The advancement of network technologies such as bluetooth and WiFi has promoted the development of the Internet of Things(IoT). IoT facilitates people's lives, but there are also serious security issues in it. Without secure access control, illegal access of IoT may bring losses to users in many aspects. Traditional access control methods usually rely on a trusted central node, which is not suitable for an IoT environment with nodes distributed. The blockchain technology and smart contracts provide a more effective solution for access control in IoT applications. However, it is difficult to ensure the correctness of smart contracts used for access control in IoT applications by using general test methods. To solve this problem, a method was proposed to formally verify the correctness of smart contracts for access control by using model checking tool Verds. In the method, the state transition system was used to define the semantics of the Solidity smart contract, the Computation Tree Logic(CTL) formula was used to describe the properties to be verified, and the smart contract interaction and user behavior were modelled to form the input model of Verds and the properties to be verified. And then Verds was used to verify whether the properties to be verified are correct. The core of this method is the translation from a subset of Solidity to the input model of Verds. Experimental results on two smart contracts for access control of IoT source show that the proposed method can be used to verify some typical scenarios and expected properties of access control contracts, thereby improving the reliability of smart contracts.

Aiming at the needs of high-efficiency, two-way and synchronization in Quantum Identity Authentication (QIA), a two-party quantum identity authentication protocol based on single python was proposed. First, a new type of single-photon two-way measurement base coding method was used in the protocol. Then an authentication process based on quantum tickets was proposed by combining with the idea of Kerberos classic cryptographic protocol. On this basis, the strategy of two-way and synchronous authentication was adopted in the authentication process. Finally, the probability calculation and security analysis of various attack methods in quantum communication and authentication were carried out, and at the same time, the protocol was tried to expand from two parties to multiple parties. Compared with the preparation-measurement based quantum identity authentication protocol with new coding strategy, in the research result, a complete two-way synchronous identity authentication protocol which can prevent user repudiation was proposed, and the reference principles for expanding the protocol to multi-party communication were given. In conclusion, the proposed method improves the efficiency of quantum authentication theory, supports the new possibility of the combination and reference of quantum communication protocol and classic protocol, and realizes the theoretically undeniable synchronous authentication process of two parties.

Aiming at the problem of multi-path query in tree-spatial index and not considering temporal index, A Hilbert-R tree index construction scheme combining time and clustering results was proposed. Firstly, according to the periodicity of data collection, the spatial-temporal dataset was divided, and on this basis, a time index was established. The spatial data was partitioned and encoded by the Hilbert curve, and the spatial coordinates were mapped to one-dimensional intervals. Secondly, according to the distribution of the feature object in space, a clustering algorithm using dynamic determination of K value was adopted, to build an efficient Hilbert-R tree spatial index. Finally, based on several common key-value data structures of Redis, the hierarchical indexing mechanism of time attributes and clustering results was built. Compared with the Cache Conscious R+tree (CCR+), the proposed algorithm can effectively reduce the time overhead, and the query time is shortened by about 25% on average in the experiment of spatial-temporal range and target vector object query. It has good adaptability to different intensive data and can better support Redis for massive spatio-temporal data queries.

Focusing on the problem whether there are new security flaws of several kinds of high-level cryptographic S-boxes, an algorithm for solving the nonlinear invariant function of S-boxes was proposed, which is mainly based on the algebraic relationship between the input and output of the cryptographic S-boxes. Using the proposed algorithm, several kinds of S-boxes were tested and it was found that several of them had the same nonlinear invariant function. In addition, if these S-boxes were used to non-linear parts of the block cipher Midori-64, a new variant algorithm would be obtained. The security analysis was carried out by non-linear invariant attack. The analytical results show that the Midori-64 variant is faced with serious secure vulnerability. In other words, there exist 2 ⁶⁴ weak keys when nonlinear invariant attack is applied to the Midori-64 variant, meanwhile data, time and storage complexity can be neglected, consequently some high-level cryptographic S-boxes have security flaws.

Focusing on small size and uneven distribution of current facial age database, an approach based on a hybrid model combined with classifier and regressor was proposed for facial age estimation. This approach mainly consisted of two aspects: feature learning and estimation method. In the aspect of feature learning, based on an existing Convolutional Neural Network (CNN), an age group classifier and two age estimators were pretrained on the coarse dataset and then fine tuned on the accurate database. In the aspect of estimation method, a coarse-to-fine strategy was adopted. First, a facial images were classified into teenaged, middled-aged, elderly and two overlap groups. Next, the teenaged and elderly groups were estimated by the classifier model, the middled-aged group was estimated by the regressor model, and the two overlap groups were estimated by both models. The proposed approach can achieve a Mean Absolute Error (MAE) of 2.56 on the test set. The experimental results show that the proposed approach can reach a low error under different races and genders.

