Abstract NetBill Security and Transaction Protocol

网络安全外文翻译文献(文档含英文原文和中文翻译)翻译：计算机网络安全与防范1.1引言计算机技术的飞速发展提供了一定的技术保障，这意味着计算机应用已经渗透到社会的各个领域。

在同一时间，巨大的进步和网络技术的普及，社会带来了巨大的经济利润。

然而，在破坏和攻击计算机信息系统的方法已经改变了很多的网络环境下，网络安全问题逐渐成为计算机安全的主流。

1.2网络安全1.2.1计算机网络安全的概念和特点计算机网络的安全性被认为是一个综合性的课题，由不同的人，包括计算机科学、网络技术、通讯技术、信息安全技术、应用数学、信息理论组成。

作为一个系统性的概念，网络的安全性由物理安全、软件安全、信息安全和流通安全组成。

从本质上讲，网络安全是指互联网信息安全。

一般来说，安全性、集成性、可用性、可控性是关系到网络信息的相关理论和技术，属于计算机网络安全的研究领域。

相反，狭隘“网络信息安全”是指网络安全，这是指保护信息秘密和集成，使用窃听、伪装、欺骗和篡夺系统的安全性漏洞等手段，避免非法活动的相关信息的安全性。

总之，我们可以保护用户利益和验证用户的隐私。

计算机网络安全有保密性、完整性、真实性、可靠性、可用性、非抵赖性和可控性的特点。

隐私是指网络信息不会被泄露给非授权用户、实体或程序，但是授权的用户除外，例如，电子邮件仅仅是由收件人打开，其他任何人都不允许私自这样做。

隐私通过网络信息传输时，需要得到安全保证。

积极的解决方案可能会加密管理信息。

虽然可以拦截，但它只是没有任何重要意义的乱码。

完整性是指网络信息可以保持不被修改、破坏，并在存储和传输过程中丢失。

诚信保证网络的真实性，这意味着如果信息是由第三方或未经授权的人检查，内容仍然是真实的和没有被改变的。

因此保持完整性是信息安全的基本要求。

可靠性信息的真实性主要是确认信息所有者和发件人的身份。

可靠性表明该系统能够在规定的时间和条件下完成相关的功能。

这是所有的网络信息系统的建立和运作的基本目标。

《一种基于语义的恶意行为分析方法》篇一一、引言随着互联网技术的快速发展，网络空间的安全问题日益突出。

恶意行为、网络攻击和黑客行为已经成为对网络安全的主要威胁。

因此，为了有效地识别和防范这些威胁，我们提出了一种基于语义的恶意行为分析方法。

该方法能够通过对网络数据的深度语义理解，快速、准确地检测出恶意行为，从而提高网络安全防御的效率和准确性。

二、语义技术概述语义技术是计算机科学中的一个重要领域，主要关注的是数据内容的理解、表达和推理。

通过利用自然语言处理、知识图谱、本体论等语义技术，我们可以对网络数据进行深度解析，提取出其中的关键信息，理解其含义和上下文关系。

三、基于语义的恶意行为分析方法基于语义的恶意行为分析方法主要包括以下几个步骤：1. 数据收集：首先，我们需要从网络中收集大量的数据，包括网络流量、社交媒体数据、用户行为数据等。

2. 数据预处理：对收集到的数据进行清洗、过滤和格式化，以适应后续的语义分析。

3. 语义解析：利用自然语言处理等技术对数据进行语义解析，提取出关键信息和上下文关系。

4. 恶意行为识别：根据提取的语义信息，结合已知的恶意行为特征，进行恶意行为的识别和分类。

5. 行为评估：对识别出的恶意行为进行评估，判断其严重程度和对网络的威胁程度。

6. 响应与防御：根据评估结果，采取相应的防御措施，如封锁IP地址、隔离恶意设备等。

四、方法优势与挑战基于语义的恶意行为分析方法具有以下优势：1. 准确性高：通过对网络数据的深度语义理解，能够准确识别出恶意行为。

2. 效率高：能够快速处理大量数据，提高网络安全防御的效率。

3. 灵活性好：能够适应不同的网络环境和恶意行为模式。

然而，该方法也面临一些挑战：1. 数据质量：数据的准确性和完整性对分析结果有着重要影响。

2. 技术难度：需要结合自然语言处理、机器学习等技术，技术难度较高。

3. 实时性：在处理大量实时数据时，需要保证分析的实时性。

五、应用前景与展望基于语义的恶意行为分析方法在网络安全领域具有广泛的应用前景。

兵工自动化Ordnance Industry Automation 2021-0140(1)・17・doi: 10.7690/bgzdh.2021.01.005网络安全态势感知平台架构设计糜旗(中国航天科技集团第八研究院上海航天动力技术研究所，上海201109)摘要：为提高网络安全防范能力，设计网络安全态势感知平台架构。

详细阐述其架构与功能模块设计，利用大 数据技术将异构日志源数据进行存储、处理，采用数据挖掘、机器学习算法等进行分析、整合，并用可视化技术将 结果呈现给用户。

通过该平台，可建立针对网络未知威胁的动态安全监控与防御体系，避免因网络攻击导致的数据 泄露、信息系统被破坏等安全问题。

关键词：安全态势感知；架构；机器学习中图分类号：TP393.081 文献标志码：ANetwork Security Situation Awareness Platform Architecture DesignMi Qi(Shanghai Space Propulsion Technology Research Institute,No. 8 Academy, CASC, Shanghai 201109, China)Abstract: In order to improve network security prevention capabilities, the network security situation awareness platform architecture is designed. It elaborates its architecture and functional module design, uses big data technology to store and process heterogeneous log source data, uses data mining and machine learning algorithms to analyze and integrate, and uses visualization technology to present the results to users. Through this platform, a dynamic security monitoring and defense system against unknown network threats can be established to avoid security issues such as data leakage and information system destruction caused by network attacks.Keywords: security situational awareness; architecture; machine learning0引言随着互联网技术在我国的快速发展和普及，有组织、有政治目的的网络攻击也明显增多。

长期完整性的分层容错论文翻译长期完整性的分层容错秉健春，佩特罗斯曼尼阿蒂斯英特尔研究大学伯克利分校斯科特 Shenker，约翰 Kubiatowicz 美国加州大学伯克利分校摘要通常，容错服务有关的假设类型和故障，他们可以容忍的最大数量这种故障时，同时提供其正确性的保证;阈值是侵犯性，正确性丢失。

我们重新审视的概念在长期归档存储方面的故障阈值。

我们注意到，故障阈值不可避免地长期违反服务，使得传统的容错不适用长期的。

在这项工作中，我们进行的再分配容错预算的一项长期的服务。

我们分裂投入服务件的服务，每一个都可以容忍不同没有失败的故障数（并不会造成整个服务失败）：每件可在一个关键值得信赖的过错层，它必须永远不会失败，或不可信的故障层，它可以大量经常失败，或其他故障层次之间。

通过仔细工程的一项长期的服务分裂成片，必须服从不同的故障阈值，我们可以延长其必然灭亡。

我们证明了这一点做法 Bonafide，一个长期的 key - value 存储，与所有类似的文献中提出的系统，在保持完整性面对拜占庭故障，无需自我认证的数据。

我们描述了分层容错的概念，设计，实施， Bonafide 和实验1/ 3评价，并主张我们的做法是一个实际仍未显著改善在长期服务的艺术状态。

一，引言当前容错复制服务设计往往不适合长期的应用，如档案，数字文物，这是越来越重要的存储 [42]，为企业的监管[5， 6]，文化[36]原因。

从典型的故障假设这不合适结果这类系统的正确性空调。

例如，在典型的拜占庭容错（BFT）系统[13]，它是假定复制故障副本的数目总是比一些不太固定阈值，如副本人口的 1 / 3。

在典型的短期的应用，这样一个 uniformthreshold 基于故障假设是合理的，可以实现的。

例如，可以说在一个 wellmaintained 人口多元化，高保证副本服务器，由当时总人口的三分之一被打破生长进入或刚刚出现故障，故障副本的运营商可以修复它们。

