基于特征选择的网络入侵检测模型研究

为了有效从收集的恶意数据中选择特征去分析,保障网络系统的安全与稳定,需要进行网络入侵检测模型研究。但目前方法是采用遗传算法找出网络入侵的特征子集,再利用粒子群算法进行进一步选择,找出最优的特征子集,最后利用极限学习机对网络入侵进行分类,但该方法准确性较低。为此,提出一种基于特征选择的网络入侵检测模型研究方法。该方法首先以增强寻优性能为目标对网络入侵检测进行特征选择,结合分析出的特征选择利用特征属性的Fisher比构造出特征子集的评价函数,然后结合计算出的特征子集评价函数进行支持向量机完成对基于特征选择的网络入侵检测模型研究方法。仿真实验表明,利用支持向量机对网络入侵进行检测能有效地提高入侵检测的速度以及入侵检测的准确性。     

基于视觉的自主车道路检测技术研究

针对结构化道路检测中基于单一特征的检测易受影响,非结构化道路检测算法对多种类型的非标准道路缺乏适应性的问题,分别提出了一种基于D-S证据理论的多视觉特征融合的车道线检测方法和一种基于增量模糊支持向量机(IFSVM)的非结构化道路在线学习检测方法。选取梯度幅度等检测算子分别设计基本概率分配函数,根据建立的分段线性道路模型进行求解,FSVM分类器通过从前先的检测结果中学习,在耗费少量计算时间与内存空间的情况下,不断再训练以增强分类器的性能。实验结果表明,该算法比单纯利用图像的边缘或颜色等特征进行道路检测具有更高的可靠性,对复杂环境下的道路检测具有较强的鲁棒性和较强的抗干扰能力。     

A New Deep Dual Temporal Domain Adaptation Method for Online Detection of Bearings Early Fault

With the quick development of sensor technology in recent years, online detection of early fault without system halt has received much attention in the field of bearing prognostics and health management. While lacking representative samples of the online data, one can try to adapt the previously-learned detection rule to the online detection task instead of training a new rule merely using online data. As one may come across a change of the data distribution between offline and online working conditions, it is challenging to utilize the data from different working conditions to improve detection accuracy and robustness. To solve this problem, a new online detection method of bearing early fault is proposed in this paper based on deep transfer learning. The proposed method contains an offline stage and an online stage. In the offline stage, a new state assessment method is proposed to determine the period of the normal state and the degradation state for whole-life degradation sequences. Moreover, a new deep dual temporal domain adaptation (DTDA) model is proposed. By adopting a dual adaptation strategy on the time convolutional network and domain adversarial neural network, the DTDA model can effectively extract domain-invariant temporal feature representation. In the online stage, each sequentially-arrived data batch is directly fed into the trained DTDA model to recognize whether an early fault occurs. Furthermore, a health indicator of target bearing is also built based on the DTDA features to intuitively evaluate the detection results. Experiments are conducted on the IEEE Prognostics and Health Management (PHM) Challenge 2012 bearing dataset. The results show that, compared with nine state-of-the-art fault detection and diagnosis methods, the proposed method can get an earlier detection location and lower false alarm rate.     

How to Effectively Collect and Process Network Data for Intrusion Detection?

The number of security breaches in the cyberspace is on the rise. This threat is met with intensive work in the intrusion detection research community. To keep the defensive mechanisms up to date and relevant, realistic network traffic datasets are needed. The use of flow-based data for machine-learning-based network intrusion detection is a promising direction for intrusion detection systems. However, many contemporary benchmark datasets do not contain features that are usable in the wild. The main contribution of this work is to cover the research gap related to identifying and investigating valuable features in the NetFlow schema that allow for effective, machine-learning-based network intrusion detection in the real world. To achieve this goal, several feature selection techniques have been applied on five flow-based network intrusion detection datasets, establishing an informative flow-based feature set. The authors’ experience with the deployment of this kind of system shows that to close the research-to-market gap, and to perform actual real-world application of machine-learning-based intrusion detection, a set of labeled data from the end-user has to be collected. This research aims at establishing the appropriate, minimal amount of data that is sufficient to effectively train machine learning algorithms in intrusion detection. The results show that a set of 10 features and a small amount of data is enough for the final model to perform very well.     

