Top Read Articles

Published in last 1 year |

In last 2 years |

In last 3 years |

All

Please wait a minute...


For Selected: Download Citations EndNote Ris BibTeX Toggle Thumbnails

Select

Information Security Technology—Evaluation Requirement for Classified Protection of Cybersecurity(GB/T 28448-2019) Standard Interpretation Guangyong CHEN, Guobang ZHU, Chunling FAN Netinfo Security    2019, 19 (7): 1-8.   DOI: 10.3969/j.issn.1671-1122.2019.07.001 Abstract （18389）   HTML （905）    PDF （7610KB）（7944）       Knowledge map    Evaluation requirements for classified protection of cybersecurity(GB/T 28448-2019) will be formally implemented soon. This paper introduces the revision background and process of this standard, the main changes in comparison with GB/T 28448-2012, the main contents of security general requirements and security special requirements, etc., so that to the main contents can be understood better. Table and Figures | Reference | Related Articles | Metrics

Select

Baseline for Classified Protection of Cybersecurity (GB/T 22239-2019) Standard Interpretation Li MA, Guobang ZHU, Lei LU Netinfo Security    2019, 19 (2): 77-84.   DOI: 10.3969/j.issn.1671-1122.2019.02.010 Abstract （13165）   HTML （872）    PDF （8866KB）（10203）       Knowledge map    Baseline for Classified Protection of Cybersecurity(GB/T 22239-2019) will be formally implemented soon. This paper introduces the background and process of the revision GB/T 22239-2019, the main changes in comparison with GB/T 22239-2008, the main contents of its security general requirements and security special requirements, etc., so as to enable users to better understand and master the contents of GB/T 22239-2019. Table and Figures | Reference | Related Articles | Metrics

Select

Security Analysis for the Information of Wearable Devices Yue QIU Netinfo Security    2016, 16 (9): 79-83.   DOI: 10.3969/j.issn.1671-1122.2016.09.016 Abstract （2541）   HTML （6）    PDF （2421KB）（365）       Knowledge map    With the rapid development of information technology, intelligent wearable devices are becoming a new digital age and hot spots. It with small fashion modeling, easy to take, simple and practical function of design, and product diversification is gradually applied to people’s fitness exercise, children and the elder care, leisure, entertainment and electronic government affairs and other aspects. Because of intelligent the ubiquitous wearable device, as it makes people’s life and work convenient, it also brings the consumer more and more safety problems at the same time. The information security of smart wearable devices is analyzed in this paper. Firstly, this paper reviewed the development history of wearable devices nearly half a century. Then, this paper analyzed the aspects of the safety risk by current technology standards, law, and the design and application hazard of product. Then, this paper proposed the necessary security technology, management from the overall planning and designing of key technologies and application details etc. Finally, this paper predicts the future trend of the technology of wearable devices from the perspective of the development of the digital age. Table and Figures | Reference | Related Articles | Metrics

Select

High-performance Implementation of Curve25519 on GPU Juanjuan CHENG, Fangyu ZHENG, Jingqiang LIN, Jiankuo DONG Netinfo Security    2017, 17 (9): 122-127.   DOI: 10.3969/j.issn.1671-1122.2017.09.029 Abstract （2282）   HTML （75）    PDF （5223KB）（619）       Knowledge map    Widely used in a large range of Internet security protocols such as TLS/SSL, key exchange provides a method to establish a shared secret between two parties in unprotected channel. Among the key exchange algorithms Elliptic-Curve Diffie- Hellman (ECDH) is currently preferred and popularized by the industry. The prevailing ECDH employs NIST P Curve as the underlying elliptic curve, however, with the requirement of high performance and questioning of its security, in January, 2016, IETF officially applied Curve25519 to key exchange in RFC 7748, called X25519 key exchange protocol. And later, many mainstream open-source projects recommended X25519 as the default key exchange protocol. The bottleneck of X25519 lies in the scalar multiplication of Curve25519.This contribution proposed a GPU-accelerated Curve25519 implementation, having yielded a throughput of 1.38 million scalar multiplication per second in NVIDIA GeForce GTX 780Ti, 5.6 times faster than the previous fastest work. Table and Figures | Reference | Related Articles | Metrics

