Loading...
Office Online
Instruction More>>
Highlights More>>
Links More>>
Visited
    Total visitors:
    Visitors of today:
    Now online:

Table of Content

    14 June 2019, Volume 0 Issue 06
    Previous Issue    Next Issue
    Network Tunnel Detection Method Based on
    YU Hong-xing1,2, SHEN Guo-wei1,2, GUO Chun1,2
    2019, 0(06):  1.  doi:10.3969/j.issn.1006-2475.2019.06.001
    Asbtract ( 177 )   PDF (1610KB) ( 109 )  
    References | Related Articles | Metrics
     Using network tunnel to attack and steal has become a hot issue in the field of network security in recent years. How to improve the recognition accuracy caused by large-scale network tunnel detection and analysis is needed to be solved. Aiming at the problem of mainstream tunnel detection based on DNS and HTTP protocols, a network tunnel detection method based on automatic feature engineering and compressed sensing is proposed. Through the automatic feature engineering, the deeper network tunnel features are mined. The dimensionality is reduced and the computational efficiency is improved by the compressed sensing algorithm without losing the high-dimensional feature precision. The experimental results on large-scale real data sets show that the F-measure value of DNS tunnel detection can reach 95%, and the F-measure value of HTTP tunnel detection can reach more than 82%.
    A Fast Trojan Detection Method Based on Network Traffic Analysis
    SONG Zi-hua1,2, GUO Chun1,2, JIANG Chao-hui1,2
    2019, 0(06):  9.  doi:10.3969/j.issn.1006-2475.2019.06.002
    Asbtract ( 330 )   PDF (1139KB) ( 178 )  
    References | Related Articles | Metrics
    As a stealing tool, Trojans are often used in APT(Advanced Persistent Threat) attacks, which causes a serious hazard to the security of cyberspace. The detection of Trojans has also received extensive attention from researchers. At present, researchers have proposed many detection methods based on network traffic analysis. However, these methods generally need to analyze complete communication traffic, so it will cause certain detection delay and cause that the defense measures cannot be deployed in time. In order to protect the internal sensitive information from being leaked as early as possible, this paper analyzes the traffic characteristics of the Trojan communication and extracts the traffic features from the first five packets after the communication being established, and then constructs a rapid detection model of Trojan communication session. The experimental results show that the proposed method obtains higher accuracy and lower false positive rate when analyzing the early data of communication, which verifies the effectiveness of the proposed method.
    A Covert Tunnel Based on HTTP Protocol and Its Detection Method
    ZHAO Qi1,2, JIANG Chao-hui1,2, ZHOU Xue-mei1,2, SONG Zi-hua1,2
    2019, 0(06):  16.  doi: 10.3969/j.issn.1006-2475.2019.06.003
    Asbtract ( 321 )   PDF (1471KB) ( 287 )  
    References | Related Articles | Metrics
    The attack-defense game of covert tunnels has lasted for more than 30 years. The main detection methods of existing covert tunnels include the detection of message data and structure, detection based on flow statistics and detection based on machine learning. With the development of relevant technologies, more and more covert tunnes are constructed through the application layer protocol. Firstly, this paper designs a covert tunnel based on HTTP protocol. The tunnel uses backdoor program to carry out concealed communication, and encrypts the communication data to make it more concealed. The experiment shows that the tunnel can bypass the firewall, 360 guard, and other security equipments. Secondly, this paper analyzes the structure and flow characteristics of this type of tunnel and proposes a detection method to extract high-distinction features for the structural features and statistical features of the message. Finally, machine learning method is selected for detection. Both SVM and decision tree can accurately detect this kind of covert tunnel, and have low false alarm rate and missing alarm rate.
    #br# A Cooperative Transmission Algorithm Based on Network Coding #br# in Underwater Acoustic Sensor Networks
    WEI Hai-long, SUN Ning, ZHANG Jie, WU Zhang
    2019, 0(06):  24.  doi:10.3969/j.issn.1006-2475.2019.06.004
    Asbtract ( 156 )   PDF (835KB) ( 88 )  
    References | Related Articles | Metrics
     In order to improve the reliability of underwater data transmission, this paper presents a cooperative data transmission algorithm based on random linear network coding. First, the algorithm find the data forwarding link for the source node and let the data be forwarded through multiple links. Second, the network coding method is used to encode the data packets to avoid repeated data transmission. Finally, the packet transmission time slot of each node is scheduled to avoid signal conflicts between nodes. The simulation result shows that this algorithm not only improves the network channel utilization and the data transmission reliability, but also has a good stability.