CCF推荐的国际学术会议和期刊目录修订版发布CCF(China Computer Federation中国计算机学会)于2010年8月发布了第一版推荐的国际学术会议和期刊目录，一年来，经过业内专家的反馈和修订，于日前推出了修订版，现将修订版予以发布。

本次修订对上一版内容进行了充实，一些会议和期刊的分类排行进行了调整，目录包括：计算机科学理论、计算机体系结构与高性能计算、计算机图形学与多媒体、计算机网络、交叉学科、人工智能与模式识别、软件工程/系统软件/程序设计语言、数据库/数据挖掘/内容检索、网络与信息安全、综合刊物等方向的国际学术会议及期刊目录，供国内高校和科研单位作为学术评价的参考依据。

目录中，刊物和会议分为A、B、C三档。

A类表示国际上极少数的顶级刊物和会议，鼓励我国学者去突破；B类是指国际上著名和非常重要的会议、刊物，代表该领域的较高水平，鼓励国内同行投稿；C类指国际上重要、为国际学术界所认可的会议和刊物。

这些分类目录每年将学术界的反馈和意见，进行修订，并逐步增加研究方向。

中国计算机学会推荐国际学术刊物（网络/信息安全）一、 A类序号刊物简称刊物全称出版社网址1. TIFS IEEE Transactions on Information Forensics andSecurity IEEE /organizations/society/sp/tifs.html2. TDSC IEEE Transactions on Dependable and Secure ComputingIEEE /tdsc/3. TISSEC ACM Transactions on Information and SystemSecurity ACM /二、 B类序号刊物简称刊物全称出版社网址1. Journal of Cryptology Springer /jofc/jofc.html2. Journal of Computer SecurityIOS Press /jcs/3. IEEE Security & Privacy IEEE/security/4. Computers &Security Elsevier http://www.elsevier.nl/inca/publications/store/4/0/5/8/7/7/5. JISecJournal of Internet Security NahumGoldmann. /JiSec/index.asp6. Designs, Codes andCryptography Springer /east/home/math/numbers?SGWID=5 -10048-70-35730330-07. IET Information Security IET /IET-IFS8. EURASIP Journal on InformationSecurity Hindawi /journals/is三、C类序号刊物简称刊物全称出版社网址1. CISDA Computational Intelligence for Security and DefenseApplications IEEE /2. CLSR Computer Law and SecurityReports Elsevier /science/journal/026736493. Information Management & Computer Security MCB UniversityPress /info/journals/imcs/imcs.jsp4. Information Security TechnicalReport Elsevier /locate/istr中国计算机学会推荐国际学术会议（网络/信息安全方向）一、A类序号会议简称会议全称出版社网址1. S&PIEEE Symposium on Security and Privacy IEEE /TC/SP-Index.html2. CCSACM Conference on Computer and Communications Security ACM /sigs/sigsac/ccs/3. CRYPTO International Cryptology Conference Springer-Verlag /conferences/二、B类序号会议简称会议全称出版社网址1. SecurityUSENIX Security Symposium USENIX /events/2. NDSSISOC Network and Distributed System Security Symposium Internet Society /isoc/conferences/ndss/3. EurocryptAnnual International Conference on the Theory and Applications of Cryptographic Techniques Springer /conferences/eurocrypt2009/4. IH Workshop on Information Hiding Springer-Verlag /~rja14/ihws.html5. ESORICSEuropean Symposium on Research in Computer Security Springer-Verlag as.fr/%7Eesorics/6. RAIDInternational Symposium on Recent Advances in Intrusion Detection Springer-Verlag /7. ACSACAnnual Computer Security Applications ConferenceIEEE /8. DSNThe International Conference on Dependable Systems and Networks IEEE/IFIP /9. CSFWIEEE Computer Security Foundations Workshop /CSFWweb/10. TCC Theory of Cryptography Conference Springer-Verlag /~tcc08/11. ASIACRYPT Annual International Conference on the Theory and Application of Cryptology and Information Security Springer-Verlag /conferences/ 12. PKC International Workshop on Practice and Theory in Public Key Cryptography Springer-Verlag /workshops/pkc2008/三、 C类序号会议简称会议全称出版社网址1. SecureCommInternational Conference on Security and Privacy in Communication Networks ACM /2. ASIACCSACM Symposium on Information, Computer and Communications Security ACM .tw/asiaccs/3. ACNSApplied Cryptography and Network Security Springer-Verlag /acns_home/4. NSPWNew Security Paradigms Workshop ACM /current/5. FC Financial Cryptography Springer-Verlag http://fc08.ifca.ai/6. SACACM Symposium on Applied Computing ACM /conferences/sac/ 7. ICICS International Conference on Information and Communications Security Springer /ICICS06/8. ISC Information Security Conference Springer /9. ICISCInternational Conference on Information Security and Cryptology Springer /10. FSE Fast Software Encryption Springer http://fse2008.epfl.ch/11. WiSe ACM Workshop on Wireless Security ACM /~adrian/wise2004/12. SASN ACM Workshop on Security of Ad-Hoc and Sensor Networks ACM /~szhu/SASN2006/13. WORM ACM Workshop on Rapid Malcode ACM /~farnam/worm2006.html14. DRM ACM Workshop on Digital Rights Management ACM /~drm2007/15. SEC IFIP International Information Security Conference Springer http://sec2008.dti.unimi.it/16. IWIAIEEE International Information Assurance Workshop IEEE /17. IAWIEEE SMC Information Assurance Workshop IEEE /workshop18. SACMATACM Symposium on Access Control Models and Technologies ACM /19. CHESWorkshop on Cryptographic Hardware and Embedded Systems Springer /20. CT-RSA RSA Conference, Cryptographers' Track Springer /21. DIMVA SIG SIDAR Conference on Detection of Intrusions and Malware and Vulnerability Assessment IEEE /dimva200622. SRUTI Steps to Reducing Unwanted Traffic on the Internet USENIX /events/23. HotSecUSENIX Workshop on Hot Topics in Security USENIX /events/ 24. HotBots USENIX Workshop on Hot Topics in Understanding Botnets USENIX /event/hotbots07/tech/25. ACM MM&SEC ACM Multimedia and Security Workshop ACM。

浙江工业大学之江学院毕业设计（论文）外文翻译毕业设计（论文）题目：基于J2EE的企业电子投票系统开发与设计外文翻译（一）题目：J2EE体系结构外文翻译（二）题目：J2EE项目的选择与风险分院（系）：信息工程分院专业：计算机科学与技术班级： 0402 姓名：徐栋杰学号： 200420100219 指导教师：冯志林毕业设计（论文）外文翻译要求1、毕业设计（论文）外文翻译应有两篇，总字符数不少于20000，其文献来源应由指导教师选定后以纸质（复印或打印件）形式随同毕业设计（论文）任务书一并发给学生。

复印或打印件上应有指导教师和专业教研室主任的签名和日期。

要求每位学生的外文翻译内容不重复。

2、翻译的外文文献应主要选自学术期刊、学术会议的文章、有关著作及其他相关材料，应与毕业论文（设计）主题相关，并列入毕业论文（设计）的参考文献；在每篇中文译文首页“页脚”处注明原文作者及出处，中文译文后应附外文原文（指导教师提供的原文，论文上应有指导教师和教研室主任签名）。

