检索结果-南通市图书馆

Identifying heavy hitters in high-speed network monitoring

Science china(information sciences) 2010年第3期53卷 659-676页

作者： ZHANG Yu1, FANG BinXing1,2 & ZHANG YongZheng2 1research center of Computer Network and information security technology, Harbin institute of technology, Harbin 150001, china 2research center of information security, institute of computing technology, chinese academy of sciences, beijing 100190, china 1. research center of Computer Network and information security technology Harbin Institute of Technology Harbin 150001 China2. Research Center of Information Security Institute of Computing Technology Chinese Academy of Sciences Beijing 100190 China

Identifying heavy hitters in a network traffic stream is important for a variety of network applications ranging from traffic engineering to anomaly detection such as detection of denial-of-service attacks. Existing methods generally examine newly arriving items in the stream, perform a small number of operations using a small amount of memory, and still provide guarantees on the identifying accuracy. In high-speed network monitoring, the update speed per item is extremely critical. However, so far as we know, there are no identifying algorithms which can provide constant update time (O(1)) in a weighted data stream. In this paper, we present an algorithm named Weighted Lossy Counting (WLC) which is able to identify heavy hitters in a high-speed weighted data stream with constant update time. WLC employs a novel efficient partially ordered data structure which is able to provide a fast per-item update speed while keeping the memory cost relatively low. We compare WLC with state-of-the-art algorithms for finding heavy hitters in real traffic traces. The experimental results show that WLC performs well in accuracy (recall, precision and average relative error) as other algorithms; moreover it has a much higher update speed at the cost of relatively larger memory space used. A theoretical worst-case memory bound of WLC is also derived in this paper; however, experiments with long real traffic traces show that WLC requires much less space than the theoretical bound in practice.

关键词： network traffic monitoring heavy hitter weighted data streams

来源：

同方期刊数据库评论

在线全文

同方期刊数据库

学校读者我要写书评

暂无评论

Mechanism and Defense on Malicious Code

引用

Wuhan University Journal of Natural sciences 2005年第1期10卷 83-88页

作者： WEN Wei-ping 1,2,3, QING Si-han 1,2,31. institute of Software, the chinese academy of sciences, beijing 100080, china 2.Engineering research center for information security technology, the chinese academy of sciences, beijing 100080, china 3.Graduate School of the chinese academy of sciences, beijing 100080, china institute of Software the Chinese Academy of Sciences Beijing 100080 China

With the explosive growth of network applications, the threat of the malicious code against network security becomes increasingly serious. In this paper we explore the mechanism of the malicious code by giving an attack model of the malicious code, and discuss the critical techniques of implementation and prevention against the malicious code. The remaining problems and emerging trends in this area are also addressed in the paper.

关键词： malicious code attacking model mechanism defense system security network security

来源：

维普期刊数据库

同方期刊数据库评论

在线全文

学校读者我要写书评

暂无评论

A property-based attestation protocol for TCM

引用

Science china(information sciences) 2010年第3期53卷 454-464页

作者： FENG DengGuo1,2 & QIN Yu1,2 1State Key Laboratory of information security, institute of Software, chinese academy of Science, beijing 100190, china 2National Engineering research center of information security, beijing 100190, china 1. State Key Laboratory of information security Institute of Software Chinese Academy of Science Beijing 100190 China2. National Engineering Research Center of Information Security Beijing 100190 China

This paper presents a property attestation protocol for the security chip TCM (trusted cryptographic module) via analyzing the problems of the current property attestation, which is built on the property attestation model with the online trust third party. In the protocol the prover utilizes the zero-knowledge proof by the attribute certificates, configuration commitment and TCM signature, and attests its configuration and status which are compliant with the declarative security property. The protocol is characterized by shorter signature length and lower computations. The security of the protocol is proved at the random oracle model. The protocol can help extend application and improve standard for security chip TCM, and it also has practical value and immediate significance.

