The Sybil attack, which creates a large amount of fake node identities to break the normal routing process in the peer-to-peer (P2P) networks, is the main threat faced by distributed networks. A Social-DHT protocol was developed using the properties of social relationships to mitigate Sybil attacks in distributed Hash table (DHT) networks using random walks over the social relationships. In addition, a model is given using a formalized definition to analyze the successful probability of searches. Simulations show that the Social-DHT routing table includes less than 3% of the Sybil nodes when there are 10000 attack edges and the successful search ratio reaches 99%, which is better than existing methods.
A method is given to detect remote control Android malware using a control dependency analysis based on real-world malware characteristics. The malware is detected using dynamic taint analysis. An extended dynamic taint analysis method is used to detect remote control malware. A static analysis is used first to identify the control range of the conditional instructions, and the static instrumentation technique insered into the target application to track the control dependence. The instrumented application can then check whether the current sensitive operation depends on the tainted data at runtime. Then users can then effectively analyze and detect remote control malware. A prototype system based on the method shows that this method effectively detects real remote control malware.
Present smart fuzzing techniques are time-consuming and do not effecdtively trigger vulnerabilities. A parallel execution path negate algorithm and a compound test case generation method are introduced in this paper with parallel program analyses and traditional fuzzing techniques. Each test case was given a variable to limit the range of the negate operation with many conditions negated in this range. The test case generation method generates the vulnerability trigger data using traditional fuzzing techniques which are added to the test case generated by Concolic execution. Diting was developed to verify and test these techniques. Tests of three applications using 203602 test cases identified two vulnerabilities. One of the vulnerabilities was a 0-Day vulnerability. Theoretical analyses and test results show that the negate algorithm can be applied in a parallel environment to reduce the testing time and the test case generation method improves the ability to trigger vulnerabilities in the test cases.
A system, DFR2 (on-demand forensic technology support for rollback recovery), is developed to obtain on demand real-time evidence from crimes to support rollback recovery. The Linux based system for obtaining evidence uses different methods and objects which are logically based on their different environments to narrow down the range of treatments, to shorten the investigations and evidence acquisition, and to improve the effectiveness of the evidence. The system also supports rollback recovery of the file system data to minimize intrusion losses. Compared with existing method Snare, the results have improved function and performance with reducing 5% cost during robbing process.
Industrial control devices (ICDs) are widely used in many industrial facilities such as petrochemical factories, power generation plants, water treatment plants, and transportation systems. The cyber security of such devices directly affects industrial production, which affects our economic security as well as our national security. This paper describes common cyber security issues in these devices and the root causes of these issues. The effects of cyber attacks are also analyzed for attacks from the information space and the physical space connected to the ICDs. Finally, security evaluation techniques are given including standards, evaluation methods and certifications along with future research challenges.
This paper presents a risk assessment method based on threat propagation between assets for assessing the risks related to complex information system security. This method describes the threat propagation route between assets as a threat propagation tree, with the risk to the complex information system security assessed by the expected value loss of each node in the threat propagation tree with the probability of each step in the threat propagation tree. The accuracy of this model is evaluated by applying the model to a representative complex information system. The analysis shows that this method represents the different probabilities for different threatened nodes and the threat propagation between nodes to identiby the key protected nodes during different periods. The system is more objective and accurate than the traditional isolated node analysis method and is able to guide security risk managers to formulate reasonable security protection strategies for complex information systems.
An attack graph technique is given for industrial control systems (ICS) that simplifies the complexity of the attack graph generation based on the characteristics of the control system network structure. The characteristics of the control system's hierarchical structure were analyzed to develop a host security domain and a network security domain. The network is divided into some security domains so that the attack patterns (remote/local) and other factors can be separated to reduce the complexity of the attack graph generation. Consequently, this method improves the production efficiency and simplifies the attack graph scale. The method is tested in a virtual network environment.
An identity-based capability (ID-CAP) method is given to provide secure access control to Hadoop cloud computing platforms. The capability-based access control design follows the least privilege principle with the platform running tenant jobs using a least privilege set. Tests show that the capability-based access control can be efficiently implemented to support mutual authentication between different servers in a Hadoop platform while satisfying the least privilege requirement to improve platform security and stability.
