Compared with traditional centralized Botnets, P2P Botnets have better robustness and more complex topology, so that it is very difficult for defenders to confront P2P Botnets. This paper divides P2P network topology into four types: centralized topology, distributed unstructured topology, distributed architecture topology and semi-distributed topology, and studies these four types of P2P technology from the communication flow, the speed of traffic information dissemination and network robustness through analysis and experimental verification, and points out that the semi-distributed Botnet has better overall performance to be one of the future direction of development of Botnets.
Kulseng et al’s lightweight Radio Frequency Identification(RFID) authentication protocol has secret loophole that it may cause key leakage if the protocol is attacked by side channel analysis, which leads authentication failure. This paper modifies four-step authentication to three-step authentication, introduces key recovery mechanism and improves usage of key, so that the protocol has higher efficiency, and it is convenient to expend in multi-tag environment. Theory analysis result shows that the new protocol can prevent various attacks, and it is more efficient compared with the original protocol.
In order to assess the historical security states and forecasts future network security situation, this paper proposes a loose coupling network security situation awareness model by using survivability analysis based on Kaplan-Meier method. It uses survivability analysis method to get loose coupling between multi-source information fusion and security situation awareness method. A representation analysis of example with multi-type nodes based on KDD99 is given for security situation assessment. And it illustrates the superiority of this model in adapting the dynamic changes of network structure and multi-source data. The applicability and correctness of model is validated by drawing the graph of security situational awareness and comparing the results of security situational awareness with historical security states.
Trojan detection algorithm based on behavior analysis of communication has high computational complexity. Addressing the problem, this paper proposes a Trojan rapid detection based on heartbeat behavior analysis. The method selects two session attributes to describe the difference between Trojan communication flow and normal communication flow on the basis of description of heartbeat behavior in the Trojan communication large numbers of analysis on Trojan samples. And then Trojan Rapid Detection System(TRDS) is built based on the method. Experimental results show that TRDS can detect the Trojan communication in the 100 Mbit/s network rapidly and efficiently.
According to the fact that Point Spread Function(PSF) of the degraded image cannot be obtained accurately, a feed-forward neural network for image restoration is constructed based on the Chebyshev orthogonal function in this paper. The hidden-layer neurons are activated by a series of Chebyshev orthogonal functions. It updates its weights by the error Back Propagation(BP) training algorithm and finally reaches convergence target. This paper applies the two types of Chebyshev neural networks and their hidden-neuron growing algorithms to recover the fuzzy image. Experimental results show they have better performance on image restoration.
Due to low detection rate about some attack types in intrusion detection, this paper presents an improved intrusion detection method based on kernel learning. Because of high dimensional and nonlinear structure dataset in intrusion detection, Kernel Principal Component Analysis(KPCA) is presented to preprocess the dataset. The classifier is developed by Support Vector Data Description(SVDD), and the data through preprocessed is applied in the classifier. Experimental results show that the improved method can acquire higher detection precision and lower missed detection rate.