关键词： trust computing trust cryptographic module (TCM) property attestation signature of knowl- edge configuration commitment

来源：

同方期刊数据库评论

在线全文

同方期刊数据库

学校读者我要写书评

暂无评论

Formal analysis and design of multi-party fair exchange protocols

引用

Science in china(Series F) 2006年第2期49卷 155-174页

作者： QING Sihan1,2,3 & LI Gaicheng1,3 1. Engineering research center for information security technology, institute of Software, chinese academy of sciences, beijing 100080, china 2. beijing Zhongke Ansheng Corporation of information technology, beijing 100080, china 3. Graduate School of the chinese academy of sciences, beijing 100039, china 1. Engineering research center for information security technology Institute of Software Chinese Academy of Sciences Beijing 100080 China 2. beijing Zhongke Ansheng Corporation of information technology Beijing 100080 China 3. Graduate School of the chinese academy of sciences Beijing 100039 China

Based on the origin of message items and channel combination between transacting parties, and events and relations among events, this paper presents a concise, precise, and hierarchical model for general fair exchange protocols, formally specifies various security requirements which are able to reflect inherent requirements for fair exchange protocols more rigorously, and partition these security requirements with fine granularity. This work helps analyze, debug, and design multi-party fair exchange protocols more effectively and elaborately,

关键词： fair exchange logical protocol formal model security requirement.

来源：

维普期刊数据库

同方期刊数据库评论

在线全文

学校读者我要写书评

暂无评论

Black-box testing based on colorful taint analysis

引用

Science china(information sciences) 2012年第1期55卷 171-183页

作者： CHEN Kai1,2,3,FENG DengGuo1,SU PuRui1&ZHANG YingJun1,2,3 1State Key Laboratory of information security,institute of Software,chinese academy of Science,beijing 100190,china 2State Key Laboratory of information security,Graduate University of chinese academy of sciences,beijing 100049,china 3National Engineering research center of information security,beijing 100190,china 1. State Key Laboratory of information security Institute of Software Chinese Academy of Science Beijing 100190 China2. State Key Laboratory of Information Security Graduate University of Chinese Academy of Sciences Beijing 100049 China3. National Engineering Research Center of Information Security Beijing 100190 China

Software vulnerability detection is one of the most important methods for guaranteeing software *** main classes of methods can detect vulnerabilities in binary files:white-box testing and black-box *** former needs to construct and solve path constraints to detect *** has two main drawbacks:path exploding and complexity of *** latter often aimlessly exhausts various inputs to test binary *** paper combines both testing methods to detect vulnerabilities in binary *** analyzing the input elements that aect check condition corresponding to a certain check point,we can generate one class of inputs that get to the check point to increase fuzzing *** analyzing the relationship between guard conditions and check condition,the redundant check points are *** taint analysis method(CTAM)is proposed to compute guard conditions,which is more ecient than traditional taint analysis method(TTAM).We implemented a prototype and made several experiments on *** results showed that our method could increase the eciency of black-box testing.

关键词： software testing vulnerability detection dynamic testing black-box testing colorful taint analysis

来源：

同方期刊数据库评论

在线全文

同方期刊数据库

学校读者我要写书评

暂无评论

A formal model of fair exchange protocols

引用

Science in china(Series F) 2005年第4期48卷 499-512页

作者： QING Sihan1,2,3 & LI Gaicheng1,2,3 1. Engineering research center for information security technology, institute of Software, chinese Aca- demy of sciences, beijing 100080, china 2. beijing Zhongke Ansheng Corporation of information technology, beijing 100080, china 3. Graduate School of the chinese academy of sciences, beijing 100039, china 1. Engineering research center for information security technology Institute of Software Chinese Academy of Sciences 100080 Beijing China 2. beijing Zhongke Ansheng Corporation of information technology 100080 Beijing China 3. Graduate School of the chinese academy of sciences 100039 Beijing China

Based on the study of existing fair exchange protocols, this paper sets up an accurate formal model by stepwise refinement. In the process of refinement an unreliable channel is employed to simulate an attack behavior. The model provides a novel formal definition of exchanged items, and presents the formal goals for fairness, accountability, etc., reflecting the inherent requirements for fair exchange protocols across-the-board. In order to check, prove, and design fair exchange protocols effectively and efficiently, the model puts forward a novel property of abuse-freeness which applies to all fair exchange protocols, gives a formal definition for trust strand of the third party, and presents general criteria of designing a secure and effective fair exchange protocol. Taking a typical fair exchange protocol as an example, this paper presents the analysis steps of fair exchange protocols appealing to our model. An unknown attack is uncovered. The analysis reveals the process of a complete attack, discovering deeper reasons for causing an attack. Finally, we modify the flawed protocol and the revised protocol ensures the desirable properties.