    An Alert Correlation Method Based on Multi-factors
    WU Dong1,2, GUO Chun1,2, SHEN Guo-wei1,2
    2019, 0(06):  30.  doi:10.3969/j.issn.1006-2475.2019.06.005
    Asbtract ( 159 )   PDF (1428KB) ( 95 )  
    References | Related Articles | Metrics
    Intrusion detection system has been widely used as an important tool to protect network security, and they usually generate a large number of alerts with high redundancy and high false positive rate. Alert correlation analysis reveals the multi-step attack scenarios contained in it through the comprehensive analysis and processing of the underlying alarms. Many existing alert correlation methods rebuild attack scenarios by mining frequent patterns in historical alerts. Multi-step attack chains obtained by these methods are susceptible to redundant alerts and false positives, and can’t reflect the real multi-step attacks in some cases. Therefore, this paper proposes an alert correlation method based on multiple factors which reduces the impact of redundant alerts by aggregating the raw alerts to obtain hyper alerts, constructs hyper alerts into hyper-alert time relation graph and uses the multi-factor correlation evaluation function between hyper alerts to find multi-step attack scenarios from the time relation graph. The experimental results show that the proposed method can overcome the negative effects caused by redundant alerts and false positives and effectively mine multi-step attack scenarios.
    Context-based Semantic Web Service Selection in Internet of Things Environment
    LIU Feng1, LI Shu-zhi2, ZOU Chen-song1
    2019, 0(06):  38.  doi:10.3969/j.issn.1006-2475.2019.06.006
    Asbtract ( 167 )   PDF (952KB) ( 135 )  
    References | Related Articles | Metrics
    At present, the Web service is massively increasing, and the application technology of the Internet of Things(IoT) is rapidly developed and popularized, while the existing Web service selection algorithm remains inefficient and the user matching degree  stays low. Aiming at this issue, a context-based semantic Web service selection method under the circumstance of IoT is proposed. The method uses the nondimensionalization of QoS parameters and the dynamic selection of semantic Web services, combines services in the IoT environment with semantic Web services, and selects the optimal service set for QoS on the basis of user requirements. Experiments show that this method can effectively improve the success rate of user service dynamic selection.
    Application of Multi-layer Multi-dimensional Association #br# Rule Mining Algorithm in Recommendation System
    LI Dan-yu, CHEN Yi-hua
    2019, 0(06):  44.  doi:10.3969/j.issn.1006-2475.2019.06.007
    Asbtract ( 179 )   PDF (935KB) ( 107 )  
    References | Related Articles | Metrics
     The traditional collaborative filtering algorithm uses the user-item scoring matrix as the input of data to try to find the most similar users or projects. This method ignores the intrinsic link between the user and the project. Aiming at the above problems, this paper proposes a model construction of multi-layer data, which finds multi-dimensional sequences between different levels, mines frequent multi-dimensional sequence patterns, and outputs association rules. The score matrix is improved by the output association rule. The improved data contains the relationship between the user and the project, and the TOP-N recommendation item is output through the collaborative filtering algorithm. The experimental results on MovieLens dataset show that the proposed method can optimize the recommended performance of the model.
    Taxi Abnormal Trajectory Detection Based on Density Clustering
    HU Yuan1,2, LI Hui1,2, CHEN Mei1,2
    2019, 0(06):  49.  doi:10.3969/j.issn.1006-2475.2019.06.008
    Asbtract ( 291 )   PDF (1083KB) ( 154 )  
    References | Related Articles | Metrics
    The widespread use of taxi GPS equipment generates a large amount of trajectory data. The detection and analysis of taxi abnormal trajectory can provide useful support for punishing taxi drivers with fraudulent behavior. For the sparse trajectory of taxis, the anomalous trajectory is detected based on the relative similarity of trajectories. Due to its asymmetry, the traditional density clustering method similar to DBSCAN can not adapt to this situation. Therefore, this paper proposes a density-based RDBSCAN algorithm for taxis abnormal trajectory clustering detection. For the candidate anomaly trajectories obtained by clustering, this paper combines the concepts of trajectory density anomaly value and trajectory length outlier value, and uses evidence theory to synthesize the above two factors to determine the abnormal degree of trajectory, and then obtains the TOP-N anomaly trajectory with the highest degree of abnormality. Using real taxi data of San Francisco, experiments are carried out by extracting the same Origin-Destination (OD) trajectory set. The experimental results show that the proposed method can effectively detect the anomalous trajectory and successfully give the TOP-N anomaly trajectory with the highest degree of abnormality.
