The integration of artificial intelligence(AI)technology,particularly large language models(LLMs),has become essential across various sectors due to their advanced language comprehension and generation capabilities.De...The integration of artificial intelligence(AI)technology,particularly large language models(LLMs),has become essential across various sectors due to their advanced language comprehension and generation capabilities.Despite their transformative impact in fields such as machine translation and intelligent dialogue systems,LLMs face significant challenges.These challenges include safety,security,and privacy concerns that undermine their trustworthiness and effectiveness,such as hallucinations,backdoor attacks,and privacy leakage.Previous works often conflated safety issues with security concerns.In contrast,our study provides clearer and more reasonable definitions for safety,security,and privacy within the context of LLMs.Building on these definitions,we provide a comprehensive overview of the vulnerabilities and defense mechanisms related to safety,security,and privacy in LLMs.Additionally,we explore the unique research challenges posed by LLMs and suggest potential avenues for future research,aiming to enhance the robustness and reliability of LLMs in the face of emerging threats.展开更多
Software security poses substantial risks to our society because software has become part of our life. Numerous techniques have been proposed to resolve or mitigate the impact of software security issues. Among them, ...Software security poses substantial risks to our society because software has become part of our life. Numerous techniques have been proposed to resolve or mitigate the impact of software security issues. Among them, software testing and analysis are two of the critical methods, which significantly benefit from the advancements in deep learning technologies. Due to the successful use of deep learning in software security, recently,researchers have explored the potential of using large language models(LLMs) in this area. In this paper, we systematically review the results focusing on LLMs in software security. We analyze the topics of fuzzing, unit test, program repair, bug reproduction, data-driven bug detection, and bug triage. We deconstruct these techniques into several stages and analyze how LLMs can be used in the stages. We also discuss the future directions of using LLMs in software security, including the future directions for the existing use of LLMs and extensions from conventional deep learning research.展开更多
ChatGPT is a powerful artificial intelligence(AI)language model that has demonstrated significant improvements in various natural language processing(NLP) tasks. However, like any technology, it presents potential sec...ChatGPT is a powerful artificial intelligence(AI)language model that has demonstrated significant improvements in various natural language processing(NLP) tasks. However, like any technology, it presents potential security risks that need to be carefully evaluated and addressed. In this survey, we provide an overview of the current state of research on security of using ChatGPT, with aspects of bias, disinformation, ethics, misuse,attacks and privacy. We review and discuss the literature on these topics and highlight open research questions and future directions.Through this survey, we aim to contribute to the academic discourse on AI security, enriching the understanding of potential risks and mitigations. We anticipate that this survey will be valuable for various stakeholders involved in AI development and usage, including AI researchers, developers, policy makers, and end-users.展开更多
Recently,the 2025 Central Conference on Work Related to Neighboring Countries was held in Beijing.As an important theoretical innovation,the conference emphasized for the first time pursuing“the model of security for...Recently,the 2025 Central Conference on Work Related to Neighboring Countries was held in Beijing.As an important theoretical innovation,the conference emphasized for the first time pursuing“the model of security for Asia that features sharing weal and woe,seeking common ground while shelving differences,and prioritizing dialogue and consultation.”1 This fully demonstrates that China prioritizes neighborhood on its diplomatic agenda,regards security and stability in its neighborhood as a core strategic support,and is ready to collaborate with neighboring countries for a future of shared peace,development,and prosperity.展开更多
In response to the current gaps in ef-fective proactive defense methods within applica-tion security and the limited integration of security components with applications,this paper proposes a biomimetic security model...In response to the current gaps in ef-fective proactive defense methods within applica-tion security and the limited integration of security components with applications,this paper proposes a biomimetic security model,called NeuroShield,specifically designed for web applications.Inspired by the“perception-strategy-effect-feedback”mechanism of the human nervous control system,the model inte-grates biomimetic elements akin of neural receptors and effectors into applications.This integration fa-cilitates a multifaceted approach to security:enabling data introspection for detailed perception and regula-tion of application behavior,providing proactive de-fense capabilities to detect and block security risks in real-time,and incorporating feedback optimization to continuously adjust and enhance security strategies based on prevailing conditions.Experimental results affirm the efficacy of this neural control mechanism-based biomimetic security model,demonstrating a proactive defense success rate exceeding 95%,thereby offering a theoretical and structural foundation for biomimetic immunity in web applications.展开更多
Security is the cor nerstone of a country's peace and stability and the prerequisite for its survival and development.All countries around the world regard security as their top priority.Since most Asian countries...Security is the cor nerstone of a country's peace and stability and the prerequisite for its survival and development.All countries around the world regard security as their top priority.Since most Asian countries suffered from colonial aggression and plundering for a long time in history,they as a whole attach special importance to national security.展开更多
