The key exchange is a fundamental building block in the cryptography. Several provable security models for the key exchange protocol are proposed. To determine the exact properties required by the protocols, a single ...The key exchange is a fundamental building block in the cryptography. Several provable security models for the key exchange protocol are proposed. To determine the exact properties required by the protocols, a single unified security model is essential, The eCK , eCK and CK models are examined and the result is proved that the eCK' model is the strongest provable security model for the key exchange. The relative security strength among these models is analyzed. To support the implication or non-implication relations among these models, the formal proofs and the counter-examples are given.展开更多
With the flooding of pornographic information on the Internet, how to keep people away from that offensive information is becoming one of the most important research areas in network information security. Some applica...With the flooding of pornographic information on the Internet, how to keep people away from that offensive information is becoming one of the most important research areas in network information security. Some applications which can block or filter such information are used. Approaches in those systems can be roughly classified into two kinds: metadata based and content based. With the development of distributed technologies, content based filtering technologies will play a more and more important role in filtering systems. Keyword matching is a content based method used widely in harmful text filtering. Experiments to evaluate the recall and precision of the method showed that the precision of the method is not satisfactory, though the recall of the method is rather high. According to the results, a new pornographic text filtering model based on reconfirming is put forward. Experiments showed that the model is practical, has less loss of recall than the single keyword matching method, and has higher precision.展开更多
With the increasing enlargement of network scale and the rapid development of network techniques, large numbers of the network applications begin to appear. Packet capture plays an important role as one basic techniqu...With the increasing enlargement of network scale and the rapid development of network techniques, large numbers of the network applications begin to appear. Packet capture plays an important role as one basic technique used in each field of the network applications. In a high-speed network, the heavy traffic of network transmission challenges the packet capture techniques. This paper does an in-depth analysis on the traditional packet capture mechanisms in Linux, and then measures the performance bottleneck in the process of packet capture. The methods for improving the packet capture performance are presented and an optimized packet capture scheme is also designed and implemented. The test demonstrates that the new packet capture mechanism (Libpacket) can greatly improve the packet capture performance of the network application systems in a high-speed network.展开更多
With the rapid development and wide application of network technology, information security issues are increasingly highlighted, received more and more attention. This article introduces the present situation of netwo...With the rapid development and wide application of network technology, information security issues are increasingly highlighted, received more and more attention. This article introduces the present situation of network information security, discusses the connotation of network information security, and analyzes the main threat to the security of the network information. And we separately detailed description of the data monitoring platform architecture from the data layer, network layer and presentation layer three levels, focuses on the functional structure of intelligent database platform, and puts forward to measures that ensure the safety of the platform and the internal data security. Through the design of the platform to improve the information security system has certain significance.展开更多
Network information security is an important issue mattering national security and sovereignty, social stability, cultural inheritance and development. Its importance is escalating with the accelerated pace of global ...Network information security is an important issue mattering national security and sovereignty, social stability, cultural inheritance and development. Its importance is escalating with the accelerated pace of global information. Information security is a comprehensive discipline involving computer science, network technology, communication technology, cryptography, information security technology, applied mathematics, number theory, information theory and other disciplines. It mainly refers to the condition that network hardware, software and system data are protected from destruction, change and divulgation from accidental or malicious reasons so that the system can run continuously and reliably with no interrupted network service.展开更多
The approach of traffic abnormality detection of network resource allocation attack did not have reliable signatures to depict abnormality and identify them. However, it is crucial for us to detect attacks accurately....The approach of traffic abnormality detection of network resource allocation attack did not have reliable signatures to depict abnormality and identify them. However, it is crucial for us to detect attacks accurately. The technique that we adopted is inspired by long range dependence ideas. We use the number of packet arrivals of a flow in fixed-length time intervals as the signal and attempt to extend traffic invariant “self-similarity”. We validate the effectiveness of the approach with simulation and trace analysis.展开更多