With the growing richness of modern network security devices, network security logs show a trend of multiple heterogeneity. In order to solve the problem of large-scale, heterogeneous, rapid changing network logs, a visual method was proposed for fusing network security logs and understanding network security situation. Firstly, according to the eight selected characteristics of heterogeneous security logs, information entropy, weighted method and statistical method were used respectively to pre-process network characteristics. Secondly, treemap and glyph were used to dig into the security details from micro level, and time-series chart was used to show the development trend of the network from macro level. Finally, the system also created graphical features to visually analyze network attack patterns. By analyzing network security datasets from VAST Challenge 2013, the experimental results show substantial advantages of this proposal in understanding network security situation, identifying anomalies, discovering attack patterns and removing false positives, etc.

According to the problem of premature convergence and local optimum in Firefly Algorithm (FA), this paper came up with a kind of multi-group firefly algorithm based on simulated annealing mechanism (MFA_SA), which equally divided firefly populations into many child populations with different parameter. To prevent algorithm fall into local optimum, simulated annealing mechanism was adopted to accept good solutions by the big probability, and keep bad solutions by the small probability. Meanwhile, variable distance weight was led into the process of population optimization to dynamically adjust the "vision" of firefly individual. Experiments were conducted on 5 kinds of benchmark functions between MFA_SA and three comparison algorithms. The experimental results show that, MFA_SA can find the global optimal solutions in 4 testing function, and achieve much better optimal solution, average and variance than other comparison algorithms. which demonstrates the effectiveness of the new algorithm.

Concerning the difficulties of parameter estimation for industrial modeling in practice, an innovative approach through data mining to correct parameter of model was proposed. Mining data from a large number of actual data accumulated in production process could be used for correcting parameter through statistical method. The improved method of least square was used for industrial data which contained noise. In view of the characteristics of industrial data, such as incompletion and common distribution, parameter should be segmented and combined to be corrected. For dynamic compensation of statistical model, dynamic parameter can be estimated through data mining of historical dynamic process. Parameter correction and data mining should be interactive with each other. To reduce the scope of massive data mining and improve sufficiency of sample data required for parameter correction, the network model of co-ordination was designed. It is shown in actual cases that this method is efficient and practical. The accuracy of simulation can be greatly improved through this method.

Otsu has been widely used because of its simplicity in calculation and good segmentation result. And many scholars have put forward multi-threshold Otsu method to make it more useful in more complex pictures. But this multi-threshold Otsu method is of low efficiency and time consuming. Concerning this shortage, this paper made histogram intervals first, and then the rapid dichotomy was used to seek for the threshold in the interval. The improvement in this paper can maintain good segmentation result and save lots of time. The experiments show that the algorithm is effective.

The proliferation of malicious code makes automatic malicious code detection an inevitable trend. Packed Portable Executable (PE) files identification is a necessary step of malicious code analysis. The paper presented an automatic identification method based on data mining, through which feature was extracted from PE files. The paper used classification algorithms and selected features to detect packed PE files. The test results show that the identification rate is 98.7% when using J48 classifier.

CDN is a fictitious network, covered in Internet and made up of nodal servers in different areas. Through caching, duplicating, load balancing and user request redirecting, CDN pushes information resources to network edges to provide end users with the best and most available servers to access various contents. A brief view of CDN technology was presented, including basic working principles of CDN platform, design principles and mechanism compare of the content routing, and the nodal content engine was compared. The establishment of information sources in broadband networks was also mentioned.

Support vector machine is a new classification algorithm based on statistical learning theory. After the discussion of the current multiclass SVMs, a novel multiclass SVM classifier based on geometric distance was proposed. The Posterior probability output of binary SVM was generalized to multiclass SVM. Without iteration computing, this method improved prediction accuracy with fast computing. The numeric experiments prove that above two methods have good generalization, which can increase prediction accuracy to unknown examples.

How statistical and mathematical tools commonly used independently can advantageously be exploited together was studied in order to improve neural network estimation and selection in nonlinear static modeling. The statistical tools considered were the analysis of the numerical conditioning of the neural network candidates, statistical hypothesis tests, and cross validation. Each of these tools was presented and analyzed in order to justify at what stage of a construction and selection procedure they can be most useful. On the basis of this analysis, a novel and systematic construction and selection procedure for neural modeling was proposed. In the end, its efficiency was illustrated through simulations.