Query:
学者姓名:刘延华
Refining:
Year
Type
Indexed by
Source
Complex
Former Name
Co-
Language
Clean All
Abstract :
As the scale of the networks continually expands, the detection of distributed denial of service (DDoS) attacks has become increasingly vital. We propose an intelligent detection model named IGED by using improved generalized entropy and deep neural network (DNN). The initial detection is based on improved generalized entropy to filter out as much normal traffic as possible, thereby reducing data volume. Then the fine detection is based on DNN to perform precise DDoS detection on the filtered suspicious traffic, enhancing the neural network’s generalization capabilities. Experimental results show that the proposed method can efficiently distinguish normal traffic from DDoS traffic. Compared with the benchmark methods, our method reaches 99.9% on low-rate DDoS (LDDoS), flooded DDoS and CICDDoS2019 datasets in terms of both accuracy and efficiency in identifying attack flows while reducing the time by 17%, 31% and 8%. © 2024 Tech Science Press. All rights reserved.
Keyword :
DDoS DDoS DNN DNN improved generalized entropy improved generalized entropy real-time real-time
Cite:
Copy from the list or Export to your reference management。
| GB/T 7714 | Liu, Y. , Han, Y. , Chen, H. et al. IGED: Towards Intelligent DDoS Detection Model Using Improved Generalized Entropy and DNN [J]. | Computers, Materials and Continua , 2024 , 80 (2) : 1851-1866 . |
| MLA | Liu, Y. et al. "IGED: Towards Intelligent DDoS Detection Model Using Improved Generalized Entropy and DNN" . | Computers, Materials and Continua 80 . 2 (2024) : 1851-1866 . |
| APA | Liu, Y. , Han, Y. , Chen, H. , Zhao, B. , Wang, X. , Liu, X. . IGED: Towards Intelligent DDoS Detection Model Using Improved Generalized Entropy and DNN . | Computers, Materials and Continua , 2024 , 80 (2) , 1851-1866 . |
| Export to | NoteExpress RIS BibTex |
Version :
Abstract :
Internet-of-Things (IoT) devices are increasingly used in people’s lives and production in various industries. To detect and defend against Denial-of-Service (DDoS) attacks that occur on IoT networks, a lot of methods based on machine learning and deep learning have been proposed in recent years. However, these methods usually do not consider the limitation of computational resources of IoT devices. In this paper, we propose an edge model DDoS-Attack-Guard (DAG) based on Bi-GRU and ShuffleNet for DDoS identification and classification with the target of lightweight and real-time. To demonstrate the performance of our models, we use the CICDDoS2019 dataset to test the identification and classification accuracy as well as the model inference time. In addition, we build a multi-layer coder-decoder structure that can extract the potential temporal contextual features of DDoS traffic, and introduce a reconstruction structure that can improve model training. Through ablation experiments and comparative experiments, our model has an average inference speed of 2.5 ms across different data sizes, which is 50% faster than the Sota method, while hitting 99.3% and 99.9% accuracy in identification and classification respectively. © The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd. 2024.
Keyword :
DDoS Attacks DDoS Attacks Deep Learning Deep Learning Edge Defense Edge Defense IoT security IoT security Reconstruction Structure Reconstruction Structure
Cite:
Copy from the list or Export to your reference management。
| GB/T 7714 | Liu, Y. , Chen, C. , Zhang, Q. et al. DAG: A Lightweight and Real-Time Edge Defense Model for IoT DDoS Attacks [未知]. |
| MLA | Liu, Y. et al. "DAG: A Lightweight and Real-Time Edge Defense Model for IoT DDoS Attacks" [未知]. |
| APA | Liu, Y. , Chen, C. , Zhang, Q. , Zeng, F. , Liu, X. . DAG: A Lightweight and Real-Time Edge Defense Model for IoT DDoS Attacks [未知]. |
| Export to | NoteExpress RIS BibTex |
Version :
Abstract :
提出一种基于多维关联度的数字证据链自动构造方法.首先设计一种数字证据标准化表示方法,将数字事件与其之间的关联关系进行规范化描述.然后通过对数字事件关联关系的分析,提出多维度的非因果关联度计算方法和基本证据环的构造方法,对数字事件因果关系进行深度分析.实验结果表明,所提出方法构造的数据证据链对于提升数字证据的证明力具有一定的应用意义.