3、中文译文的基本撰写格式为：题目采用三号黑体字居中打印，正文采用宋体小四号字，行间距一般为固定值20磅，标准字符间距。

页边距为左3 cm，右2.5 cm，上下各2.5 cm，页面统一采用A4纸。

4、封面上的“外文翻译题目”指中文译文的题目；两篇外文文献，按“封面、译文一、外文原文（一）、译文二、外文原文（二）、外文翻译评阅表”的顺序统一装订。

赋予一个对该EJB的本地接口的引用，同时无需处理必不可少的JNDI查找。

●业务委托方法。

在这种方法中，业务接口的Web容器实现明确地托付给相应的EJB。

这具有允许高速缓存和允许故障操作在适当地点被重试的优点。

我们无需担心上述任一情况中的java.rmi.RemoteException捕获。

传输错误不会出现。

在这种体系结构中，和通过EJB来暴露一个远程接口的体系结构不同，EJB的使用仅仅是这种体系结构的一个实现选择而已，而不是一个基本特征。

Abstract: With the rapid development of information technology, the importance of network security has been increasingly recognized. In this paper, we discuss the establishment and implementation of a network security management system, aiming to enhance the security level of network systems and protect the interests of users. This paper is divided into four sections: the importance of network security, the components of a network security management system, the establishment process, and the implementation strategies.I. IntroductionNetwork security refers to the measures taken to protect the integrity, confidentiality, and availability of network resources and data. In recent years, with the rapid development of information technology, network security has become a hot issue in the field of information security. The establishment and implementation of a network security management system is essential for organizations to ensure the safety and stability of their network systems.II. Importance of Network Security1. Protection of information: Network security can prevent the unauthorized access, modification, and deletion of information, ensuring the confidentiality and integrity of data.2. Protection of network resources: Network security can prevent network resources from being occupied, attacked, or destroyed by malicious software, viruses, and hackers, ensuring the normal operation of network systems.3. Protection of users: Network security can prevent users from being affected by malicious software, viruses, and hacker attacks, ensuring the normal use of network services.III. Components of a Network Security Management System1. Security policies: Establish and implement network security policies, including user access control, information classification, and data backup and recovery.2. Security technology: Utilize various security technologies, such as firewalls, intrusion detection systems, and encryption algorithms, to protect network resources and data.3. Security management: Establish a network security management organization, define security roles and responsibilities, and implement security training and awareness programs.4. Security monitoring: Set up a network security monitoring system to detect and respond to security incidents in real-time.IV. Establishment Process1. Needs analysis: Identify the network security requirements of the organization, including the protection of information, network resources, and users.2. Policy formulation: Develop network security policies based on the needs analysis, including user access control, informationclassification, and data backup and recovery.3. Technical selection: Choose appropriate security technologies and products to meet the security requirements of the organization.4. Organization establishment: Establish a network security management organization, define security roles and responsibilities, and implement security training and awareness programs.5. Implementation and testing: Implement the network security management system and conduct testing to ensure its effectiveness.V. Implementation Strategies1. Regularly update and optimize security policies and technologies to adapt to the changing security environment.2. Strengthen security monitoring and incident response capabilities, ensuring timely detection and handling of security incidents.3. Conduct regular security training and awareness programs for employees, enhancing their network security awareness and skills.4. Establish a cross-departmental security cooperation mechanism, ensuring effective communication and collaboration in network security management.ConclusionThe establishment and implementation of a network security management system is of great significance for organizations. By following the establishment process and implementing the corresponding strategies, organizations can effectively enhance the security level of their network systems and protect the interests of users.。

关于网络信息安全专业的知识要点研究邢蕾渊辽宁公安司法管理干部学院，辽宁沈阳110161)摘要：随着科学技术和经济的不断发展，我国已经逐渐发展成为信息化国家，网络成为社会发展必不可少的一种 社交工具和一种新型的工作学习方式。

为了促进国民更好地了解网络信息安全，我国各高校还专门设置了网络信息专 业。

文章主要研究网络信息专业所学习的知识要点，从而帮助人们更好地认识网络信息安全的相关信息和它的必要性。

关键词：网络信息安全；专业；知识要点中图分类号:TP393.08-4 文献标识码：A文章编号:2095-980X(2017)04-0209-01 Research on the Knowledge Essentials of Network Information Security MajorX IN G Lei^Liaoning Administration of Public Security A dministration,Shenyang,Liaoning 110161,China) Abstract:With the continuous development of science and technology and economy in our country，China has gradually de­veloped into an informationized country.The network has become an indispensable social tool and a new way of working and learning.In order to promote nationals to better understand the network information security，China's various colleges and univer­sities also set up a special network of information professionals.The paper focuses on the knowledge of the network information profession to help people better understand the information and the necessity of network information security.Key words:network information security；professional；knowledge points现在我国已经普遍实行信息化管理，这都是通过网络来进行的。

第 5 期赵晓晓，等：结合稀疏表示与约束传递的半监督谱聚类算法·863·可信网络交易系统的理论创新与实践推进——《网络交易风险控制理论》书评王怀清香港城市大学信息系统学系，中国香港随着电子商务的迅猛发展，网络交易遭受恶意攻击、网络钓鱼以及交易欺诈等愈加严重。

网络交易平台的关键技术、监管能力及手段明显不足。

蒋昌俊教授领衔的科研团队对可信网络交易系统的理论和实践进行了多年深入的研究，取得了一系列可喜的研究成果，并收于《网络交易风险控制理论》一书。

该书对网络交易系统的现状进行了深入总结，对学术界和工业界常用的可信保障技术进行了全面介绍，并提出了具有“行为”特色的认证机制，以及一系列的基于模型的风险防控方法。

该书内容丰富、资料翔实、逻辑严密，是基于信息学科研究网络交易风险防控的一本好书。

近年来，随着网络技术的发展，以及“互联网+”相关政策的支持，网络交易作为新的商业模式发展异常迅速。

据中国互联网络信息中心统计，截至2017年12月，我国网民规模达7.72亿，其中，网络购物用户达5.53亿，相较2016年增长了14.3%，占网民总体的69.1%；使用网上支付的用户规模也达5.31亿。

网络交易的持续高速发展也带了诸多的安全问题，比如恶意攻击、木马劫持等对网络交易造成了巨大的伤害，其中，2017年遇到网络钓鱼以及各类交易欺诈的用户占比较2016年有所升高，快递服务和电商网站相关维权搜索量占比最大。

据360猎网平台分析，金融理财诈骗是举报数量最多的类型，虚假购物紧随其后。

针对上述问题，蒋昌俊教授及其团队经过多年的研究，在相关项目的支持下，取得了有价值的成果，并汇总成《网络交易风险控制理论》一书，该书研究内容系统全面，研究特色凸显，是目前笔者读到的基于信息学科研究网络交易风险控制的第一本专著。

《网络交易风险控制理论》研究内容系统全面，由蒋昌俊教授和于汪洋博士合著，于2018年3月出版，该书从信息技术角度，介绍了网络交易风险防控的理论和相关技术，首次将行为认证引入网络交易的可信保障，开展了行为认证技术在网络交易系统中的应用研究，形成了网络交易支付系统风险防控关键技术的整套理论与方法，并研制了大规模网络交易风险防控系统平台。

I G I T C W技术 分析Technology Analysis90DIGITCW2023.011 云计算及其系统概述1.1 云计算技术所谓云计算技术，就是以互联网作为基础，从而实现的各种服务交付、增加以及应用模式。

一般情况下，云计算所提供的大多是通过互联网来实现的各种虚拟化、易扩展、动态化的资源。

通过云计算技术的应用，不仅让整个网络装置具有更高的可利用性能，而且也可以让各个通信运营商之间具备更加协调的运作流程，从而让通信网络传输中的安全化需求得以充分满足。

1.2 云计算特征云计算的主要特征包括两个方面：一是易操控性。

从宏观角度而言，通信安全传输是以现代化网络建设为中心的一种保障性活动，其中的所有项目和内容都需要和运营商具体的经营模式配套，其本质是为通信行业的经营、发展及改革提供更好的服务。

在此过程中，通过云计算技术和信息安全网络控制技术的联合应用，便可使操控更加简单易行[1]。

比如，在通过计算机网络进行云计算指挥中心的建设中，只需要以各个地区之间的实际通信传输需求为依据，便可实现云网络传输功能的及时启动，且具有良好的高效性与节能性等特征。

