基于危险模式的无线传感器网络IDS模型

网络安全是无线传感器网络需要解决的重要问题之一,构建基于传感器网络的入侵检测系统是其中重要的技术.简要阐述了基于人工免疫模型及危险模式的入侵检测系统的机理,提出了一种基于危险模式理论的无线传感器网络的入侵检测系统体系结构,并对该模型的特点进行了分析,为进一步深入的研究提出了设想.     

一种模糊神经网络检测下的入侵容忍系统设计

为了与网络系统中的入侵行为进行抗衡,可以通过安装入侵检测系统来监控系统中的各种网络行为,入侵容忍可以作为入侵检测系统的互补系统与之一起工作.漏报与误报问题是入侵检测系统面临的根本性问题,加入神经网络技术后并不能完全解决此问题.入侵容忍技术的提出很好地平衡了"失误"与"恶意"、"入侵"与"非有意"之间的冲突与矛盾.入侵容忍本身就是一种"模糊"概念,为模糊数学在计算机安全中的应用提供了有力的理论支持.提出了一种基于模糊神经网络的入侵检测系统应用于入侵容忍的设计方案,并将入侵容忍与入侵检测、防火墙结合,作为一个独立于应用的系统进行设计.     

网络入侵检测技术研究

讨论了网络入侵检测系统及其分类,并针对基于异常和特征检测分类角度的各种入侵检测方法进行了概括分析,最后讨论了入侵检测技术的研究方法和研究方向.     

基于条件随机场的实时入侵检测系统框架实现

入侵检测系统（IDS）如今是网络的重要组成部分,现在各种无线网络及专用网络都已配备检测系统。随着网络技术的迅猛发展,入侵检测的技术已经从简单的签名匹配发展成能充分利用上下文信息的基于异常和混合的检测方式。为了从网络环境大量记录信息中正确有效地识别出入侵,提出一种基于层叠条件随机场模型的入侵检测框架,该框架针对4类不同攻...     

防火墙与网络入侵检测联动系统研究

针对目前防火墙和网络入侵检测系统在网络安全体系中存在的不足 ,提出了一个基于防火墙和网络入侵检测联动系统的框架模型 ,它有效克服了传统入侵检测系统不能实现主动控制的缺陷和防火墙规则配置的复杂性等问题。最后 ,从实现的角度 ,给出了整个联动系统的详细解决方案———采用基于连接检测的包过滤防火墙和基于状态转换分析的网络入侵检测系统相结合。其提高了系统的检测速度和检测的精确性并有效的降低了虚警率     

Snort规则集的优化

随着计算机网络技术的迅速发展和网络的普遍应用,网络安全问题也随之应运而生。入侵检测作为一种新型的网络安全技术受到了越来越多的关注。然而,入侵检测系统的检测速度也成为一个重要瓶颈。文中根据TCP/IP协议的分析,对Snort-入侵检测系统规则集进行了优化设计,以提高检测效率。     

计算机网络入侵检测系统

网络入侵检测系统能够对网络中发生的安全事件和网络中存在的安全漏洞进行主动实时的监测，是现代计算机网络安全的关键技术之一。本文介绍了入侵检测技术的概念、原理、功能、分类和未来的发展趋势。     

基于振动传感器的周界围栏报警监控系统设计

利用一种滚珠式振动传感器,设计了一款周界围栏报警系统,一旦发生非法入侵人员攀爬围栏时,由该系统发出报警信号.针对室外大风及暴雨对传感器带来的虚警,本文依据入侵人员的振动信号具有一定的周期性,提出了一种高准确率的入侵信号检测方法,以提高报警系统的检测率.文中利用MATLAB软件对采集到的信号进行了仿真处理,同时提出了一种基于单片机的快速算法,以实时准确地完成入侵人员的检测,实验验证了该方法的有效性及稳定性.     

网络入侵检测技术

文章从入侵检测的概念、入侵检测系统(IDS)执行的主要任务及入侵检测的步骤入手，重点分析了入侵检测技术的4种基本方法。     

一种入侵防御系统模型的研究

介绍了目前比较流行网络入侵防御技术,针对现有系统隔离和保护能力不足的弱点,提出了一种基于简单网络管理协议的网络入侵防御结构模型,它能有效地弥补目前网络入侵防御技术的不足.     

