Abstract: A network intrusion detecting system includes a network card configured to receive network traffic and a processor. The processor is configured to analyze the network traffic and extract traffic characteristics of the network traffic and confirm whether the network traffic is network traffic to be detected based on the traffic characteristics; input the network traffic to be detected into an automatic coding module to obtain a reconstructed sample and calculate a reconstruction error between the network traffic to be detected and the reconstructed sample; input the network traffic to be detected and the reconstructed sample respectively into at least one classification module and calculate a distribution similarity when the reconstruction error is less than a reconstruction error threshold; and input the network traffic to be detected into an intrusion anomaly classification model for network intrusion classification when the distribution similarity is less than a confidence distribution similarity threshold.

Abstract: A data anonymity method and a data anonymity system are provided. The data anonymity method includes the following steps. A data set comprising a plurality of direct-identifiers, a plurality of quasi-identifiers and a plurality of event logs each of which includes an activity and a timestamp is obtained. A content of each of the direct-identifiers is replaced by a pseudonym. The quasi-identifiers are classified, via a group-by algorithm with k-anonymity, as a plurality of equivalence classes. The activities corresponding to each of the direct-identifiers are linked according to the timestamps to obtain a plurality of event sequences. A similarity hierarchy tree is obtained according to a plurality of edit distances among the event sequences. The event sequences are grouped according to the similarity hierarchy tree with k-anonymity to obtain at least one group. The event sequences which are in the group are generalized.

Abstract: A detection device and a detection method for a malicious HTTP request are provided. The detection method includes: receiving a HTTP request and capturing a parameter from the HTTP request; filtering the HTTP request in response to the parameter not matching a whitelist; encoding each character of the HTTP request to generate an encoded string in response to the HTTP request not being filtered; generating an estimated HTTP request according to the encoded string by using an autoencoder; and determining that the HTTP request is a malicious HTTP request in response to a similarity between the HTTP request and the estimated HTTP request being less than a similarity threshold, and outputting a determined result.

Abstract: A privacy data integration method and a server are provided. The privacy data integration method includes the following steps. A first processing device and a second processing device respectively obtain a first generative model and a second generative model according to a first privacy data and a second privacy data. A server generates a first generative data and a second generative data via the first generative model and the second generative model respectively. The server integrates the first generative data and the second generative data to obtain a synthetic data.

Abstract: A data anonymity method and a data anonymity system are provided. The data anonymity method includes the following steps. A data set comprising a plurality of direct-identifiers, a plurality of quasi-identifiers and a plurality of event logs each of which includes an activity and a timestamp is obtained. A content of each of the direct-identifiers is replaced by a pseudonym. The quasi-identifiers are classified, via a group-by algorithm with k-anonymity, as a plurality of equivalence classes. The activities corresponding to each of the direct-identifiers are linked according to the timestamps to obtain a plurality of event sequences. A similarity hierarchy tree is obtained according to a plurality of edit distances among the event sequences. The event sequences are grouped according to the similarity hierarchy tree with k-anonymity to obtain at least one group. The event sequences which are in the group are generalized.

Abstract: A privacy data integration method and a server are provided. The privacy data integration method includes the following steps. A first processing device and a second processing device respectively obtain a first generative model and a second generative model according to a first privacy data and a second privacy data. A server generates a first generative data and a second generative data via the first generative model and the second generative model respectively. The server integrates the first generative data and the second generative data to obtain a synthetic data.

Abstract: A data de-identification method, a data de-identification apparatus and a non-transitory computer readable storage medium executing the same are provided. Original data including an identification field, a condition field, and a record field is obtained. An event condition is obtained according to the condition field. From the original data, a plurality of event fragment sequences corresponding to each of a plurality of identification data and corresponding to the event condition are obtained according to the plurality of identification data in the identification field and the event condition. Sequence data is obtained according to the plurality of identification data and the plurality of event fragment sequences corresponding to each of the identification data. De-identification data is obtained by adjusting the sequence data.

Abstract: A data de-identification method, a data de-identification apparatus and a non-transitory computer readable storage medium executing the same are provided. Original data including an identification field, a condition field, and a record field is obtained. An event condition is obtained according to the condition field. From the original data, a plurality of event fragment sequences corresponding to each of a plurality of identification data and corresponding to the event condition are obtained according to the plurality of identification data in the identification field and the event condition. Sequence data is obtained according to the plurality of identification data and the plurality of event fragment sequences corresponding to each of the identification data. De-identification data is obtained by adjusting the sequence data.

