Collect | Home Page 
   
Office Online  
Journal Online
· Forthcoming Articles
· Current Issue
· Archive
· Advanced Search
· View by Fields
· Archive By Subject
· Special Issues
· Download Articles
· Read Articles
· Email Alert
· Recommended
Links
·
·
·
·
·
·
·
·
·
·
·
   Science & Technology Review
2007, Vol.25, No. 0707
10 April 2007

Articles
Reviews
Select | Export to EndNote
论文

Science & Technology Review. 2007, 25 (0707): 1-1. ;  doi:
Full text: HTML (0 KB)  PDF  (77 KB)  ( 368 )
Abstract ( 325 )
网络在安全研究专题

A Detection-centered Classification of Network Attacks

Science & Technology Review. 2007, 25 (0707): 5-9. ;  doi:
Full text: HTML (0 KB)  PDF  (608 KB)  ( 232 )
Abstract ( 466 )
An intrusion detection system with multi detection engines could overcome the limitations of one with a single detection engine. But up to now, the methodology dealing with network attacks lacks theoretical guidelines for the partition of the inference function. From the detector's point of view, this paper proposes a detection-centered methodology dealing with network attacks. Network attacks can, therefore, be divided into five categories: character string attack, overflow attack, repeating attack, multi-step attack and multi-stage attack. An intrusion detection system with isomerous detection engines is built on that basis. Experiments show that it can avoid the deficiencies of existing detection methods.

Research on Network Security Evaluation Technology Based on Attack-defense Confrontation

Science & Technology Review. 2007, 25 (0707): 9-12. ;  doi:
Full text: HTML (0 KB)  PDF  (517 KB)  ( 488 )
Abstract ( 504 )
In order to improve the current network security evaluation systems, a novel evaluation algorithm, called the quantitative network security evaluation based on attack-defense confrontation, is proposed in this paper. In this algorithm, the traditional risk assessment is combined with network environment factors such as the network running status, asset security characteristics and so on, and several quantitative indexes are extracted based on the analysis of factors which can affect the LAN's security situation. Then, evaluations are made based on a classification of attacks. Experiment results show that the novel algorithm can be used to extract situation information more objective and detailed so the security administrator may form a clearer picture for the LAN's security situation.

A Method of Dynamic Knowledge Representation and Reasoning Based on Fuzzy Petri Nets

Science & Technology Review. 2007, 25 (0707): 13-17. ;  doi:
Full text: HTML (0 KB)  PDF  (526 KB)  ( 346 )