Select

Intrusion Collaborative Disposal Method of Spoofed IP Address in DDoS Attacks Ke ZHANG, Youjie WANG, Shaoyin CHENG, Lidong WANG Netinfo Security    2019, 19 (5): 22-29.   DOI: 10.3969/j.issn.1671-1122.2019.05.003 Abstract （1848）   HTML （17）    PDF （9394KB）（216）       Knowledge map    Spoofed IP address is the basis of many DDoS attacks, which makes it difficult to trace and respond to security incidents. URPF is mainly used to prevent the network attacks based on the source address spoofing. Network ingress filtering is used to check the packets from the network inside. On basis of telecom enterprise network this paper proposes the spoofed IP address collaborative disposal method based on the URPF technology and network ingress filtering, which realizes double filtering of the spoofed IP address inside the network and on the boundary export. Experiments show that this method can effectively prevent spoofed IP address traffic. After the large-scale application of Anhui telecom backbone network, monitoring data from CNCERT confirmed that Anhui telecom backbone routers have no local forged traffic and cross-domain forged traffic. Table and Figures | Reference | Related Articles | Metrics

Select

Survey of Network Attack Detection Based on GAN Jianming FU, Lin LI, Rui ZHENG, Suriguga Netinfo Security    2019, 19 (2): 1-9.   DOI: 10.3969/j.issn.1671-1122.2019.02.001 Abstract （1752）   HTML （58）    PDF （10713KB）（608）       Knowledge map    Generative adversarial network (GAN) is a major breakthrough in the field of deep learning in recent years. It is a dynamic game model composed of generator and discriminator. Its ideas of “generation” and “confrontation” have won the favor of the vast number of scientific researchers and met the application needs of many research fields. Inspired by the ideas, researchers applied GAN to the field of network security to detect network attacks and help build an intelligent and effective network security protection mechanism. This paper introduces the basic principle, infrastructure, theoretical development and application status of GAN, and focuses on the application status of GAN in the field of network attack detection from two aspects of network attack sample generation and network attack behavior detection. Table and Figures | Reference | Related Articles | Metrics

Select

Netinfo Security    2020, 20 (1): 96-96.   Abstract （1709）   HTML （78）    PDF （1055KB）（540）       Knowledge map    Reference | Related Articles | Metrics

Select

Research Status and Development Trends on Network Encrypted Traffic Identification Liangchen CHEN, Shu GAO, Baoxu LIU, Zhigang LU Netinfo Security    2019, 19 (3): 19-25.   DOI: 10.3969/j.issn.1671-1122.2019.03.003 Abstract （1702）   HTML （95）    PDF （9649KB）（788）       Knowledge map    The rapid growth of network encrypted traffic is changing the threat landscape. How to realize real-time and accurate identification of network encrypted traffic is an important issue in the field of cyberspace security in China. It is also a research hotspot of network behavior analysis, network planning construction and network traffic model. This paper discusses the basic concepts, research progress, evaluation indicators and existing issues of network encrypted traffic identification, and summarizes and forecasts the development trends and challenges of network encrypted traffic identification. This paper can provide reference for further exploration of new methods and technologies in the field of cyberspace security. Table and Figures | Reference | Related Articles | Metrics

Select

An Intrusion Detection Method Based on Federated Learning and Convolutional Neural Network WANG Rong, MA Chunguang, WU Peng Netinfo Security    2020, 20 (4): 47-54.   DOI: 10.3969/j.issn.1671-1122.2020.04.006 Abstract （1643）   HTML （92）    PDF （8159KB）（767）       Knowledge map    At present, intrusion detection based on deep learning is a hot topic in the field of intrusion detection, but most of the research focuses on how to improve the algorithm to improve the accuracy of intrusion detection, while neglecting that the limited label data generated by a single mechanism is not enough to train a depth model with high accuracy. In this paper, an intrusion detection method based on federated learning and convolution neural network is proposed, which can expand the amount of data through the joint training model of multiple participants. In this method, an intrusion detection model of deep learning is designed by using federated learning framework. Firstly, the data dimension is reconstructed to form two-dimensional data through data filling, and then the feature extraction learning is carried out by using DCNN network under the mechanism of federated learning. Finally, the training model of softmax classifier is combined and detected. The experimental results show that the method reduces the training time to a great extent and maintains a high detection rate. In addition, compared with the general intrusion detection model, the model also ensures the security and privacy of the data. Table and Figures | Reference | Related Articles | Metrics

