基于熵的二叉树多类支持向量机的漏洞分类

为了有效提高漏洞分类的准确性,针对基于二叉树多类支持向量机分类算法的分类复杂性和分类结果依赖二叉树的结构等缺点,提出了一种基于熵的二叉树多类支持向量机的漏洞分类算法。根据定义最小超球体进行漏洞样本空间的分类,有效地通过熵的计算来描述漏洞之间的混杂程度,使得漏洞分类的计算过程被简化且能够有效减少分类结果对二叉树结构的依赖。采用公共漏洞枚举(CWE)漏洞分类体系在收集到的3000个漏洞样本上进行大量仿真实验,漏洞分类的平均准确率和平均召回率达93.3%和93.25%,高于基于二叉树多类支持向量机分类算法和K-近邻(KNN)分类算法得到的平均值。实验结果表明所提算法有效可行,能精确地实现漏洞的分类。     

地下水脆弱性研究进展综述

地下水脆弱性研究是防治地下水污染、保护地下水环境工作的的基础.概括了地下水脆弱性概念的发展及不断完善的过程,对现有的地下水脆弱性评价方法进行了归纳总结,并指出了地下水脆弱性研究中存在的主要问题及其研究方向.     

Identification of emotional facial expressions following recovery from depression.

This study investigated the identification of facial expressions of emotion in currently nondepressed participants who had a history of recurrent depressive episodes (recurrent major depression; RMD) and never-depressed control participants (CTL). Following a negative mood induction, participants were presented with faces whose expressions slowly changed from neutral to full intensity. Identification of facial expressions was measured by the intensity of the expression at which participants could accurately identify whether faces expressed happiness, sadness, or anger. There were no group differences in the identification of sad or angry expressions. Compared with CTL participants, however, RMD participants required significantly greater emotional intensity in the faces to correctly identify happy expressions. These results indicate that biases in the processing of emotional facial expressions are evident even after individuals have recovered from a depressive episode. (PsycINFO Database Record (c) 2010 APA, all rights reserved)     

顾及供需关系的供水管网管段脆弱性评价

为了更精细地分析供水管网可靠性,考虑需求节点与水源的供需依赖关系,提出基于加权边介数的管段脆弱性评价方法.首先使用需求节点的需求占比和水源的供应占比,确定节点和水源之间K最短路径的总重要性权值,然后根据这些路径的阻力对重要性权值进行分配.对途经某条管段的全部K最短路径的重要性权值进行求和后,即得到该管段的加权边介数,用...     

基于静态分析的安全漏洞检测技术研究

消除软件中的安全漏洞是建立安全信息系统的前提。静态分析方法可以自动地提取软件的行为信息,从而检测出软件中的安全漏洞。和其它程序分析方法相比,该方法具有自动化程度高和检测速度快的优点。在本文中,我们首先描述了静态分析的理论基础,然后说明了类型推断、数据流分析和约束分析等主要静态分析方法及其在安全漏洞检测中的应用,并比较这些方法的优缺点。最后给出了几种支持安全漏洞静态检测的编程语言。     

面向源代码的软件漏洞静态检测综述

软件静态漏洞检测依据分析对象主要分为二进制漏洞检测和源代码漏洞检测。由于源代码含有更为丰富的语义信息而备受代码审查人员的青睐。针对现有的源代码漏洞检测研究工作，从基于代码相似性的漏洞检测、基于符号执行的漏洞检测、基于规则的漏洞检测以及基于机器学习的漏洞检测4个方面进行了总结，并以基于源代码相似性的漏洞检测系统和面向源代码的软件漏洞智能检测系统两个具体方案为例详细介绍了漏洞检测过程。     

A multilayer perceptron model for the correlation between satellite data and soil vulnerability in the Ferlo,Senegal

ABSTRACT

Soil erosion processes which contribute to desertification and land degradation, constitute major environmental and social issues for the coming decades. This is particularly true in arid areas where rural populations mostly depend on soil ability to support crop production. Assessment of soil erosion across large and quite diverse areas is very difficult but crucial for planning and management of the natural resources. The purpose of this paper is to investigate a prediction model for soil vulnerability to erosion based on the use of the information contained in satellite images. Based on neural networks models, the used approach in this paper aims at checking a correlation between the digital content of satellite images and soil vulnerability factors: erosivity (R), the soil erodibility (K), and the slope length and steepness (LS); vulnerability (V) as described in the RUSLE model. Significant results have been obtained for R and K factors. This promising pilot study was conducted in South Ferlo, Senegal, a region with Sahelian environmental characteristics.     

A simple drought risk analysis procedure to supplement water resources management planning in England and Wales

The current ‘Deployable Output’ approach for assessing water resources system performance in England and Wales is a practical, communicable means for assessing the adequacy of a water supply system and determining the relative benefits of proposed system enhancements. A recognised flaw with this approach is that it fails to characterise the severity of potential supply shortfalls, leading to mischaracterisation of risks and benefits associated with alternative candidate investments. Here, we propose a Monte Carlo procedure that could supplement the existing process by exposing the magnitude (% water demand unserved) and duration (number of days) of supply curtailments under a range of drought scenarios. The method is demonstrated using a realistic, stylised water resources system and a discrete number of infrastructure investments. Results demonstrate that vulnerability assessments can expose previously unidentified risks that might radically alter a planner’s estimate of the cost‐effectiveness of a particular investment.     

Graph fragmentation problem: analysis and synthesis

Vulnerability metrics play a key role in the understanding of cascading failures and target/random attacks to a network. The graph fragmentation problem (GFP) is the result of a worst‐case analysis of a random attack. We can choose a fixed number of individuals for protection, and a nonprotected target node immediately destroys all reachable nodes. The goal is to minimize the expected number of destroyed nodes in the network. In this paper, we address the GFP by several approaches: metaheuristics, approximation algorithms, polytime methods for specific instances, and exact methods for small instances. The computational complexity of the GFP is included in our analysis, where we formally prove that the corresponding decision version of the problem is ‐complete. Furthermore, a strong inapproximability result holds: there is no polynomial approximation algorithm with factor lower than 5/3, unless . This promotes the study of specific instances of the problem for tractability and/or exact methods in exponential time. As a synthesis, we propose new vulnerability/connectivity metrics and an interplay with game theory using a closely related combinatorial problem called component order connectivity.     

开源软件漏洞检测的混合深度学习方法

针对开源软件代码质量参差不齐和存在安全隐患的问题，提出一种基于混合深度学习模型（DCnnGRU）的开源软件漏洞检测方法。以漏洞库中的关键点为切入点构建控制流图，从静态代码中提取出与关键点存在调用和传递关系的代码片段，将代码片段数字化为固定长度的特征向量，并作为DCnnGRU模型的输入。该模型用卷积神经网络（Convolutional Neural Network，CNN）作为与特征向量交互的接口，门控循环单元（Gated Recurrent Unit，GRU）嵌入到CNN中间，作为捕获代码调用关系的门控机制。首先进行卷积和池化处理，卷积核和池化窗口对特征向量进行降维。其次，GRU作为中间层嵌入到池化层和全连接层之间，能够保留代码数据之间的调用和传递关系。最后利用全连接层来完成归一化处理，将处理后的特征向量送入softmax分类器进行漏洞检测。实验结果验证了DCnnGRU模型比单独的CNN和RNN模型有更高的漏洞检测能力，准确率比RNN高出7%，比CNN高出3%。