Keyword :
关联度 关联度 数字取证 数字取证 数字证据链 数字证据链 证据环 证据环
Cite:
Copy from the list or Export to your reference management。
| GB/T 7714 | 刘延华 , 欧振贵 , 刘西蒙 et al. 多维关联度分析驱动的数字证据链构造方法 [J]. | 福州大学学报(自然科学版) , 2024 , 52 (04) : 404-412 . |
| MLA | 刘延华 et al. "多维关联度分析驱动的数字证据链构造方法" . | 福州大学学报(自然科学版) 52 . 04 (2024) : 404-412 . |
| APA | 刘延华 , 欧振贵 , 刘西蒙 , 陈惠文 , 林钟馨 , 张明辉 . 多维关联度分析驱动的数字证据链构造方法 . | 福州大学学报(自然科学版) , 2024 , 52 (04) , 404-412 . |
| Export to | NoteExpress RIS BibTex |
Version :
Abstract :
To address the key challenge encountered in fake news detection, i.e., multimodal data is difficult to be effectively semantically represented due to its intrinsic heterogeneity, this paper proposes a multimodal knowledge representation method for fake news detection. First, visual feature extraction is performed for fake news image data, the relevant images are sliced into multiple blocks, and then visual modal features are obtained by linear projection layer mapping. This simplifies the feature extraction process and reduces the computational cost, which helps to improve the fake news recognition performance. Second, to meet the actual fake news detection needs, a long text representation method based on topic words is investigated for the text data in fake news. Finally, the multimodal representation of the same fake news data is optimized by establishing a connection between two different modalities, visual and text, and inputting it into a BiLSTM-Attention based network to achieve the fusion of multimodal features. The experiment selects the same fake news data of EANN model and uses four classical classification methods to verify the effect of knowledge representation and compare it with the fusion model ViLT which is not optimized for long text. The experiment proves that the accuracy rate of fake news detection using the multimodal representation proposed in this paper is improved by 7.4% compared to the EANN model, and by 9.3% compared to the ViLT representation.
Keyword :
fake news detection fake news detection feature extraction feature extraction feature fusion feature fusion multimodal representation multimodal representation
Cite:
Copy from the list or Export to your reference management。
| GB/T 7714 | Zeng, Fanhao , Yao, Jiaxin , Xu, Yijie et al. A Multimodal Knowledge Representation Method for Fake News Detection [J]. | 2024 4TH INTERNATIONAL CONFERENCE ON COMPUTER, CONTROL AND ROBOTICS, ICCCR 2024 , 2024 : 360-364 . |
| MLA | Zeng, Fanhao et al. "A Multimodal Knowledge Representation Method for Fake News Detection" . | 2024 4TH INTERNATIONAL CONFERENCE ON COMPUTER, CONTROL AND ROBOTICS, ICCCR 2024 (2024) : 360-364 . |
| APA | Zeng, Fanhao , Yao, Jiaxin , Xu, Yijie , Liu, Yanhua . A Multimodal Knowledge Representation Method for Fake News Detection . | 2024 4TH INTERNATIONAL CONFERENCE ON COMPUTER, CONTROL AND ROBOTICS, ICCCR 2024 , 2024 , 360-364 . |
| Export to | NoteExpress RIS BibTex |
Version :
Abstract :
In this paper, we propose IVMWAF, a framework for intelligent analysis of multi-stage web attacks which uses artificial intelligence and visualization approaches. The IVMWAF framework is designed to provide a general and practical forensic process for investigating multi-stage web attacks. Using IVMWAF, digital forensics analysts can have a flexible and intuitive understanding of the overall situation of complex web security incidents. Specifically, in order to extract all web security incident related anomalies, we first propose a multi-level anomaly detection method, by dividing different levels based on different stages of the web attack chain. We also design methods for visualizing and making human-computer interactions for different levels of anomaly detection, to assist analysts in comprehending and providing feedback on the decisions made by intelligent methods. For forensic analysis of web attack incidents, we integrate multi-level anomaly detection and visualization for correlation analysis, and propose a method for constructing multi-level web attack scenarios. Finally, we developed a prototype system and validated the usability and superiority of the proposed IVMWAF with experimental results and expert evaluations on a dataset during a real enterprise security incident. © 2024 IEEE.