    Application of Data Weighting Optimization Based on Clustering in Crime Prediction
    SUN Xiao-chuan, LU Tian-liang
    2019, 0(06):  55.  doi:10.3969/j.issn.1006-2475.2019.06.009
    Asbtract ( 209 )   PDF (826KB) ( 91 )  
    References | Related Articles | Metrics
    In recent years, traditional violent crimes and adult crimes in China have shown a downward trend. However, the types of crimes are endless. In order to effectively improve the ability of crime prediction in the public security practice and combat various types of illegal and criminal events, a new crime prediction model is proposed for crime data in this paper. The crime data are classified by density clustering analysis method, then the data is dimension-reduced to extract key attributes to generate feature data, and then the feature data are weighted and optimized, and the data are learned by the way of machine learning to predict the type of crime. The experimental results show that compared with the traditional methods, the proposed method has better prediction effect, providing a new path support for the detection and prevention of similar cases in the public security practice.
    Data Redistribution Strategy of FAST Telescope Based on HDF5 Format
    ZHONG Ling1,2, LI Hui1, ZHU Ming2
    2019, 0(06):  60.  doi:10.3969/j.issn.1006-2475.2019.06.010
    Asbtract ( 161 )   PDF (824KB) ( 89 )  
    References | Related Articles | Metrics
    At present, FAST(Five-hundred-meter Aperture Spherical radio Telescope), the world’s largest single-caliber radio telescope, is in the period of pre-run. The collected data faces bottlenecks in loading efficiency, which brings challenges to subsequent efficiencies of data processing. Combined with scientific data storage format of HDF5(Hierarchical Data Format Release 5) and data reduction, this paper proposes a storage optimization method suitable for most data processing scenarios of FAST telescope. Through optimization, data in the hard disk is converted from a binary table model to multiple data sets distributed by type. The experimental results show that the proposed method can significantly improve the data loading efficiency of FAST telescope.
    A Cache Replacement Strategy Based on Association Rules in P2P Streaming Media System
    GUI Yi-qi, JU Shuang-shuang, ZHANG Zhi-hao
    2019, 0(06):  65.  doi:10.3969/j.issn.1006-2475.2019.06.011
    Asbtract ( 175 )   PDF (1054KB) ( 89 )  
    References | Related Articles | Metrics
    With the development of the Internet, people’s demand for streaming media has been increasing, which puts forward higher requirements for the video server. The traditional cache replacement strategy in P2P video on demand system can not get a good user experience. In this paper, the traditional cache algorithm FIFO is improved, and a FIFO replacement algorithm based on Association Rules (FIFO-AR) is proposed. In order to further improve the performance of the cache replacement algorithm, a new Cache Replacement Algorithm based on Association Rules (CRA-AR) is proposed. According to the user’s play record and the popularity of the segment, and combined with association rule, the cache segment is obtained. The experimental results show that FIFO-AR and CRA-AR have higher hit rate and lower response time than the traditional cache replacement algorithms.
    Feature Detection Algorithm for Moving Objects Based on Gray Histogram
    LU Xing-hua, LIU Ming-yuan, LONG Qing-jia, CHEN Ze-jiang
    2019, 0(06):  71.  doi:10.3969/j.issn.1006-2475.2019.06.012
    Asbtract ( 179 )   PDF (2473KB) ( 80 )  
    References | Related Articles | Metrics
    In order to improve the detection effect and guidance of moving targets, a feature detection algorithm based on gray histogram analysis is proposed. The moving object image is collected and the visual feature is analyzed by using the visual imaging technology, and the dynamic visual feature quantity of the moving object is extracted. The feature separation of the moving image is carried out according to the moving object edge differential transform and the spatial position relation, and the edge contour feature of moving object image is extracted. The binary separation of moving object image is carried out by using statistical shape model, and the gray histogram of moving object image is constructed. According to the statistical information of gray histogram, the object feature detection and dynamic feature extraction are carried out to realize the visual detection and dynamic recognition of moving target image. The key features of moving object are extracted effectively and the target feature detection is realized. The simulation results show that the proposed method has better performance in feature detection of moving target images and dynamic recognition ability for moving targets.
    Analysis of Phase Transition of Penalized Optimization Method in Corrupted Sensing Problem
    ZHANG Huan1,2, LEI Hong1
    2019, 0(06):  76.  doi: 10.3969/j.issn.1006-2475.2019.06.013
    Asbtract ( 99 )   PDF (714KB) ( 46 )  
    References | Related Articles | Metrics
    Penalized optimization method is widely used in the corrupted sensing problems with interference and has sharp phase transition. To analyze this phenomenon, we need to study two problems: when they succeed and when they fail. The former has been studied in the literature[1], therefore, this paper study the latter, i.e., the failure case. In our analysis, we present a simple geometry condition, if each element of the sensing matrix has independent normal entries, the geometry condition can be studied using Gaussian process theory, and finally we obtain the threshold for the measurement number below which penalized problems fail with high probability. Moreover, in order to verify this theoretical result, a computable upper bound of the threshold value is given, and the simulation results show that the threshold of the above theoretical results is very sharp.
