In order to solve the problem that the existing Internet of Things (IoT) trust evaluation method ignores the impact of the timeliness of trust and non-intrusion factors on direct trust evaluation, and is lack of reliability evaluation of trust recommendation nodes, which lead to low trust evaluation accuracy and low capability to deal with malicious nodes, an IoT node Dynamic Trust Evaluation Method (IDTEM) was proposed. Firstly, the quality of service persistence factor for nodes was introduced to evaluate node behavior and the dynamic trust attenuation factor of nodes was used to express the timeliness of trust, improving the Bayesian-based direct trust evaluation method. Secondly, the reliability of recommended node was evaluated from three aspects:recommended node value, evaluation difference and trust value of the node itself, and was used to optimize the recommendation trust weight calculation method. At the same time, recommendation trust feedback mechanism was designed to suppress collaborative malicious recommendation nodes by the feedback error between the actual trust of the service provided node after providing service and the recommendation trust. Finally, the adaptive weights of direct and recommendation trust of the node were calculated based on the entropy to obtain the comprehensive trust value of the node. Experimental results show that compared with the Reputation-based Framework for high integrity Sensor Network model (RFSN) based on Bayesian theory and the Behavior-based IoT Trust Evaluation Method (BITEM), IDTEM has certain advantages in dealing with malicious services and malicious recommendation behaviors, and has lower transmission energy consumption.

Aiming at the low detection rate caused by data imbalance in Android malware detection, an Android malware detection model based on Bagging-SVM (Support Vector Machine) integrated algorithm was proposed. Firstly, the permission information, intent information and component information were extracted as features from the file AndroidManifest.xml. Secondly, IG-ReliefF hybrid selection algorithm was proposed to reduce the dimension of data sets, and multiple balanced data sets were formed by bootstrap sampling method. Finally, a Bagging-based SVM ensemble classifier was trained by the multiple balanced data sets to detect Android malware. In the classification experiment, the detection rates of Bagging-SVM and random forest algorithm were 99.4% when the number of benign and malicious samples was balanced. When the ratio of benign and malicious samples was 4:1, the detection rate of Bagging-SVM algorithm was 6.6% higher than random forest algorithm and AdaBoost algorithm without reducing the detection accuracy. The experiment results show that the proposed model still has high detection rate and classification accuracy and can detect the vast majority of malware in the case of data imbalance.

Aiming at the low efficiency of the existing network security situation assessment method based on neural network, a network security situation assessment method based on Cuckoo Search (CS) optimized Back Propagation (BP) Neural Network (CSBPNN) was proposed. Firstly, the numbers of input and output nodes of the BP Neural Network (BPNN) were determined according to the number of input index and the output value. The number of hidden layer nodes was calculated according to the empirical formula and the trial and error method. Secondly, the connection weights and thresholds were randomly initialized, and the weights and thresholds were coded into cuckoo by using floating point coding. Finally, the weights and thresholds were optimized by using CS algorithm. The CSBPNN model for situation assessment was got and trained. The situation data was input into the CSBPNN model to obtain the situation value. The experimental results show that the iterative number of CSBPNN is reduced by 943 and 47 respectively, and the prediction accuracy is 8.06 percentage points and 3.89 percentage points higher than that of BPNN and Genetic Algorithm (GA) optimized BP neural network. The proposed algorithm has faster convergence speed and higher prediction accuracy.

The basic scoring index weight distribution of the Common Vulnerability Scoring System (CVSS) relies too much on expert experience, which leads to the lack of objectivity. In order to solve the problem, a vulnerability basic scoring index weight distribution method was proposed. Firstly, the relative importances of scoring elements were sorted. Then, the index weight combination optimal search method was used to search the weight combination scheme. Finally, combined with the grey relation analysis method, the multiple weight distribution schemes based on expert experience decision were used as the input to obtain the weight combination scheme. The experimental results show that, compared with CVSS, from the quantitative point of view, the proposed method has more gentle score distribution of scoring results than the CVSS, which effectively avoids the excessive extreme values, and the discretization of score distribution can effectively distinguish the severity of different vulnerabilities objectively and effectively. The comparative analysis from the qualitative point of view show that, while the vast majority of vulnerabilities (92.9%) in CVSS are designated as the high level of severity, the proposed method can achieve more balanced characteristic distribution in grade distribution of vulnerability severity.

