Web应用威胁建模与定量评估

为有效地对Web应用威胁进行评估,分析了Web应用威胁现状,定义了Web应用威胁模型,提出了一种利用攻击图对Web应用进行威胁建模和定量评估的方法。描述了攻击图建模过程,并给出其生成算法。研究了利用攻击图对Web威胁进行量化评估的分析方法。通过一个典型的Web应用网络环境,对攻击图生成算法和Web威胁评估方法进行了验证。对Web应用进行量化威胁评估的结果,有效揭示了web应用面临的各种可能的威胁隐患和攻击路径,对有效抵御风险具有重要的意义。     

移动存储设备安全威胁分析与应对

现今信息时代,人们对信息的需求日益增多,使用移动存储设备拷贝及传送文件也变得越来越普遍,因移动存储设备上携带病毒导致接入计算机感染的状况层出不穷,如何妥善管理移动存储设备及保障接入计算机的安全性,使移动存储设备及计算机两者在使用中不会轻易感染病毒,是我们需要解决的问题,通过系统分析,提供解决方案。     

浅议Web服务器的安全保护

分析了Web服务器所面临的安全威胁,探讨了如何采取相应的措施进行自我保护和防范,提出了具体的保护措施,避免服务器发生灾难性的后果。     

战场激光防护技术

分析了战场激光威胁。从激光防护的原理和技术途径出发，论述了激光防护的方法。介绍了几种典型的激光防护装置，并对激光防护技术的发展提出了几点看法。     

基于CIFNS的预警机指控系统目标威胁估计

针对预警机指挥控制系统中的威胁估计问题,提出了一种基于补偿直觉模糊神经网络(CIFNS)的威胁估计方法.把目标的动态信息和静态信息相结合,将一般模糊推理推广到直觉模糊推理,建立了基于CIFNS的目标威胁估计网络结构和威胁判断模型,给出了相应的网络学习算法,对算法应用于预警机指控系统威胁估计的情况进行了仿真.结果表明,基于CIFNS的估计算法具有较快的收敛速度和良好的自适应性.     

信息安全系统观

给出了信息安全的三层涵义,指出信息安全学科是自然科学与社会科学的融合体。从社会工程角度给出系统的概念,从部件、接缝、人员、环境四方面探讨了系统与信息安全的关系,提出了信息安全设计的必要步骤,并以通信系统为例分析了影响信息安全的因素。     

Threat Assessment Method of Low Altitude Slow Small (LSS) Targets Based on Information Entropy and AHP

In order to deal with the new threat of low altitude slow small (LSS) targets in air defense operations and provide support for LSS target interception decision, we propose a simple and reliable LSS target threat assessment method. Based on the detection capability of LSS targets and their threat characteristics, this paper proposes a threat evaluation factor and threat degree quantization function in line with the characteristics of LSS targets. LSS targets not only have the same threat characteristics as traditional air targets but also have the unique characteristics of flexible mobility and dynamic mission planning. Therefore, we use analytic hierarchy process (AHP) and information entropy to determine the subjective and objective threat factor weights of LSS targets and use the optimization model to combine them to obtain more reliable evaluation weights. Finally, the effectiveness and credibility of the proposed method are verified by experimental simulation.     

一种定量的信息安全风险评估模型

目前人们采用的信息安全风险评估方法基本局限于定性或半定量的方法。采用概率风险分析的方法,通过故障树分析网络系统被攻击的根本原因,并对网络构成的实质进行了剖析,同时分析了系统漏洞的类型及对攻击结果进行了分类,在此基础上建立了定量风险计算模型。     

An Insider Data Leakage Detection Using One-Hot Encoding,Synthetic Minority Oversampling and Machine Learning Techniques

Insider threats are malicious acts that can be carried out by an authorized employee within an organization. Insider threats represent a major cybersecurity challenge for private and public organizations, as an insider attack can cause extensive damage to organization assets much more than external attacks. Most existing approaches in the field of insider threat focused on detecting general insider attack scenarios. However, insider attacks can be carried out in different ways, and the most dangerous one is a data leakage attack that can be executed by a malicious insider before his/her leaving an organization. This paper proposes a machine learning-based model for detecting such serious insider threat incidents. The proposed model addresses the possible bias of detection results that can occur due to an inappropriate encoding process by employing the feature scaling and one-hot encoding techniques. Furthermore, the imbalance issue of the utilized dataset is also addressed utilizing the synthetic minority oversampling technique (SMOTE). Well known machine learning algorithms are employed to detect the most accurate classifier that can detect data leakage events executed by malicious insiders during the sensitive period before they leave an organization. We provide a proof of concept for our model by applying it on CMU-CERT Insider Threat Dataset and comparing its performance with the ground truth. The experimental results show that our model detects insider data leakage events with an AUC-ROC value of 0.99, outperforming the existing approaches that are validated on the same dataset. The proposed model provides effective methods to address possible bias and class imbalance issues for the aim of devising an effective insider data leakage detection system.     

舰艇多目标威胁评估及可视化方法综合研究

对舰艇多目标威胁度的评估是反舰导弹突防任务指挥中首要解决的问题之一,而评估结果的可视化有助于作战指挥人员直观地区分威胁目标的轻重缓急,从而为反舰导弹的突防迅速做出决策。提出了一种舰艇多目标威胁度评估及可视化的综合方法。首先,运用灰色关联度分析理论对影响舰艇多目标威胁度的属性因子之间的关联度进行了评估,并建立评估模型。然后,利用SuperMap GIS软件进行了作战过程的二维态势显示研究,通过面向用户的类库设计开发出了实用的评估过程可视化软件平台。