showed that the decision tree classifier can be used to detect injection attacks with an accuracy of 99% using only 8 features, which were selected using the proposed feature selection method. Also, the comparison with the most related work showed the advantages of the proposed intrusion detection method.     

Robustness quantification method for network intrusion detection models

Deep learning techniques have been successfully applied to network intrusion detection tasks, but as in the case of autonomous driving and face recognition, the reliability of the system itself has become a pressing issue. Robustness is a key attribute to determine whether a deep learning system is secure and reliable, and we also choose to explore the security of intrusion detection models from a new perspective of robustness quantification. In this paper, we focus on the intrusion detection model based on long and short-term memory, and use a fine-grained linear approximation method to derive a more accurate robustness bound on the nonlinear activation function with tighter linear constraints. We can use this bound to quantitatively measure the robustness of the detection model and determine whether the model is susceptible to the influence of adversarial samples. In our experiments, we test networks with various structures on the MNIST dataset, and the results show that our proposed method can effectively deduce the robustness bounds of output elements, and has good scalability and applicability.     

网络疑似入侵环境下的最优接口访问控制模型仿真

在网络疑似入侵环境下通过最优接口访问控制实现网络入侵的可靠性拦截,保障网络安全。传统方法采用自由链路分散控制模型进行网络入侵检测和接口访问控制,在受到较大的特征干扰下,入侵访问控制和拦截性能不好。提出一种基于自适应循环堆栈接口调度的网络疑似入侵环境下的最优接口访问控制模型。进行接口访问控制模型总体设计及组件模块分析,接口访问控制系统包括通信库、协议库、核心控制库和资源库,采用小波包自适应波束调制方法进行入侵检测算法设计,作为接口访问控制系统软件核心。通过SDICmdCon寄存器设置网络疑似入侵环境下的最优接口的内核,在嵌入式Linux环境下通过自适应循环堆栈接口调度实现接口访问控制的软件开发。仿真结果表明,采用该模型进行网络入侵检测,准确检测性能较好,通过最优接口访问控制,实现对网络入侵数据的准确识别和拦截。     

基于深度学习的太赫兹时域光谱识别研究

太赫兹时域光谱技术,由于其具有物质“指纹谱”特性,是一种可以快速无损地鉴别物质的重要手段,在毒品和爆炸物的无损检测等方面有广阔的应用前景。其中,光谱识别是太赫兹时域光谱技术应用研究的重要方向之一。现有的光谱识别方法多是依靠手工选取特征后进行机器学习分类,或是通过设置吸收峰阈值门限进行判断。由于一些物质在太赫兹波段内并没有明显的吸收峰特征,同时样品浓度、空气湿度、各类噪声等会对太赫兹时域光谱造成干扰从而使信噪比下降,这些方法并不能很好地适应,并且物质类别和数量的增加也会导致计算量不断增加。近年来,随着深度学习技术兴起,以卷积神经网络（CNN）和循环神经网络（RNN)为代表的方法在计算机视觉和自然语言处理等领域得到广泛应用,相比于传统的机器学习方法其效果有了很大的提升。由于深度学习技术强大的非线性分类能力,基于RNN和CNN设计了两个网络用于光谱识别：基于RNN的一维谱线分类网络和基于CNN的二维谱图分类网络。模拟实际应用场景,在非真空环境下采集了12种物质的两万多个光谱数据作为训练集和测试集。在分析了样品浓度、空气湿度对光谱特征的影响后,使用S-G（Savitzky-Golay）滤波对光谱进行降噪。实验结果表明,对比未处理和经过S-G预处理的数据,处理后的光谱特征更加明显,识别准确率更高;与传统的机器学习算法k最近邻（k-NN）方法相比,RNN和CNN方法在测试集上有更好的准确率,且算法速度更快;对于光谱识别,CNN方法比RNN方法能够更好地克服噪声的影响。因此,深度学习技术可以对太赫兹时域光谱进行快速有效的识别,能够为新型无损安全检查技术提供理论和实验基础。     

A New Deep Dual Temporal Domain Adaptation Method for Online Detection of Bearings Early Fault

With the quick development of sensor technology in recent years, online detection of early fault without system halt has received much attention in the field of bearing prognostics and health management. While lacking representative samples of the online data, one can try to adapt the previously-learned detection rule to the online detection task instead of training a new rule merely using online data. As one may come across a change of the data distribution between offline and online working conditions, it is challenging to utilize the data from different working conditions to improve detection accuracy and robustness. To solve this problem, a new online detection method of bearing early fault is proposed in this paper based on deep transfer learning. The proposed method contains an offline stage and an online stage. In the offline stage, a new state assessment method is proposed to determine the period of the normal state and the degradation state for whole-life degradation sequences. Moreover, a new deep dual temporal domain adaptation (DTDA) model is proposed. By adopting a dual adaptation strategy on the time convolutional network and domain adversarial neural network, the DTDA model can effectively extract domain-invariant temporal feature representation. In the online stage, each sequentially-arrived data batch is directly fed into the trained DTDA model to recognize whether an early fault occurs. Furthermore, a health indicator of target bearing is also built based on the DTDA features to intuitively evaluate the detection results. Experiments are conducted on the IEEE Prognostics and Health Management (PHM) Challenge 2012 bearing dataset. The results show that, compared with nine state-of-the-art fault detection and diagnosis methods, the proposed method can get an earlier detection location and lower false alarm rate.