Interdiction models for delaying adversarial attacks against critical information technology infrastructure

Information technology (IT) infrastructure relies on a globalized supply chain that is vulnerable to numerous risks from adversarial attacks. It is important to protect IT infrastructure from these dynamic, persistent risks by delaying adversarial exploits. In this paper, we propose max‐min interdiction models for critical infrastructure protection that prioritizes cost‐effective security mitigations to maximally delay adversarial attacks. We consider attacks originating from multiple adversaries, each of which aims to find a “critical path” through the attack surface to complete the corresponding attack as soon as possible. Decision‐makers can deploy mitigations to delay attack exploits, however, mitigation effectiveness is sometimes uncertain. We propose a stochastic model variant to address this uncertainty by incorporating random delay times. The proposed models can be reformulated as a nested max‐max problem using dualization. We propose a Lagrangian heuristic approach that decomposes the max‐max problem into a number of smaller subproblems, and updates upper and lower bounds to the original problem via subgradient optimization. We evaluate the perfect information solution value as an alternative method for updating the upper bound. Computational results demonstrate that the Lagrangian heuristic identifies near‐optimal solutions efficiently, which outperforms a general purpose mixed‐integer programming solver on medium and large instances.     

基于大数据分析的网络管理智能化

军事通信网综合管理系统中,各专业网络运行情况的主要数据都可汇总到综合网管数据库中。这些网管数据中隐含了网络运行的几乎全部信息,但即使是最有经验的网络管理专家面对这些繁杂的数据也只能望洋兴叹。面对大数据的智能分析技术则有可能实现网络运行态势的高度可视化,充分理解和详细把握全网运行状态,像知识、经验、联想丰富的专家一样不知疲倦地对网络运行状况进行全面细致地分析,从海量的网管数据中发现网络故障的蛛丝马迹,发现隐含的问题,预知网络变化。论文介绍了利用大数据分析技术实现网络管理智能化的现实目标,基于性能的网络异常预测预报、基于性能和事件的故障分析诊断、网络运行知识的挖掘利用等方面的功能和技术途径。     

试论军语演变“三律”

军语的产生、发展和变化，始终受到军事规律、词汇规律和术语规律的影响和制约。这三个方面规律的综合作用，对军语的语形、语义和语用的演变，产生着积极或消极的影响。任何一个军语在任何一个方面的演变，都可以从领域、词汇和术语这三个方面的规律中寻觅其基本成因。     

基于EMD、遗传算法及神经网络的柴油机故障诊断

研究了将经验模式分解(Empirical Mode Decom position,EMD)、遗传算法及BP神经网络相结合对柴油机振动信号进行故障诊断的方法。首先运用经验模式分解方法对柴油机缸盖表面振动信号进行分解并提取特征参数;然后利用遗传算法对得到的特征参数进行选择,找到对于故障诊断最为敏感的参数;最后建立了BP神经网络模型对柴油机典型故障进行诊断。通过对某型柴油机的验证,表明该方法能够准确识别柴油机供油系统的典型故障。     

基于模糊-组合神经网络的信息系统安全风险评估

针对信息系统的安全风险评估问题,提出了一种将模糊理论与神经网络进行"浅层次"结合的评估方法。通过对信息系统所涉及的风险因素分别从资产影响、威胁频度、脆弱性严重程度三方面进行分析,建立了信息系统的安全风险层次化结构,并构造了各因素所对应评判集的隶属度矩阵;综合运用模糊推理算法与神经网络仿真技术,对信息系统的安全风险进行评估,进而判定信息系统安全风险等级。最后,通过实例分析说明了算法的应用,并借助误差分析检测了模型的有效性。     

基于位置信息的无线传感网络路由改进

基于位置信息的无线传感器网络如果完全采用无状态的方式路由,在某些拓扑结构中存在数据不可到达的缺陷,即死亡点的问题.针对这一问题,将无线传感器网络抽象为一数学模型,在此模型的基础上,给出了问题的数学描述.经分析,提出了一种基于逃离算法的详细解决方案.对算法的性能从理论上分析得出算法没有环路,是正确可行的,而仿真结果也验证了这一点,算法的时间复杂度为O(n).     

基于功效系数的防空兵通信网效能分析与评估

针对防空兵通信网效能评估问题,提出一种新的评价方法——功效系数层次递归合成算法。该算法利用向量相似度建立系统能力与任务使命之间的联系,分层递归地求取了系统效能。在效能评估过程中,该算法对指标向量和使命向量进行了功效匹配,可对各指标进行实时监测,优劣分析,并求取劣势指标对系统整体效能的影响程度,可通过改善劣势指标来提高系统整体效能。最后通过对防空兵通信网效能的分析评估,验证了此方法的有效性和实用性。     

Information security: Designing a stochastic‐network for throughput and reliability

Todas information and communication network requires a design that is secure to tampering. Traditional performance measures of reliability and throughput must be supplemented with measures of security. Recognition of an adversary who can inflict damage leads toward a game‐theoretic model. Through such a formulation, guidelines for network designs and improvements are derived. We opt for a design that is most robust to withstand both natural degradation and adversarial attacks. Extensive computational experience with such a model suggests that a Nash‐equilibrium design exists that can withstand the worst possible damage. Most important, the equilibrium is value‐free in that it is stable irrespective of the unit costs associated with reliability vs. capacity improvement and how one wishes to trade between throughput and reliability. This finding helps to pinpoint the most critical components in network design. From a policy standpoint, the model also allows the monetary value of information‐security to be imputed. © 2009 Wiley Periodicals, Inc. Naval Research Logistics, 2009     

基于VR与PNN相结合的机电液控制系统故障诊断方法

针对大型复杂机电液控制系统故障诊断中存在的数学模型获取困难、历史故障数据匮乏问题,提出了一种将虚拟样机与概率神经网络相结合的故障诊断混合方法。建立系统的虚拟样机,并对其可信性进行校核与验证。在此基础上进行大量随机性故障植入与仿真实验,获取故障仿真数据。经过特征提取与概率神经网络模式识别训练,形成用于诊断的知识库,从而实现故障诊断。以操舵系统作为研究案例,得到了较高的故障检测和隔离精度与较低的虚警及漏警率,验证了该方法的可行性,为大型复杂机电液控制系统故障诊断提供新的思路。     

目标网络分层描述与自修复机制研究?

针对目标网络分层建模与自修复机制问题展开研究。首先建立了分层次的作战目标网络模型，在此基础上提出六种维度的指标以评价作战目标网络在攻击前后能力的变化情况；其次，从预警网络层、火力网络层、指控网络层分析探索作战目标体系在遭受攻击后的最优自修复策略；最后，通过模拟攻击实验仿真分析上述自修复机制的可行性。实验结果表明该目标网络的自修复机制相比传统方法，能够更好地发挥剩余节点的作战效能。