There are several problems in the recommendation method based on k nearest neighbors, such as high dimensionality of rating features, slow speed of searching nearest neighbors and cold start problem of ratings. To solve these problems, a recommendation method based on k nearest neighbors using data dimensionality reduction and Exact Euclidean Locality-Sensitive Hashing (E ²LSH) was proposed. Firstly, the rating data, the user attribute data and the item category data were integrated as the input data to train the Stack Denoising Auto-encoder (SDA) neutral network, of which the last hidden layer values were used as the feature coding of the input data to complete data dimensionality reduction. Then, the index of the reduced dimension data was built by the Exact Euclidean Local-Sensitive Hash algorithm, and the target users or the target items were retrieved to get their similar nearest neighbors. Finally, the similarities between the target and the neighbors were calculated, and the target user's similarity-weighted prediction rating for the target item was obtained. The experimental results on standard data sets show that the mean square error of the proposed method is reduced by an average of about 7.2% compared with the recommendation method based on Locality-Sensitive Hashing (LSH-ICF), and the average run time of the proposed method is the same as LSH-ICF. It shows that the proposed method alleviates the rating cold start problem on the premiss of keeping the efficiency of LSH-ICF.

Web servers are widely deployed on cloud computing platform represented by Docker containers and face serious security challenges. In order to improve the security and defense capability of such Web servers, a dynamic defense method of Web server based on Linux namespace was proposed. Firstly, the running environment of Web server was built by using namespace on the premise to ensure Web service working normally. Then, the dynamic transformation of Web server was realized by the alternate running of multiple environments to confuse intruder, which increased the difficulty of attacking Web server by the intruder. Finally, the running environment of Web server was periodically deleted and rebuilt to eliminate the impact of intrusion behavior on the Web server, and ultimately the dynamic defense capability of Web server was effectively improved. The experimental results show that, the proposed method can effectively enhance the security of Web server while it has little affect on system performance, and its response time of requesting 100 KB data is 0.02-0.07 ms.

In an Executable and Linkable Format (ELF) executable program, Global Offset Table (GOT) was used to store the absolute addresses of library functions. But in Linux operation system, GOT dereference and GOT overwrite are two common vulnerability exploit methods. Through analyzing the GOT feature, a protection method for GOT based on address randomization and segment isolation was proposed and implemented. With modifying the ELF loader program, all sections which pointed to the GOT were loaded into random memory addresses. Using segment isolation technology, all instructions with reference to GOT used a new segment register. The experimental results prove that the proposed method can not only defense against the exploit method of GOT effectively, but also has a very low cost of average 2.9 milliseconds.