Processing police incident data in public security involves complex natural language processing(NLP)tasks,including information extraction.This data contains extensive entity information—such as people,locations,and ...Processing police incident data in public security involves complex natural language processing(NLP)tasks,including information extraction.This data contains extensive entity information—such as people,locations,and events—while also involving reasoning tasks like personnel classification,relationship judgment,and implicit inference.Moreover,utilizing models for extracting information from police incident data poses a significant challenge—data scarcity,which limits the effectiveness of traditional rule-based and machine-learning methods.To address these,we propose TIPS.In collaboration with public security experts,we used de-identified police incident data to create templates that enable large language models(LLMs)to populate data slots and generate simulated data,enhancing data density and diversity.We then designed schemas to efficiently manage complex extraction and reasoning tasks,constructing a high-quality dataset and fine-tuning multiple open-source LLMs.Experiments showed that the fine-tuned ChatGLM-4-9B model achieved an F1 score of 87.14%,nearly 30%higher than the base model,significantly reducing error rates.Manual corrections further improved performance by 9.39%.This study demonstrates that combining largescale pre-trained models with limited high-quality domain-specific data can greatly enhance information extraction in low-resource environments,offering a new approach for intelligent public security applications.展开更多
Large models,such as large language models(LLMs),vision-language models(VLMs),and multimodal agents,have become key elements in artificial intelli⁃gence(AI)systems.Their rapid development has greatly improved percepti...Large models,such as large language models(LLMs),vision-language models(VLMs),and multimodal agents,have become key elements in artificial intelli⁃gence(AI)systems.Their rapid development has greatly improved perception,generation,and decision-making in various fields.However,their vast scale and complexity bring about new security challenges.Issues such as backdoor vulnerabilities during training,jailbreaking in multimodal rea⁃soning,and data provenance and copyright auditing have made security a critical focus for both academia and industry.展开更多
The differences among the extended Canetti & Krawezyk 2007 model (ECK2007) and other four models, i.e., the Bellare & Rogaway (1993, 1995)models (BR93,BR95), the Bellare, Pointcheval & Rogaway (2000) model ...The differences among the extended Canetti & Krawezyk 2007 model (ECK2007) and other four models, i.e., the Bellare & Rogaway (1993, 1995)models (BR93,BR95), the Bellare, Pointcheval & Rogaway (2000) model (BPR2000) and the Canetti & Krawczyk (2001) model (CK2001) are given. The relative strength of security among these models is analyzed. To support the implication or non-implication relation among these models, the formal proof or the counter-example is provided.展开更多
Ecological security is a vital problem that people all over the world today have to face and solve, and the situation of ecological security is getting more and more severe and has begun to impede heavily the sustaina...Ecological security is a vital problem that people all over the world today have to face and solve, and the situation of ecological security is getting more and more severe and has begun to impede heavily the sustainable development of social economy. Ecological environment pre-warning has become a hotspot for the modern environment science. This paper introduces the theories of ecological security pre-warning and tries to constitute a pre-warning model of ecological security. In terms of pressure-state-response model, the pre-warning guide line of ecological security is constructed while the pre-warning degree judging model of ecological security is established based on fuzzy optimization. As a case, the model is used to assess the present condition pre-warning of the ecological security of Anhui Province. The result is in correspondence with the real condition: the ecological security situations of 8 cities are dangerous and 9 cities are secure. The result shows that this model is scientific and effective for regional ecological security pre-warning.展开更多
Identification of security risk factors for small reservoirs is the basis for implementation of early warning systems.The manner of identification of the factors for small reservoirs is of practical significance when ...Identification of security risk factors for small reservoirs is the basis for implementation of early warning systems.The manner of identification of the factors for small reservoirs is of practical significance when data are incomplete.The existing grey relational models have some disadvantages in measuring the correlation between categorical data sequences.To this end,this paper introduces a new grey relational model to analyze heterogeneous data.In this study,a set of security risk factors for small reservoirs was first constructed based on theoretical analysis,and heterogeneous data of these factors were recorded as sequences.The sequences were regarded as random variables,and the information entropy and conditional entropy between sequences were measured to analyze the relational degree between risk factors.Then,a new grey relational analysis model for heterogeneous data was constructed,and a comprehensive security risk factor identification method was developed.A case study of small reservoirs in Guangxi Zhuang Autonomous Region in China shows that the model constructed in this study is applicable to security risk factor identification for small reservoirs with heterogeneous and sparse data.展开更多