二是多样性。

网络信息安全控制的特殊性在于云计算系统的功能有很多，在以云计算为基础的通信信息安全控制中，服务的主要特征就是多样化，其中的项目大多不会在通信传输的后期结束，而是具备特定的调试、维护以及经营等周期，在此过程中，网络安全控制也需要跟随着不同的周期来科学调整，一直到整个传输项目结束，相应的周期才会结束。

1.3 云计算系统当前，云计算系统结构可划分五层。

一是资源层，它提供基础框架层面的云计算服务，此类服务可实现虚拟化资源的供应，从而让物理资源所具有的复杂性得以良好隐藏。

在云计算中，物理资源主要是服务器，其作用是数据调配与集散处理，从而在短时间之内形成一个足具稳定性的通信网络平台，让数据处理与运行更加便利。

二是应用层，通过云计算技术的合理应基于云计算的通信网络安全传输控制技术分析谢延璋，余普兴（武汉烽火信息集成技术有限公司，湖北 武汉 430074）摘要：文章以云计算为基础，对通信网络安全传输控制技术进行研究，包括云计算及其系统概述、通信网络主要安全风险和以云计算为基础的通信网络安全传输控制技术。

信息安全专业评估参考文献信息安全专业领域有很多评估参考文献可供参考，以下是其中一些重要的文献：1. "Computer Security: A Practical Approach" by Wenliang Du -这本书是信息安全领域的经典教材之一。

它提供了关于计算机安全的基本原理和概念的全面介绍，涵盖了密码学、网络安全、软件安全和物理安全等方面。

2. "Introduction to Computer Security" by Michael T. Goodrichand Roberto Tamassia - 这本书是一本全面的介绍性教材，涵盖了计算机安全的各个方面，包括密码学、网络安全和软件安全等。

3. "Security Engineering: A Guide to Building Dependable Distributed Systems" by Ross J. Anderson - 这本书是关于建立可靠分布式系统的一本权威参考书。

它探讨了信息安全的各个方面，包括威胁建模、安全策略、密码学和网络安全等。

4. "Applied Cryptography" by Bruce Schneier - 这本书是密码学领域的经典著作。

它涵盖了一系列密码学算法和技术，包括对称加密、非对称加密和哈希函数等。

5. "Principles of Computer Security" by Wm. Arthur Conklin, Gregory White, Chuck Cothren and Roger Davis - 这本书提供了关于计算机安全的基本原则和概念的全面介绍。

它涵盖了风险管理、网络安全和软件安全等方面。

6. "The Tangled Web: A Guide to Securing Modern Web Applications" by Michal Zalewski - 这本书着重于Web应用程序的安全性。

一种基于非均匀分簇的无线传感器网路路由协议目录摘要-------------------------------------------------------------------------------------------------------ⅠABSTRA CT-----------------------------------------------------------------------------------------------------Ⅱ引言--------------------------------------------------------------------------------------------------------Ⅲ1相关工作-------------------------------------------------------------------------------------------------------1 2问题描述-------------------------------------------------------------------------------------------------------3 3基于非均匀分簇的路由机制-------------------------------------------------------------------------------54EEUC的分析---------------------------------------------------------------------------------------------------95实验结果及分析----------------------------------------------------------------------------------------------116结论和进一步工作-------------------------------------------------------------------------------------------15致谢---------------------------------------------------------------------------------------------------------------16参考文献---------------------------------------------------------------------------------------------------------17摘要在路由协议中利用分簇技术可以提高无线传感器网络的可扩展性。

现代电子技术Modern Electronics TechniqueMar. 2024Vol. 47 No. 62024年3月15日第47卷第6期0 引 言随着互联网技术的发展，企业的网络资产比重逐渐增大。

根据2022年中国互联网发展报告[1]显示，来自网络空间的安全威胁愈发严重，经济财产损失风险逐年攀升。

前沿网络安全防控智能化技术更注重于从全维度、多视角的方面来感知网络空间威胁，而挖掘企业各类网络攻击的关联性、策略、后果等要素能够有效地提升企业对网络安全运维管理的效率[2]。

知识图谱（Knowledge Graph, KG ）通过在特定领域海量数据中抽取的知识构建领域知识图谱，数据规模、特殊语义关系使其实用性变得更强[3]。

目前，企业内的网络空间中所存在的威胁知识大部分没有形成很好的知识组织，在面向企业的网络安全运维的场景下，缺少能够有效涵盖网络空间威胁信息、反映企业网络安全态势以及支撑辅助安全决策的知识图谱；开源的漏洞信息库和威胁信息库等大多都是半结构化知识，而企业日常的网络安全运维数据中又包含大量的结构化和非结构化的报告，这些异构数据难以被企业直接利用来进行网络空间的防护。

知识图谱能够有效地整合这些存在潜在联系的网络安全运维相关知识，将离散的多源异构数据通过基于深度学习的信息提取模DOI ：10.16652/j.issn.1004‐373x.2024.06.003引用格式：黄智勇，余雅宁，林仁明，等.基于改进BiLSTM‐CRF 模型的网络安全知识图谱构建[J].现代电子技术，2024，47（6）：15‐21.基于改进BiLSTM⁃CRF 模型的网络安全知识图谱构建黄智勇1，2， 余雅宁1， 林仁明2， 黄 鑫1， 张凤荔1（1.电子科技大学 信息与软件工程学院， 四川 成都 610054； 2.四川省市场监督管理局数据应用中心， 四川 成都 610066）摘 要： 针对网络安全领域的图谱构建任务，基于BiLSTM‐CRF 模型引入了外部网络安全词典来加强网络安全文本的特征，并结合多头注意力机制提取多层特征，最终在网络安全数据集取得了更优异的结果。

