Yu, Jinhe, Liu, Wei, Li, Yue, Zhang, Bo, Yao, Wenjian.
2022.
Anomaly Detection of Power Big Data Based on Improved Support Vector Machine. 2022 4th International Academic Exchange Conference on Science and Technology Innovation (IAECST). :102—105.
To reduce the false negative rate in power data anomaly detection, enhance the overall detection accuracy and reliability, and create a more stable data detection environment, this paper designs a power big data anomaly detection method based on improved support vector machine technology. The abnormal features are extracted in advance, combined with the changes of power data, the multi-target anomaly detection nodes are laid, and on this basis, the improved support vector machine anomaly detection model is constructed. The anomaly detection is realized by combining the normalization processing of the equivalent vector. The final test results show that compared with the traditional clustering algorithm big data anomaly detection test group and the traditional multi-domain feature extraction big data anomaly detection test group, the final false negative rate of the improved support vector machine big data exception detection test group designed in this paper is only 2.04, which shows that the effect of the anomaly detection method is better. It is more accurate and reliable for testing in a complex power environment and has practical application value.
Deng, Wei, Liu, Wei, Liu, Xinlin, Zhang, Jian.
2022.
Security Classification of Mobile Intelligent Terminal Based on Multi-source Data Fusion. 2022 4th International Conference on Frontiers Technology of Information and Computer (ICFTIC). :427–430.
The application of mobile intelligent terminal in the environment is very complex, and its own computing capacity is also very limited, so it is vulnerable to malicious attacks. The security classification of mobile intelligent terminals can effectively ensure the security of their use. Therefore, a security classification method for mobile intelligent terminals based on multi-source data fusion is proposed. The Boolean value is used to count the multi-source data of the mobile intelligent terminal, and the word frequency method is used to calculate the weight of the multi-source data of the mobile intelligent terminal. The D-S evidence theory is used to complete the multi-source data fusion of the mobile intelligent terminal and implement the multi-source data fusion processing of the mobile intelligent terminal. On this basis, the security level permission value of mobile intelligent terminal is calculated to achieve the security level division of mobile intelligent terminal based on multi-source data fusion. The experimental results show that the accuracy of mobile intelligent terminal security classification is higher than 96% and the classification time is less than 3.8 ms after the application of the proposed method. Therefore, the security level of mobile intelligent terminals after the application of this method is high, and the security performance of mobile intelligent terminals is strong, which can effectively improve the accuracy of security classification and shorten the time of security classification.
Xia, Hongyan, Zhang, David, Liu, Wei, Haller, Istvan, Sherwin, Bruce, Chisnall, David.
2022.
A Secret-Free Hypervisor: Rethinking Isolation in the Age of Speculative Vulnerabilities. 2022 IEEE Symposium on Security and Privacy (SP). :370—385.
In recent years, the epidemic of speculative side channels significantly increases the difficulty in enforcing domain isolation boundaries in a virtualized cloud environment. Although mitigations exist, the approach taken by the industry is neither a long-term nor a scalable solution, as we target each vulnerability with specific mitigations that add up to substantial performance penalties. We propose a different approach to secret isolation: guaranteeing that the hypervisor is Secret-Free (SF). A Secret-Free design partitions memory into secrets and non-secrets and reconstructs hypervisor isolation. It enforces that all domains have a minimal and secret-free view of the address space. In contrast to state-of-the-art, a Secret-Free hypervisor does not identify secrets to be hidden, but instead identifies non-secrets that can be shared, and only grants access necessary for the current operation, an allow-list approach. SF designs function with existing hardware and do not exhibit noticeable performance penalties in production workloads versus the unmitigated baseline, and outperform state-of-the-art techniques by allowing speculative execution where secrets are invisible. We implement SF in Xen (a Type-I hypervisor) to demonstrate that the design applies well to a commercial hypervisor. Evaluation shows performance comparable to baseline and up to 37% improvement in certain hypervisor paths compared with Xen default mitigations. Further, we demonstrate Secret-Free is a generic kernel isolation infrastructure for a variety of systems, not limited to Type-I hypervisors. We apply the same model in Hyper-V (Type-I), bhyve (Type-II) and FreeBSD (UNIX kernel) to evaluate its applicability and effectiveness. The successful implementations on these systems prove the generality of SF, and reveal the specific adaptations and optimizations required for each type of kernel.