Select

Research and Development Trend Analysis of Key Technologies for Cyberspace Security Situation Awareness Yuan TAO, Tao HUANG, Mohan ZHANG, Shuilin LI Netinfo Security    2018, 18 (8): 79-85.   DOI: 10.3969/j.issn.1671-1122.2018.08.011 Abstract （1628）   HTML （34）    PDF （1037KB）（655）       Knowledge map    The article expounds that cyberspace security situational awareness is an important means and key development direction for protecting critical information infrastructure and important information systems. By analyzing the technical characteristics of APT attack, and the security risk of cloud platform and big data platform, a conclusion is got that the cyberspace security situation awareness needs to be realized from five aspects: visibility, knowable, manageable, controllable, traceable and early warning. The domestic and foreign technical status of cyberspace security situation awareness system is researched comprehensively. The main functions and key technologies of network security data source, big data analysis, cyberspace situation assessment, cyberspace threat assessment and cyberspace situation prediction are analyzed, and the future development trend of cyberspace security situation awareness system is obtained. With the integration of big data and AI technology, the infrastructure of cyberspace security situation awareness system should be dynamically expanded, and the accurate prediction and defense disposal recommendations can be proved. So that good guiding significance is proved for research, development, evaluation and supervision of cyberspace security situation awareness system. Table and Figures | Reference | Related Articles | Metrics

Select

Research on Network Security Situational Awareness Technology Based on Big Data Lei GUAN, Guangjun HU, Zhuan WANG Netinfo Security    2016, 16 (9): 45-50.   DOI: 10.3969/j.issn.1671-1122.2016.09.009 Abstract （1578）   HTML （47）    PDF （2292KB）（642）       Knowledge map    Information security is becoming a big data analysis problem. Based on the current situation of network space security and defense requirements, this paper analyzes the disadvantages of traditional network security defense system and the advantages of network security analysis using big data technology, and proposes a security situational awareness platform which integrates security data collection, processing, analysis and security risks discovery, monitoring, warning and prejudgment. The platform integrates the user terminals, network links, application systems, data flow and other sensing data sources, and by using machine intelligence analysis technology after storing converged data, combined the analysis algorithms such as data processing, security rule model and attack reasoning model, converts the seemingly unrelated, unordered alarm data and logs into intuitive and visual security event information. The platform mines threat intelligence from massive data, so as to realize the risk discovery, security early warning and situation awareness, enhancing the ability of attack detection and security situation awareness in security monitoring. This paper expounds system platform technology, principle and implementation method from 3 aspects of multi-source security data collection and storage, threat intelligence data analysis and situation awareness application, and describes the system deployment, test run and application conditions. Table and Figures | Reference | Related Articles | Metrics

Select

Research on Establishment of Network Security Service Ability System for A New Era Jie QU, Chunling FAN, Guangyong CHEN, Jintao ZHAO Netinfo Security    2019, 19 (1): 83-87.   DOI: 10.3969/j.issn.1671-1122.2019.01.011 Abstract （1503）   HTML （45）    PDF （6068KB）（692）       Knowledge map    Based on the supporting role of network security services in the development of network security and the characteristics of classified protection 2.0, focusing on the main objectives, service objects, service cycles and service contents of network security services, this paper discusses how to clarify the responsibilities of service providers and service demanders by establishing complete technical system, standard system and management system of network security services. This paper also discusses how to promote the continuous improvement of the level of network security service by establishing the supervision and evaluation system of the whole service process, thus injecting vitality into the development of network security. Table and Figures | Reference | Related Articles | Metrics