Recommending Random WalksZachary M.Saul saul@Vladimir Filkovfilkov@Premkumar Devanbudevanbu@ Christian Birdbird@Dept.of Computer ScienceUniversity of California,DavisDavis,CA95616ABSTRACTWe improve on previous recommender systems by taking advantage of the layered structure of software.We use a random-walk approach,mimicking the more focused behav-ior of a developer,who browses the caller-callee links in the callgraph of a large program,seeking routines that are likely to be related to a function of interest.Inspired by Klein-berg’s work[10],we approximate the steady-state of an infi-nite random walk on a subset of a callgraph in order to rank the functions by their steady-state probabilities.Surpris-ingly,this purely structural approach works quite well.Our approach,like that of Robillard’s“Suade”algorithm[15],and earlier data mining approaches[13]relies solely on the al-ways available current state of the code,rather than other sources such as comments,documentation or revision ing the Apache API documentation as an oracle, we perform a quantitative evaluation of our method,find-ing that our algorithm dramatically improves upon Suade in this setting.We alsofind that the performance of tra-ditional data mining approaches is complementary to ours; this leads naturally to an evidence-based combination of the two,which shows excellent performance on this task. Categories and Subject Descriptors: D.2.7[Distribu-tion,Maintenance and Enhancement]:Documentation General Terms:Design,DocumentationKeywords:recommender systems,graph theory1.INTRODUCTIONSoftware Maintainers spend a lot of time trying to un-derstand the software under maintenance.This problem is especially acute in large software systems[4].Even well-designed large systems impose steep learning curves on de-0This material is based upon work supported by the Na-tional Science Foundation under Grant No.0613949(NSF SOD-TEAM)Any opinions,findings,and conclusions or rec-ommendations expressed in this material are those of the author(s)and do not necessarily reflect the views of the Na-tional Science Foundation.Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on thefirst page.To copy otherwise,to republish,to post on servers or to redistribute to lists,requires prior specific permission and/or a fee.ESEC/FSE’07,September3–7,2007,Cavtat near Dubrovnik,Croatia. Copyright2007ACM978-1-59593-811-4/07/0009...$5.00.velopers.Over the years,tool builders have sought different approaches to ease this learning task.We are particularly in-terested here in large,complex,specialized,application pro-grammer interfaces(APIs),which constitute the basic sub-strate,or platform,upon which large software systems are typically built.Carefully architected,long-lived,expensive systems have extensive collections of APIs,which provide common services specialized for application needs,such as storage,synchronization,communication,security and con-currency.While a developer may be conceptually aware of these services,she still has to learn how a particular service is manifest in a specific large system.Documentation for such APIs may be lacking,and more experienced develop-ers may be too busy to answer questions.In the Apache HTTPD web server,for example,there over300distinct portability layer API functions that form a“virtual machine”layer to simplify portability.We are concerned with a com-mon discovery task:given a particular function,find related functions.For example,a developer may have found the function apr_file_seek,guessed that it is associated with file operations and wish tofind other related functions.In the absence of documentation,the programmer would have to explore the source code directly,seeking other functions invoked along with apr_file_seek that may be related.Our goal is to automaticallyfind and recommend the related API calls to a given call.This problem of mining related API calls has attracted a lot of interest,and a variety of different approaches have been reported[12,13,15,18,19].We now summarize the contributions of this paper.Task Setting:Given a function,wefind the other related functions.We do this using exclusively the structural infor-mation in the call graph;we don’t use version histories,name similarities or natural language(e.g.,API documentation) mining.This is a clear advantage;structural information is always available(and reliable)if the source code is available, but other types of information may not always be available and/or reliable.New random-walk algorithm:We introduce a fast,simple, accurate algorithm,called FRAN(Finding with RANdom walks)that is based on the steady state of a random walk on the callgraph neighborhood(inspired by[10]).This ap-proach conceptually generalizes the previous purely struc-tural approach proposed in Robillard’s Suade[15].The al-gorithm works by considering a larger set of related items compared to previous algorithms(often too large to exploremanually),but then ranks them using the random-walk al-gorithm.The larger set increases our likelihood offindingrelevant functions;our ranking algorithm increases our abil-ity to narrow in on the most relevant functions in this largergroup.Evaluation:We evaluate this approach on the Apache(C-language)project source code;fortunately,Apache has alarge number of well-documented portability layer APIs thatcan be used for testing.Finding that FRAN returns moreanswers in more cases,wefirst conduct case studies to ex-amine whether the greater number of answers returned byour algorithm are relevant.Next,using the Apache doc-umentation as a yardstick to judge correctness of relevantAPI calls returned by our purely structural approach,wepursue a quantitative comparison of FRAN with a standardmining algorithm and with our own re-implementation ofRobillard’s Suade,based faithfully on the description in thepublished paper.We showfirst that our algorithm’s rank-ing,in a significant number of cases,is statistically betterthan a naive approach which simply returns the randomset of nodes from the callgraph-neighborhood of the originalcall.This indicates that our approach effectively narrowsthe scope of code that a developer must browse tofind re-lated API calls;next,we also show that our approach sub-stantially outperforms both Suade in most cases and(lessdramatically,but still in a majority of cases)the traditionalmining approach on the traditional F1measure.Finally,we empirically determine when the mining approach beatsFRAN,and present and evaluate an evidence-based combi-nation of the two approaches.2.MOTIV ATIONProgramming tasks in large systems are usually contex-tual.Given any artifact or task,a programmer often needsto know the related tasks or artifacts.Given a specific task,or artifact,a recommender system can suggest related itemsfor the programmer’s consideration.The intent is that therecommendations provided will a)save the programmer timeb)ensure that related items are considered,thus potentiallyavoiding defects c)over time,serve as an educational tool,assisting in learning.There has been quite a large body ofwork on this topic,which we discuss further below.First,we motivate the problem.Consider a new developer working on the Apache system,who is writing some multi-threaded code in the server.Inher design,she has created a thread,along with memorypool resources for use by the thread and used the threadin her logic.Now she comes to a point in the code whereshefinds it necessary to kill offa thread.Shefinds aftersome searching that the method that will kill a thread is apr_thread_exit.She puts the call in.Just to be on the safe side,she views the recommendations from a recom-mender tool to examine what the related calls are.In thiscase,the top5recommendations returned by our algorithm,FRAN,are:apr_pool_destroy,apr_pool_clear,destroy_and-_exit_process,start_connect and clean_child_exit.Notic-ing that the destruction of the memory pool was so promi-nent,she looks at the apr_pool functions,and after examin-ing the code,she realizes that the apr_thread_exit call has the side effect of de-allocating and clearing out pool mem-ory.She realizes that she had naively made an incorrect assumption that the pool data could be shared with other threads and goes aboutfixing her code.This example is far from contrived;the relationship between threads and mem-ory pools in Apache is not trivial and has been the subject of debate.1In Apache,as in many large systems,there are a great many such internal library calls,and it is quite a challenge for a newcomer to master their proper use.Apache itself now has good documentation and is reasonably well commented. Using these documents and comments as textual cues,it may,with some effort,be possible tofind related code. Sadly,many large systems do not have good documenta-tion,nor do they have good comments in the code.Even if they did have comments and documents,these may not nec-essarily reflect the reality of the code,since comments and code often get out of sync.However,any system that has code has internal structure,reflecting dependence between modules;this structure can be mined from the code.This internal structure in a way constitutes an implicit“documen-tation”of the relationships that exist between the parts of the system.When the code of one module invokes another module,it is an explicit indication of a relevance.If two modules are invoked by the same module,clearly they are related.If two different modules invoke the same module, they are related as well.Some of these relationships may be accidental or uninteresting;however,considered as a whole, the“neighborhood”of a function f in a callgraph has a lot of implicit(but reliable)information about the relevance of various functions in that neighborhood to f.Our approach,similar to that of[13,15],is based on the assumption that the dependence structure of software is a reliable,useful way tofind related modules.Furthermore, it is always“real”and“code-related”in a way that com-ments and documents cannot claim to be.Our algorithm essentially assigns an equal probability of the“initial rel-evance likelihood”to each link,and(mathematically,using linear algebra)does an infinite random walk of an immediate (closed)neighborhood of a given function in the callgraph; the stationary probabilities of this infinite random walk in-dicate relevance scores.3.RELATED WORKFinding related code in systems is a long-standing problem that has attracted a great deal of attention.Space limita-tions preclude a comprehensive description;we only cover some representative papers here.Data Mining approaches use a collection of co-occurrences of items(e.g.,items in shopping baskets)tofind when cer-tain items tend to co-occur,and these frequent itemsets are inferred to be strongly associated.Michail[13]proposed the use of this approach tofind related calls in reusable li-braries.Precision/recall results were not reported.Xie[19] proposes a similar approach,based on sequence mining,us-ing knowledge of the order in which calls occur;he also reports promising,qualitative results.Some research has focused on code changes,judging that method calls added together are strongly related.Other researchers have mined version histories[23,18].Ying et al.[20]look at co-changes offiles as an indication of close ties betweenfiles and use this for recommendation.A quantitative evaluation is provided. These approaches work well,but rely on version histories, which may not always be available,or sufficiently rich in a way that is relevant to a given query;thus,if certain func-1See /?l=apr-dev&m=99525021009667tions are not changed frequently enough and/or not strongly associated,then there may be insufficient data to provide good answers.Our approach can work with a single version and provide good results.Some researchers have used execution trace collections[1, 3]tofind patterns of usage.This requires a complete set of test cases and run-time tracing;the results will be useful only if sufficient data on the execution of all the different routines in the different possible ways are available.Static approaches don’t require this.There is another line of work[1,6,11]that uses frequent co-occurrence mining tofind defects in software.The goal is to mine patterns of calls that must occur together in the same procedure or in the same execution trace;when such calls don’t occur,it’s a heuristic indication of a defect.In contrast,our goal is tofind closely related functions whether or not they are called from the same function and without any tracing information.Concept Location approaches aim tofind code modules relevant to a particular concept(e.g.“bookmark”)in a large source base.These approaches use information from a va-riety of sources:email messages,cvs logs,bug databases, static analysis,dynamic traces,information retrieval tech-niques,etc.A good survey is available in[17].Some recent approaches use sophisticated information retrieval methods such as latent semantic indexing(LSI).LSI is used on the source code tofind relevant targets.Sometimes,different kinds of information are combined.Sinafl[22]uses a combi-nation of keyword-based retrieval and a special type of call-graph,which preserves control-flow dependencies,tofind relevant code.Poshyvanyk et al[14]use a combination of information retrieval and function tracing.A related sys-tem is Hipikat[5],which attempts tofind artifacts related to a specific project artifact.The Hipikat evaluation reports its performance on helping programmersfix bugs.In con-trast to this,we are interested infinding functions related to a specific function rather than ones related to a specific feature or a reported bug.Structural Approaches There are variety of approaches that make holistic use of the structure of the callgraph to extract useful information.Zhang&Jacobsen[21]use a random-walk algorithm tofind cross-cutting code(aspects) in Java programs.They use a variant of Google’s pagerank algorithm on the entire dependency tree to identify poten-tial aspects.Inoue et al[9]describe how component rank, a version of pagerank on software dependency graphs,can be used as a“true measure of reuse”to identify valuable components.Robillard’s ACM SIGSOFT distinguished paper on the Suade method[15],which inspired our own,is also struc-tural.The Suade algorithm takes as input a query set of interest I,and returns a suggestion set S.Suade uses two notions:specificity and reinforcement to rank members of S from among the neighbors of the query set.A method m is a better candidate for the answer S if it is specific to the query set of methods I and is reinforced by it.Method m s is specific to I if any method m i in I that is called by m s is called by few other elements except m s,and also if m s calls few other methods;m r is reinforced by I if most of the methods called by m r are in I.Robillard presents a fuzzy-set based algorithm for calculating such elements y which is quite efficient.This can be viewed in terms of random walks.Consider a random walker W(e.g.,an in-experienced(or drunk)programmer randomly browsing a program by traversing call graph edges).Suppose