    Building Doctor Recommendation Model by Matrix Multiplication #br# Based on Electronic Medical Record
    YANG Xiao-fu, QIN Han-shu
    2019, 0(06):  81.  doi:10.3969/j.issn.1006-2475.2019.06.014
    Asbtract ( 140 )   PDF (1327KB) ( 103 )  
    References | Related Articles | Metrics
     Currently, medical institutions lack effective channels to recommend medical resources through Internet. At the same time, due to the complexity and diversity of medical resource application scenarios, the quality of traditional recommendation algorithms for medical field recommendation is not high. Therefore, a doctor recommendation model based on electronic medical records is proposed by matrix multiplication. The recommendation model takes electronic medical records as research object and uses naive Bayesian classifier to obtain intention departments. According to the information of symptoms, diagnosis and conclusions, the doctor-disease matrix and disease-patient matrix of intention departments are constructed, and the recommended results are calculated by matrix multiplication. The experimental results show that the accuracy of the recommended model is 97.3% and the average accuracy is 95.6%.
    Road Visibility Estimation Method Based on AlexNet Algorithm
    MIAO Kai-chao1,2, WANG Chuan-hui2, ZHANG Ya-li2, ZHOU Jian-ping2, LIU Cheng-xiao2, YAO Ye-qing2
    2019, 0(06):  87.  doi:10.3969/j.issn.1006-2475.2019.06.015
    Asbtract ( 538 )   PDF (1319KB) ( 318 )  
    References | Related Articles | Metrics
    In this paper, AlexNet neural network algorithm is used to construct a framework of highway visibility recognition. Through the collection of road camera images, the images are labeled, the AlexNet algorithm is trained, image visibility characteristics are extracted, the visibility recognition model is constructed, and the road camera image is accessed in real time to realize the estimation of visibility values. The visibility recognition results are analyzed on 150000 samples labeled with visibility value extracted from 42 surveillance cameras in Anhui province. The results show that the average recognition rate of 42 points is 78.02%. Among them, 14 sites have more than 90% recognition rate and 21 sites have more than 80% recognition rate. The road visibility estimation method based on AlexNet algorithm satisfies the requirements of road visibility real-time and recognition accuracy, and can be used as an auxiliary visibility monitoring method in areas where the visibility meter is not installed. Meanwhile, it has good robustness to illumination changes, distance, and so on.
    Construction of Wisdom Social Security Big Data Analysis Platform
    ZHOU Tian-qi, ZHU Chao-ting, SHI Feng
    2019, 0(06):  92.  doi:10.3969/j.issn.1006-2475.2019.06.016
    Asbtract ( 241 )   PDF (2595KB) ( 140 )  
    References | Related Articles | Metrics
    In view of the problems of decentralized data of social security business and low ability of big data analysis, the overall structure of wisdom social security big data analysis platform is constructed by adopting “cloud structure, building block architecture, container technology, multi-level authority design”. This platform includes a data exchange platform, a basic computing platform, a process scheduling platform, a management analysis platform, and a real-time analysis platform. The OGG interface technology is used to obtain the incremental data in the source system, and the process scheduling service is used to realize the call and management of the data and business workflow of each layer. The platform stores the basic information of 19.6 million people, and concentrates on the various businesses and services of social security, which boosts the “maximum run once”.
    Reliability Analysis of University Network Operation Based on Multi-level Evaluation Model
    WANG Guan-xiang, LI Yi-yong, XIA Ya-dong, WANG Zhi-xian
    2019, 0(06):  98.  doi:10.3969/j.issn.1006-2475.2019.06.017
    Asbtract ( 180 )   PDF (1846KB) ( 91 )  
    References | Related Articles | Metrics
     University network operation is easy to be disturbed. Reliability analysis has obvious advantages in anti-interference of university network operation. However, traditional reliability analysis is confronted with the problem of signal distortion when it is applied to anti-interference of university network operation. Aiming at this problem, this paper proposes a reliability analysis method of university network operation which integrates multi-level evaluation model. This method is based on SNMP protocol to detect network topology, and adopts active and passive measurement technology to measure and calculate network reliability. Based on the analysis of intelligent computing and network reliability, the influencing factors of network reliability are analyzed, and the strategy of improving computer network reliability based on intelligent computing is proposed. The theoretical analysis and simulation results show that the proposed method can effectively solve the problem of network signal distortion in reliability analysis.