This paper presents metamorphic testing (MT) methods for program bug detection with white-box criterion to reuse more testing resources and reduce cost. The correctness of mission-critical software is an important part of information security. Security systems often use metamorphic testing to solve the oracle problem with random tests. This article introduces two iterative metamorphic testing algorithms, AESIST and AEMIST, to analyze binary metamorphic relationships based upon APCEM (all-path coverage for every metamorphic relation). The test shows the efficiencies of these methods for bug detection.
This paper experimentally studies the influence of the operation pressure on arc voltages, discharge stabilities and projective areas of dual-jet dc arc 2-D high-temperature plasma regions. The visible pyrometry, the contour extraction method with the variable binary thresholding technique, and an eight-direction Freeman chain coding technique were used based on the recorded digital discharge images to quantitatively in situ describe the 2-D grayscale contour distributions of the arc-jet plasmas and the discharge stabilities during discharge processes. Experimental results show that with other parameters being unchanged, the 2-D high-temperature region of the arcjet increases with decreasing operation pressure, which also affects the discharge stabilities of the plasmas. The results also show that with increasing argon flow rate, the differences of the arcjet 2-D high-temperature region areas at different operation pressures decease, while the influences of the operation pressure on the arc voltage are not significant within the parameter ranges studied in this paper.
A non-thermal arc plasma generator was developed with three-electrode configuration. With the help of the surface dielectric barrier discharge (DBD) produced between the main electrode and floating electrode, the ignition voltage of the non-thermal arc discharge was reduced, and a steady state non-thermal arc plasma was obtained. Experiments show that the temperature of the non-thermal arc generated using this three-electrode plasma generator is 2.0×103-3.0×103K and that there exist three different operating modes, i.e., the non-thermal arc mode, the non-thermal arc-DBD hybrid mode, and the surface DBD mode, with the increase of the plasma working gas flow rate while keeping other parameters unchanged. The results also show that increasing the power input at a constant gas flow rate benefits maintaining a non-thermal arc discharge mode. The developed non-thermal arc plasma generator is useful for producing non-thermal arc plasmas at low applied voltages, and for maintaining non-thermal arc discharges at high gas flow rates.
Fine pitch copper bumping on wafers was characterized to meet the demand for smaller interconnections. Electroplating copper bumping involves under bump metallization (UBM) sputtering, thick photoresist, copper electroplating, photoresist removal and UBM etching. The spin coating, soft baking, exposure, developing and post exposure baking of AZ4620 thick photoresist were optimized theoretically. Wet and dry UBM etching are also compared. Copper bumps were fabricated with a 20 μm pitch, 10 μm diameter and 10 μm height with a 83.95° sidewall. The wafer level copper strength uniformity was also checked by shear testing.
Having the advantages of compact sizes, high Qs and low radiation losses, square ring resonators have been widely used to design filters, mixers, oscillators, and antennas. A stub-loaded ring resonator was developed to design dual-mode filters. The developed dual-mode resonator was found to have the advantage that the even-mode resonant frequencies can be flexibly controlled whereas the odd-mode resonant frequencies are fixed. Stepped impedance line is adopted to achieve strong coupling between the input/output (I/O) and the resonator, increasing the bandwidth of the filter. The center frequency of the new filter is 4.97GHz, with the minimum insertion of 1.33dB in passband and the 3dB fractional bandwidth of 9.38%. The results also show that the filter possesses a quasi-elliptic response which improves the stopband rejection.
One of the strategic and planning researches in China’s 12th Five-Year Plan for ocean engineering is the exploration and exploitation of ocean oil and gas resources, in which oil-gas-water multiphase flow metering technologies play an important role. This paper analyzes the application of the technologies mentioned above and the challenges these technologies are now facing, while describing the value of the multiphase flow measurement technologies in China’s ocean oil and gas exploitation strategy and discussing the industrialization of the technologies in the future. Some main multiphase flow metering technologies widely used in the world are summarized with specific application examples then given. This paper finally presents the significance of multiphase flow metering technologies in deep-water offshore oil and gas exploitation based on China’s 12th Five-Year Plan for ocean engineering.