m s is spe-cific to I.Then,if W were to,in his ignorance,randomly jump forward from m s along a random callgraph edge,he would probably end up at a method in I;if then he jumps backward,he would likely end up at m s.Likewise,if m r is reinforced by I,then if W were to start at the method m in I,then jump forwards to a method called by m and then jump backwards,then he is more likely to end up at m r than other methods that are not reinforced by I.In such cases,Suade considers m s and m r to be possible candidate inclusions into I.We argue that this algorithm can be generalized by con-sidering the steady state probabilities that a node would be reached after an infinite random walk by a naive program-mer in a larger neighborhood.In other words,if we infinitely iterate over specificity and reinforcement of more relation-ships,we would get a better result.Interestingly,standard methods in linear algebra indicate that the probabilities will converge,and can be calculated quickly.4.TECHNICAL APPROACH4.1The FRAN algorithmThe motivation for the FRAN algorithm comes from the observation that there are two distinct types of relevance information readily available in a callgraph.First,if a func-tion,f,calls another,g,it indicates that the functionality of f is related to the functionality of g.Second,assuming some degree of layering,two functions are related if they are in the same layer with respect to their calls(i.e.,they call and/or are called by the same functions).Layered structure is quite common;when searching for code related to a tar-get function f,a human programmer typically would make this assumption,and focus her search on the modules in the same layer as f.Our algorithm consists of two phases,each taking advan-tage of one type of relevance information.First,based on the query function,FRAN limits the set of all the functions in the program to an enriched set of functions from the same layer as the query function.Next,FRAN ranks this result using an algorithm that calculates the relevance of each func-tion based on the link structure(i.e.,which functions call which other functions)of the callgraph.This ranking allows the programmer to consider the most relevant functionsfirst. FRAN’sfirst step identifies the set of functions in the same layer as the query function byfinding two subsets of the callgraph,called the sibling set and the spouse set.First, define the parent set for a query function as the set of func-tions that call the query function,and define the child set as the set of functions that are called by the query function. Continuing the family tree metaphor,define the sibling set as the set of functions that are called by any function in the parent set and define the spouse set as the set of func-tions that call any function in the child set.Arguably,the functions in the sibling set and the spouse set together form a relevant set of functions in either the same or proximate functional layer.Therefore,given a query function,FRANfirst narrows its search to functions contained in the union of the sibling set, the parent set and the spouse set of the query function.The parent set is included because each function in this set calls the query function,indicating thefirst type of relevance.Figure1:An illustration of the various relationships in the callgraph of the parent set,child set,sibling set and spouse set to the query function.Inspired by the web search community,we call this union set the base set.We’re abusing the term somewhat;our base set is not the same set of nodes(relative to the query node) as the base set in Kleinberg’s well-known paper[10].For us,the base set is an enriched set of results related to the query function for the programmer to consider.However, the base set,itself,is frequently too large for a human to easily explore.Therefore,it is desirable to rank the functions in the base set based on their relevance to the query.In order to rank the results in the base set,wefirst ob-serve that software contains functions that aggregate func-tionality and functions that largely implement functionality without aggregating,and we note that there is a circular re-lationship between these two types of functions.Aggregat-ing functions call implementing functions and implementing functions are called by aggregators.A similar relationship exists in the context of world wide web pages where the ag-gregating pages are called hubs and the implementing pages are called authorities.The Hypertext Induced Topic Selec-tion(HITS)algorithm due to Kleinberg takes advantage of this relationship between hubs and authorities to rank a set of web pages based on degree of authority.In FRAN,we use HITS on the subgraph of the callgraph induced by the base set to assign ranking scores to the nodes in the base set,allowing us to sort the elements of our base set.HITS applied to software callgraphs works as follows.For a collection of functions in a callgraph assign each function,f,an authority score,x<f>,and a hub score, y<f>.As noted above,strong hubs(aggregators)call many strong authorities(implementors).To capture this relation-ship,define two operations I and O.I updates the authority weights based on the hub weights,and O updates the hub weights based on the authority weights.I:x<f>=X{g|g calls f}y<g>(1)O:y<f>=X{g|f calls g}y<g>(2)In HITS,these two rules are applied one after the otheriteratively:Algorithm4.1:HITS Algorithm()repeatx i+1←I(y i),updating the authority scores.y i+1←O(x i+1),updating the hub scores.Normalize x i+1and y i+1until x i−x i+1<a stopping threshold.Let A be the adjacency matrix of the graph in question.If there exist two functions represented by numerical ids fand g,and if f calls g,then the(f,g)th entry of A is1;every other entry of A is0.Kleinberg gives a proof thatthat the sequence lim x i−→x∗and lim y i−→y∗wherex∗is the principal eigenvector of A T A and y∗is the princi-pal eigenvector of AA T[10].Therefore,the HITS algorithmconverges and could,in fact,be implemented using any stan-dard eigenvectorfinding method.This convergence result has an interesting interpretationin the context of Markov chains.The matrices A T A andAA T can be thought of as reachability matrices.The matrixA T A has a1in position(i,j)if j is in the sibling set ofi.Another way of saying this is that the i th row of A T Aindicates all of the functions reachable from i by traversingback a function call to a parent,and then,traversing forwardto a sibling.Similarly,the i th row in AA T gives the spouseset of i.If the rows of A T A and AA T are normalized to sum to1,they can be thought of as transition matrices for Markovchains describing the actions of two programmers randomlyattempting to understand a program,and the eigenvectorsof these matrices indicate the steady-state probabilities ofthe Markov chains.Thus,the authority score of a functionrepresents the probability that the random programmer whoalways investigates sibling functions will end up in the func-tion,and the hub score is the probability that the randomprogrammer who only considers spouse functions will endup in that function.The FRAN algorithm simply returnsthe top n authorities,where n is selected by the user.FRAN performs better in this setting than Suade;theSuade algorithm only returns results that are adjacent tothe query function in the graph.However,if more data areavailable,Suade does allow graphs other than the callgraphto be used as the basis for the search(e.g.the“member refer-enced by”graph).In the callgraph,only functions called byor called from the query function are returned.Hence,Suadeonlyfinds the results that a programmer might quicklyfindusing“grep”,and in addition it onlyfinds results in the lay-ers above and below the query function rather thanfindingthe most relevant results,which lie in that layer.It is also important to note that FRAN is fast.The imple-mentation for this paper returns query results interactivelywith no perceptible wait time.4.2The FRIAR algorithmOur second algorithm,Frequent Itemset Automated Rec-ommender(FRIAR)is inspired by the data mining practiceAssociation Rule Mining.Association Rule Mining was de-veloped to analyze purchasing patterns[7].Define a trans-action as a set of items purchased together.Then,given aset of transactions,association rule mining attempts to dis-cover rules of the form A=⇒B,where A and B are smallsets of items,and the=⇒relation indicates that if A is seen in a transaction,then B will also(often)be seen.A problem related tofinding association rules is to list the frequent itemsets.A frequent itemset is a set of items that appears in at least s transactions for some threshold, s,and the support of a frequent itemset,F,is defined as the fraction of transactions in which F appears.In FRIAR,we used sets of functions that were commonly called together to predict functions related to a particular query function.To do this,we defined a transaction as the set of functions called by a particular function,and then created a transaction for every function in Apache that calls at least one function.We found1919functions that made at least one function call;therefore,we had1919transactions. Using these transactions and the arules package[7]in R,2 we found all56,022itemsets that have a support of at least 0.001.We found these itemsets so that we could use them as a representation of which functions are called together in the Apache callgraph.Typically in data mining,much higher support thresholds are used.This is because a data miner is interested in statistically significant data trends. However,in related functionfinding,it is not the trend we are looking for,but,rather,a searchable representation of the“called with”relationship.Therefore,in order to capture most of the instances of this relationship,we use a very low support value,requiring only2( 1.919 )out of1919trans-actions contain an instance of a itemset.To make a query for a particular function,we searched for all of the itemsets that contained that function,returning the union of all these itemsets as the result set.Then,we assigned each result function a score based on the maximum observed support value associated with that function,and we ranked the result set using these scores.For example, if apr_file_open was seen in3itemsets which had support values0.1,0.3and0.2,the value0.3would be used to rank apr_file_open.4.3Data ExtractionFor the evaluation of our approach,we used a callgraph of the Apache web server.We have downloaded the entire source code repository for the2.0version of Apache(httpd-2.0).For our analysis,we checked out the source code from October1st,2003.The motivation for using this version is that it is near the middle of the life of httpd-2.0and thus is fairly mature and stable,but at the time was undergo-ing continued rapid development.In order to build the web server,we also checked out matching versions of supporting libraries such as the Apache Portable Runtime(apr)from other modules within the repository and built the versions of tools(e.g.gcc,as,ld)that were used at the time.The callgraph for this version of the web server source code was generated by using CodeSurfer,a commercial source code analysis and inspection tool from GrammaTech.3Because CodeSurfer links with gcc at build time and accesses its in-ternal symbol tables and data structures,we’re very confi-dent of it’s results.One of the benefits of this tool is that it uses points-to analysis to determine what functions are called indirectly through function pointers.The result of this analysis is a labeled,directed graph,with nodes rep-23See /products/codesurfer/ overview.html.We are grateful to GrammaTech for the use of this tool.resenting functions and edges representing calls from one function to another.The functions in the graph represent all functions calls(including those to stdlib such as strlen, printf,etc.)and are not limited to just those defined within the Apache code base.5.EV ALUATIONPapers on recommender systems thatfind functions re-lated to a particular function,in the past,have generally used case studies for evaluation.By contrast,systems that recommendfiles to be changed tofix a reported bug[5]or files whose changes are strongly associated historically with a givenfile[20,23]have been evaluated quantitatively using historical data.We seek here to evaluate recommenders that retrieve functions strongly associated with a given function; case studies are de rigueur in this setting.Thefinal arbiter of whether a recommendation is relevant is a human focused on a specific task.As a result,most influential prior papers on systems that recommend related functions have focused on case studies,or small-scale human subject studies,as in Robillard’s recent ACM SIGSOFT Dis-tinguished paper[16]and other similar works[13,19].While this type of evaluation is quite useful,there are limitations. First,it is very difficult to scale human experiments to get quantitative,significant measures of usefulness;this type of large-scale human study is very rare.Second,comparing different recommenders using human evaluators would in-volve carefully designed,time-consuming experiments;this is also extremely rare.Finally controlling for the factors that determine which algorithm performs better would be harder still,since more experimental data would be needed to get sufficient variance in the predictive factors.Quan-titative approaches,on the the other hand,can allow tests of significance,comparison of performance and determining predictive factors.However,to use quantitative methods,on a statistically significant scale,we need a sufficiently large and varied test example,and an oracle to decide which an-swers are correct.In practice,this is very difficult come by, which perhaps accounts for the rarity of quantitative eval-uation.In our work,we have found a specific task where results can be evaluated quantitatively.For our evaluation,we use the330functions that consti-tute the Apache portability layer.Each of these functions is given as a query to FRAN,FRIAR and Suade,and we sim-ply count the number of answers to see which algorithm gives more answers.Generally speaking,by this metric we found that FRAN outperformed both Suade and FRIAR.Thus, in239cases,FRAN retrieves more answers than Suade;in 64cases,it retrieves exactly the same number;and in27 cases,Suade retrieves more.When we compared FRIAR and FRAN,FRAN retrieved more answers304times;the two methods tied24times;and FRIAR retrieved more an-swers3times.However,this is a very crude comparison. Given that FRAN retrieves more answers in a majority of the cases,we should like to know,are these answers rele-vant,and how often are they relevant?To do this evalu-ation,we take a two-pronged approach,first using a case study approach to evaluate a number of retrieved answers, by hand.We also then follow with a quantitative approach evaluating a large number of queries on a specific task.The quantitative part of our approach focuses on a very specific, targeted requirement of a recommender:given a function,find the most closely related functions.We were able to do a。

