共查询到20条相似文献,搜索用时 296 毫秒
1.
Detection of port scan is an important component in a network intrusion detection and prevention system. Traditional statistical methods can be easily evaded by stealthy scans and are prone to DeS attacks. This paper presents a new mechanism termed PSD(port scan detection), which is based on TCP packet anomaly evaluation. By learning the port distribution and flags of TCP packets arriving at the protected hosts, PSD can compute the anomaly score of each packet and effectively detect port scans including slow scans and stealthy scans. Experiments show that PSD has high detection accuracy and low detection latency. 相似文献
2.
Space-time signal processing based on multiple-input multiple-output(MIMO) systems is an active research field in which interfering signals are cancelled and multiuser detection is achieved using space diversity. In a Rayleigh fading channel, space-time block cedes using multiple transmitting antennas can improve system performance and reduce bit-error-rate for multiuser detection. In this paper, several antenna configurations are designed for DS-CDMA communication in MIMO systems. Space-time linear multinser detection and space-time serial interference cancellation multiuser detection are simulated. Bit-error-rate and computation complexities of the two methods are compared. Conclusions are given in the end. 相似文献
3.
Multi-face detection based on downsampling and modified subtractive clustering for color images 总被引:1,自引:0,他引:1
KONG Wan-zeng ZHU Shan-an 《浙江大学学报(A卷英文版)》2007,8(1):72-78
INTRODUCTION Face detection has been widely used in fields such as security, multimedia retrieval, human com-puter interaction, etc. Therefore it becomes one of the most active research areas in computer science. Re-cently, approaches to face detection include neural network (Rowley et al., 1998), boosting (Viola, 2001; Viola and Jones, 2004), template matching (Kim et al.,2000) and skin color (Cai and Goshtasby, 1999; Wang and Yuan, 2001; Soriano et al., 2003), etc. The methods of n… 相似文献
4.
How to quickly and accurately detect new topics from massive data online becomes a main problem of public opinion monitoring in cyberspace. This paperpresents a new event detection method for the current new event detection system, based on sorted subtopic matching algorithm and constructs the entire design framework. In this p~per, the subtopics contained in old topics (or news stories) are sorted in descending order according to their importance to the topic(or news stories), and form a sorted subtopic sequence. In the process of subtopic matching, subtopic scoring matrix is used to determine whether a new story is reporting a new event. Experimental results show that the sorted subtopic matching model improved the accuracy and effectiveness ofthenew event detection system in cyberspace. 相似文献
5.
Design patterns are micro architectures that have proved to be reliable,robust and easy to implement.Detecting design pattern from source code of object-oriented system can help a designer,a developer or a maintainer to understand the software system.In this paper,a new method is provided which can detect design patterns from source code combining both static and dynamic analysis.To acquire the run-time dynamic information of software systems,a code instrumentation method is adopted.At the same time,all static and dynamic information is presented in UML diagrams format.The pattern detection process and its detection results are visual and interactive.This method is tested on a call center and a traffic simulation system.Experimental results prove that the method is effective in design patterns detection. 相似文献
6.
Traditional methods of license character extraction cannot meet the requirements of recognition accuracy and speed rendered by the video vehicular detection system. Therefore, a license plate localization method based on multi-scale edge detection and a character segmentation algorithm based on Markov random field model is presented. Results of experiments demonstrate that the method yields more accurate license character extraction in contrast to traditional localization method based on edge detection by difference operator and character segmentation based on threshold. The accuracy increases from 90% to 94% under preferable illumination, while under poor condition, it increases more than 5%. When the two improved algorithms are used, the accuracy and speed of automatic license recognition meet the system's requirement even under the noisy circumstance or uneven illumination. 相似文献
7.
To investigate the robust fault detection(RFD) observer design for linear uncertain systems,the H_ index and H ∞ norm are used to describe this observer design as optimization problems.Conditions for the existence of such a fault detection observer are given in terms of matrix inequalities.The solution is obtained by new iterative linear matrix inequality(ILMI) algorithms.The RFD observer design over finite frequency range in which D f does not have full column rank for a system is also considered.Numerical example demonstrates that the designed fault detection observer has high sensitivity to the fault and strong robustness to the unknown input. 相似文献
8.
The cumulative sum (CUSUM) algorithm is proposed to detect the selfish behavior of a node in a wireless ad hoc network. By tracing the statistics characteristic of the backoff time between successful transmissions, a wireless node can distinguish if there is a selfish behavior in the wireless network. The detection efficiency is validated using a Qualnet simulator. An IEEE 802.11 wireless ad hoc network with 20 senders and 20 receivers spreading out randomly in a given area is evaluated. The well-behaved senders use minimum contention window size of 32 and maximum con- tention window size of I 024, and the selfish nodes are assumed not to use the binary exponential strategy for which the contention window sizes are both fixed as 16. The transmission radius of all nodes is 250 m. Two scenarios are investigated: a single-hop network with nodes spreading out in 100 m~100 m, and all the nodes are in the range of each other; and a multi-hop network with nodes spreading out in 1 000 m~ 1 000 m. The node can monitor the backoff time from all the other nodes and run the detection algorithms over those samples. It is noted that the threshold can significantly affect the detection time and the detection accuracy. For a given threshold of 0.3 s, the false alarm rates and the missed alarm rates are less than 5%. The detection delay is less than 1.0 s. The simulation results show that the algorithm has short detection time and high detection accuracy. 相似文献
9.