Network security situation is a hot research topic in the field of network security. Whole situation awareness includes the current situation evaluation and the future situation prediction. However, the now-existing r...Network security situation is a hot research topic in the field of network security. Whole situation awareness includes the current situation evaluation and the future situation prediction. However, the now-existing research focuses on the current situation evaluation, and seldom discusses the future prediction. Based on the historical research, an improved grey Verhulst model is put forward to predict the future situation. Aiming at the shortages in the prediction based on traditional Verhulst model, the adaptive grey parameters and equal- dimensions grey filling methods are proposed to improve the precision. The simulation results prove that the scheme is efficient and applicable.展开更多
A fuzzy set-based evaluation approach is demonstrated to assess the security risks for internet-banking System. The Internet-banking system is semi-formally described using Unified Modeling Language (UML) to specify...A fuzzy set-based evaluation approach is demonstrated to assess the security risks for internet-banking System. The Internet-banking system is semi-formally described using Unified Modeling Language (UML) to specify the behavior and state of the system on the base of analyzing the existing qualitative risk assessment methods. And a quantitative method based on fuzzy set is used to measure security risks of the system, A case study was performed on the WEB server of the Internet-banking System using fuzzy-set based assessment algorithm to quantitatively compute the security risk severity. The numeric result also provides a method to decide the most critical component which should amuse the system administrator enough attention to take the appropriate security measure or controls to alleviate the risk severity. The experiments show this method can be used to quantify the security properties for the Internet-banking System in practice.展开更多
As one of the Special Economic Zones since the reform and opening up, Zhuhai has developed during the past 30 years. Its economic development, industrial structure and ecological environment have undergone great chang...As one of the Special Economic Zones since the reform and opening up, Zhuhai has developed during the past 30 years. Its economic development, industrial structure and ecological environment have undergone great changes. Research on changes in Zhuhai’s land ecological security is of great significance. Using relevant data from 2007-2012, this study established a land ecological security assessment system based on the PSR conceptual framework model. The system contained 18 indicators from 3 aspects according to the concrete features of Zhuhai. Then we used the matterelement analysis and the improved entropy weight to analyze and evaluate the land ecological security of Zhuhai. The results showed that: from 2007 to 2012, the levels of the land ecological security of Zhuhai were “secure”, and the value increased year by year;as the land ecological security response value increased, Zhuhai was capable of solving land ecosystem problems. However, it should be noted that the structure of land ecosystem in Zhuhai has not formed and that rapid expansion of construction land has caused the shortage of cultivated land and other issues. Measures should be taken to control the construction area, improve land intensive utilization and improve the land ecological security.展开更多
To further understand the status quo and change tendency of ecological security in county area, we took the example of Ningwu County, the headstream of Fenhe River, confronting serious eco-environment problem and cons...To further understand the status quo and change tendency of ecological security in county area, we took the example of Ningwu County, the headstream of Fenhe River, confronting serious eco-environment problem and considerable human impacts. Taking Ningwu as the study area and using variation coefficient method to determine the weights of the indices, we built ecological security pattern based on Pressure-State-Response (P-S-R) Model of Organization for Economic Cooperation and Development. The ecological security status was evaluated by calculating eco-security index (ESI) with socio-economic statistical data of Ningwu during 2001 -2010. The results showed that the situation of eco-security had been improved from heavy alarm to relative safety during 2001 -2010. It reflected that the ecological economic system in Ningwu County tended to be relaxed constantly after experienced a sharp conflict between ecological environment and economic growth. The ecological safety awareness was growing, however, by force of the objective requirements of population growth and economic development, the situation of ecological security was still unstable.展开更多
The middle reaches of the Yellow River represent an important area for the protection and development of the Yellow River Basin.Most of the area of the river basin is within the Loess Plateau,which establishes it as a...The middle reaches of the Yellow River represent an important area for the protection and development of the Yellow River Basin.Most of the area of the river basin is within the Loess Plateau,which establishes it as a fragile ecological environment.Firstly,using high-resolution data of land use in the watershed from the past 30 years,landscape ecological risk(LER)sample units are defined and an ecological risk index(ERI)model is constructed.Kriging interpolation is used to display the LER spatial patterns,and the temporal and spatial evolution of risk is examined.Secondly,the spatial evolution of land use landscape change(LULC)is analyzed,and the correlation between land use landscape and ecological risk is discussed.Finally,Based on the LER model,a risk-based minimum cumulative resistance(MCR)model is established,and a comprehensive protection and management network system for the ecological source-corridor-node system designed.The results suggest that in the past 30 years,LER has a high spatial correlation and areas with extremely high ecological risks are concentrated in northwest and southeast areas of the region,of which the northwest area accounts for the highest proportion.Risk intensity is closely related to the spatial pattern of land use landscape.ERI values of forestland,grasslands,and unused land and farmland are low,medium,and high,respectively.The trend of risk evolution is“overall improvement and partial deterioration”.Man-made construction and exploitation is the most direct reason for the increase of local ecological risks.The high ecological-risk areas in the northwest are dominated by deserts which reduce excessive interference by human activities on the natural landscape.Recommendations are:high-quality farmland should be protected;forestland should be restored and rebuilt;repair and adjust the existing ecosystem to assist in landscape regeneration and reconstruction;utilize the overall planning vision of“mountain,water,forest,field,lake,grass,sand”to design a management project at the basin scale;adhere to problem-oriented and precise policy implementation.展开更多