In order to alleviate the problem of energy hole in the Wireless Sensor Network (WSN), a Multi-level Energy Heterogeneous algorithm (MEH) was proposed. The energy consumption's characteristics of WSN were analyzed. Then the nodes with different initial energies were deployed according to the energy consumption's characteristics. To balance the energy consumption rate of each region, alleviate the energy hole problem and prolong the network lifecycle, nodes in the heavy communication load region would be configured with higher initial energy. The simulation results show that, compared with Low-Energy Adaptive Clustering Hierarchy (LEACH), Distributed Energy-Balanced Unequal Clustering routing protocol (DEBUC), and Nonuniform Distributed Strategy (NDS), the utilization rate of network energy, network lifecycle and period ratio of network energy of MEH were increased nearly 10 percentage points respectively. The proposed MEH has a good balance of energy consumption as well. The experimental results show that, the proposed MEH can effectively prolong the network lifecycle and ease the energy hole problem.

The traditional nonweighted least squares Support Vector Machine (SVM) and weighted least square SVM have a few disadvantages of processing low Signal-to-Noise Ratio (SNR) laser echo in the field of lidar bathymetry, a filtering method named HW-LS-SVM was proposed by combining robust least square and weighted least square SVM. Firstly, strong prior weight function, residual error and mean square error were calculated by elimination weight function, then the weight of least square SVM was computed by weight function. Finally, the echo signal was filtered by iterative computation. The simulation results show that HW-LS-SVM algorithm is more robust than least square SVM, Bayes least square SVM and the traditional weighted least square SVM. The results were satisfactory when the noise rate reached to 45%, and the correct rate of the extracted water surface and bottom was 100%. The extracted water depths from 4 groups of laser echoes in deep area and 4 groups in shallow area all agree with the background data. The proposed method has better anti-noise performance and is more suitable for the filtering processing of the low SNR lidar bathymetry signal.

Aiming at the problem of object structure discontinuity and incompleteness occurred in image completion, an image completion algorithm based on depth information was proposed. Firstly, the plane parameter Markov random field model was established to speculate depth information of the pixels in the image where the scene situate, then the coplanar region in the image determined, and the target matching blocks were located. Secondly, according to the principle of perspective projection, the transformation matrix was derived, which guided the geometric transformation of the matching blocks. Finally, the target cost function which includes the depth term was designed. Experimental results show the proposed algorithm has superiority in both subjective details and Peak Signal-to-Noise Ratio (PNSR) statistics.

The traditional patch-based image completion algorithms circularly search the most similar patches in the whole image, and are easily affected by confidence factor in the process of structure propagation. As a result, these algorithms have poor efficiency and need a lot of time for the big computation. To overcome these shortages, a fast image completion algorithm based on randomized correspondence was proposed. It adopted a randomized correspondence algorithm to search the sample regions, which have similar structure and texture with the target region, so as to reduce the search space. Meanwhile, the method of computing filling priorities based on confidence factor and edge information was optimized to enhance the correctness of structure propagation. In addition, the method of calculating the most similar patches was improved. The experimental results show that, compared with the traditional algorithms, the proposed approach can obtain 5-10 times speed-up in repair rate, and performs better in image completion.

To minimize the communication cost and response time, actors are expected to coordinate among themselves to make task assignment to respond service request in Wireless Sensor and Actor Network (WSAN). In the existing solutions, the market-based distributed Simple Auction Aggregation Protocol (SAAP) is suitable for the resource-limited WSAN. A Directional Simple Auction Aggregation Protocol (DSAAP) was proposed based on SAAP, which screened the next-hop child node and restricted the retransmission to reduce the message transmission during auction. The simulation results show that the proposed protocol has lower communication cost compared to the SAAP without performance loss of the optimal node ratio and the distance ratio of the selected to the optimal.