An example of using ultrasonic method to detect the compactness of complicated concrete-filled steel tube in certain high-rise building was discussed in this study. Because of the particularity of the complicated concrete-filled steel tubular column, the plane detection method and embedded sounding pipe method were adopted in the process of effectively detecting the column. According to the results of the plane detection method and embedded sounding pipe method, the cementing status of steel tube and concrete can be concluded, which cannot be judged by the hammering method in the rectangular steel tube-reinforced concrete. 相似文献
10.
A new model based on dyadic differential wavelet was developed for detecting the R peak in Holter ECG signal according to the design of data mining. The Mallat recursive filter algorithm was introduced to calculate wavelet and optimize the detection algorithm which is based on the equivalent filter technique. The detection algorithm has been verified by MIT arrhythmia database with a high efficiency of 99%. After optimization, the algorithm was put into clinical experiment and tested in the Air Force Hospital in Tianjin for about two months. After about 108 hearts beating test of more than 100 patients, the total efficient detection rate has reached 97%,Now this algorithm module has been applied in business software and shows perfect performance under the complex conditions such as the inversion of heart beating, the falling off of the electrodes, the excursion of base line and so on. 相似文献
11.
钟锐 《赣南师范学院学报》2011,32(3):60-64
入侵检测技术是解决当前网络攻击泛滥的唯一方法.通过分析TCP协议在网络传输过程中协议标志位的变化规律,使用隐马尔科夫模型(H idden M arkov Model)建立了正常网络情况下TCP协议标志位变化的特征库,构建了基于异常检测模式的入侵检测系统,系统具有特征库小、检测率高、实时性强等优点.实验表明,该检测模型能够实时有效的检测网络攻击. 相似文献
12.
提出一种基于BP神经网络的异常入侵检测方法,由于BP神经网络是一种基于误差反向传播算法的多层前馈神经网络,具有对不确定性的学习与适应能力,可以很好的满足入侵检测分类识别的需求.对“KDD Cup 1999 Data”网络连接数据集进行特征选择和标准化处理之后用于训练神经网络并仿真实验,得到了较高的检测率和较低的误报率.仿真实验表明,基于BP神经网络的入侵检测方法是有效的. 相似文献
13.
入侵检测技术分类与比较研究 总被引:3,自引:0,他引:3
入侵检测是信息安全保障的关键技术之一,近年来成为网络安全领域的研究热点.论述入侵检测的基本概念,依据不同标准对入侵检测系统进行分类,阐述并比较各种入侵检测技术和方法,分析现存的三种入侵检测体系结构,预测入侵检测技术的发展方向. 相似文献
14.
15.
入侵检测技术已成为计算机和网络安全系统中的重要组成部分,作为其核心的分析引擎部分,在解决局部环境中传统入侵检测技术的快速检测和分析问题,以及大规模主干网络的检测和分析问题时,行为数据分析方法的应用,将较大地提升入侵检测系统的性能。 相似文献
16.
异常检测能够检测出数据中的异常情况,为各类系统正常运转提供重要支撑。提出一种基于变分自编码器的异常检测算法,该算法使用变分自编码器对输入数据进行特征提取,结合深度支持向量网络,压缩特征空间,并寻找最小超球体分离正常数据和异常数据,通过计算数据特征到超球体中心的欧式距离衡量数据的异常分数,并以此进行异常检测。在基准数据集MNIST和Fashion-MNIST上评估该算法,平均AUC分别达0.954和0.935,优于其它优秀算法。实验结果表明,该算法取得较好异常检测效果。 相似文献
17.
目前入侵检测系统在应对多目标协同攻击和时间分散攻击,没有很好的解决方法。在复杂的网络环境中,为了提高入侵检测系统的检测速度和精度,在研究现有入侵检测系统不足的情况下,提出了一种基于数据融合的入侵检测模型,实现了各个组成模块的功能。实验表明,该系统在减少系统的漏报率和误报率的情况下,可以应对一些复杂的攻击手段。 相似文献
18.
19.
在计算机网络安全课程教学中,入侵检测技术实验因为条件限制,难以进行有效的实验教学。根据教学中的实际,在Windows环境下,利用开源软件SNORT和BASE,构建实际的入侵检测系统;并设置相应的实验环节,解决了这个问题,促进了入侵检测系统实验教学的开展。 相似文献