With the development of information networks, the problem of power security has increasingly caused many attention of people, but the simple power security defense system has been difficult to meet the current complex...With the development of information networks, the problem of power security has increasingly caused many attention of people, but the simple power security defense system has been difficult to meet the current complex network environment. Aiming at this situation, by using the method of T-S fuzzy neural network model to analyze the characteristics of the data transmission in network, it has obtained corresponding threat information. By processing these threat information, it completes the construction of three-dimensional power security defense system. The paper carries on the corresponding data training methods by using T-shirt model fuzzy neural network, which has certain reference significance for the data analysis of other similar fields. At the same time, the study of building on the three-dimensional power security defense system aims to provide a theoretical reference for solving the security defense of the current complex network environment.展开更多
In this paper, we conduct research on the security enhancement model of communication system based on the chaotic encryption and analytic hierarchy process. The communication of the information network is completed by...In this paper, we conduct research on the security enhancement model of communication system based on the chaotic encryption and analytic hierarchy process. The communication of the information network is completed by the communication protocol. The communication protocol can be divided into application layer, transport layer, network layer, link layer and physical layer. By using the communication protocol, the security control of the network communication can meet the needs of the information network security communication. This paper integrates the chaos system to further implement the robust system architecture. The algorithm of this paper tries to make the maximum value of the above three parameters in each iteration step by step and the output feedback to dynamically change these parameters. Compared with other algorithms, our method can adopt more related theories to perform the better result.展开更多
With the continuous development of network applications, network security equipment type and the number of growing, heterogeneous security devices is difficult synergistic, massive alarm information is difficult to de...With the continuous development of network applications, network security equipment type and the number of growing, heterogeneous security devices is difficult synergistic, massive alarm information is difficult to deal and the lack of an effective response to the treatment process as well as on security incidents. To solve these problems, the proposed design of a unified management platform for a variety of heterogeneous network security equipment. A brief introduction for the main functions of the platform.The article proposed a traffic handling mechanisms of heterogeneous security devices, allowing the platform to support heterogeneous security devices.展开更多
Global changes, including the rise of the sea level and frequent terrible disasters, are apparently threatening the living environment. For environmental mitigation, security, and sustainability, Taiwan should have re...Global changes, including the rise of the sea level and frequent terrible disasters, are apparently threatening the living environment. For environmental mitigation, security, and sustainability, Taiwan should have reliable, incorporative area-based security-information networks to protect their environments. Plural (dual) surveillance which is rooted in biologic senses, e.g., from two-eyes, can have the feature of fault-tolerance, availability and maintainability in monitoring tasks. Further, it can fit the contemporary wireless communication methods being incorporated with MIMO (multi-in multi-out), to prevent information loss, interference, unexpected changes caused by such as clogged water and chemical reactions. Consequently, network prototypes, including SW (spider-web)network and CCC (cube-connected cycle), are proactively suggested. More reliable capabilities, including those encouraging local ferries and drones, for efficient logistic operation and mixed-use buildings with quality assured performance, can be good for smart urban growth, resource utilization in Taiwan, which is aimed as an aerotropolis--a means for placemaking.展开更多
基金Supported by the National High Technology Research and Development Program of China("863"Program)(2006AA706103)~~
文摘The key exchange is a fundamental building block in the cryptography. Several provable security models for the key exchange protocol are proposed. To determine the exact properties required by the protocols, a single unified security model is essential, The eCK , eCK and CK models are examined and the result is proved that the eCK' model is the strongest provable security model for the key exchange. The relative security strength among these models is analyzed. To support the implication or non-implication relations among these models, the formal proofs and the counter-examples are given.
文摘With the flooding of pornographic information on the Internet, how to keep people away from that offensive information is becoming one of the most important research areas in network information security. Some applications which can block or filter such information are used. Approaches in those systems can be roughly classified into two kinds: metadata based and content based. With the development of distributed technologies, content based filtering technologies will play a more and more important role in filtering systems. Keyword matching is a content based method used widely in harmful text filtering. Experiments to evaluate the recall and precision of the method showed that the precision of the method is not satisfactory, though the recall of the method is rather high. According to the results, a new pornographic text filtering model based on reconfirming is put forward. Experiments showed that the model is practical, has less loss of recall than the single keyword matching method, and has higher precision.
基金Sponsored by the National High Technology Development Program of China (Grant No. 2002AA142020).