With the rapid development of network technology, the meaning of layers and attributes in respect of information system security must be extended based on the understanding of the concept of information system securit...With the rapid development of network technology, the meaning of layers and attributes in respect of information system security must be extended based on the understanding of the concept of information system security. The layering model (LM) of information system security and the five-attribute model (FAM) based on security factors were put forward to perfect the description and modeling of the information system security framework. An effective framework system of risk calculation and assessment was proposed, which is based on FAM.展开更多
Today,resource depletion threatens a number of resource-based cities in China.The ecological security problem caused by the long-term exploitation of natural resources is a key issue to be solved in the development of...Today,resource depletion threatens a number of resource-based cities in China.The ecological security problem caused by the long-term exploitation of natural resources is a key issue to be solved in the development of resource-exhausted cities.Using 23 indicators,this study evaluated the ecological security status and development trends of 21 resource-exhausted cities in China from 2011 to 2017.The results showed that from 2011 to 2015,the overall ecological security of this type of city was low,with over 60%of the cities at an unsafe level.However,ecological security improved rapidly after 2016,and by 2017,all of the cities had reached the critical safety level.The top 10 indicators of ecological security included industrial sulfur dioxide emissions,water supply,agricultural fertilizer application,and forest coverage.These 10 indicators’cumulative contribution to ecological security was 48.3%;among them,reducing industrial sulfur dioxide emissions contributed the most at 5.7%.These findings can help governments better understand the ecological security status of resource-exhausted cities,and it can provide a reference for the allocation of funds and other resources to improve the ecological safety of these cities.展开更多
In cloud computing, the risk of data leakage exists between users and virtual machines. Whether it is direct or indirect data leakage, it can be regarded as illegal information flow. Methods such as access control mod...In cloud computing, the risk of data leakage exists between users and virtual machines. Whether it is direct or indirect data leakage, it can be regarded as illegal information flow. Methods such as access control models can control the information flow rather than the covert information flow. Therefore, it needs to use the noninterference models to detect the existence of illegal information flow in cloud computing. Typical noninterference models are not suitable to verificate information flow in cloud computing. When concurrent access actions execute in the cloud architecture, security domains do not affect each other, because there is no information flow between security domains. Based on this, we propose noninterference for cloud architecture in which concurrent access and sequential access coexist. When the sequential actions execute, the information flow between security domains can flow in accordance with established rules. When concurrent access actions execute, there should not be the information flow between security domains.展开更多
Cloud computing provides services to users through Internet.This open mode not only facilitates the access by users,but also brings potential security risks.In cloud computing,the risk of data leakage exists between u...Cloud computing provides services to users through Internet.This open mode not only facilitates the access by users,but also brings potential security risks.In cloud computing,the risk of data leakage exists between users and virtual machines.Whether direct or indirect data leakage,it can be regarded as illegal information flow.Methods,such as access control models can control the information flow,but not the covert information flow.Therefore,it needs to use the noninterference models to detect the existence of illegal information flow in cloud computing architecture.Typical noninterference models are not suitable to certificate information flow in cloud computing architecture.In this paper,we propose several information flow models for cloud architecture.One model is for transitive cloud computing architecture.The others are for intransitive cloud computing architecture.When concurrent access actions execute in the cloud architecture,we want that security domain and security domain do not affect each other,that there is no information flow between security domains.But in fact,there will be more or less indirect information flow between security domains.Our models are concerned with how much information is allowed to flow.For example,in the CIP model,the other domain can learn the sequence of actions.But in the CTA model,the other domain can’t learn the information.Which security model will be used in an architecture depends on the security requirements for that architecture.展开更多
基金supported by the National Key R&D Program of China under Grant No.2022YFB3103500the National Natural Science Foundation of China under Grants No.62402087 and No.62020106013+3 种基金the Sichuan Science and Technology Program under Grant No.2023ZYD0142the Chengdu Science and Technology Program under Grant No.2023-XT00-00002-GXthe Fundamental Research Funds for Chinese Central Universities under Grants No.ZYGX2020ZB027 and No.Y030232063003002the Postdoctoral Innovation Talents Support Program under Grant No.BX20230060.