数据挖掘中的关联规则在入侵检测系统中的应用

由于知识发现的快速发展,对海量数据分析和处理的技术、能力也日渐成熟。从1999年起,就开始了将数据挖掘技术和入侵检测系统结合的尝试。将数据挖掘引入入侵检测系统的原因是它能够从大量的数据中自动提取出特征和模型,自动维护模式或特征库。系统利用这些大量的特征和数据进行有效的分类,加快处理速度,提高准确度。文章针对网络安全当中的大量的入侵事件,结合数据挖掘中的关联规则的概念,建立特征库及其特征关联,通过审计处理来加强网络入侵检测系统的功能。     

AMETHYST: automatic alarm assessment becoming a reality

The aim of the AMETHYST (AutoMatic Event auTHentication SYSTems) project is to encourage the development of a high performance perimeter detection system which combines Video Motion Detection (VMD) technology with another type of Perimeter Intrusion Detection System (PIDS). AMETHYST will automatically assess the cause of PIDS alarms and pass to an operator those alarms likely to be caused by an intruder. It will filter out alarms not likely to have a human cause. A previous paper explaining and exploring the AMETHYST concept was presented at the 1995 Carnahan Conference. Since then PSDB has produced a single channel AMETHYST demonstrator and placed a contract for the development of an eight channel prototype AMETHYST system. This updated paper gives details of the hardware and software used with these two systems. Also described is PSDB's approach to the development of AMETHYST's automatic assessment algorithms. These will combine current expertise from Video Motion Detection (VMD) and Intelligent Scene Monitoring (ISM) systems with the unique AMETHYST approach. AMETHYST analyses picture sequences from before and after an alarm instead of continuously analysing live video. Sequences are provided by a Loop Framestore, either connected to or part of the AMETHYST system. The algorithms will be assessed and developed using PSDB's growing collection of over 150 alarm sequences     

Open Systems: a process for achieving affordability

A major factor that will drive the definition and design of future avionics systems is affordability. Affordability is being addressed on numerous fronts such as hardware re-use, software re-use, COTS leveraging, and reduced cycle times. Each of these thrusts provide potential cost saving along with unique challenges. What is needed is a process that integrates these initiatives while ensuring the overall system objectives are achieved. An Open Systems-based process is key to integrating these initiatives and balancing affordability and system performance goals. Although Open Systems are being widely recognized as a key to affordability, most interpret Open Systems as a set of system attributes that need to be achieved. There are numerous claims of vendors saying they have an Open Systems architecture; or how their system will evolve to an Open Systems architecture. This emphasis is not on increasing affordability, but on attaching a politically-correct label to their product. In this paper, we focus on the Open Systems process as the key to affordability. An Open Systems process is based on Open Systems principles. This paper discusses the Open Systems principles and process in detail and shows how this process integrates numerous affordability initiatives     

Open systems-a process for achieving affordability [in avionicssystems]

A major factor that will drive the definition and design of future avionics systems is affordability. Affordability is being addressed on numerous fronts such as hardware re-use, software re-use, COTS leveraging, and reduced cycle times. Each of these thrusts provide potential cost savings along with unique challenges. What is needed is a process that integrates these initiatives while ensuring the overall system objectives are achieved. An Open Systems-based process is key to integrating these initiatives and balancing affordability and system performance goals. Although Open Systems are being widely recognized as a key to affordability, most interpret Open Systems as a set of system attributes that need to be achieved. There are numerous claims of vendors saying they have an Open Systems architecture or how their system will evolve to an Open Systems architecture. This emphasis is not on increasing affordability but on attaching a politically correct label to their product. In this paper, we focus on the Open Systems process as the key to affordability. An Open Systems process is based on Open Systems principles. This paper discusses the Open Systems principles and process in detail and shows how this process integrates numerous affordability initiatives     

Fence vibrations [intruder detection]

Many Perimeter Intrusion Detection Systems (PIDS) use microphonic sensors mounted on fences to detect intruder attacks. Vibrations in the fence are detected and analysed to determine whether they represent an intrusion attempt. The signals from the fence are processed to filter out as many false alarms as possible. It is important that the output from the sensors is linear along the fence, to ensure that there is no point on the perimeter less sensitive to intruder attack. The investigation reported in this paper aims to discover whether the performance of acoustic detection systems could be improved through research into fence acoustics. Using models of fence vibrations, sensors could be positioned to obtain a more linear response. In addition, through knowledge of the fence vibrations produced by both real attacks and the typical causes of false alarms, a system could be designed which could better distinguish between them, giving a lower false alarm rate and increased detection performance. Characteristic profiles were found for the different forms of attack to the fence. Although the investigation is still in its early stages, these attack profiles suggest that a new type of detection system could be designed based on profile recognition     

