Delegated Proof of Stake （DPoS）， recognized as a mainstream consensus mechanism， encounters key problems including time-consuming election process， lack of active node participation in voting， and difficulties in handling malicious nodes， impeding its rapid development. In response to these problems， a credit-based committee consensus mechanism， Proof of Luck and Credit （PoLaC）， was proposed. Firstly， credit value was served as the evaluation criterion for nodes’ historical behaviors， and nodes with high credit value were selected as committee members， thereby simplifying the election process significantly. Secondly， the concept of lucky value was introduced to enhance the successful election probabilities for ordinary nodes， thereby stimulating the participation of ordinary nodes in network consensus. Finally， a delayed forking method was employed to rectify the behavior of malicious nodes. Experimental results demonstrate that in terms of consensus communication overhead， PoLaC network has 30% less communication overhead than DPoS network with 50% voting intention. In terms of low-weighted node revenue， revenues in PoLaC network are three times higher than those in DPoS network. In terms of the percentage of malicious nodes in the committee， during the credit stabilization period， the number of malicious nodes in PoLaC network’s committee is approximately one-fifth of those in DPoS. Compared to other similar credit-based consensus mechanisms， PoLaC exhibits certain advantages in network communication overhead， node activity， and malicious node handling.

With the increasing variety and quantity of Android malware， it becomes increasingly important to detect malware to protect system security and user privacy. To address the problem of low classification accuracy of traditional malware detection models， A malware detection model for Android named CBAM-CGRU-SVM was proposed based on Convolutional Neural Network （CNN）， Gated Recurrent Unit （GRU）， and Support Vector Machine （SVM）. In this model， more key features of malware were learned by adding a Convolutional Block Attention Module （CBAM） to the convolutional neural network， and GRUs were employed to further extract features. In order to solve the problem of insufficient generalization ability of the model when performing image classification， SVM was used instead of softmax activation function as the classification function of the model. Experiments were conducted on Malimg public dataset， in which the malware data was transformed to images as model input. Experimental results show that the classification accuracy of CBAM-CGRU-SVM model reaches 94.73%， which can effectively classify malware families.

Control logic injection attack against Programmable Logic Controller （PLC） manipulate the physical process by tampering with the control program， thereby achieving the purpose of affecting the control process or destroying the physical facilities. Aiming at PLC control logic injection attacks， an intrusion detection method based on automatic whitelist rules generation was proposed， called PLCShield （Programmable Logic Controller Shield）. Based on the fact that PLC control program carries comprehensive and complete physical process control information， the proposed method mainly includes two stages： firstly， by analyzing the PLC program’s configuration file， instruction function， variable attribute， execution path and other information， the detection rules such as program attribute， address， value range and structure were extracted； secondly， combining actively requesting a “snapshot” of the PLC’s running and passively monitoring network traffic was used to obtain real-time information such as the current running status of PLC and the operation and status in the traffic， and the attack behavior was identified by comparing the obtained information with the detection rules. Four PLCs of different manufacturers and models were used as research cases to verify the feasibility of PLCShield. Experimental results show that the attack detection accuracy of the proposed method can reach more than 97.71%. The above prove that the proposed method is effective.

Concerning the Internet news tracking, the study put forward a dynamic model for event tracking with reference to the time information. The dynamic model introduced the time factor into the traditional vector model to get the time similarity of the same characteristic words between the document and the event,and then applied the time similarity to calculate the similarity of the document and the event.If a document was related to the event,the new characteristic words in the document would be added to the event term set,and the weight and time information of characteristic words in the event term set should be re-adjusted. The experiment was evaluated by Detection Error Tradeoff (DET), and the results show that the dynamic model for event tracking improves the system performance effectively, and its minimum normalized cost of tracking loss is reduced by about 9%.

The Received Signal Strength Indicator (RSSI)based nodes localization algorithms are extensively applied in wireless sensor networks. Due to the influence of wireless signal attenuation and the channel barrier shielding, the localization accuracy of these algorithms are not high. A grid divisionbased probabilistic localization algorithm was put forward. This new algorithm first divided the area where the unknown nodes may exist into a number of grids. Then, it calculated out the confidence of every grid under the assumption that the unknown node was just in that grid. Finally, it calculated out the coordinates of the unknown node based on several geometric centers of the grids of high confidence. The localization result of this algorithm is less influenced by the noise pollution and is of high position accuracy.