In order to improve image retrieval performance, this paper proposed a new image retrieval algorithm based on motif and color features. The color image edge gradient was detected, and by means of edge gradient image transform, a motif image was obtained. Adopting the gravity center of motif image as the datum point, the distances of all points were calculated to the datum point to get the motif center distance histogram. The all motifs of the motif image were projected in four different directions to get motif projective histogram. Color image was uniformly quantized into 64-color space from RGB space to obtain the color histogram. The above three histograms described image features for image retrieval. The experimental results show that the algorithm has high precision and recall.

In order to mitigate the network congestion problem, a new passive queue management algorithm Drop Front n based on Synchronized Queue (DFSQ) was proposed by Drop Front. In this algorithm, the network queue length was deducted with synchronized queue, and drop packet probability and drop packet strategy were presented. Then, a simulation was conducted to research on the key influencing factors of queue length. The results show that, compared with Random Early Detection (RED) and Drop Tail algorithm, the performance of DFSQ is better.

Since the present network security assessment methods cannot evaluate vulnerability relevance effectively, a vulnerability threat assessment method based on relevance was presented. Firstly, an attack graph must be created as the source data. Secondly, by taking both pre-nodes and post-nodes diversity into consideration, integrating the methods of Forward In (FI) and Backward Out (BO), the authors calculated the probability of vulnerability being used on multiple attack routes through optimizing calculation formulas originating from Bayesian network, then the weighted average method was utilized to evaluate the risk of certain vulnerability on a particular host, and finally the quantitative results were achieved. The experimental results show that this method can clearly and effectively describe the security features of systems.

Skew document images often appears when it is captured by image acquisition devices such as cameras or scanners, which may induce recognition mistakes by Optical Character Recognition (OCR) software. The paper proposed an optimized method for the skew detection of document images, and its objective function is the image projection grating slit width. The document image angle is the inverse of the projection angle, when the corresponding projection grating slit width is the largest. The detection range is expanded and the detection speed is increased by the grating line width function. The amount of calculation in detection is decreased by preliminary projection on equispaced rows and back projection. The detection precision is improved by dichotomy. In the experiments document images where a few illustrations were used, and the skew detection results show the proposed method is of high efficiency and robustness.

The updating of computers has great impact on the dynamics of worms. To contain the propagation of worms, it is necessary to characterize this factor. A model was proposed in this paper, which took account of the influence of computer updating. Furthermore, the model's equilibria and their stability conditions were obtained mathematically and then verified by simulations. The analytical and simulated results show that the updating of computers can lead to the persistence of worms, which will die out otherwise. The simulation results also show that the updating rate has bi-effects on the spreading of worms. Under the guidance of basic reproduction number, the negative effect can be alleviated and worms can be terminated by introducing a anti-virus system of high initial installation rate.

Hiding capacity, robustness and invisibility are some of the key parameters in information hiding system. Moreover, these parameters are seriously impacted by the difference of Discrete Cosine Transform (DCT) coefficients in DCT domain hiding algorithm. Embedded capacity, which is impacted by the mutual interference of visual perception of different DCT coefficients and the reverse DCT, was analyzed in this paper. Furthermore, the relation between hiding capacity and coefficients-chosen was given out in DCT domain hiding algorithm. A conclusion that there is no correlation between embedded position and robustness against compression of embedded information was put forward, and embedded capacity could be improved in reference to this conclusion. The experimental results show that this conclusion is correct even if the system is disturbed by noise.

The Web Server log files were extended and an operation model based on user’s operation log files and customer’s information was established,the interestingness of customer in product and product series was mined using the FP-growth method.The results shows that the models and methods are useful for dicision-making of product development and marketing strategies in enterprises.

security devices(e.g.firewalls,IDS’s,anti-virus tools etc) that have been widely adopted in enterprise environments may generate huge amounts of independent,raw attack alerts,which are characterized by high false positive ratio and false negative ratio.As a result,it is difficult for users to understand these alerts and respond correspondingly.Therefore,handling the huge number of alerts produced by security devices is becoming a critical and challenging task in network security research.A general approach for solving this problem is to do some correlation analysis with these alerts and build attack scenario.A general survey of the contemporary alerts correlation algorithms was given in this paper by a straight forward classification paradigm,and some problems for future research were addressed.