Subjects: Astronomy >> Astrophysical processes submitted time 2023-06-07 Cooperative journals: 《天文学进展》
Abstract: The thermal expansion of the radio telescope is an important element in geodesy and astrometric VLBI data analysis. In order to study the thermal expansion of the Tianma 13.2-m VGOS (VLBI Global Observing System) radio telescope, a monitoring system has been developed, which can automatically and in real time monitor the thermal deformation of the corresponding antenna structure. By continuously observing a target mounted on the antenna azimuth axis 1.5 m directly below the reference point, the monitoring system can determine the three-dimensional position variations of the prism. Based on continuous monitoring from 10 November 2020 to 31 August 2021 the results show that the maximum change of prism height is 2.6 mm in 10 months and 0.2 mm in one day. The horizontal displacement of the prism is not significant in 10 months. Finally, we verify the thermal expansion model of the IERS (International Earth Rotation Service) using the height thermal deformation of the Tianma VGOS telescope. The results show that the residuals between the observed data and the IERS model are less than 1.5 mm, and the RMS of the residuals is 0.43 mm. The IERS thermal expansion model can satisfy the current VLBI (Very Long Baseline interference) measurements, but not the accuracy requirements of VGOS. Therefore, the IERS thermal expansion model needs to be reconsidered for VGOS antennas.
Subjects: Computer Science >> Integration Theory of Computer Science submitted time 2019-05-10 Cooperative journals: 《计算机应用研究》
Abstract: By deploying cyber security devices, cyber security can be effectively improved. But due to the varieties and complex function of cyber equipment, how to optimize the deployment of cyber security devices is still a core problem for researchers.By turning the deployment of cyber security equipment into a pareto optimization problem,this paper put forward a tuple, a distributed constraint optimization, to quantify the deployment of cyber security device. Then, the algorithm, based on branch and bound algorithm, is used to calculate the quantized values to find out the optimal solution within solution space. And it takes a lot of time to run the algorithm, based on branch and bound algorithm, which is infeasible in large networks. This paper proposes to use the data preprocessing technology to optimize the search, which is based on arc consistency technology. This paper computed the quantized value in advance and make the search become an easy problem. Finally, it used the simulation experiments to prove the correctness and effectiveness of the proposed approaches.
Subjects: Computer Science >> Integration Theory of Computer Science submitted time 2019-04-01 Cooperative journals: 《计算机应用研究》
Abstract: GIFT is a lightweight block cipher with high efficiency and low power consumption. There are few research results to evaluate its security. This paper presented the balanced Biclique and Star attacks on GIFT-64 based on the Biclique attack method, combined with the information leakage of the key scheduling and the round function structure of GIFT-64. The data complexity and computational complexity required for the balanced Biclique attack of GIFT-64 are 232 and 2127.36 respectively. The data complexity and computational complexity required for the Star attack of GIFT-64 are 2 and 2127.48 respectively. These are the first security analysis for the full-round GIFT-64.
Subjects: Computer Science >> Integration Theory of Computer Science submitted time 2019-01-28 Cooperative journals: 《计算机应用研究》
Abstract: Aiming at improving the accuracy of vulnerability risk assessment, this paper proposed a vulnerability risk assessment and mitigation method combining dynamic and static features. The method took fixed features such as attack complexity, impact degree and attack vector, which were commonly used in traditional risk assessment methods, as static features. And features such as defense capability, vulnerability repair and attacker's attack capability that may changed over time as dynamic features. The method combined the two kinds of features to make a more comprehensive assessment of the risk of vulnerabilities. Then this paper gave quantitative calculation method of each feature in practice and the recommendation method of vulnerability repair strategy. To verify the method, it took the risk assessment process of single vulnerability and the risk assessment results of multiple vulnerabilities as examples, and compared the results with CVSS scores. The experimental results show that the method can provide more accurate vulnerability risk assessment results and reasonable vulnerability repair strategy in combination with specific network environment, thus demonstrates the feasibility and effectiveness of the method.
Subjects: Computer Science >> Integration Theory of Computer Science submitted time 2019-01-28 Cooperative journals: 《计算机应用研究》
Abstract: Aiming at the problem that the Bluetooth voice signal cannot be transmitted through the voice channel after being encrypted, this paper establishes a Bluetooth voice encryption data transmission model, and proposes a waveform codebook generation algorithm for Bluetooth voice encryption transmission. The algorithm uses subcarrier modulation to generate the initial modulation codebook, and trains data to obtain the demodulation codebook. This paper designed the Particle-pair algorithm with the last elimination mechanism to find the optimal codebook. Simulation analysis shows that the proposed algorithm has the advantages of fast convergence rate and can generate waveform codebooks with different bit transmission rate and low symbol error rate. Experiments show that using this waveform codebook to transmit data in Bluetooth has low symbol error rate.
Subjects: Computer Science >> Integration Theory of Computer Science submitted time 2018-06-19 Cooperative journals: 《计算机应用研究》
Abstract: With the popularity of cloud computing, mobile devices can store and retrieve personal data anytime and anywhere. Attribute based encryption can be used to solve the problem of mobile cloud data security. At present, the research on attribute based encryption adapting to mobile cloud is mainly focused on single authority, which does not satisfy the real property authorization situation. This paper proposed a new multi-authority attribute based encryption scheme with no central authority, each authority in the scheme could not affect each other and attributes could be added independently. In addition, the scheme uses precomputation and outsourcing decryption to reduce the computation cost of the user side. Besides, the scheme was static secure under the random oracle model. Experimental results show that the scheme can reduce the computation cost of the user side by 20%, and it is more consistent with the data sharing application scenario in the mobile cloud environment.