Keyword :
attack modeling attack modeling intelligent analysis intelligent analysis multi-level anomaly detection multi-level anomaly detection multi-stage web attack multi-stage web attack network forensic network forensic visual analysis visual analysis web security visualization web security visualization
Cite:
Copy from the list or Export to your reference management。
| GB/T 7714 | Liu, Y. , Xu, Y. , Han, Y. et al. An Intelligent Analysis Method for Multi-Stage Web Attack Forensics [未知]. |
| MLA | Liu, Y. et al. "An Intelligent Analysis Method for Multi-Stage Web Attack Forensics" [未知]. |
| APA | Liu, Y. , Xu, Y. , Han, Y. , Liu, Z. . An Intelligent Analysis Method for Multi-Stage Web Attack Forensics [未知]. |
| Export to | NoteExpress RIS BibTex |
Version :
Abstract :
SDN是一种被广泛应用的网络范式.面对DDoS攻击等网络安全威胁,在SDN中集成高效的DDoS攻击检测方法尤为重要.由于SDN集中控制的特性,集中式DDoS攻击检测方法在SDN环境中存在较高的安全风险,使得SDN的控制平面安全性受到了巨大挑战.此外,SDN环境中流量数据不断增加,导致复杂流量特征的更复杂化、不同实体之间严重的Non-IID分布等问题.这些问题对现有的基于联邦学习的检测模型准确性与鲁棒性的进一步提高造成严重阻碍.针对上述问题,本文提出了一种基于联邦增量学习的SDN环境下DDoS攻击检测模型.首先,为解决集中式DDoS攻击检测的安全风险与数据增量带来的Non-IID分布问题,本文提出了一种基于联邦增量学习的加权聚合算法,使用动态调整聚合权重的方式个性化适应不同子数据集增量情况,提高增量聚合效率.其次,针对SDN环境中复杂的流量特征,本文设计了一种基于LSTM的DDoS攻击检测方法,通过统计SDN环境中流量数据的时序特征,提取并学习数据的时序关特征的相关性,实现对流量特征数据的实时检测.最后,本文结合SDN集中管控特点,实现了SDN环境下的DDoS实时防御决策,根据DDoS攻击检测结果与网络实体信息,实现流规则实时下发,达到有效阻断DDoS攻击流量、保护拓扑重要实体并维护拓扑流量稳定的效果.本文将提出的模型在增量式DDoS攻击检测任务上与FedAvg、FA-FedAvg和FIL-IIoT三种方法进行性能对比实验.实验结果表明,本文提出方法相比于其他方法,在DDoS攻击检测准确率上提升5.06%~12.62%,F1-Score提升0.0565~0.1410.