关键词： events local causal relation local temporal relation global relation exchanged item security goals.

来源：

维普期刊数据库

同方期刊数据库评论

在线全文

学校读者我要写书评

暂无评论

Differentiation transforming system

引用

Progress in Natural Science:Materials International 2009年第3期19卷 397-406页

作者： Qiang Chenga,b,c,*, Haibin Zhang d, Bin Wanga, Yonghua Zhao c a LASG, institute of Atmospheric Physics, chinese academy of sciences, beijing 100029, PR china b LSEC, institute of computing Mathematics, chinese academy of sciences, beijing 100080, PR china c SC, institute of Computer Network information center, chinese academy of sciences, beijing 100190, PR china d College of Applied sciences, beijing University of technology, beijing 100124, PR china [a]LASG Institute of Atmospheric Physics Chinese Academy of Sciences Beijing 100029 PR China [b]LSEC Institute of Computing Mathematics Chinese Academy of Sciences Beijing 100080 PR China [c]SC Institute of Computer Network Information Center Chinese Academy of Sciences Beijing 100190 PR China [d]College of Applied Sciences Beijing University of Technology Beijing 100124 PR China

The differentiation transforming (DFT) system is developed to produce the tangent linear codes, which is used to calculate the Jaco- bian- and the Hessian-vector products with no truncation errors. This paper first gives the introduction of the functionality and features of the DFT system, and then discusses several techniques for the implementation of automatic differentiation tools, including data depen- dence analysis, singular differentiation and code optimization. Finally, the codes generated with DFT used in several applications have been demonstrated.

关键词： Jacobian Hessian Tangent linear model Automatic differentiation

来源：

同方期刊数据库评论

在线全文

同方期刊数据库

学校读者我要写书评

暂无评论

A novel logic-based automatic approach to constructing compliant security policies

引用

Science china(information sciences) 2012年第1期55卷 149-164页

作者： BAO YiBao1,2,4,YIN LiHua1,FANG BinXing 1,3&GUO Li 1 1institute of computing technology,chinese academy of sciences,beijing 100190,china 2institute of Electronic technology,information Engineering University,Zhengzhou 450004,china 3beijing University of Posts and Telecommunications,beijing 100190,china 4Graduate University,the chinese academy of Science,beijing 100049,china 1. institute of computing technology Chinese Academy of Sciences Beijing 100190 China2. Institute of Electronic Technology Information Engineering University Zhengzhou 450004 China4. Graduate University the Chinese Academy of Science Beijing 100049 China3. Beijing University of Posts and Telecommunications Beijing 100190 China

It is significant to automatically detect and resolve the incompliance in security *** existing works in this field focus on compliance verification,and few of them provide approaches to automatically correct the incompliant security *** paper proposes a novel approach to automatically transform a given security policy into a compliant *** security policy Π and delegation policy M declared by logic programs,the approach automatically rewrites Π into a new one ΠM which is compliant with M and is readable by the *** prove that the algorithm is sound and complete under noninterference ***,we show that the security policy query evaluation algorithm with conflict and unsettlement resolution still works very well on Π*** approach is automatic,so it doesn't require a administrator with excess *** this sense,our proposal can help us to save much manpower resource in security management and improves the security assurance abilities.

关键词： security policy rewriting logic program compliance

来源：

同方期刊数据库评论

在线全文

同方期刊数据库

学校读者我要写书评

暂无评论

Multiparty simultaneous quantum identity authentication with secret sharing

引用

Science china(Physics,Mechanics & Astronomy) 2008年第3期51卷 321-327页

作者： YANG YuGuang1,2,WEN QiaoYan3 & ZHANG Xing4,5 1 College of Computer Science and technology,beijing University of technology,beijing 100022,china 2 State Key Laboratory of information security (Graduate University of the chinese academy of sciences),beijing 100049,china 3 School of Science,beijing University of Posts and Telecommunications,beijing 100876,china 4 institute of Electronic technology,information Engineering University,Zhengzhou 450004,china 5 Trusted computing Laboratory,beijing University of technology,beijing 100022,china College of Computer Science technology Beijing University of Technology Beijing 100022 China State Key Laboratory of information security [Graduate University of the chinese academy of sciences] Beijing 100049 China School of Science Beijing University of Posts Telecommunications Beijing 100876 China institute of Electronic technology Information Engineering University Zhengzhou 450004 China Trusted computing Laboratory Beijing University of Technology Beijing 100022 China