全球卫星导航星座网络协议体系与运行模式

针对全球卫星导航星座网络建设初期或论证阶段所涉及的网络体系结构、协议体系及相关组网等技术问题,开展了基于导航星座星间链路构建空间信息网络的技术研究,分别提出了由子网、接入网、骨干网等节点及其相互之间星间、星地无线链路构成的分层网络系统结构,设计了兼容遥控、遥测、测量与网络交互支持等业务的基于IP over CCSDS(基于空间数据系统咨询委员会标准的空间链路承载互联网协议业务)的协议体系,给出了全系统基本通信业务运行模式等。与传统高轨卫星通信系统相比,该星座网络具有高覆盖、低时延、随遇接入等优点,可实现星座导航性能与中低轨及地面用户通信性能的全方位提升,相关结果对我国全球卫星导航星座网络技术研究具有一定的参考意义。     

空间网络技术发展分析与建议

针对空间数据传输与交互支持问题,介绍了CCSDS(Consultative Committee for Space Data Systems,空间数据系统咨询委员会)、IOAG/IOP(Interagency Operations Advisory Group/InterOperability Plenary,机构间操作指导组/机构间互操作大会),以及IETF/IRTF (Internet Engineering Task Force/Internet Research Task Force,互联网工程任务组/互联网研究任务组)在空间网络体系架构方面的研究进展,分析了IETF和CCSDS针对空间网络环境所发布的最新网络层协议和传输层协议.研究结果表明,IP(Internet Protocol,互联网协议)和DTN(Delay Tolerant Networking,容延迟网络)是空间网络协议体系的2个发展方向,而空间网络技术则呈现出3个清晰的发展趋势,现阶段需要重点关注路由、服务质量保证和数据流传输这3个方面的技术问题.     

InSight Mars Lander Robotics Instrument Deployment System

The InSight Mars Lander is equipped with an Instrument Deployment System (IDS) and science payload with accompanying auxiliary peripherals mounted on the Lander. The InSight science payload includes a seismometer (SEIS) and Wind and Thermal Shield (WTS), heat flow probe (Heat Flow and Physical Properties Package, HP³) and a precision tracking system (RISE) to measure the size and state of the core, mantle and crust of Mars. The InSight flight system is a close copy of the Mars Phoenix Lander and comprises a Lander, cruise stage, heatshield and backshell. The IDS comprises an Instrument Deployment Arm (IDA), scoop, five finger “claw” grapple, motor controller, arm-mounted Instrument Deployment Camera (IDC), lander-mounted Instrument Context Camera (ICC), and control software. IDS is responsible for the first precision robotic instrument placement and release of SEIS and HP³ on a planetary surface that will enable scientists to perform the first comprehensive surface-based geophysical investigation of Mars’ interior structure. This paper describes the design and operations of the Instrument Deployment Systems (IDS), a critical subsystem of the InSight Mars Lander necessary to achieve the primary scientific goals of the mission including robotic arm geology and physical properties (soil mechanics) investigations at the Landing site. In addition, we present test results of flight IDS Verification and Validation activities including thermal characterization and InSight 2017 Assembly, Test, and Launch Operations (ATLO), Deployment Scenario Test at Lockheed Martin, Denver, where all the flight payloads were successfully deployed with a balloon gravity offload fixture to compensate for Mars to Earth gravity.     

飞行器体系优化设计问题

针对传统的飞行器设计与体系（SOS）设计相互独立造成的飞行器实际作战效能不足的问题,对同时考虑飞行器与体系耦合设计的飞行器体系优化设计问题展开研究。首先,根据体系工程（SOSE）原理给出了耦合飞行器设计与体系结构设计的飞行器体系优化设计问题的基本概念与通用数学定义;其次,基于多层体系架构,构建了飞行器体系设计优化模型,提出了包含问题定义、体系架构建模、学科建模、优化求解4个步骤的通用建模求解流程;最后,以巡飞/精确打击武器协同作战为例,构建了面向任务成本最低、时间最短的协同作战体系最优化问题并对其进行优化求解。与先设计飞行器后设计体系结构的解耦设计结果对比表明,解耦优化设计忽略了体系结构与飞行器的强耦合特征,无法最优化体系效能;耦合优化设计能够获得体系效能最大化的飞行器设计方案。