共查询到20条相似文献,搜索用时 140 毫秒
1.
计算机网络的迅速发展给我们带来利益的同时,信息安全问题也越发突出。防止内部信息泄漏和内部攻击作为信息安全的一个重要分支,日益成为信息安全的焦点。本文分析了内网安全所面临的主要威胁,基于网络探测技术提出了相应的监测方案。 相似文献
2.
堆溢出攻击是当前存在的一种普遍的计算机网络攻击。研究堆溢出攻击技术,可以为计算机网络对抗(CNO)提供关键的攻击手段。本文分析了堆溢出原理及利用缓冲区溢出漏洞进行攻击的方法及其特征,并用程序例证了堆溢出过程,为研究网络防御入侵技术提供有效技术支撑。 相似文献
3.
随着计算机信息化的不断扩展,信息网络和安全体系是信息化健康发展的基础和保障。但是在网络环境下,网络被入侵和攻击是很难避免的。通过加强管理和采用必要的技术手段可以减少入侵和攻击行为的次数,避免因入侵和攻击造成的各种损失。 相似文献
4.
当前的网络攻击检测都没有充分考虑攻击的直接联系性,对攻击内在的直接关联缺少关注,导致攻击分类和网络威胁分区的准确性不高。为了解决这一问题,提出一种基于通信痕迹的网络威胁分区方法。通过提取网络威胁内在特有的主成份特征,构建出上一次攻击留下的通信痕迹,根据通信痕迹的反馈对本次攻击进行分区,保证同区域内的攻击特征类似,为后期的攻击图谱构建打下基础。计算机仿真实验证明,该方法可以很好的解决网络威胁检测缺少关联性的弊端,提高了入侵检测的准确度。 相似文献
5.
目前,网络上最大的安全风险来自两方面:一方面信息在传输时被窥探或非法修改;另一方面公网对内网的非法访问和攻击。对此的解决措施主要在于加密技术和防火墙技术的应用。VPN(Virtual Private Network)网关就是一种综合以上两种技术的安全措施。VPN通过采用加密、认证、取证、协议封装等技术在Internet上构筑安全通道,为处于公共网络两端的内网中的用户建立可信安全连接。对于基于主动防御网络安全配置技术在计算机取证方面的应用进行了研究。 相似文献
6.
7.
本文论述了医学中专学校网络机房的病毒危害,并把人类病毒与计算机病毒作了相应的比较,探讨了当代计算机网络环境下病毒的预防措施,提出了从网络服务器上防治病毒策略以及内网用户防毒行为措施。 相似文献
8.
计算机网络具有互联性、自由性、开放性等诸多特点,但也很容易受到黑客、病毒等攻击。而计算机信息技术网络只有实现了良好的安全管理,才可以将其应有的作用全部发挥出来。本文就如何有效加强计算机信息技术网络安全管理进行了深入的探讨,具有一定的参考价值。 相似文献
9.
随着计算机网络越来越深入到人们生活中的各个方面,计算机网络的安全性也就变得越来越重要。计算机网络的技术发展相当迅速,攻击手段层出不穷。而计算机网络攻击一旦成功,就会使网络上成千上万的计算机处于瘫痪状态,从而给计算机用户造成巨大的损失。因此,认真研究当今计算机网络存在的安全问题,提高计算机网络安全防范意识是非常紧迫和必要的。 相似文献
10.
DDoS攻击的原理与防范 总被引:1,自引:0,他引:1
DoS即拒绝服务,它是一种利用合理的服务请求来占用过多的服务资源,从而使合法用户无法得到正常响应的网络攻击方式。DoS攻击一般采用一对一方式,当目标主机的CPU速度低、内存小或者网络带宽小等各项性能指标不高时,它的效果是明显的。但是,随着计算机与网络技术的发展,计算机的处理能力迅速增长,内存大大增加,同时也出现了千兆级别的网络,这使得DoS攻击的难度加大了——目标主机对恶意攻击包的“消化能力”加强了不少,假如攻击软件每秒钟可以发送3,000个攻击包,但主机与网络带宽每秒钟可以处理10,000个攻击包, 相似文献
11.
研究基于NTRU公钥密码体制的一种数字签名方案—NSS数字签名方案。本文对NSS数字签名方案的安全性进行详细的分析,主要讨论五种攻击方式,即穷举攻击、对公钥的格攻击、副本格攻击、格基规约攻击和副本平均值攻击,并得出结论:在大维数情况下,NSS数字签名方案能够很好地对抗这五种攻击。 相似文献
12.
In this work, we analyze the performance degradation of stealthy attacks against sensor measurements in vector systems. Two types of attacks are considered. One is strictly stealthy attack and the other is ?-stealthy attack. For the strictly stealthy attack, we characterize the upper bound of the performance degradation and design an optimal strictly stealthy attack that can achieve the upper bound. For the ?-stealthy attack, we quantify the upper bound of the performance degradation and propose a sub-optimal ?-stealthy attack approximately achieving the upper bound. Numerical results are given to illustrate the trade off between performance degradation versus the stealthiness level of the attack. 相似文献
13.