Select

Review of Malicious Traffic Feature Extraction Gang LU, Ronghua GUO, Ying ZHOU, Jun WANG Netinfo Security    2018, 18 (9): 1-9.   DOI: 10.3969/j.issn.1671-1122.2018.09.001 Abstract （1491）   HTML （75）    PDF （7816KB）（665）       Knowledge map    The frequent occurrence of new malware presents severe challenges in network security. It is necessary way to resolve this problem by extracting malicious traffic features. This paper systematically reviews the existing methods of malicious traffic feature extraction. Firstly, we introduce malicious traffic classes. Then, based on the principal line of the process of malicious traffic feature extraction, we generalize the recent works in four aspects: traffic acquisition, reverse analysis, feature generation, feature evaluation and optimization. Moreover, we detail the methods of malicious traffic feature extraction on smartphone and Internet of thing devices. Finally, we summarize the paper and discuss the future work in this research area. Table and Figures | Reference | Related Articles | Metrics

Select

SM Algorithm Analysis and Software Performance Research HU Jingxiu, YANG Yang, XIONG Lu, WU Jintan Netinfo Security    2021, 21 (10): 8-16.   DOI: 10.3969/j.issn.1671-1122.2021.10.002 Abstract （1471）   HTML （147）    PDF （10547KB）（928）       Knowledge map    Encryption technology is the core of information security, and the promotion of national secret algorithms is of great significance to safeguarding country’s network information security. In recent years, commercial encryption industry of China has developed rapidly, but the SM algorithm generally has the problem of low implementation efficiency. In order to explored the feasibility of the SM algorithm to replace the international encryption algorithm, this article mainly focused on the SM3, SM2, SM4 of SM algorithm and comprehensive comparison of the target international cryptographic algorithms, analyzed the calculation amount and security of the algorithms, and used OpenSSL and a SM algorithm optimized by a domestic manufacturer A to test the performance of each algorithm. The performance test results show that the SM3 is similar to the SHA-256, the performance of the SM2 digital signature algorithm and the ECDSA algorithm is affected by the Hash function they select, but the overall performance is similar. With small amount of data, the performance of SM2 public key encryption algorithm and ECIES algorithm depend on the size of the encrypted data. As the amount of data increases, the performance of the latter is significantly better than the former. The performance of the SM4 algorithm is between AES and 3DES. Table and Figures | Reference | Related Articles | Metrics

Select

Research on 5G Network Slicing Security Model LIU Jianwei, HAN Yiran, LIU Bin, YU Beiyuan Netinfo Security    2020, 20 (4): 1-11.   DOI: 10.3969/j.issn.1671-1122.2020.04.001 Abstract （1457）   HTML （84）    PDF （13352KB）（759）       Knowledge map    With the advent of the 5G communication era, network slicing technology will be deeply integrated with vertical industries to provide users with richer mobile Internet and IoT services. However, the introduction of network slicing technology brings many new security risks and challenges, and some of the original security protection technologies are no longer applicable. In addition, the different characteristics of various slices make the original security services unable to meet the different needs of network slices. Therefore, studying the security problems and corresponding countermeasures of network slicing technology and proposing new security policies are the key to guarantee the realization of 5G network security. This article first describes the existing security problems of network slicing technology from three aspects of network slicing architecture, management model, and implementation technology, then proposes relevant measures to maintain slice security in response to these security problems. Finally, a network slicing security model is established to provide differentiated security services for 5G network slicing. Table and Figures | Reference | Related Articles | Metrics

Select

Analysis of Decrypting LUKS Encrypted Volume Offline QIAN Jing-jie, WEI Peng, SHEN Chang-da 信息网络安全    2014, 14 (9): 217-219.   DOI: 10.3969/j.issn.1671-1122.2014.09.051 Abstract （1443）   HTML （79）    PDF （3019KB）（374）       Knowledge map    LUKS as one of the popular disk encryption technology is common to all versions of Linux and has characteristics as follows: support multi-user / password access to the same device; master key does not rely on user password, the user password can be changed without re-encrypting the user data; use anti-forensic splitter to store the encrypted master key for the sake of safety. Given that most of current forensic software cannot obtain forensics quickly on LUKS volume, this paper researches the principles of LUKS encryption, and based on this, proposes a LUKS decryption method, dependent on the Linux system. This method can greatly improve the forensic efficiency. Reference | Related Articles | Metrics