Propanol, n-decane, and diesel droplets were selected as experimental samples to study combustion behavior of fuel droplets in a vertical electric field under gravity. A high speed camera was used to measure the combustion flame and droplet size, with laser-induced incandescence (LII) applied to determining soot volume fractions. The results show that the flame height of each fuel increases with increasing electrodes voltage, while the flame width decreases with increasing electrodes voltage. Propanol droplet combustion does not produce soot, with n-decane and diesel flame soot volume fraction decreasing with increasing electrodes voltage. Burning rate constants increase with increasing electrodes voltage with the maximum burning rate constant increasing by 9%, 20%, and 30% for propanol, decane, and diesel, respectively. Analyses show that electric field stretching on the flame induces soot formation suppression and promotes soot oxidation, reducing soot generation and weakening soot external radiation heat transfer, so as to promote fuel combustion.
The curved blade design method was used in a vortex axis engine turbine with low aspect ratio to analyze the effect of the curved blade optimization on improving the aerodynamic performance and the flow field structure of the turbine blade with strong secondary flow. Design schemes were determined for 14 curved blades with fixed height and different corners, with the total pressure ratio and flow then obtained through numerical calculation. Preliminary results showed that the negative curved blade prototype is superior to the positive and straight blades, and that the scheme with inflection of 15° is the optimal solution. The changes of the flow ability in the bottom area and the middle area were given based on the density flow along the blade height. Combination of the blade wall limit flow and the static pressure distribution shows that the reverse C type pressure distribution caused by the negative curved blade deteriorates the end zone flow but with low energy fluid in the middle areas greatly reduced, so the overall losses are reduced. The total pressure distribution on the outlet section also shows that the total pressure loss in the end areas increases with increasing passage vortex scale.
A 35 kV/8 Mvar cascaded transformerless static synchronous compensator (STATCOM) has been developed as a star configuration with self-excitation. With multiple power supplies, each unit can be automatically bypassed when a fault occurs to implement (N-1) uninterrupted operation. The compensation uses the optimized carrier phase-shift PWM method, instantaneous current control and a capacitor balancing strategy based on the voltage difference to give fast dynamic reactive power compensation. The STATCOM also coordinates with the voltage and reactive power control (VQC) system. Tests show that the STATCOM efficiency reaches 99%, the degree of unbalance among units is not greater than 3.3%, and the response time is below 10 ms when a voltage sag is detected which maintains the power system. The power factor is also related to the coordination between the STATCOM and VQC systems. Experimental data and field operation results both show that the excellent performance of the transformerless 35 kV/8 Mvar STATCOM as a new solution for voltage and reactive power control in substations.
Through administrating questionnaires to managers in Japanese foreign affiliates who used to work in state-owned enterprises (SOE), this paper intends to find out the effectiveness of these managers' SOE experiences in their current employment. Empirical evidence shows that the respondents' educational background, on-the-job training and work experiences in the state-owned enterprises in general help them climb the career ladder in the Japanese companies, thereby proving the effectiveness of their SOE experiences or skills. China's reform and opening up policy provides these managers with opportunities to start a new career in foreign companies, and the human capital accumulated in the planned economy is brought into full play after the economic transition.
Questionnaires were utilized with cooperation of managers in Japanese foreign affiliates who used to work in state-owned enterprises (SOE) to investigate the impact of these managers' SOE experience on their current vocational skills. Key research factors include working attitude, on-the-job performance and professional competence. Empirical evidence shows that respondents' work experience, educational back ground, job experience and final position have significant effects on their working attitude, achievement, communication skills, and management skills, especially in the areas of production,research,human resource,administration,sale, and finance.
The idea of “Smart Water Resource” arises under the background of “Smart City”. Combining with the current actual problems in the development of water industry and the national strategic deployment, this paper expounds the urgency and necessity of the Smart Water Resource construction, and analyzes the feasibility of the construction of the Smart Water Resource from the existing basis, new technology and social cognition. Finally, this paper suggests that the top-level design should be implemented and the evaluation system should be improved, which provides references for the future construction of Smart Water.
Fault tolerant is important for the reliability of cloud storage file systems. This paper analyzes the reliability of typical cloud file systems with a central metadata server and proposes a fault-tolerant mechanism that combines replication schemes with error correcting codes for storage node reliability guarantee as well as a hot-standby scheme for the metadata server reliability guarantee. Experimental results demonstrate that the mechanism improves the reliability of current cloud storage file systems and at the same time improves the storage utilizations compared with replication schemes.