Qingyu Su Shuqi Li Yanchao Gao Xin Huang Jian Li 《Journal of The Franklin Institute》2021,358(7):4013-4027
This paper mainly focuses on the problems of attack detection and reconstruction of cyber physical systems (CPS) under dynamic load altering attacks (D-LAA). Taking the smart grid as an example, firstly, the power system subjected to the attack is modeled as a power CPS through system characteristics to provide conditions for attack detection. On this basis, we assume that two vulnerable loads are attacked simultaneously to investigate the impact of the attack on the system. Secondly, a robust sliding mode observer is designed to implement attack reconstruction with the residual signal generated by the observer. After that, an attack detection logic is applied to complete the attack detection by comparing the threshold with the residual. Finally, a three generators and six buses power system is given as an example to verify the feasibility of attack detection and reconstruction by using the real-time simulation platform built by StarSim and MT respectively. The simulation results are given in this paper. 相似文献
14.
《Journal of The Franklin Institute》2023,360(9):6110-6130
In this paper, the problem about the false data injection attacks on sensors to degrade the state estimation performance in cyber-physical systems(CPSs) is investigated. The attack strategies for unstable systems and stable ones are both designed. For unstable systems, based on the idea of zero dynamics, an unbounded attack strategy is proposed which can drive the state estimation error variations to infinity. The proposed method is more general than existing unbounded attack strategies since it relaxes the requirement for the initial value of the estimation error. For stable systems, it is difficult to bring unbounded impacts on the estimation error variations. Therefore, in this case, an attack strategy with adjustable attack performance which makes the estimation error variations track predesigned target values is proposed. Furthermore, a uniform attack strategy which aims to deteriorate state estimation for both stable systems and unstable ones is derived. Finally, simulations are provided to illustrate the effectiveness of the proposed attack strategies. 相似文献
15.
低速率拒绝服务攻击利用已有网络协议中自适应机制的漏洞发起攻击,通过周期性的发送短脉冲,造成链路进入间断的拥塞状态,导致网络性能大幅下降。由于LDoS发送的攻击速率较低,因此更具隐蔽性且难以识别。本文分析了LDoS攻击原理及现有检测机制存在的问题,提取了LDoS在周期性攻击中的2个基本特征,并以此作为攻击流的识别依据,提出了一种LDoS攻击检测过滤方法。实验分析表明,在实际的网络环境和仿真环境中,该方法均能有效检测LDoS攻击,降低误报率以及提高路由器的吞吐率。 相似文献
16.
改进的求和生成器的密码分析 总被引:3,自引:0,他引:3
利用分别征服攻击、Chepyzhov提出的快速相关攻击以及代数攻击等3种算法对改进的求和生成器进行了密码分析,并分别给出了攻击算法的计算复杂度和所需要的密钥流的长度 相似文献
17.
为分析不同攻击策略下供应链网络的鲁棒性,基于国内外专利数据构建海洋工程装备制造业供应链关键核心技术网络,通过网络结构分析发现网络中半数核心节点企业为国外企业,然后分别采用随机攻击和蓄意攻击两种策略对网络中的节点和边进行度攻击和介数攻击仿真分析,发现对核心节点的蓄意攻击会造成供应链网络鲁棒性急剧下降,阐明我国海洋工程装备制造业存在较强的“卡脖子”隐患。 相似文献
18.
19.
《Journal of The Franklin Institute》2022,359(18):11155-11185
Nowadays, cyber-physical systems (CPSs) have been widely used in various fields due to their powerful performance and low cost. The cyber attacks will cause security risks and even huge losses according to the universality and vulnerability of CPSs. As a typical network attack, deception attacks have the features of high concealment and strong destructiveness. Compared with the traditional deception attack models with a constant value, a deception attack with random characteristics is introduced in this paper, which is difficult to identify. In order to defend against such deception attacks and overcome energy constraints in CPSs, the secure state estimation and the event-triggered communication mechanism without feedback information are co-considered to reconcile accuracy of estimation and energy consumption. Firstly, an event-triggered augmented state estimator is proposed for secure state estimation and attack identification. Then, under the ideology of equivalence, the augmented state estimator is derived as a concise two-stage estimator with reduced order. The two-stage estimator can perform the secure state estimation and attack identification respectively. The estimators ensure the accuracy of attack identification well since not treating attack information as the trigger event. Afterward, the comparison of the computational complexity of these two algorithms is analyzed. Finally, an example of a target tracking system is supplied to prove the effectiveness and efficiency of the proposed algorithm. 相似文献
20.
1981年Lamport提出了第一个非常著名的智能卡远程用户认证方案,从此,大量的此类方案被提出。最近Shen,Lin和Hwang针对该方案提出了一种不同的攻击方法,并提供了一个改进方案用于抵御这些攻击。文中主要在Shen-Lin-Hwang方案的基础上,提出了一个新的远程用户认证方案,该方案中口令由用户选择掌握,注册时增强了安全性,有效地抵御了类似Chan-Cheng和Chang-Hwang的攻击。该方案还可根据用户需要随时更改口令,这是与以往方案最大的不同之处。 相似文献