Subjects: Computer Science >> Integration Theory of Computer Science submitted time 2018-06-19 Cooperative journals: 《计算机应用研究》
Abstract: Aiming at the problem that the interrupt frequency in the virtual environment is too large to affect the cryptographic computing performance of the encryption device, this paper proposed a performance optimization method to reduce the interrupt frequency. Firstly, the method established the interrupt frequency control model and verified the rationality and correctness of the model through experiments. Then, based on a single root I/O virtualization, adding a speed monitoring module at the virtual function driving layer to monitor the change of the encryption speed in real time, and when the module detected that the encryption speed reduced, it automatically adjusted the upper limit of the virtual function interruption frequency to reduce the interruption frequency. The process reduced excessive I/O transfer consumption. The experimental results show that the adjustment of the upper limit of the interrupt frequency significantly improves the encryption speed of the I/O intensive encryption process.
Subjects: Computer Science >> Integration Theory of Computer Science submitted time 2018-05-20 Cooperative journals: 《计算机应用研究》
Abstract: The target network information which intruder learn will gradually increase in the intrusion process. According to the new information , intruder will find a better intrusion path than before and adjust strategy. This paper presented a method which can more accurately predict intrusion path. First, it established a dynamic defense graph based on hypergraph theory and proposed the method to update dynamic defense graph. Second, it established incomplete information multi-stage game model. Finally, it designed the dynamic defense graph path predictive algorithm based on game. The experiment gives a concrete example about the model of predicting intrusion path. The reasonableness and accuracy of the model are illustrated by the analysis of the example results.
Subjects: Computer Science >> Integration Theory of Computer Science submitted time 2018-05-18 Cooperative journals: 《计算机应用研究》
Abstract: Due to the complex structure of space-ground integration network, it has characteristics of heterogeneous, dynamic, intermittent connectivity and high exposure, it is necessary to study the special access authentication architecture and method in order to ensure security. The software defined network adopts the idea of separating control surface from data surface, so this paper proposed a new access authentication architecture which combined software defined network and space-ground integration network to realize flexibility. It consisted of detailed description of the authentication architecture and process, and it could realize security protection and resources optimization control. Then according to the characteristics of the architecture, this paper put forward 7 attributes of influencing access point decision, and presented the calculating formula of each attribute. In addition, an access point decision algorithm was proposed based on Analytic Hierarchy Process and Technique for Order Preference by Similarity to an Ideal Solution. Simulation experiments show that the algorithm can select the best access point and it can achieve reasonable utilization of resources.
Subjects: Computer Science >> Integration Theory of Computer Science submitted time 2018-05-02 Cooperative journals: 《计算机应用研究》
Abstract: Considering the characteristics of multi-level environment, this paper proposes a mutual authentication and key negotiation protocol between removable storage devices and host terminals. There is no online authentication center and the protocol can be able to identify the confidentiality level. Based on the unforgeability of the digital signature from TTP (Trusted Third Party) and the difficulty of calculating the DLP (Discrete Logarithm Problem) , the protocol achieves mutual authentication between removable storage devices and host terminals through verifying the correctness of ciphertext encrypted by the negotiation key. Informal and formal analyses are put on the protocol. The analysis results show that the protocol has high security, small storage cost, low number of pre-shared authentication parameters and strong practicability compared with the similar protocols. This protocol can effectively solve the problem of confidentiality level identification and identity authentication of removable storage devices in multi-level environment. And it’s of great importance to the security management of removable storage devices.
Subjects: Computer Science >> Integration Theory of Computer Science submitted time 2018-04-17 Cooperative journals: 《计算机应用研究》
Abstract: In order to test the defensive capability of IPv6 firewall to against potential IPv6 network threats, this paper studied IPv6 firewall defensive capability testing technology. Through the research of IPv6 protocol, this paper constructed five kinds of test packets with security risks, such as ICMPv6, single extended header, multi-extension header, fragmentation and address scopes, proposed a firewall testing framework with C/S architecture, built independent test modules for every kind of testing based the framework and test packets, set up test environments that can be used to test stateful firewalls, and provided appropriate test methods. Using the method, this paper tested a Cisco ASA5505 firewall and found its advantages and disadvantages.
Subjects: Computer Science >> Integration Theory of Computer Science submitted time 2018-04-12 Cooperative journals: 《计算机应用研究》
Abstract: For defending the new link flooding attack, this paper proposed an active defense method of Openflow channel link flooding based on Renyi entropy. Analyzing the changes in the number of ICMP timeout messages produced by an attacker in the construction of the Openflow channel Linkmap from Renyi entropy. Once attacks precursor was detected, flow monitoring server sends an attack warning to the controller, then controller start switch-controller connection migration mechanism, migrate the switch to a new controller and communicate with the new Openflow channel. Experimental results show that the active defense method can effectively avoid the impact of link flooding attack between controller and switch and ensure that controller and switch can provide continuous network services and enhance the robustness of SDN network.
Hits
YES
Hits
Downloads
Comment