基于隐马尔可夫模型的程序行为异常检测

针对入侵检测中普遍存在误报与漏报过高的问题，提出了一种基于隐马尔可夫模型的程序行为异常检测新方法．该方法以程序正常执行过程中产生的系统调用序列为研究对象，建立计算机的正常程序行为模型．在入侵检测时，先对测试的系统调用数据用滑动窗口划分得到短序列，再根据正常程序行为的隐马尔可夫模型求得每个测试短序列的输出概率，如果系统调用短序列的输出概率低于给定阈值，则将该短序列标定为“不匹配”，如果测试数据中不匹配的短序列数占总短序列数的百分比超过另一给定阈值，该模型就认为此程序行为异常．实验结果表明，与Forrest和Lee的方法相比，所提方法的检测率的最大提高率可达590％．     

一种分析系统调用序列的入侵检测系统设计与实现

结合程序局部性原理,提出系统调用序列中位置间的相关度定义.利用相关度给出了实际系统调用序列与正常系统调用序列间的模糊匹配方法,利用该方法判断应用程序运行状况,进行入侵检测.给出了一个采用该方法的主机入侵检测系统,说明了其整体结构设计、模块间调用关系、模块设计原理、模块实现方法及用于验证该入侵检测系统的实验环境.通过实验结果验证了检测方法是有效的.     

数据挖掘技术在基于系统调用的入侵检测中的应用

数据挖掘是人工智能、机器学习与数据库技术等多学科相结合的产物.作为当前重要的前沿课题之一,研究人员提出了许多数据挖掘理论和方法,并取得了许多重要的研究成果.系统调用序列已经成为基于主机的入侵检测系统重要的数据源之一,通过对系统调用的分析来判断入侵事件,具有准确性高、误警率低和稳定性好等优点.本文运用统计、比较方法对当前国际上利用数据挖掘技术分析系统调用序列的相关著作和论文进行了详细讨论和分析,最后设计一个基于数据挖掘技术入侵检测的通用模型.     

基于系统调用序列的状态转换检测新方法

以系统调用序列为对象提出一种新的状态转换检测方法，它结合历史系统调用序列和当前系统调用进行分析，提取直接和间接转换，并采用多元统计方法为转换加入参数，累计异常度．测试表明该模型有较高检测率和可操作性，比原方法更能有效得检测出未知类型入侵．     

数据挖掘技术在基于系统调用的入侵检测中的应用

数据挖掘是人工智能、机器学习与数据库技术等多学科相结合的产物。作为当前重要的前沿课题之一。研究人员提出了许多数据挖掘理论和方法，并取得了许多重要的研究成果。系统调用序列已经成为基于主机的入侵检测系统重要的数据源之一，通过对系统调用的分析来判断入侵事件，具有准确性高、误警率低和稳定性好等优点。本文运用统计、比较方法对当前国际上利用数据挖掘技术分析系统调用序列的相关著作和论文进行了详细讨论和分析，最后设计一个基于数据挖掘技术入侵检测的通用模型。     

基于K-Nearest Neighbor分类算法的异常检测模型

入侵检测成了信息安全中不可缺少的安全措施 ,而异常检测是入侵检测研究中的热点 .提出了一种新的异常检测算法 ,用 K- Nearest Neighbor分类算法对特权程序 (或进程 )的系统调用进行分析 ,通过计算系统调用出现的频度判断进程是否异常 .测试表明 ,该方法具有良好的检测性能和较低的误报率 ,占用的系统资源较少 ,是一种合理可行的检测方法     

基于隐马尔可夫模型的无线局域网媒体接入控制层入侵检测方法

将无线局域网媒体接入控制(MAC)层字段作为检测入侵的分析对象,提出了基于隐马尔可夫模型(HMM)的无线局域网MAC层入侵检测方法.采用了基于控制台、服务器、代理的3层分布式无线局域网入侵检测框架;基于HMM模型对无线局域网的MAC帧头部进行建模;利用正常的无线局域网络数据对HMM进行训练,并记忆正常系统下的数据包行为.由此,检测发现了出现概率小的数据包或数据包序列,并制定了入侵检测阈值.试验结果表明,所提方法对已有的无线局域网MAC层攻击的误报率和漏报率比较低,并能检测未知攻击.     

基于主机系统调用序列的实时入侵检测系统的模型研究

首先介绍了基于主机系统调用的入侵检测的概念,进而说明了研究基于主机系统调用序列的实时入侵检测系统的重要性;然后提出了该系统的模型设计方案,包括结构分析、接口设计和相关算法;最后给出了仿真实验和实验数据分析。     

"免疫系统"方法在系统级入侵检测中的应用

"免疫系统"方法是在研究了特权程序对应的系统调用短序列具有很强的稳定性的基础上提出的.一个基于"免疫系统"方法的 Linux 系统级入侵检测模型,并讨论了此入侵检测模型的实现技术.     