Keyword :
DDoS攻击检测 DDoS攻击检测 网络安全 网络安全 联邦增量学习 联邦增量学习 联邦学习 联邦学习 软件定义网络 软件定义网络
Cite:
Copy from the list or Export to your reference management。
| GB/T 7714 | 刘延华 , 方文昱 , 郭文忠 et al. 基于联邦增量学习的SDN环境下DDoS攻击检测模型 [J]. | 计算机学报 , 2024 , 47 (12) : 2852-2866 . |
| MLA | 刘延华 et al. "基于联邦增量学习的SDN环境下DDoS攻击检测模型" . | 计算机学报 47 . 12 (2024) : 2852-2866 . |
| APA | 刘延华 , 方文昱 , 郭文忠 , 赵宝康 , 黄维 . 基于联邦增量学习的SDN环境下DDoS攻击检测模型 . | 计算机学报 , 2024 , 47 (12) , 2852-2866 . |
| Export to | NoteExpress RIS BibTex |
Version :
Abstract :
In order to achieve more efficient and accurate DDoS detection while ensuring data privacy, this paper proposes a DDoS detection method based on FLAD. Firstly, this paper uses the FLAD algorithm to train a global DDoS detection model without leaving local traffic data, protecting the privacy and security of traffic data between different hosts, and improving aggregation efficiency by dynamically adjusting the aggregation weights to adapt to different sub-dataset increments. Secondly, a DDoS traffic detection method based on the integration of LSTM and CNN is proposed, which extracts and analyzes the temporal correlation of traffic data by calculating the statistical characteristics of traffic data within a time period, to achieve real-time detection of traffic feature data. Again, combined with the concept of SDN, real-time defense against DDoS based on ODL-API is implemented, and precise matching of DDoS detection results with network entity information is achieved, realizing the technology of real-time and precise issuance of multiple flow rules, effectively blocking DDoS malicious attack traffic, protecting important entities in the topology, and maintaining stable traffic in the topology. This paper focuses on solving the detection problem of DDoS traffic data increments and uneven data distribution through the FLAD algorithm. Experimental results show that the proposed method improves the accuracy of DDoS attack detection by more than 4% and the F1 Score by more than 7% compared to the FedAvg aggregation algorithm. © 2024 IEEE.
Cite:
Copy from the list or Export to your reference management。
| GB/T 7714 | Dong, J. , Fang, W. , Zheng, W. et al. DDoS Detection and Defense Based on FLAD and SDN [未知]. |
| MLA | Dong, J. et al. "DDoS Detection and Defense Based on FLAD and SDN" [未知]. |
| APA | Dong, J. , Fang, W. , Zheng, W. , Liu, J. , Liu, Y. . DDoS Detection and Defense Based on FLAD and SDN [未知]. |
| Export to | NoteExpress RIS BibTex |
Version :
Abstract :
为分析黑灰产网络资产图谱数据中黑灰产团伙掌握的网络资产及其关联关系,提出一种基于图挖掘的黑灰产运作模式可视分析方法.首先,在网络资产图谱数据中锁定潜在团伙线索;其次,根据潜在线索、黑灰产业务规则挖掘由同一黑灰产团伙掌握的网络资产子图,并识别子图中的核心资产与关键链路;最后,基于标记核心资产和关键链路的黑灰产子图实现可视分析系统,从而直观发现黑灰产团伙掌握的网络资产及其关联关系,帮助分析人员制定黑灰产网络资产打击策略.经实验验证,该方法能有效、直观地分析和发现黑灰产团伙及其网络资产关联关系,为更好监测黑灰产网络运作态势提供必要的技术支持.
Keyword :
关键链路 关键链路 可视分析 可视分析 子图挖掘 子图挖掘 网络资产 网络资产 黑灰产 黑灰产
Cite:
Copy from the list or Export to your reference management。
| GB/T 7714 | 尚思佳 , 陈晓淇 , 林靖淞 et al. 基于图挖掘的黑灰产运作模式可视分析 [J]. | 信息安全研究 , 2024 , 10 (1) : 48-54 . |
| MLA | 尚思佳 et al. "基于图挖掘的黑灰产运作模式可视分析" . | 信息安全研究 10 . 1 (2024) : 48-54 . |
| APA | 尚思佳 , 陈晓淇 , 林靖淞 , 林睫菲 , 李臻 , 刘延华 . 基于图挖掘的黑灰产运作模式可视分析 . | 信息安全研究 , 2024 , 10 (1) , 48-54 . |
| Export to | NoteExpress RIS BibTex |
Version :
Abstract :
As the scale of the networks continually expands, the detection of distributed denial of service (DDoS) attacks has become increasingly vital. We propose an intelligent detection model named IGED by using improved generalized entropy and deep neural network (DNN). The initial detection is based on improved generalized entropy to filter out as much normal traffic as possible, thereby reducing data volume. Then the fine detection is based on DNN to perform precise DDoS detection on the filtered suspicious traffic, enhancing the neural network's generalization capabilities. Experimental results show that the proposed method can efficiently distinguish normal traffic from DDoS traffic. Compared with the benchmark methods, our method reaches 99.9% on low-rate DDoS (LDDoS), flooded DDoS and CICDDoS2019 datasets in terms of both accuracy and efficiency in identifying attack flows while reducing the time by 17%, 31% and 8%.