Two multiparty simultaneous quantum identity authentication (MSQIA) protocols based on secret sharing are presented. All the users can be authenticated by a trusted third party (TTP) simultaneously. In the first protocol,the TTP shares a random key K with all the users using quantum secret sharing. The ith share acts as the authentication key of the ith user. When it is necessary to perform MSQIA,the TTP generates a random number R secretly and sends a sequence of single photons encoded with K and R to all the users. According to his share,each user performs the corresponding unitary operations on the single photon sequence sequentially. At last,the TTP can judge whether the impersonator exists. The sec-ond protocol is a modified version with a circular structure. The two protocols can be efficiently used for MSQIA in a network. They are feasible with current technol-ogy.

关键词： quantum identity authentication secret sharing quantum cryptography

来源：

维普期刊数据库

同方期刊数据库评论

在线全文

学校读者我要写书评

暂无评论

P2P traffic optimization

引用

Science china(information sciences) 2012年第7期55卷 1475-1492页

作者： ZHANG GuoQiang 1,2 ,TANG MingDong 3 ,CHENG SuQi 2,4 ,ZHANG GuoQing 2 ,SONG HaiBin 5 ,CAO JiGuang 6 & YANG Jing 7 1 School of Computer Science and technology,Nanjing Normal University,Nanjing 210046,china 2 institute of computing technology,chinese academy of sciences,beijing 100190,china 3 School of Computer Science and Engineering,Hunan University of Science and technology,Xiangtan 411201,china 4 Graduate University of chinese academy of sciences,beijing 100190,china 5 Nanjing R&D center,Huawei Technologies,Nanjing 210012,china 6 china academy of Telecommunication research of MIIT,beijing 100191,china 7 china Mobile research institute,beijing 100053,china 1. School of Computer Science and technology Nanjing Normal University Nanjing 210046 China2. Institute of Computing Technology Chinese Academy of Sciences Beijing 100190 China3. School of Computer Science and Engineering Hunan University of Science and Technology Xiangtan 411201 China4. Graduate University of Chinese Academy of Sciences Beijing 100190 China5. Nanjing R&D Center Huawei Technologies Nanjing 210012 China6. China Academy of Telecommunication Research of MIIT Beijing 100191 China7. China Mobile Research Institute Beijing 100053 China

Peer-to-peer (P2P) based content distribution systems have emerged as the main form for content distribution on the Internet,which can greatly reduce the distribution cost of content providers and improve the overall system ***,the mismatch between the overlay and underlay networks causes large volume of redundant traffic,which intensifies the tension between P2P content providers and ***,how to efficiently use network resources to reduce the traffic burden on the ISPs is crucial for the sustainable development of P2P *** paper surveys the state-of-art P2P traffic optimization technologies from three perspectives:P2P cache,locality-awareness and data *** details,comparison between these technologies and their applicabilities are presented,followed by a discussion of the issues that remain to be addressed and the direction of future content distribution research.

关键词： P2P traffic localization P2P traffic optimization P2P cache locality-awareness network coding content-centric network

来源：

同方期刊数据库评论

在线全文

同方期刊数据库

学校读者我要写书评

暂无评论

欢迎您,

建议与咨询留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

时间限定

文献类型

馆藏选择

核心期刊

语言

文献类型

帮助

文字说明：

检索规则说明：

检索范例：

分类表

所选分类

限定检索结果

文献类型

馆藏范围

日期分布

学科分类号

主题

机构

作者

语言

在线全文

在线全文

在线全文

在线全文

在线全文

在线全文

在线全文

在线全文

在线全文

在线全文

请选择保存的检索档案：

请选择收藏分类：

通借通还

欢迎您,

建议与咨询 留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

时间限定

文献类型

馆藏选择

核心期刊

语言

文献类型

帮助

文字说明：

检索规则说明：

检索范例：

分类表

所选分类

限定检索结果

文献类型

馆藏范围

日期分布

学科分类号

主题

机构

作者

语言

在线全文

在线全文

在线全文

在线全文

在线全文

在线全文

在线全文

在线全文

在线全文

在线全文

请选择保存的检索档案： 新增检索档案 确定 取消

请选择收藏分类： 新增自定义分类 确定 取消

通借通还

建议与咨询留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

请选择保存的检索档案：

请选择收藏分类：