Blind Speech Watermarking Method with Frame Self-Synchronization Based on Spread-Spectrum Using Linear Prediction Residue

State-of-the-art speech watermarking techniques enable speech signals to be authenticated and protected against any malicious attack to ensure secure speech communication. In general, reliable speech watermarking methods must satisfy four requirements: inaudibility, robustness, blind-detectability, and confidentiality. We previously proposed a method of non-blind speech watermarking based on direct spread spectrum (DSS) using a linear prediction (LP) scheme to solve the first two issues (inaudibility and robustness) due to distortion by spread spectrum. This method not only effectively embeds watermarks with small distortion but also has the same robustness as the DSS method. There are, however, two remaining issues with blind-detectability and confidentiality. In this work, we attempt to resolve these issues by developing an approach called the LP-DSS scheme, which takes two forms of data embedding for blind detection and frame synchronization. We incorporate blind detection with frame synchronization into the scheme to satisfy blind-detectability and incorporate two forms of data embedding process, front-side and back-side embedding for blind detection and frame synchronization, to satisfy confidentiality. We evaluated these improved processes by carrying out four objective tests (PESQ, LSD, Bit-error-rate, and accuracy of frame synchronization) to determine whether inaudibility and blind-detectability could be satisfied. We also evaluated all combinations with the two forms of data embedding for blind detection with frame synchronization by carrying out BER tests to determine whether confidentiality could be satisfied. Finally, we comparatively evaluated the proposed method by carrying out ten robustness tests against various processing and attacks. Our findings showed that an inaudible, robust, blindly detectable, and confidential speech watermarking method based on the proposed LP-DSS scheme could be achieved.     

网络疑似入侵环境下的最优接口访问控制模型仿真

在网络疑似入侵环境下通过最优接口访问控制实现网络入侵的可靠性拦截,保障网络安全。传统方法采用自由链路分散控制模型进行网络入侵检测和接口访问控制,在受到较大的特征干扰下,入侵访问控制和拦截性能不好。提出一种基于自适应循环堆栈接口调度的网络疑似入侵环境下的最优接口访问控制模型。进行接口访问控制模型总体设计及组件模块分析,接口访问控制系统包括通信库、协议库、核心控制库和资源库,采用小波包自适应波束调制方法进行入侵检测算法设计,作为接口访问控制系统软件核心。通过SDICmdCon寄存器设置网络疑似入侵环境下的最优接口的内核,在嵌入式Linux环境下通过自适应循环堆栈接口调度实现接口访问控制的软件开发。仿真结果表明,采用该模型进行网络入侵检测,准确检测性能较好,通过最优接口访问控制,实现对网络入侵数据的准确识别和拦截。     

Noise robustness and parallel computation of the inverse compositional Gauss–Newton algorithm in digital image correlation

The inverse compositional Gauss–Newton (IC-GN) algorithm is one of the most popular sub-pixel registration algorithms in digital image correlation (DIC). The IC-GN algorithm, compared with the traditional forward additive Newton–Raphson (FA-NR) algorithm, can achieve the same accuracy in less time. However, there are no clear results regarding the noise robustness of IC-GN algorithm and the computational efficiency is still in need of further improvements. In this paper, a theoretical model of the IC-GN algorithm was derived based on the sum of squared differences correlation criterion and linear interpolation. The model indicates that the IC-GN algorithm has better noise robustness than the FA-NR algorithm, and shows no noise-induced bias if the gray gradient operator is chosen properly. Both numerical simulations and experiments show good agreements with the theoretical predictions. Furthermore, a seed point-based parallel method is proposed to improve the calculation speed. Compared with the recently proposed path-independent method, our model is feasible and practical, and it can maximize the computing speed using an improved initial guess. Moreover, we compared the computational efficiency of our method with that of the reliability-guided method using a four-point bending experiment, and the results show that the computational efficiency is greatly improved. This proposed parallel IC-GN algorithm has good noise robustness and is expected to be a practical option for real-time DIC.     

Speed up junction detector based on azimuth consensus by Harris corner

Compared with common corner, junction point includes much structural data of branch edges. Due to its complicated computation, it prevents the wide use in many computer vision applications. In this paper, we propose a fast and effective junction point detection method based on Harris detector and azimuth consensus. To accelerate the process of the junction detection, we adopt Harris detector to filter out most pixels of the flat region and choose candidate junction set. Comparisons are made with other known detectors including CPDA, JUDOCA, and Lian’s method. The experimental results show our method has high-accuracy in location and branch edges’ orientation and good robustness for noise and contrast impact; what’s more, its computation time is reduced at high speed. Especially for real world image sets, our method can be more than 8 times faster than Lian’s and 1.58 times faster than JUDOCA.     