基于免疫学的入侵检测系统模型

随着网络安全问题日益突出 ,入侵检测越来越受到关注 ,针对目前各种类型的防火墙和防病毒软件都存在一定的缺陷 ,该文基于仿生学的免疫原理 ,将肽链定义为在网络操作系统中由授权程序执行的系统调用短序列 ,提出了一种新型的入侵检测系统———基于免疫学的入侵检测系统 ,并对其主要功能模块 :免疫计算机和监控器进行了分析。该系统可有效地提高系统实时检测和响应入侵的能力     

Markedness and its Interpretation in Language Use

Language markedness is a common phenomenon in languages, and is reflected from hearing, vision and sense, i.e. the variation in the three aspects such as phonology, morphology and semantics. This paper focuses on the interpretation of markedness in language use following the three perspectives, i.e. pragmatic interpretation, psychological interpretation and cognitive interpretation, with an aim to define the function of markedness.     

Features of Women's language

Language is a means of verbal communication. People use language to communicate with each other. In the society, no two speakers are exactly alike in the way of speaking. Some differences are due to age, gender, statue and personality. Above all, gender is one of the obvious reasons. The writer of this paper tries to describe the features of women＇s language from these perspectives： pronunciation, intonation, diction, subjects, grammar and discourse. From the discussion of the features of women＇s language, more attention should be paid to language use in social context. What＇s more, the linguistic phenomena in a speaking community can be understood more thoroughly.     

低渗透非均质砂岩油藏启动压力梯度研究

理论推导与室内实验相结合,建立了低渗透非均质砂岩油藏启动压力梯度确定方法。首先借助油藏流场与电场相似的原理,推导了非均质砂岩油藏启动压力梯度计算公式。其次基于稳定流实验方法,建立了非均质砂岩油藏启动压力梯度测试方法。结果表明:低渗透非均质砂岩油藏的启动压力梯度确定遵循两个等效原则。平面非均质油藏的启动压力梯度等于各级渗透率段的启动压力梯度关于长度的加权平均;纵向非均质油藏的启动压力梯度等于各渗透率层的启动压力梯度关于渗透率与渗流面积乘积的加权平均。研究成果可用于有效指导低渗透非均质砂岩油藏的合理井距确定,促进该类油藏的高效开发。     

On Tragic Consciousness In The Works By Ernest Hemingway

As an American modern novelist who were famous in the literary world, Hemingway was not a person who always followed the trend but a sharp observer. At the same time, he was a tragedy maestro, he paid great attention on existence, fate and end-result. The dramatis personae's tragedy of his works was an extreme limit by all means tragedy on the meaning of fearless challenge that failed. The beauty of tragedy was not produced on the destruction of life, but now this kind of value was in the impact activity. They performed for the reader about the tragedy on challenging for the limit and the death.     

Achieving Unusual States of Matter Under High Pressure

正The periodicity of the elements and the non-reactivity of the inner-shell electrons are two related principles of chemistry,rooted in the atomic shell structure.Within compounds,Group I elements,for example,invariably assume the+1 oxidation state,and their chemical properties differ completely from those of the p-block elements.These general rules govern our understanding of chemical structures and reactions.Using first principles calcula-     

Exchange-Correlation and Electronic Excitation Energies from Pairing Matrix Fluctuations

We have developed an adiabatic connection to formulate the ground-state exchange-correlation energy in terms of pairing matrix linear fluctuations.This formulation of the exchange-correlation energy opens a new channel for density functional approximations based on the many-body perturbation theory.We illustrate the potential of such approaches with an approximation based on the particle-particle Random Phase Approximation(pp-RPA).This re-     

Density Functional Theory for the Response of Periodic Systems to Electric Fields Based on the Vector Potential Approach

正The electronic and nuclear(structural/vibrational)response of 1D-3D nanoscale systems to electric fields gives rise to a host of optical,mechanical,spectral,etc.properties that are of high theoretical and applied interest.Due to the computational difficulty of treating such large systems it is convenient to model them as infinite and periodic(at least,in first approximation).The fundamental theoretical/computational problem in doing so is that     

On the Thermodynamic Limit for Responses to Static Electromagnetic Fields

For molecular systems,the quantum-mechanical treatment of their responses to static electromagnetic fields usually employs a scalar-potential treatment of the electric field and a vector-potential treatment of the magnetic field.Although the potential for each field separately is associated with the choice of an(unphysical)origin,the precise choice of the origin for the electrostatic field has little consequences for the results.This is different for the     

Call for Papers

<正>"The Journal of Shanghai Normal University:Mathematics"is published by Shanghai Normal University as regular issues of The Journal of Shanghai Normal University each year from 2014 in English.The editors-in-chief of the issues are professors Yuhao Cong and Maoan Han.The Journal of Shanghai Normal University was started in 1958 with     

Journal of Donghua University ( English Edition) Contents of Volume 31

正~~