文摘The integration of artificial intelligence(AI)technology,particularly large language models(LLMs),has become essential across various sectors due to their advanced language comprehension and generation capabilities.Despite their transformative impact in fields such as machine translation and intelligent dialogue systems,LLMs face significant challenges.These challenges include safety,security,and privacy concerns that undermine their trustworthiness and effectiveness,such as hallucinations,backdoor attacks,and privacy leakage.Previous works often conflated safety issues with security concerns.In contrast,our study provides clearer and more reasonable definitions for safety,security,and privacy within the context of LLMs.Building on these definitions,we provide a comprehensive overview of the vulnerabilities and defense mechanisms related to safety,security,and privacy in LLMs.Additionally,we explore the unique research challenges posed by LLMs and suggest potential avenues for future research,aiming to enhance the robustness and reliability of LLMs in the face of emerging threats.
文摘Software security poses substantial risks to our society because software has become part of our life. Numerous techniques have been proposed to resolve or mitigate the impact of software security issues. Among them, software testing and analysis are two of the critical methods, which significantly benefit from the advancements in deep learning technologies. Due to the successful use of deep learning in software security, recently,researchers have explored the potential of using large language models(LLMs) in this area. In this paper, we systematically review the results focusing on LLMs in software security. We analyze the topics of fuzzing, unit test, program repair, bug reproduction, data-driven bug detection, and bug triage. We deconstruct these techniques into several stages and analyze how LLMs can be used in the stages. We also discuss the future directions of using LLMs in software security, including the future directions for the existing use of LLMs and extensions from conventional deep learning research.
文摘ChatGPT is a powerful artificial intelligence(AI)language model that has demonstrated significant improvements in various natural language processing(NLP) tasks. However, like any technology, it presents potential security risks that need to be carefully evaluated and addressed. In this survey, we provide an overview of the current state of research on security of using ChatGPT, with aspects of bias, disinformation, ethics, misuse,attacks and privacy. We review and discuss the literature on these topics and highlight open research questions and future directions.Through this survey, we aim to contribute to the academic discourse on AI security, enriching the understanding of potential risks and mitigations. We anticipate that this survey will be valuable for various stakeholders involved in AI development and usage, including AI researchers, developers, policy makers, and end-users.
文摘Recently,the 2025 Central Conference on Work Related to Neighboring Countries was held in Beijing.As an important theoretical innovation,the conference emphasized for the first time pursuing“the model of security for Asia that features sharing weal and woe,seeking common ground while shelving differences,and prioritizing dialogue and consultation.”1 This fully demonstrates that China prioritizes neighborhood on its diplomatic agenda,regards security and stability in its neighborhood as a core strategic support,and is ready to collaborate with neighboring countries for a future of shared peace,development,and prosperity.
基金The Fundamental Research Funds for the Central Universities(No.2242022k60005)Purple Mountain Laboratories for Network and Communication Security,and National Science Foundation(No.62233003).