光纤扰动入侵监测系统的设计

当光纤受到扰动时,通过光纤中的光将发生强度、振幅、或相位等变化。通过检测这种光的变化量可以探测外界的入侵行为。基于马赫-曾德尔干涉原理设计了一种新型干涉式光纤入侵监测系统。通过光纤对入侵者的振动敏感,实现对入侵准确定位。通过差分检测提高了检测灵敏度,从而实现相位变化的解调。该系统结构简单,检测灵敏度高,抗电磁干扰能力强,可以实现远程监测。     

Statistical detection of digital holographic watermarking system

In this paper, we examine the statistical properties of the holographic watermarking system [C.J. Cheng, L.C. Lin, W.T. Dai, Opt. Commun. 248 (2005) 105] and facilitate a systematic way to determine an optimal threshold of the correlation signal for detecting the authorized mark pattern. The holographic watermarking system constructs a digital holographic watermark using modified Mach-Zehnder interferometric architecture, and the correlation signal is obtained using an optical VanderLugt 4-f correlator to identify the authorized mark in the watermarked image. To obtain the best detection performance, we use statistical modeling of the entire holographic watermarking system. Accordingly, we derive correlation signal statistics and hypothesis testing to obtain an optimal threshold for the watermark detector that minimizes the detection error. The theoretical result of this paper allows us to easily determine an optimal threshold and evaluate the robustness of the watermark detector. The robustness of the proposed optimal detector is evaluated using detection error, and detection performance is demonstrated by simulation experiments.     

基于稀疏贝叶斯学习的复杂网络拓扑估计

提出了一种噪声环境下复杂网络拓扑估计方法, 仅利用含噪时间序列估计未知结构混沌系统的动力学方程和参数, 以及由混沌系统组成的复杂网络的拓扑结构、节点动力学方程、所有参数、 节点间耦合方向和耦合强度.通过采用动力学方程的统一形式, 将动力系统方程结构和参数估计看成线性回归问题的系数估计, 该估计问题利用贝叶斯压缩传感的信号重建算法求解, 含噪信号的模型重建使用相关向量机方法,即通过稀疏贝叶斯学习求解稀疏欠定线性方程得到上面提到的可估计对象.以单个Lorenz系统及由200个 Lorenz系统组成的无标度网络为例说明方法的有效性. 仿真结果表明,提出的方法对噪声有很强的鲁棒性,收敛速度快,稳态误差极小, 克服了最小二乘估计方法收敛速度慢、 稳态误差大以及压缩传感估计方法对噪声鲁棒性不强的缺点.     

Saliency detection based on diffusion maps

Visual saliency has recently attracted lots of research interest in the computer vision community. In this paper, we propose a novel computational model for bottom-up saliency detection based on manifold learning. A typical graph-based manifold learning algorithm, namely the diffusion maps, is adopted for establishing our saliency model. In the proposed method, firstly, a graph is constructed using low-level image features. Then, the diffusion maps algorithm is performed to learn the diffusion distances at different time, which are utilized to derive the saliency measure. Compared to existing saliency models, our method has the advantage of being able to capture the intrinsic nonlinear structures in the original feature space. Experimental results on publicly available data demonstrate that our method outperforms the state-of-the-art saliency models, both qualitatively and quantitatively.     

Modal identification based on Gaussian continuous time autoregressive moving average model

A new time-domain modal identification method of the linear time-invariant system driven by the non-stationary Gaussian random force is presented in this paper. The proposed technique is based on the multivariate continuous time autoregressive moving average (CARMA) model. This method can identify physical parameters of a system from the response-only data. To do this, we first transform the structural dynamic equation into the CARMA model, and subsequently rewrite it in the state-space form. Second, we present the exact maximum likelihood estimators of parameters of the continuous time autoregressive (CAR) model by virtue of the Girsanov theorem, under the assumption that the uniformly modulated function is approximately equal to a constant matrix over a very short period of time. Then, based on the relation between the CAR model and the CARMA model, we present the exact maximum likelihood estimators of parameters of the CARMA model. Finally, the modal parameters are identified by the eigenvalue analysis method. Numerical results show that the method we introduced here not only has high precision and robustness, but also has very high computing efficiency. Therefore, it is suitable for real-time modal identification.     

