98results about How to "Achieve defense" patented technology

The invention discloses an image classifier adversarial attack defense method based on disturbance evolution. The method comprises the following steps that 1) the sample is attacked by different attack models so as to obtain different types of disturbance; 2) a block box model is attached by the adversarial sample corresponding to the disturbance and the attack effect is ordered; 3) cloning, crossing, variation and other operation are performed on the disturbance of great attack effect so as to obtain the new disturbance; 4) the disturbance is updated by using the parent-child hybrid selectionmode so as to achieve the objective of disturbance evolution; 5) an adversarial sample detector is trained by the adversarial sample corresponding to the evolved disturbance and the normal sample; and 6) when the detection sample is detected, detection is performed by using the adversarial sample detector firstly and then the normal sample is inputted to the black box model and the class is returned so as to achieve the adversarial attack defense effect.

The invention discloses a method used for defending address resolution protocol message attack, comprising the steps as follows: media access control MAC address of legal user is configured in advance; network equipment receives the address resolution protocol ARP message coming from the user; the field content of the MAC address of the sender is extracted out of the received ARP message; whether the extracted MAC address of the sender is the MAC address of the legal user configured in advance or not is judged; if not, the received ARP message is abandoned. The invention also discloses a system which can defend the address resolution protocol message attack. The method and the system are suitable for the users which adopt all types and do not need to modify the network equipment greatly.

The invention discloses a mid-long-term unit commitment optimizing method. The method comprises the following steps: acquiring various optimized data to determine the optimal space of mid-long-term unit commitment; then establishing a mid-long-term security constrained unit commitment model with minimum deviation between the generated energy of the unit and the expected electric quantity as the target according to the practical power grid model; adopting the mixed integer programming approach to compute the starting / stopping state, load factor and active power output in the peak load period of the unit in each day in the dispatching period; considering all the network monitoring components and adopting the daily maximum load point to carry out security check according to the starting / stopping state and power output in the peak load period of the unit which are obtained through optimization; and finally acquiring the mid-long-term unit commitment scheme satisfying the power grid security through the optimization technology and iteration of security check. The large power grid steering capability and the power resource optimal allocation capability are greatly improved by adopting the method.

The invention discloses an annual power generation plan rolled decomposition optimization method taking balance between plan finishing rate and load rate into consideration; the method comprises the following steps: (1) determining a plan period and a plan parameter requiring the annual power generation plan rolled decomposition optimization; (2) establishing a security constraint machine set combined optimization model applicable to the annual power generation plan rolled decomposition; (3) using a mixed integer linear planning algorithm to calculate start and stop states, the plan load rate and the peak and valley active outputs of the machine set at each plan period; (4) implementing the security check, judging if all security constraints are satisfied; if all the security constraints are satisfied, going to step (5); if not all the security constraints are satisfied, adding a new out-of-limit element, and calculating sensitivity information of the newly added out-of-limit element, going to step (2). The disclosed method circularly optimizes and drafts the machine set start and stop plan as well as the machine set average plan load rate, drafts monthly, weekly and daily power generation amount plans of the power plant; the disclosed method ensures the execution of the annual power generation amount plant, and achieves the purpose of saving energy and reducing emission.

The invention discloses an Internet financial gang fraud behavior detection method based on a knowledge graph. The method comprises the following steps: obtaining personal application information, operation behavior burying point data and blacklist data of users of a plurality of preset data sources; preprocessing application information and operation behavior buried point data, segmenting a training set and a test set, marking clients as fraudulent nodes and unmarked nodes according to blacklist hit conditions, solving similarity and affiliation factors between the fraudulent nodes and adjacent user nodes, and performing fraudulent risk assessment on the unmarked nodes to obtain a fraudulent risk assessment result; adopting a Neo4j graph database to construct a knowledge graph, testing averification set fraud risk assessment result, and detecting and processing real-time application user fraud behaviors. According to gang fraud behavior detection of the knowledge graph, an anti-fraudengine is constructed, suspicious group fraud risks are rapidly and efficiently recognized, financial risk control capacity is improved, and credit risks are reduced.