    Astronomy and Celestial Phenomena Real-time Viewing#br# and Forecasting System Based on Android
    ZHANG Jun-wei1, WANG Hao-jie1, WANG Zi-chen2, LI Yan-juan1
    2019, 0(06):  104.  doi:10.3969/j.issn.1006-2475.2019.06.018
    Asbtract ( 188 )   PDF (1494KB) ( 134 )  
    References | Related Articles | Metrics
    Today, as astronomical science becomes more and more popular, more and more astronomy enthusiasts are willing to walk in and understand astronomy. In order to make the astronomical enthusiasts more convenient to carry out astronomical observation activities and understand the weather dynamics in real-time, this paper completes the design and implementation of the real-time viewing and forecasting system based on Android. Based on the C/S architecture, the system uses Android Studio as the development platform to construct an integrated platform including many functions of astronomical observations such as cloud information forecasting, atmospheric viewing, and observation suitability evaluation. At the same time, the observational suitability evaluation based on the analytic hierarchy process is realized to satisfy the observation information needs of many astronomy enthusiasts and provide great convenience for their astronomical observation activities.
    Implementation of Quality Control Systems Based on Bi-LSTM-CRF #br# Algorithm for Meteorological Warning Information
    ZHANG Shu-jing1, MIAO Kai-chao1, ZHANG Ya-li1, YANG Bin1, LI Teng2, LIU Yi-xuan1, WANG Xiang1
    2019, 0(06):  111.  doi:10.3969/j.issn.1006-2475.2019.06.019
    Asbtract ( 231 )   PDF (863KB) ( 100 )  
    References | Related Articles | Metrics
    This paper adopts the bi-directional long short-term memory conditional random field (Bi-LSTM-CRF) algorithm to train the existing legal early-warning information database and the open domain Chinese parsing database through the bi-directional long short-term memory. At the same time, the conditional random field (CRF) model is used to label the word segmentation by effectively combining the label information before and after the warning. The quality control system of meteorological early-warning information based on the above algorithm has already been applied in the emergency warning information issuing system of Anhui Province. In the process of practical application, it has been proved that such system can directly and effectively monitor sensitive keywords and misspellings in the upcoming warning information, so as to help monitoring stuff make better judgments and play an important role in the quality controls of the issued weather warning information.
    Unsupervised Video Object Segmentation with Fully Convolutional Network
    HUO Da, MA Shi-yuan
    2019, 0(06):  116.  doi:10.3969/j.issn.1006-2475.2019.06.020
    Asbtract ( 140 )   PDF (1372KB) ( 87 )  
    References | Related Articles | Metrics
    Pixel-level object segmentation in videos is a research hotspot in the field of computer vision. Unsupervised video segmentation without user annotation imposes higher requirements on segmentation algorithms. In recent years, the modeling methods based on inter-frame motion information are often used, that is, the motion information such as optical flow is used to predict the target contour, and the model is built based on features such as color for segmentation. Concerning the problems such as confusion of foreground and background and the rough edges caused by these methods, this paper proposes a video object segmentation method that combines fully convolutional neural network features. Firstly, the contour of the salient object in the video sequence is predicted through fully convolutional network and modified combining with motion saliency label obtained by optical flow. Then a time-space diagram model is established, the final segmentation result is obtained by using the graph cut method. The proposed method is evaluated on SegTrack v2 and DAVIS general datasets. The results show that the proposed method has better segmentation performance than the method based on inter-frame motion information.
    Research and Implementation of Comprehensive Evaluation Algorithms #br# for Teaching Quality in Colleges and Universities
    GUO Xin1, ZHANG Ming-huan1, WU Liang2, CHEN Ying1
    2019, 0(06):  121.  doi:10.3969/j.issn.1006-2475.2019.06.021
    Asbtract ( 175 )   PDF (807KB) ( 92 )  
    References | Related Articles | Metrics
    The evaluation of teaching quality in colleges and universities is fuzzy and dynamic, and there are more qualitative and less quantitative methods, more specialties and less easy operations in the evaluation methods of teaching quality. Aiming at the above problems, this paper introduces the average comprehensive evaluation algorithm and AHP fuzzy comprehensive evaluation algorithm. Then we use Python to implement them. Finally, the two algorithms are compared and analyzed. The results show that AHP fuzzy comprehensive evaluation algorithm is more suitable for teaching management. It can improve the reliability and efficiency of teaching quality evaluation. As a general method, it can be popularized and applied to other types of comprehensive evaluation.