Select

Research Survey on Security Issues in Cyber-Physical Systems Kunlun PENG, Wei PENG, Dongxia WANG, Qianqian XING Netinfo Security    2016, 16 (7): 20-28.   DOI: 10.3969/j.issn.1671-1122.2016.07.004 Abstract （1399）   HTML （10）    PDF （1589KB）（449）       Knowledge map    A cyber-physical system (CPS) is a complex system which integrates information systems with physical systems. It realizes the function of real-time sensing and dynamical control of the physical world by environment perception and the integration of computing, communication and control process. CPS is viewed as the next information revolution after the Internet and security problem is one of the key issues affecting the wide application of CPS. This paper introduces the requirements and goals of CPS security, as well as security challenges that a CPS faces. Attacks on a CPS from physical layer, transport layer and application layer are also discussed in detail. By analyzing current research on techniques of anti-attack, identity authentication, privacy preservation and risk assessment in CPS, the paper discusses the future research trends in this area. Table and Figures | Reference | Related Articles | Metrics

Select

Research on Smart Home Vulnerability Mining Technology Based on Taint Analysis Jian ZHAO, Rui WANG, Siqi LI Netinfo Security    2018, 18 (6): 36-44.   DOI: 10.3969/j.issn.1671-1122.2018.06.005 Abstract （1376）   HTML （8）    PDF （2469KB）（226）       Knowledge map    The control center is the core of the smart home, and it can be controlled remotely through mobile phones, flat panels and other terminals. Once the control center is attacked, the attacker can get the majority of the household control authority, resulting in great destruction. At present, in the intelligent Home Furnishing system, control center through the router using wireless communication technology to connect to the remote terminal equipment, operation and control of all kinds of intelligent home furnishing in the system, the router is directly related to the safety of the whole intelligent system home furnishing and user privacy security.This paper designs a framework to discover vulnerabilities of the router based on sulley, and proposes a three-phase test case generation module (TPFTGM) to guide the generation of specific test cases in the process of fuzzing, and applies the framework to mining vulnerabilities in the Dlink. The experimental results show that the framework can successfully mine and restore the remote code execution vulnerability in the Dlink, and optimize the low efficiency of test cases and low code coverage in Fuzzing. Table and Figures | Reference | Related Articles | Metrics

Select

Research and Implementation of TLS Browser Supporting Commercial Cryptographic Algorithm Chuan XIANG, Wuqiong PAN, Huorong LI, Jingqiang LIN Netinfo Security    2017, 17 (4): 26-33.   DOI: 10.3969/j.issn.1671-1122.2017.04.004 Abstract （1346）   HTML （25）    PDF （1892KB）（779）       Knowledge map    We implement a TLS browser which support commercial cryptographic algorithms on Windows platform. A CCA (commercial cryptographic algorithms) library is developed using Windows system interface CryptoAPI: Next Generation. Due to the CCA library, Windows 10 can support the commercial cryptographic algorithms and certificate. Secondly. Using the CCA library and the TLS 1.2 protocol which is modified to add the support of the commercial cryptographic algorithms, the open source browser Chromium is modified to support the commercial cryptographic algorithms. The experiment results show that the implemented TLS browser not only support the HTTPS access based on the commercial cryptographic algorithms, support digital certificates based on commercial cryptographic algorithm, keep similar performance with international cryptographic algorithms, but also keep all the original browser owned features. Table and Figures | Reference | Related Articles | Metrics

Select

Review on Dynamic Taint Analysis of Binary Programs Zheng SONG, Yongjian WANG, Bo JIN, Jiuchuan LIN Netinfo Security    2016, 16 (3): 77-83.   DOI: 10.3969/j.issn.1671-1122.2016.03.013 Abstract （1321）   HTML （61）    PDF （7850KB）（521）       Knowledge map    With the network security situation becoming increasingly worsening, detection technology that can timely and effectivly discover exploits and related advanced persistent threat(APT) attacks is of vital importance for network security. Dynamic taint analysis, which is one of the reliable exploit detection solutions, is a method that marks the non-trusted input source as tainted data, and tracks its spread with the execution of program to get the key position and data associated with the input. This paper firstly introduces the principle of dynamic taint analysis of binary programs and its development status in several typical systems, then analyzes existing problems with dynamic taint analysis of binary programs, and finally introduces the application of dynamic taint analysis. In this paper, the dynamic taint analysis technology of binary program is introduced in details, which is helpful to improve the network security protection level for important information system. Table and Figures | Reference | Related Articles | Metrics