共查询到20条相似文献,搜索用时 15 毫秒
1.
2.
介绍网络隐蔽通道及其识别技术.在对网络隐蔽通道概念、原理和分类进行具体介绍的基础上,提出特征匹配、协议异常分析和行为异常分析三种隐蔽通道检测技术,并具体介绍了一个针对行为异常分析检测技术的典型应用.文中就网络隐蔽通道检测技术提出的三种手段相结合的思路具有较高的实用性和一定的创新性,已在实际应用中取得了较好的效果. 相似文献
3.
安全操作系统是信息系统安全的基础,隐蔽通道是解决操作系统安全的瓶颈。论文首先介绍了一种对隐蔽存储通道进行细分的方法,即把隐蔽存储通道分为直接隐蔽存储通道和间接隐蔽存储通道。接着在对隐蔽通道进一步分析的基础上,给出了隐蔽通道产生的充要条件。 相似文献
4.
5.
6.
讨论了影响概率隐蔽通道带宽和传输错误率的因素,对不满足BSPNI(bi-simulation strong probabilistic non-interference)、PBNDC (probabilistic non-deducibility on composition)和SPBNDC (strong probabilistic BNDC)性质的系统概率隐蔽通道进行了仿真,仿真结果表明,概率隐蔽通道的带宽与硬/软件配置、概率调度因子和调度次数有密切关系,当硬/软件配置和概率调度因子固定时,概率隐蔽通道的带宽近似地反比于调度次数;传输错误率与概率调度因子和调度次数关系密切,调度次数越大,传输错误率越小. 相似文献
7.
8.
通过Internet,在使用AJAX方式下载文件的代码中调整存储路径,会导致在文件下载进程中,存在隐蔽存储通道的问题,隐蔽通道的存在会给信息安全带来隐患。为提高下载信息的安全性和可靠性,通过分析隐蔽通道处理技术,对隐蔽通道的存在进行改进,并设计了一种安全模型,对下载的数据信息进行隐蔽存储通道的消除和过滤,通过MD5值验证下载信息的完整,为网络下载中确保信息数据的安全性和可信性提供保障。 相似文献
9.
10.
11.
By exploiting known covert channels, Android applications today are able to bypass the built-in permission system and share data in a potentially untraceable manner. These channels have sufficient bandwidth to transmit sensitive information, such as GPS locations, in real-time to collaborating applications with Internet access. In this paper, we extend previous work involving an application layer covert communications detector. We measure the stability of the volume and vibration channels on the Android emulator, HTC G1, and Motorola Droid. In addition, we quantify the effect that our detector has on channel capacities for stealthy malicious applications using a theoretical model. Lastly, we introduce a new classification of covert and overt communication for the Android platform. 相似文献
12.
在多级安全数据库系统中,如果采用传统的并发控制机制,则通过多级事务的协作可以很容易的创建隐通道,因此我们必须研究适合于多级安全数据库的并发控制机制。本文提出了一个基于多版本的安全的并发控制机制,它能阻止隐通道的创建而不会导致检索异常和高级事务的饿死,同时还能提供一个多级事务的可串行化调度。 相似文献
13.
金榜 《微电子学与计算机》2006,23(1):181-183
文章讲述了一种基于关联规则的数据挖掘算法在入侵检测系统中的应用。首先得到一些数据库日志中的强关联规则,然后以此作为判断攻击性事务的标准,最后用实验说明了该算法的有效性。 相似文献
14.
The proliferation of different DBMS and advances in computer networking and communications have led to increasing heterogeneous distributed DBMS network scenarios. Major heterogeneity problems and challenges include: different database models, syntactically and semantically different DBMS, different types of controls (recovery, etc.), etc. We address herein the long-range goal for a heterogeneous distributed DBMS (HD-DBMS) to be able to support a network in which any user in any node can be given an integrated and tailored view or schema, while in reality the data may reside in one single database or in physically separated databases, managed individually by the same type of DBMS (by the only one the user understands) or by different DBMS. We cite the major approaches to data sharing and accessing: from the primitive commercial file and database unload/load and PC download, to common interfaces on top of existing DBMS, to the R&D and prototype efforts toward the long-range desires. Commercial availability of the more encompassing thrusts may become a reality with the mounting problems, opportunity costs, and demand for data sharing in the heterogeneous world. Major research and development projects in this arena are leading toward some partial attainment of the long-range objective. The UCLA HD-DBMS project is highlighted herein, with a presentation of its status, progress, and plans. It is a longer range project, with the unique feature of allowing any user in the network to use a preferred database model and DML to access or update any data in the heterogeneous network. HD-DBM5 is to provide a multilingual interface to heterogeneous distributed databases. 相似文献
15.
本文介绍了电波传播数据库的任务,技术特点和有关开发情况。据此需要选择一个性能优劣的数据库管理系统。 相似文献
16.
17.
With the intensive use of the internet, patient centric healthcare systems shifted away from paper-based records towards a computerized format. Electronic patient centric healthcare databases contain information about patients that should be kept available for further reference. Healthcare databases contain potential data that makes them a goal for attackers. Hacking into these systems and publishing their contents online exposes them to a challenge that affects their continuity. Any denial of this service will not be tolerated since we cannot know when we need to retrieve a patient’s record. Denial of service affects the continuity of the healthcare system which in turn threatens patients’ lives, decreases the efficiency of the healthcare system and increases the operating costs of the attacked healthcare organization. Although there are many defensive security methods that have been devised, nonetheless malicious transactions may find a way to penetrate the secured safeguard and then modify critical data of healthcare databases. When a malicious transaction modifies a patient record in a database, the damage may spread to other records through valid transactions. Therefore, recovery techniques are required. The efficiency of the data recovery algorithm is substantial for e-healthcare systems. A patient cannot wait too long for his/her medical history to be recovered so that the correct medication be prescribed. Nevertheless, in order to have fast data recovery, an efficient damage assessment process should precede the recovery stage. The damage assessment must be performed as the intrusion detection system detects the malicious activity. The execution time of the recovery process is a crucial factor for measuring the performance because it is directly proportional to the denial of service time of any healthcare system. This paper presents a high performance damage assessment and recovery algorithm for e-healthcare systems. The algorithm provides fast damage assessment after an attack by a malicious transaction to keep the availability of the e-healthcare database. Reducing the execution time of recovery is the key target of our algorithm. The proposed algorithm outperforms the existing algorithm. It is about six times faster than the most recent proposed algorithm. In the worst case, the proposed algorithm takes 8.81?ms to discover the damaged part of the database; however, the fastest recent algorithm requires 50.91?ms. In the best case, the proposed algorithm requires 0.43?ms, which is 86 times faster than the fastest recent work. This is a significant reduction of execution time compared with other available approaches. Saving the damage assessment time means shorter denial of service periods, which in turn guarantees the continuity of the patient centric healthcare system. 相似文献
18.
In order to effectively identify the multiple types of DNS covert channels,the implementation of different sorts of DNS covert channel software was studied,and a detection based on the improved convolutional neural network was proposed.The experimental results,grounded upon the campus network traffic,show that the detection can identify twenty-two kinds of data interaction modes of DNS covert channels and is able to identify the unknown DNS covert channel traffic.The proposed method outperforms the existing methods. 相似文献
19.