P2P互联网金融外文翻译文献随着信息技术的迅猛发展，互联网金融作为一种新兴的金融模式在全球范围内迅速崛起。

P2P 互联网金融作为其中的重要组成部分，引起了广泛的关注和研究。

本文旨在对相关的外文文献进行翻译和梳理，以加深对 P2P 互联网金融的理解。

P2P 互联网金融，即 peertopeer lending，是指个人通过互联网平台向其他个人或企业提供贷款的一种金融模式。

与传统金融机构不同，P2P 平台主要依靠互联网技术和大数据算法来实现借贷双方的匹配和风险管理。

在众多外文文献中，学者们对 P2P 互联网金融的发展历程、特点、优势和风险进行了深入的探讨。

一些研究指出，P2P 互联网金融的出现打破了传统金融机构的垄断，为投资者提供了更多的投资选择，同时也为借款人提供了更便捷、高效的融资渠道。

例如，在某些国家，由于传统银行贷款审批流程繁琐、门槛较高，许多中小企业和个人难以获得资金支持。

而 P2P 平台通过简化审批流程、降低门槛，使得这些群体能够更容易地获得所需资金，从而促进了经济的发展。

然而，P2P 互联网金融也并非完美无缺。

一方面，由于缺乏有效的监管和规范，一些 P2P 平台存在欺诈、跑路等风险，给投资者带来了巨大的损失。

另一方面，P2P 平台的信用评估体系尚不完善，难以准确评估借款人的信用风险，从而增加了平台的坏账率。

此外，网络安全问题也是P2P 互联网金融面临的一大挑战。

一旦平台遭受黑客攻击，用户的个人信息和资金安全将受到严重威胁。

为了应对这些风险和挑战，国外的一些研究提出了相应的对策和建议。

首先，政府应加强对 P2P 互联网金融的监管，建立健全相关法律法规，明确平台的准入标准和运营规范。

其次，P2P 平台应加强自身的风险管理能力，完善信用评估体系，提高风险识别和控制能力。

同时，平台还应加大对网络安全的投入，采取有效的安全措施保障用户的信息和资金安全。

在对 P2P 互联网金融的研究中，国外学者还运用了多种研究方法和模型。

译文一种新型的基于Web的在线考试系统的计算机科学教育Yuan Zhenming1, Zhang Liang2, Zhan Guohua3摘要:基于Web的网上考试系统是一种为大众教育的评价有效的解决方案。