文摘In response to the current gaps in ef-fective proactive defense methods within applica-tion security and the limited integration of security components with applications,this paper proposes a biomimetic security model,called NeuroShield,specifically designed for web applications.Inspired by the“perception-strategy-effect-feedback”mechanism of the human nervous control system,the model inte-grates biomimetic elements akin of neural receptors and effectors into applications.This integration fa-cilitates a multifaceted approach to security:enabling data introspection for detailed perception and regula-tion of application behavior,providing proactive de-fense capabilities to detect and block security risks in real-time,and incorporating feedback optimization to continuously adjust and enhance security strategies based on prevailing conditions.Experimental results affirm the efficacy of this neural control mechanism-based biomimetic security model,demonstrating a proactive defense success rate exceeding 95%,thereby offering a theoretical and structural foundation for biomimetic immunity in web applications.
文摘Security is the cor nerstone of a country's peace and stability and the prerequisite for its survival and development.All countries around the world regard security as their top priority.Since most Asian countries suffered from colonial aggression and plundering for a long time in history,they as a whole attach special importance to national security.
文摘Processing police incident data in public security involves complex natural language processing(NLP)tasks,including information extraction.This data contains extensive entity information—such as people,locations,and events—while also involving reasoning tasks like personnel classification,relationship judgment,and implicit inference.Moreover,utilizing models for extracting information from police incident data poses a significant challenge—data scarcity,which limits the effectiveness of traditional rule-based and machine-learning methods.To address these,we propose TIPS.In collaboration with public security experts,we used de-identified police incident data to create templates that enable large language models(LLMs)to populate data slots and generate simulated data,enhancing data density and diversity.We then designed schemas to efficiently manage complex extraction and reasoning tasks,constructing a high-quality dataset and fine-tuning multiple open-source LLMs.Experiments showed that the fine-tuned ChatGLM-4-9B model achieved an F1 score of 87.14%,nearly 30%higher than the base model,significantly reducing error rates.Manual corrections further improved performance by 9.39%.This study demonstrates that combining largescale pre-trained models with limited high-quality domain-specific data can greatly enhance information extraction in low-resource environments,offering a new approach for intelligent public security applications.
文摘Large models,such as large language models(LLMs),vision-language models(VLMs),and multimodal agents,have become key elements in artificial intelli⁃gence(AI)systems.Their rapid development has greatly improved perception,generation,and decision-making in various fields.However,their vast scale and complexity bring about new security challenges.Issues such as backdoor vulnerabilities during training,jailbreaking in multimodal rea⁃soning,and data provenance and copyright auditing have made security a critical focus for both academia and industry.
文摘The differences among the extended Canetti & Krawezyk 2007 model (ECK2007) and other four models, i.e., the Bellare & Rogaway (1993, 1995)models (BR93,BR95), the Bellare, Pointcheval & Rogaway (2000) model (BPR2000) and the Canetti & Krawczyk (2001) model (CK2001) are given. The relative strength of security among these models is analyzed. To support the implication or non-implication relation among these models, the formal proof or the counter-example is provided.
基金Undertheauspicesof China Postdoctoral Science Foundation (No.2004035175), and the Natural Science Founda-tionof Anhui Provincial Bureau of Education (No.2003KJ043ZD)
文摘Ecological security is a vital problem that people all over the world today have to face and solve, and the situation of ecological security is getting more and more severe and has begun to impede heavily the sustainable development of social economy. Ecological environment pre-warning has become a hotspot for the modern environment science. This paper introduces the theories of ecological security pre-warning and tries to constitute a pre-warning model of ecological security. In terms of pressure-state-response model, the pre-warning guide line of ecological security is constructed while the pre-warning degree judging model of ecological security is established based on fuzzy optimization. As a case, the model is used to assess the present condition pre-warning of the ecological security of Anhui Province. The result is in correspondence with the real condition: the ecological security situations of 8 cities are dangerous and 9 cities are secure. The result shows that this model is scientific and effective for regional ecological security pre-warning.
基金supported by the National Nature Science Foundation of China(Grant No.71401052)the National Social Science Foundation of China(Grant No.17BGL156)the Key Project of the National Social Science Foundation of China(Grant No.14AZD024)
文摘Identification of security risk factors for small reservoirs is the basis for implementation of early warning systems.The manner of identification of the factors for small reservoirs is of practical significance when data are incomplete.The existing grey relational models have some disadvantages in measuring the correlation between categorical data sequences.To this end,this paper introduces a new grey relational model to analyze heterogeneous data.In this study,a set of security risk factors for small reservoirs was first constructed based on theoretical analysis,and heterogeneous data of these factors were recorded as sequences.The sequences were regarded as random variables,and the information entropy and conditional entropy between sequences were measured to analyze the relational degree between risk factors.Then,a new grey relational analysis model for heterogeneous data was constructed,and a comprehensive security risk factor identification method was developed.A case study of small reservoirs in Guangxi Zhuang Autonomous Region in China shows that the model constructed in this study is applicable to security risk factor identification for small reservoirs with heterogeneous and sparse data.