Keyword :
DDoS DDoS DNN DNN improved generalized entropy improved generalized entropy real-time real-time
Cite:
Copy from the list or Export to your reference management。
| GB/T 7714 | Liu, Yanhua , Han, Yuting , Chen, Hui et al. IGED: Towards Intelligent DDoS Detection Model Using Improved Generalized Entropy and DNN [J]. | CMC-COMPUTERS MATERIALS & CONTINUA , 2024 , 80 (2) . |
| MLA | Liu, Yanhua et al. "IGED: Towards Intelligent DDoS Detection Model Using Improved Generalized Entropy and DNN" . | CMC-COMPUTERS MATERIALS & CONTINUA 80 . 2 (2024) . |
| APA | Liu, Yanhua , Han, Yuting , Chen, Hui , Zhao, Baokang , Wang, Xiaofeng , Liu, Ximeng . IGED: Towards Intelligent DDoS Detection Model Using Improved Generalized Entropy and DNN . | CMC-COMPUTERS MATERIALS & CONTINUA , 2024 , 80 (2) . |
| Export to | NoteExpress RIS BibTex |
Version :
Abstract :
Cloud-assisted electronic health record (EHR) sharing plays an important role in modern healthcare systems but faces threats of distrust and non-traceability. The advent of blockchain offers an attractive solution to overcome this issue. Many efforts are devoted to promoting secure, flexible, and multi-featured blockchain-based EHR sharing. Yet, the problem of seeking out suitable healthcare providers and communicating information beyond the EHR has unfortunately been ignored. In this paper, we propose SeCoSe, a novel EHR sharing scheme to address these concerns. SeCoSe enables patients and their general practitioners to autonomously seek out and stay in touch with their preferred healthcare professionals. Specifically, a searchable and repeatable transformation identity-based encryption (SRTIBE) is proposed to achieve dynamic and flexible authorization updates. Moreover, we design attribute-identity mapping contracts and evidence-based contracts on the blockchain to enable on-demand retrieval of anonymous identities and ensure tamper resistance and traceability of system transactions. Furthermore, we employ the advanced messages on-chain protocol (AMOP) to facilitate the online communication of off-chain messages. Detailed security analysis and extensive evaluations demonstrate that SeCoSe is privacy-secure, traceable, and attack-resistant. SeCoSe has lower overhead for repeated authorization and transformation, on-chain transactions can be responded to within seconds, and online communication can handle the transmission of 49,000 messages in about 6 seconds.
Keyword :
blockchain blockchain Electronic health records Electronic health records healthcare service seeking healthcare service seeking identity-based encryption identity-based encryption smart contract smart contract
Cite:
Copy from the list or Export to your reference management。
| GB/T 7714 | Liu, Zhihuang , Hu, Ling , Cai, Zhiping et al. SeCoSe: Toward Searchable and Communicable Healthcare Service Seeking in Flexible and Secure EHR Sharing [J]. | IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY , 2024 , 19 : 4999-5014 . |
| MLA | Liu, Zhihuang et al. "SeCoSe: Toward Searchable and Communicable Healthcare Service Seeking in Flexible and Secure EHR Sharing" . | IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY 19 (2024) : 4999-5014 . |
| APA | Liu, Zhihuang , Hu, Ling , Cai, Zhiping , Liu, Ximeng , Liu, Yanhua . SeCoSe: Toward Searchable and Communicable Healthcare Service Seeking in Flexible and Secure EHR Sharing . | IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY , 2024 , 19 , 4999-5014 . |
| Export to | NoteExpress RIS BibTex |
Version :
Export
| Results: |
Selected to |
| Format: |