我们已经开发一种在线考试系统,它是基于浏览器/服务器架构.该系统已经发布了考试和自动评级;是关于客观的问题和操作问题，以供客观的问题和经营问题他作为一个程序，经营的Microsoft Windows ，编辑的Microsoft Word ，Excel和PowerPoint等等。

她已经成功地应用于距离评价的基本操作技能的计算机科学，如过程的计算机技能，在大学和在全国范围内考试，为高中毕业生在中国浙江省进行实行。

指数条款:考试系统和自动分级系统，它们都是基于Web的和DCOM的系统。

1. 导言:在中国，基本电脑操作技能的教育已广泛展开.这项技术包括经营的Windows的MS Office ，网络技巧等等，这是结合不同的课程，以及作为电子政府的基础。

现在，每一个本科生必须通过的计算机技能的考试.然而,每一位公务员必须通过相应的计算机操作考试过程。

此外，在高中的过程中进行了计算机基础教育。

自20世纪90年代末，在浙江省成千上万的人们开始参加不同的层次计算机教育和测试.这是非常有必要的,对于建立一个基于网络的学习和考试系统.它是为众多的人民，作为一个有效的解决办法去集体的学习和评价计算机基础教育的。

几个基于Web的学习和测试系统已经被设计完，比如说WebCT [1]，QUIZIT [2] ，ASSYST[3]和PILOT[4]。

在线可以很容易使用最广泛的问题类型的基于Web 的考试制度是客观的测试和测验，其中承担简单的答案可以正式检查和评估。

典型的问题是以有/无问题，多-choice/singleanswer问题有限的，multiple-choice/multiple-answer问题，并填写在的问题与一个字符串和数值答案。

计算机工程与应用2003.51引言随着Internet 与电子商务的发展，网上拍卖与网上证券交易等新型的交易模式应运而生，基于Web 的软件结构也为许多信息系统所采用[1]。

该文介绍的商品交易系统以浏览器作为用户界面，接收客户的买卖委托、信息查询等交易指令，采用集中竞价、自动撮合与实时行情发布的方式，实现商品的网上交易。

系统不仅要求能实现交易数据传输的准确、可靠，而且要充分考虑未来的扩展需要。

2系统结构图1系统的软件结构商品交易系统的核心是对客户交易指令的处理，特别是联机的交易查询与委托撮合。

若采用浏览器/Web 服务器/数据库的三层模型，将应用处理纳入Web 服务器，直接访问数据库，虽然易于实现，但增加了Web 服务器的负担，不仅不利于系统的安全控制，而且降低了系统的可扩展性和代码的可移植性[2]。

另外，随着交易客户数量的增加，Web 服务器将承受日益膨胀的压力，系统的设计方案必须要考虑到能适应交易客户增加而带来的负载问题，同时应具有较强的可扩展性。

因此，将处理核心业务的应用服务器从Web 服务器中分离，选择基于浏览器/Web 服务器/应用服务器/数据库的多层结构，配置协同工作的多个Web 服务器与多个应用服务器，以提高系统的安全性与灵活性。

其次，设计一个独立于DBMS 的通用数据库接口，以提高系统的可移植性与代码可重用性。

系统的软件结构如图1所示。

系统包括下列4层：2.1人机交互层以浏览器作为用户界面，实现与Web 服务层的交互和数据显示。

2.2Web 服务层由分布在多台计算机上的Web 服务器构成，负责客户与后台应用服务器之间的信息转发。

在Windows NT /2000环境下，以IIS （Microsoft Internet Information Server ）作为Web 服务器，以Web 扩展（Extension ）模块作为浏览器与应用服务器之间的接口，接收来自浏览器的客户请求，由消息转发模块将请求的参数解释、重组为特定格式的请求消息后，传送给应用服务器，并将应答返回相应的浏览器。

核心期刊网络安全论文网络安全是当前信息技术领域中重要的研究方向之一。

随着网络的迅猛发展，网络安全问题愈发严重。

网络安全论文的核心期刊对于促进网络安全技术的发展具有重要意义。

本文将介绍几个核心期刊，并对其中代表性的网络安全论文进行简要概述。

首先，ACM Transactions on Information and System Security (TISSEC)是ACM旗下的期刊，专注于信息和系统安全领域的研究。

该期刊发布了大量重要的网络安全论文。

例如，Lampson等人在该期刊上发表了一篇题为《Practical Byzantine Fault Tolerance》的论文。

该论文提出了一种实际的拜占庭容错算法，可用于保证分布式系统的安全性。

IEEE Transactions on Dependable and Secure Computing (TDSC)是IEEE的核心期刊之一，关注可靠和安全计算领域的研究。

这个期刊上也有许多有关网络安全的论文。

例如，Li等人发表的《告警网络规则的学习和生成方法》论文，介绍了一种基于机器学习的方法来生成有效的告警网络规则，帮助提高网络安全性。

另一个重要的期刊是Journal of Computer Security (JCS)，它专注于计算机安全领域的研究。

Vieira等人在该期刊上发表了一篇论文《基于深度学习的入侵检测系统》。

该论文提出了一种基于深度学习算法的入侵检测系统，能够准确识别网络中的各种入侵行为。

此外，Computers & Security是一本综合性的期刊，涵盖了各个方面的计算机安全研究。

其中有一篇重要的网络安全论文是由Yaganeh等人发表的《分布式防御针对分布式拒绝服务攻击》。

该论文提出了一种分布式防御机制来对抗分布式拒绝服务攻击，有效地保护网络的可用性。

综上所述，网络安全方面的核心期刊包括ACM Transactions on Information and System Security (TISSEC)，IEEE Transactions on Dependable and Secure Computing (TDSC)，Journal of Computer Security (JCS)和Computers & Security。

作者： 张博[1,2];刘亚军[1]
作者机构： [1]吉林大学法学院,吉林长春130012;[2]内蒙古民族大学法学与历史学院,内蒙古通辽028000
出版物刊名： 社会科学家
页码： 131-136页
年卷期： 2021年 第10期
主题词： 自由贸易协定;传统知识;知识产权;"一带一路";条款完整性
摘要：在当今国际知识产权制度对传统知识保护不充分的情况下,作为发达国家与发展中国家知识产权利益失衡的一种补救,在我国签订的FTA中对传统知识条款进行完整性地规定非常重要.我国以往签订的双边FTA对传统知识的保护仅停留在静态层面,且存在范围不明确,内容不统一、不完整,规定过于原则化,在实现FTA中传统知识条款规定的完整性方面存在现实困难."一带一路"倡议的提出,为我国在FTA框架下保护传统知识提供了新的合作契机.在未来的FTA谈判中,中国应该进一步明确传统知识的范围,规定传统知识的权利主体、客体等条款,同时基于传统知识的特殊性,应区分不同伙伴类型,充分考虑传统知识持有人与使用人之间的利益平衡以及国家之间的利益平衡,结合贸易因素,依据动态利益平衡理论,遵循知识产权价值实现的基本逻辑,推进传统知识条款完整性的进程,实现传统知识静态与动态保护相结合,努力争取我国传统知识(知识产权)利益最大化.。