基金the National Natural Science Foundation of China(No.60605019)
文摘Network security situation is a hot research topic in the field of network security. Whole situation awareness includes the current situation evaluation and the future situation prediction. However, the now-existing research focuses on the current situation evaluation, and seldom discusses the future prediction. Based on the historical research, an improved grey Verhulst model is put forward to predict the future situation. Aiming at the shortages in the prediction based on traditional Verhulst model, the adaptive grey parameters and equal- dimensions grey filling methods are proposed to improve the precision. The simulation results prove that the scheme is efficient and applicable.
基金Supported by the National Natural Science Foun-dation of China (2002AA142150)
文摘A fuzzy set-based evaluation approach is demonstrated to assess the security risks for internet-banking System. The Internet-banking system is semi-formally described using Unified Modeling Language (UML) to specify the behavior and state of the system on the base of analyzing the existing qualitative risk assessment methods. And a quantitative method based on fuzzy set is used to measure security risks of the system, A case study was performed on the WEB server of the Internet-banking System using fuzzy-set based assessment algorithm to quantitatively compute the security risk severity. The numeric result also provides a method to decide the most critical component which should amuse the system administrator enough attention to take the appropriate security measure or controls to alleviate the risk severity. The experiments show this method can be used to quantify the security properties for the Internet-banking System in practice.
文摘As one of the Special Economic Zones since the reform and opening up, Zhuhai has developed during the past 30 years. Its economic development, industrial structure and ecological environment have undergone great changes. Research on changes in Zhuhai’s land ecological security is of great significance. Using relevant data from 2007-2012, this study established a land ecological security assessment system based on the PSR conceptual framework model. The system contained 18 indicators from 3 aspects according to the concrete features of Zhuhai. Then we used the matterelement analysis and the improved entropy weight to analyze and evaluate the land ecological security of Zhuhai. The results showed that: from 2007 to 2012, the levels of the land ecological security of Zhuhai were “secure”, and the value increased year by year;as the land ecological security response value increased, Zhuhai was capable of solving land ecosystem problems. However, it should be noted that the structure of land ecosystem in Zhuhai has not formed and that rapid expansion of construction land has caused the shortage of cultivated land and other issues. Measures should be taken to control the construction area, improve land intensive utilization and improve the land ecological security.
基金Supported by National Natural Science Fund,China(41271143)Soft Science Research Project of Shanxi,China(2013041059-04)
文摘To further understand the status quo and change tendency of ecological security in county area, we took the example of Ningwu County, the headstream of Fenhe River, confronting serious eco-environment problem and considerable human impacts. Taking Ningwu as the study area and using variation coefficient method to determine the weights of the indices, we built ecological security pattern based on Pressure-State-Response (P-S-R) Model of Organization for Economic Cooperation and Development. The ecological security status was evaluated by calculating eco-security index (ESI) with socio-economic statistical data of Ningwu during 2001 -2010. The results showed that the situation of eco-security had been improved from heavy alarm to relative safety during 2001 -2010. It reflected that the ecological economic system in Ningwu County tended to be relaxed constantly after experienced a sharp conflict between ecological environment and economic growth. The ecological safety awareness was growing, however, by force of the objective requirements of population growth and economic development, the situation of ecological security was still unstable.
