In the Tri-element Peer Authentication (TePA)-based wired Local Area Network (LAN) media access control Security (TLSec), the certificate-based wired LAN security association scheme has communication waste in the exchange key establishment processes and is not suitable for trusted computing environment. To solve these two problems, firstly, an improved certificate-based wired LAN security association scheme was proposed. In this scheme, the exchange key establishment process between the newly added switch and each nonadjacent switch was simplified, thus improving the communication performance of the exchange key establishment processes. Then, a certificate-based wired LAN security association scheme for trusted computing environment was proposed based on the above scheme. In this scheme, the platform authentication of the newly added terminal devices was added in the process of certificate-based authentication, so as to realize the trusted network access of the newly added terminal devices, and effectively prevent the newly added terminal devices from bringing worms, viruses and malicious softwares into the wired LAN. Finally, the two schemes were proved secure by using the Strand Space Model (SSM). In addition, through qualitative and quantitative comparative analysis, the two schemes are better than those proposed in related literatures.

Aiming at the difficulty of finding terrorist attack organizations and the imbalance of terrorist attack data samples, a terrorist attack organization prediction method based on feature selection and hyperparameter optimization was proposed. First, by taking the advantage of Random Forest (RF) in dealing with imbalanced data, the backward feature selection was carried out through the RF iteration. Second, four mainstream classifiers including Decision Tree (DT), RF, Bagging and XGBoost were used to classify and predict terrorist attack organizations, and the Bayesian optimization method was used to optimize the hyperparameters of these classifiers. Finally, the Global Terrorism Database (GTD) was used to evaluate the classification prediction performance of these classifiers on the majority class samples and minority class samples. Experimental results show that the proposed method improves the classification and prediction performance of terrorist attack organizations, and the classification and prediction performance is the best when using RF and Bagging, with the accuracy of 0.823 9 and 0.831 6 respectively. Especially for minority class samples, the classification and prediction performance when using RF and Bagging is significantly improved.

As the traditional Scale Invariant Feature Transform (SIFT) image matching algorithm has high false matching rate and eliminating the condition of mismatching points is unitary, an adaptive image matching method based on SIFT operator fused with maximum dissimilarity coefficient was proposed. Firstly, On the basis of Euclidean distance measurement, the optimal maximum dissimilarity coefficients values of the 128-dimensional feature vectors in SIFT algorithm were obtained. Then, the matching points were selected according to the obtained optimal values. Random Sample Consensus (RANSAC) was used to calculate the correct rate of matching. Finally, the stereo matching images of Daniel Scharstein and Richard Szeliski were used to verify the algorithm. The experimental results show that the correct matching rate of the improved algorithm is about 10 percentage points higher than that of the traditional SIFT algorithm. The improved algorithm effectively reduces the mismatches and is more suitable for image matching applications with similar regions. In terms of runtime, the proposed method has an average time of 1.236 s, which can be applied to the systems with low real-time requirements.

For the communication waste of the exchange key establishment process in Local Area Network (LAN) security association scheme based on pre-shared key, an improved LAN security association scheme was proposed. A pairwise key between a new added switch and the authentication server was generated by improving the authentication and unicast key agreement process based on pre-shared key, and was used to the exchange key agreement processes between the new added switch and other nonadjacent switches. Then, on basis of the above improved scheme, a LAN security association scheme in trusted computing environment was put forward. In the improved authentication and unicast key negotiation process based on pre-shared key, the platform authentication of the terminal device was further increased, thereby realizing the trusted network access of the terminal device, and effectively enhancing the security of the LAN. Finally, the two LAN security association schemes were proved secure in the Strand Space Model (SSM). The results of performance comparison analysis show that the improved scheme reduces the number of exchanged messages and computation complexity of the exchange key agreement processes.