Abstract: A digital rights management (DRM) apparatus and a DRM method are disclosed. The DRM apparatus includes a DRM packer, a DRM object database, a distribution manager, a tracking recording unit, and an index controller. The DRM packager generates M content objects according to a digital content and outputs M DRM objects. The DRM object database stores the M DRM objects. The distribution manager selects N DRM objects according to request information from a client. M and N are positive integers, and N is less than M. The index controller controls the distribution manager to transmit N content objects to the client according to the tracking record, index information, a control rule, and a rights datum.

Abstract: A computing environment security method is provided. The method includes: a) dissolving an application package to be tested to obtain at least one data set, wherein each data set corresponds to contents with respect to one of a plurality of aspects of the application package; and b) evaluating whether the application package is a repackaged application according to the at least one data set. Step (b) includes: c) for each data set, analyzing a characteristic relationship of the contents with respect to the aspect corresponding to the data set to accordingly generate characteristic data for the data set; and d) determining whether the application package to be tested is a repackaged application package according to the characteristic data of the at least one data set and a search result obtained from a database, wherein the search result corresponds to the characteristic data within a corresponding distance.

Abstract: A computing environment security method is provided. The method includes: a) dissolving an application package to be tested to obtain at least one data set, wherein each data set corresponds to contents with respect to one of a plurality of aspects of the application package; and b) evaluating whether the application package is a repackaged application according to the at least one data set. Step (b) includes: c) for each data set, analyzing a characteristic relationship of the contents with respect to the aspect corresponding to the data set to accordingly generate characteristic data for the data set; and d) determining whether the application package to be tested is a repackaged application package according to the characteristic data of the at least one data set and a search result obtained from a database, wherein the search result corresponds to the characteristic data within a corresponding distance.

Abstract: A method and an apparatus for enciphering/deciphering digital rights management object are provided. The DRM enciphering method includes the following steps: A plurality of content objects which are divided from a digital content are received. A plurality of DRM vectors are generated according to tacit information between the DRM enciphering apparatus and the DRM deciphering apparatus. The content objects are respectively enciphered according to the DRM vectors to generate a plurality of DRM objects.

Abstract: A digital rights management (DRM) apparatus and a DRM method are disclosed. The DRM apparatus includes a DRM packer, a DRM object database, a distribution manager, a tracking recording unit, and an index controller. The DRM packager generates M content objects according to a digital content and outputs M DRM objects. The DRM object database stores the M DRM objects. The distribution manager selects N DRM objects according to request information from a client. M and N are positive integers, and N is less than M. The index controller controls the distribution manager to transmit N content objects to the client according to the tracking record, index information, a control rule, and a rights datum.

Abstract: Resource management system is provided, implemented between a service bundle developer and provider and a service bundle user. A resource requirement determining device determines a system resource requirement for a service bundle provided by the service bundle developer and provider, and generates resource requirement information corresponding to the service bundle. A processor receives information of system resource utilization status from the service bundle user, determines whether available resource of the service bundle user is sufficient for the resource requirement of the service bundle, when the available resource of the service bundle user is insufficient, the processor generates a waiting queue, and adds the service bundle into the waiting queue. When available resource of the service bundle user is sufficient, the processor installs the service bundle specified in the waiting queue in the service user. A storage device stores the waiting queue and corresponding resource requirement information.

Abstract: Resource management system is provided, implemented between a service bundle developer and provider and a service bundle user. A resource requirement determining device determines a system resource requirement for a service bundle provided by the service bundle developer and provider, and generates resource requirement information corresponding to the service bundle. A processor receives information of system resource utilization status from the service bundle user, determines whether available resource of the service bundle user is sufficient for the resource requirement of the service bundle, when the available resource of the service bundle user is insufficient, the processor generates a waiting queue, and adds the service bundle into the waiting queue. When available resource of the service bundle user is sufficient, the processor installs the service bundle specified in the waiting queue in the service user. A storage device stores the waiting queue and corresponding resource requirement information.