变采样周期和多包传输的非线性NCS故障检测

研究具有多包传输、时变采样周期和未知干扰输入的Lipschitz非线性网络控制系统的故障检测问题。利用主动变采样周期的方法将多包传输的非线性连续网络控制系统建模为离散切换系统,设计基于观测器的鲁棒故障检测滤波器构造残差产生系统,运用Lyapunov稳定性理论和线性矩阵不等式(LMI)技术,给出了使闭环系统渐近稳定的充分条件及故障检测滤波器的增益矩阵。最后运用仿真算例说明了故障检测滤波器的残差产生系统对故障具有敏感性,同时对外部扰动输入具有鲁棒性。     

混沌噪声背景下微弱脉冲信号的检测及恢复

构建了一种在混沌噪声背景下检测并恢复微弱脉冲信号的模型.首先,基于混沌信号的短期可预测性及其对微小扰动的敏感性,对观测信号进行相空间重构、建立局域线性自回归模型进行单步预测,得到预测误差,并利用假设检验方法从预测误差中检测观测信号中是否含有微弱脉冲信号.然后,对微弱脉冲信号建立单点跳跃模型,并融合局域线性自回归模型,构成双局域线性(DLL)模型,以极小化DLL模型的均方预测误差为目标进行优化,采用向后拟合算法估计模型的参数,并最终恢复出混沌噪声背景下的微弱脉冲信号.仿真实验结果表明本文所建的模型能够有效地检测并恢复出混沌噪声背景中的微弱脉冲信号.     

基于可视化图形特征的入侵检测方法

入侵检测是保障网络安全的重要措施,网络攻击手段的多样性和隐蔽性不断增强导致入侵检测愈加困难,迫切需要研究新的入侵检测方法。结合可视化技术和k近邻分类算法,提出一种基于图形特征的入侵检测方法。采用信息增益方法对原始特征进行排序选择,并进行雷达图可视化表示,提取雷达图的图形特征构成新的数据集并送入k近邻分类器进行训练和测试。通过KDDCUP99数据集仿真实验表明,该方法不仅能直观显示攻击行为,而且获得较好的攻击检测性能,对DOS攻击的检测率可达97.9%,误报率为1.5%。     

基于净信号的乙醇含量拉曼光谱分析方法研究

拉曼光谱检测技术由于其快速、无损等优点可以满足工业现场测量的要求,因此已经广泛地应用于各种定量定性的分析领域。酒精度即乙醇含量的体积比是酒类产品品质检测中的关键参数,开发乙醇含量实时、便捷的检测系统对酒类产品生产具有重要的意义。将净信号分析方法应用于乙醇水溶液拉曼光谱的定量分析中,将乙醇的净信号与其浓度建立一元线性回归模型。结果表明,基于净信号回归的乙醇拉曼光谱定量分析方法,相比较于特征峰强一元线性回归模型和偏最小二乘回归模型,不仅提高了模型的预测精度,增强了模型的稳健性,便于模型传递,而且模型算法简洁、稳定,便于实现便携式仪器的开发。     

Multivariable Heuristic Approach to Intrusion Detection in Network Environments

The Internet is an inseparable part of our contemporary lives. This means that protection against threats and attacks is crucial for major companies and for individual users. There is a demand for the ongoing development of methods for ensuring security in cyberspace. A crucial cybersecurity solution is intrusion detection systems, which detect attacks in network environments and responds appropriately. This article presents a new multivariable heuristic intrusion detection algorithm based on different types of flags and values of entropy. The data is shared by organisations to help increase the effectiveness of intrusion detection. The authors also propose default values for parameters of a heuristic algorithm and values regarding detection thresholds. This solution has been implemented in a well-known, open-source system and verified with a series of tests. Additionally, the authors investigated how updating the variables affects the intrusion detection process. The results confirmed the effectiveness of the proposed approach and heuristic algorithm.     

Comparative Study on Two Melting Simulation Methods: Melting Curve of Gold

Melting simulation methods are of crucial importance to determining melting temperature of materials efficiently.A high-efficiency melting simulation method saves much simulation time and computational resources.To compare the efficiency of our newly developed shock melting(SM)method with that of the well-established two-phase(TP)method,we calculate the high-pressure melting curve of Au using the two methods based on the optimally selected interatomic potentials.Although we only use 640 atoms to determine the melting temperature of Au in the SM method,the resulting melting curve accords very well with the results from the TP method using much more atoms.Thus,this shows that a much smaller system size in SM method can still achieve a fully converged melting curve compared with the TP method,implying the robustness and efficiency of the SM method.     

Estimating Non-Gaussianity of a Quantum State by Measuring Orthogonal Quadratures

We derive the lower bounds for a non-Gaussianity measure based on quantum relative entropy (QRE). Our approach draws on the observation that the QRE-based non-Gaussianity measure of a single-mode quantum state is lower bounded by a function of the negentropies for quadrature distributions with maximum and minimum variances. We demonstrate that the lower bound can outperform the previously proposed bound by the negentropy of a quadrature distribution. Furthermore, we extend our method to establish lower bounds for the QRE-based non-Gaussianity measure of a multimode quantum state that can be measured by homodyne detection, with or without leveraging a Gaussian unitary operation. Finally, we explore how our lower bound finds application in non-Gaussian entanglement detection.