基金National Natural Science Foundation of China,No.41601290。
文摘The middle reaches of the Yellow River represent an important area for the protection and development of the Yellow River Basin.Most of the area of the river basin is within the Loess Plateau,which establishes it as a fragile ecological environment.Firstly,using high-resolution data of land use in the watershed from the past 30 years,landscape ecological risk(LER)sample units are defined and an ecological risk index(ERI)model is constructed.Kriging interpolation is used to display the LER spatial patterns,and the temporal and spatial evolution of risk is examined.Secondly,the spatial evolution of land use landscape change(LULC)is analyzed,and the correlation between land use landscape and ecological risk is discussed.Finally,Based on the LER model,a risk-based minimum cumulative resistance(MCR)model is established,and a comprehensive protection and management network system for the ecological source-corridor-node system designed.The results suggest that in the past 30 years,LER has a high spatial correlation and areas with extremely high ecological risks are concentrated in northwest and southeast areas of the region,of which the northwest area accounts for the highest proportion.Risk intensity is closely related to the spatial pattern of land use landscape.ERI values of forestland,grasslands,and unused land and farmland are low,medium,and high,respectively.The trend of risk evolution is“overall improvement and partial deterioration”.Man-made construction and exploitation is the most direct reason for the increase of local ecological risks.The high ecological-risk areas in the northwest are dominated by deserts which reduce excessive interference by human activities on the natural landscape.Recommendations are:high-quality farmland should be protected;forestland should be restored and rebuilt;repair and adjust the existing ecosystem to assist in landscape regeneration and reconstruction;utilize the overall planning vision of“mountain,water,forest,field,lake,grass,sand”to design a management project at the basin scale;adhere to problem-oriented and precise policy implementation.
文摘With the rapid development of network technology, the meaning of layers and attributes in respect of information system security must be extended based on the understanding of the concept of information system security. The layering model (LM) of information system security and the five-attribute model (FAM) based on security factors were put forward to perfect the description and modeling of the information system security framework. An effective framework system of risk calculation and assessment was proposed, which is based on FAM.
基金This work was supported by the Technology R&D Program of Changsha City(nos.kc1702045 and kq1901145)the Key Technology R&D Program of Hunan Province(nos.2016TP2007,2017TP2006,and 2016TP1014).
文摘Today,resource depletion threatens a number of resource-based cities in China.The ecological security problem caused by the long-term exploitation of natural resources is a key issue to be solved in the development of resource-exhausted cities.Using 23 indicators,this study evaluated the ecological security status and development trends of 21 resource-exhausted cities in China from 2011 to 2017.The results showed that from 2011 to 2015,the overall ecological security of this type of city was low,with over 60%of the cities at an unsafe level.However,ecological security improved rapidly after 2016,and by 2017,all of the cities had reached the critical safety level.The top 10 indicators of ecological security included industrial sulfur dioxide emissions,water supply,agricultural fertilizer application,and forest coverage.These 10 indicators’cumulative contribution to ecological security was 48.3%;among them,reducing industrial sulfur dioxide emissions contributed the most at 5.7%.These findings can help governments better understand the ecological security status of resource-exhausted cities,and it can provide a reference for the allocation of funds and other resources to improve the ecological safety of these cities.
基金Supported by the National Natural Science Foundation of China(61640220)the Natural Science Research Project of Jiangsu Province Universities and Colleges(17KJD520005)the Government Audit Research Foundation of Nanjing Audit University
文摘In cloud computing, the risk of data leakage exists between users and virtual machines. Whether it is direct or indirect data leakage, it can be regarded as illegal information flow. Methods such as access control models can control the information flow rather than the covert information flow. Therefore, it needs to use the noninterference models to detect the existence of illegal information flow in cloud computing. Typical noninterference models are not suitable to verificate information flow in cloud computing. When concurrent access actions execute in the cloud architecture, security domains do not affect each other, because there is no information flow between security domains. Based on this, we propose noninterference for cloud architecture in which concurrent access and sequential access coexist. When the sequential actions execute, the information flow between security domains can flow in accordance with established rules. When concurrent access actions execute, there should not be the information flow between security domains.
基金Natural Science Research Project of Jiangsu Province Universities and Colleges(No.17KJD520005,Congdong Lv).
文摘Cloud computing provides services to users through Internet.This open mode not only facilitates the access by users,but also brings potential security risks.In cloud computing,the risk of data leakage exists between users and virtual machines.Whether direct or indirect data leakage,it can be regarded as illegal information flow.Methods,such as access control models can control the information flow,but not the covert information flow.Therefore,it needs to use the noninterference models to detect the existence of illegal information flow in cloud computing architecture.Typical noninterference models are not suitable to certificate information flow in cloud computing architecture.In this paper,we propose several information flow models for cloud architecture.One model is for transitive cloud computing architecture.The others are for intransitive cloud computing architecture.When concurrent access actions execute in the cloud architecture,we want that security domain and security domain do not affect each other,that there is no information flow between security domains.But in fact,there will be more or less indirect information flow between security domains.Our models are concerned with how much information is allowed to flow.For example,in the CIP model,the other domain can learn the sequence of actions.But in the CTA model,the other domain can’t learn the information.Which security model will be used in an architecture depends on the security requirements for that architecture.
