Applied Mechanics and Materials Vols. 411-414

Abstract: Ontology and semantic are very popular in Web, and the construction of Web dynamic ontology has been the problem urgent to be solved. Firstly, the basic framework for constructing Web dynamic ontology is shown. Next, the concept lattice is introduced, based on which the novel method of building Web dynamic ontology is given. It includes constructing the initial ontology, extracting web knowledge, generating the formal contexts, merging formal context, merging concept lattices with ontology-based similarity calculation, transforming the concept lattice to the ontology. At last, the stock information system is employed to verify the methods proposed. The results showed the stock ontology could be dynamically updated with the change from the Web, and we can get new inferred knowledge from the updated stock ontology by Racer; the method proposed is valid and feasible.

Abstract: HOTP generation algorithm has safety risks because the counter is easily predicted. This paper describes TOTP generation algorithm which make the counter replace with timer, and makes an improved authentication method according to Three-Protocol of HOTP authentication method based on TOTP. The improved authentication method use an authentication number threshold and a timestamp to resist brute force attacks and replay attacks, use a random number and the MD5 encryption resist Man-in-the-Middle attack. Finally, a safe and useful Web authentication system is designed by PHP language.

Abstract: In this paper, based on the characteristics of heterogeneous information integration, a set of complete medical information integration platform network security defense architecture was designed by utilizing network security defense equipment and technologies such as gatekeeper, disk array and hot-standby etc. On the basis of overall design, the construction, deployment and operation of related system were realized. At last, the effectiveness of the network security defense architecture designed and realized in this paper was tested by means of fault injection.

Abstract: This paper presents an application-layer attack detection method based on user’s application-layer behaviors. In this method, the keywords of an application-layer protocol and their inter-arrival times are used as the observations, a hidden semi-Markov model is used to describe the application-layer behaviors of a normal user who is using the application-layer protocol. This method is also based anomaly detection. In theory, application-layer anomaly detection can identify the known, unknown and novel attacks happened on application-layer. The experimental results show that this method can identify several application-layer attacks, and has high detection accuracy and low false positive ratio.

Abstract: This article proposes a new model which is called hierarchical network security situation awareness model. The model emphasizes the time dimension in the assessment, it divides the assessment into two parts: short-term and long-term. The data source is the logs, flow data and others generated by equipments. These original data through the data fusion model and the situation evaluation model to obtain the short-term result, this result is the foundation of long-term. Combine the static indicators with dynamic which is calculated by short-term to figure out the long-term result. This model is based on multi-source data, and expand quantitative assessment in the different levels of time dimension, it makes up the security situation assessment in multi-period assessment and has advantage in network security situation prediction.

Abstract: By analyzing the security threats faced during the process of Internet data transfer, this paper compares the existing three security schemes, points out their limits and proposes a secure transfer protocol. This protocol can provide data confidentiality protection, data integrity protection, protection against replay attack and non-repudiation protection by ensuring the identities of both communication sides, and thus it ensures the security of data transmission of the Internet of things. This paper first introduces the overall framework of the protocol, then it elaborates the connection establishment and release process, data exchange process, key exchange process, finally it proves the feasibility of the protocol by the experiments.

Abstract: In the emerging Internet of Things (IOT), lookup service or discovery service plays a critical role, however, current lookup services and discovery services of IoT have not been widely adopted due to some drawbacks or bottlenecks, as well as the item-level lookup service is still missing, moreover, enhancing security and privacy protection does not get enough attention. Therefore, based on the object discovery service architecture (ODSA) a distributed serial number level object discovery service architecture using Chord for the IOT, a security-based application level lookup protocol was provided to enhance the overall security and privacy protection for ODSA. Additionally, some analysis and discussion were given to validate and evaluate our solution. The results show that our solution is available.

Abstract: We put forward exchange agreement certificate mutual authentication and the session key exchange protocol based on wireless sensor network, which is an improved version of the traditional certificate protocol. In the optimization scheme, the adversary cannot obtain the secret value, and each session process generates a different key, so as to ensure the safety of the encrypted information transmission between nodes.

Abstract: In recent years, with the rapid expansion of network scale and types of applications, cloud computing and virtualization technology have been widely used in the data centers, providing a fast, flexible and convenient service. However, energy efficiency has increased dramatically. The problem of energy consumption has been widespread concern around the world. In this paper, we study the energy-saving in optical data center networks. First, we summarize the traditional methods of energy-saving and meanwhile reveal that the predominant energy consuming resources are the servers installed in the data centers. Then we present the server virtualization technologies based on Virtual Machines (VMs) that have been used widely to reduce energy consumption of servers. Results show server consolidation based on VM migration can efficiently reduce the overall energy consumption compared with traditional energy-saving approaches by reducing energy consumption of the entire network infrastructure in data center networks. For future work, we will study server consolidation based on VM migration in actual environment and address QoS requirements and access latency.

Abstract: Context history has a concrete role to play in supporting proactive personalized services in a mobile and ubiquitous networking environment. However, despite its promise, the utilization of context history in this way is a relatively under-explored research field. This paper proposed a context-aware system framework for proactive personalized mobile networking applications based on user models utilizing the context history. Based on the proposed framework, we presented a system called CAMTRS, which was an context-aware mobile tourism recommender system that serves a tourist with information needed in his specific context that are interesting to him given his goal for that moment. From our experiment and evaluation, the proposed framework is a promising approach to provider proactive personalized services to mobile users.