文摘With the increasing enlargement of network scale and the rapid development of network techniques, large numbers of the network applications begin to appear. Packet capture plays an important role as one basic technique used in each field of the network applications. In a high-speed network, the heavy traffic of network transmission challenges the packet capture techniques. This paper does an in-depth analysis on the traditional packet capture mechanisms in Linux, and then measures the performance bottleneck in the process of packet capture. The methods for improving the packet capture performance are presented and an optimized packet capture scheme is also designed and implemented. The test demonstrates that the new packet capture mechanism (Libpacket) can greatly improve the packet capture performance of the network application systems in a high-speed network.
文摘With the rapid development and wide application of network technology, information security issues are increasingly highlighted, received more and more attention. This article introduces the present situation of network information security, discusses the connotation of network information security, and analyzes the main threat to the security of the network information. And we separately detailed description of the data monitoring platform architecture from the data layer, network layer and presentation layer three levels, focuses on the functional structure of intelligent database platform, and puts forward to measures that ensure the safety of the platform and the internal data security. Through the design of the platform to improve the information security system has certain significance.
文摘Network information security is an important issue mattering national security and sovereignty, social stability, cultural inheritance and development. Its importance is escalating with the accelerated pace of global information. Information security is a comprehensive discipline involving computer science, network technology, communication technology, cryptography, information security technology, applied mathematics, number theory, information theory and other disciplines. It mainly refers to the condition that network hardware, software and system data are protected from destruction, change and divulgation from accidental or malicious reasons so that the system can run continuously and reliably with no interrupted network service.
文摘The approach of traffic abnormality detection of network resource allocation attack did not have reliable signatures to depict abnormality and identify them. However, it is crucial for us to detect attacks accurately. The technique that we adopted is inspired by long range dependence ideas. We use the number of packet arrivals of a flow in fixed-length time intervals as the signal and attempt to extend traffic invariant “self-similarity”. We validate the effectiveness of the approach with simulation and trace analysis.
文摘With the development of information networks, the problem of power security has increasingly caused many attention of people, but the simple power security defense system has been difficult to meet the current complex network environment. Aiming at this situation, by using the method of T-S fuzzy neural network model to analyze the characteristics of the data transmission in network, it has obtained corresponding threat information. By processing these threat information, it completes the construction of three-dimensional power security defense system. The paper carries on the corresponding data training methods by using T-shirt model fuzzy neural network, which has certain reference significance for the data analysis of other similar fields. At the same time, the study of building on the three-dimensional power security defense system aims to provide a theoretical reference for solving the security defense of the current complex network environment.
文摘In this paper, we conduct research on the security enhancement model of communication system based on the chaotic encryption and analytic hierarchy process. The communication of the information network is completed by the communication protocol. The communication protocol can be divided into application layer, transport layer, network layer, link layer and physical layer. By using the communication protocol, the security control of the network communication can meet the needs of the information network security communication. This paper integrates the chaos system to further implement the robust system architecture. The algorithm of this paper tries to make the maximum value of the above three parameters in each iteration step by step and the output feedback to dynamically change these parameters. Compared with other algorithms, our method can adopt more related theories to perform the better result.
文摘With the continuous development of network applications, network security equipment type and the number of growing, heterogeneous security devices is difficult synergistic, massive alarm information is difficult to deal and the lack of an effective response to the treatment process as well as on security incidents. To solve these problems, the proposed design of a unified management platform for a variety of heterogeneous network security equipment. A brief introduction for the main functions of the platform.The article proposed a traffic handling mechanisms of heterogeneous security devices, allowing the platform to support heterogeneous security devices.
文摘Global changes, including the rise of the sea level and frequent terrible disasters, are apparently threatening the living environment. For environmental mitigation, security, and sustainability, Taiwan should have reliable, incorporative area-based security-information networks to protect their environments. Plural (dual) surveillance which is rooted in biologic senses, e.g., from two-eyes, can have the feature of fault-tolerance, availability and maintainability in monitoring tasks. Further, it can fit the contemporary wireless communication methods being incorporated with MIMO (multi-in multi-out), to prevent information loss, interference, unexpected changes caused by such as clogged water and chemical reactions. Consequently, network prototypes, including SW (spider-web)network and CCC (cube-connected cycle), are proactively suggested. More reliable capabilities, including those encouraging local ferries and drones, for efficient logistic operation and mixed-use buildings with quality assured performance, can be good for smart urban growth, resource utilization in Taiwan, which is aimed as an aerotropolis--a means for placemaking.