The invention relates to a rope gripper. The rope gripper is structurally characterized in that two brake clamping blocks of which clamping surfaces are opposite to each other are arranged in a rack; at least one of the two brake clamping blocks is a movable clamping block; the back of each movable clamping block comprises an upper inclined plane and a lower inclined plane, so that the movable clamping block forms a compound wedge-shaped block formed by connecting an upper wedge-shaped body and a lower edge-shaped body; an elastic draw-off mechanism for drawing off the movable clamping blocks is arranged on the rack; upper transverse shafts and lower transverse shafts are arranged on the rack; an axial plane of each upper transverse shaft is opposite to an upper inclined plane of the back of the corresponding movable clamping block; an axial plane of each lower transverse shaft is opposite to a lower inclined plane of the back of the corresponding movable clamping block; and according to the setting positions of the upper transverse shafts and the lower transverse shafts, the movable clamping blocks can generate translation towards the direction of the clamping surface in the upward or downward moving process, so that a rope passing through a rope channel is clamped and stopped. The rope gripper disclosed by the invention serves as a safety brake; and a car or a hoisted heavy object can be immediately gripped by the rope gripper no matter upward heading or downward rolling, thereby preventing malignant consequence caused by unforeseen circumstances.

The invention discloses a system and a method for authenticating terminal trusted access. According to the invention, a public key and identification information of a user are bound and stored in an electronic certificate through a CA, and identity authentication of the user is realized; and the confidentiality, the integrity and the non-repudiation of user information are ensured by being combined with data encryption and digital signature technologies. The system disclosed by the invention is low in requirement for the overall performance of equipment, can effectively reduce the networking cost, supports multicast services, is compatible with a PPP (point-to-point protocol), good in expansibility and adaptability, designed with a controllable port and an uncontrollable port, and realizes separation of services and authentication. The system does not need to carry out packaging processing on a data packet after passing authentication, is high in efficiency, can map different user levels to different VLANs (virtual local area networks), realizes management for user domains with different authorities, and has the advantages of simple implementation mode, high authentication efficiency, safety, reliability and easy operation.

The invention discloses a network security defense disposing system. The system comprises a data acquisition end, a safety evaluation module and a disposing module, wherein the data acquisition end is used for acquiring a network event, system running data and equipment operation data so as to obtain original data; the security evaluation module is configured to connected with the data acquisition end so as to normalize multivariate data of the network event, the system running data and the equipment operation data, and performing security evaluation to obtain an evaluation weight and an evaluation level; the disposing module is configured to connect with the security evaluation module so as to perform the security disposing according to the evaluation level. The network security defense disposing system overcomes a problem that the network security has great hidden danger in the prior art, and the defense and the disposing of the network threat are realized.

The invention discloses a federal learning data poisoning attack-oriented defense method and device. The method comprises the steps that each client uses local data to train model parameters; each client uploads local model parameters to the server, and the server receives all the model parameters; the server calculates a reference basis u for comparison, and for any two local models wa and wb, the similarity of the two local models wa and wb relative to the reference basis u is calculated; whether a local model is malicious or not is judged by adopting an internal voting method; the credibility of each local model is calculated according to the votes obtained by each local model; and model weighted aggregation is carried out based on credibility to obtain a final global model, and defense of data poisoning attack is achieved based on the final global model. According to the method, the model of the malicious client can be endowed with a lower weight, and the influence of the malicious client on the global model is weakened during weighted aggregation, so that defense against data poisoning attacks is realized.

The invention discloses a defense method for generating general inverse disturbance based on generative adversarial, and the method comprises the steps: (1) building a generative adversarial network which comprises a generation model and a discrimination model; (2) obtaining a relatively comprehensive adversarial sample by utilizing various attack methods; (3) pre-training the generation model andthe discrimination model in the generative adversarial network by adopting normal samples; (4) establishing a loss function of the generation model, and training the generation model; (5) establishing a loss function of the discrimination model, and training the discrimination model; (6) repeating the steps (4) and (5) until the number of iterations reaches a preset upper limit value or the lossfunctions of the two models reach a preset threshold value; and (7) performing performance index detection and application on the trained generation model. According to the method, a proper generativeadversarial network is built, feature extraction of general disturbance distribution is completed, and proper general inverse disturbance is generated, so that the robustness of the model is improved.

The invention discloses a replay attack detection method of a voice certification system based on time domain polarity of a voice signal. The voice signal is collected and recorded through the voice certification system; a positive polarity signal and a negative polarity signal of the voice signal are extracted; and the proportional relationship of the positive polarity signal and the negative polarity signal is compared to judge that the voice signal belongs to replay attack or live voice, specifically, if the positive and negative polarity part proportion difference is large and the positivepolarity signal proportion is higher than the negative polarity signal proportion, the replay attack is considered, and if the positive and negative polarity part proportion difference is large and the positive polarity signal proportion is not higher than the negative polarity signal proportion, the live voice is considered. The replay attack in the voice certification system can be accurately and effectively detected.