Top Read Articles

Published in last 1 year |

In last 2 years |

In last 3 years |

All

Please wait a minute...


For Selected: Download Citations EndNote Ris BibTeX Toggle Thumbnails

Select

Differential-Linear Cryptanalysis of the SIMON Algorithm HU Yujia, DAI Zhengyi, SUN Bing Netinfo Security    2022, 22 (9): 63-75.   DOI: 10.3969/j.issn.1671-1122.2022.09.008 Abstract （750）   HTML （15）    PDF （13167KB）（289）       Knowledge map    Differential cryptanalysis and linear cryptanalysis are currently the two most common methods to evaluate the security of block ciphers. Differential-linear cryptanalysis is an analysis method based on these two methods, which has been widely studied by the cryptography community in recent years. SIMON algorithm is an important lightweight block cipher, this paper mainly performed differential-linear attacks on SIMON 32/64 and SIMON 48, constructed 13 rounds differential-linear distinguishers respectively, made 16 rounds of key recovery attacks, whose data complexities are 226 and 242, and time complexities are 240.59 and 261.59 respectively, thereby increased the security evaluation dimension of the SIMON algorithm and enriched the actual cases of differential-linear cryptanalysis. Table and Figures | Reference | Related Articles | Metrics

Select

Review of Research on Misbehavior Detection in VANET CAO Yue, LYU Chenchen, SUN Yaping, ZHANG Yu’ang Netinfo Security    2023, 23 (4): 10-19.   DOI: 10.3969/j.issn.1671-1122.2023.04.002 Abstract （738）   HTML （89）    PDF （13558KB）（316）       Knowledge map    The Internet of vehicles (IoV) has gradually penetrated into the lives of urban residents, while security threats such as remote malicious control of vehicles and leakage of personal information of vehicle owners have gradually been exposed in recent years. Compared with the security concern on devices and platform in vehicular Ad-hoc network (VANET), this paper focused on the security issues faced by the communication of VANET. Therefore, this paper systematically reviewed the literature on misbehavior detection mechanisms of VANET in recent years. Firstly, this paper analyzed the definition of misbehavior and summarized common threat models. Then, the classification of misbehavior detection mechanisms was discussed, including detection mechanisms based on message content, detection mechanisms based on message processing behavior, and detection mechanisms combined with sensors. Finally, this paper summarized open issues and possible future research trends in the current misbehavior detection mechanisms of VANET communication. Table and Figures | Reference | Related Articles | Metrics

Select

Overview of the Research on Governance of Cross-Border Data Flow in China XIAO Xiaolei, ZHAO Xuelian Netinfo Security    2022, 22 (10): 45-51.   DOI: 10.3969/j.issn.1671-1122.2022.10.007 Abstract （737）   HTML （46）    PDF （1318KB）（533）       Knowledge map    The normalized development of cross-border data flows has brought impact and challenge to our country’s data security, the relevant research could provide a reference for enriching academic theory for exploring governance schemes for cross-border data flows in China. By using the method of systematic literature review, this paper expounded the research status of China’s cross-border data flow governance from the perspectives of interest concern, governance model and governance path. Through analyzing, the study found that the research on governance of cross-border data flow in China was still in primary stage, and it was necessary to establish a mechanism for balancing interests, explore a diversified cooperative governance model, and build a dual track governance path. In the future, the data governance criterion should be established with the overall view of national security, focus on the innovation of cross-border data compliance system construction, and explore the necessity evaluation system of data regulation measures. Table and Figures | Reference | Related Articles | Metrics

Select

Review of Fuzzing Based on Machine Learning WANG Juan, ZHANG Chong, GONG Jiaxin, LI Jun’e Netinfo Security    2023, 23 (8): 1-16.   DOI: 10.3969/j.issn.1671-1122.2023.08.001 Abstract （731）   HTML （96）    PDF （20467KB）（548）       Knowledge map    Fuzzing is one of the most popular vulnerability discovering techniques today. Traditional fuzzing often requires a lot of labor, which increases the application cycle of fuzzing. Besides, expert experience determines the effect of fuzzing. The wide application of machine learning has enabled machine learning techniques to be applied to software security testing. Many research works use machine learning to optimize the fuzzing process, making up for many defects of traditional fuzzing technology. This paper provided a review of fuzzing based on machine learning. Firstly, common vulnerability discovery methods, fuzzing process and classification, and the shortcomings of traditional fuzzing were summarized. Then, from the perspective of test case generation, mutation, screening, and scheduling of fuzzing, this paper focused on the application research of machine learning methods in fuzzing, as well as the research work on combining machine learning and fuzzing to realize other functions. Finally, based on the existing work, this paper analyzed and summarized the limitations and challenges in the current research work, and prospected the future development directions of this field. Table and Figures | Reference | Related Articles | Metrics

Select

Research on Intrusion Detection Mechanism Based on Federated Learning BAI Hongpeng, DENG Dongxu, XU Guangquan, ZHOU Dexiang Netinfo Security    2022, 22 (1): 46-54.   DOI: 10.3969/j.issn.1671-1122.2022.01.006 Abstract （728）   HTML （47）    PDF （1259KB）（277）       Knowledge map    With the advent of the era of big data, data has become an important strategic resource for social development. However, with the increasing complexity of the network environment, privacy leakage and malicious attacks emerge in an endless stream. As a new data sharing model, federated learning can share data on the premise of protecting data privacy. In particular, it can effectively solve the shortcomings of traditional intrusion detection model. Therefore, this paper proposed an intrusion detection mechanism based on federated learning. This paper first introduced the structure and characteristics of federated learning and intrusion detection model, And deeply analyzed the feasibility of intrusion detection mechanism based on federated learning to effectively improve the detection accuracy and efficiency. The prototype system was developed through the requirement analysis and design of the model, and the simulation experimented with function programming. It is found that the federated learning mechanism can realize the sharing of multi-party attack logs on the premise of ensuring the data privacy security of participating clients. At the same time, through the control experiments of multiple groups of control variables, it is proved that the intrusion detection mechanism based on federated learning has significantly improved the detection accuracy and efficiency. Table and Figures | Reference | Related Articles | Metrics

Select

A Deep Forgery Video Detection Model Based on Improved Xception Network MA Rui, CAI Manchun, PENG Shufan Netinfo Security    2021, 21 (12): 109-117.   DOI: 10.3969/j.issn.1671-1122.2021.12.015 Abstract （718）   HTML （25）    PDF （10059KB）（245）       Knowledge map    In recent years, with the development of deep forgery technology, deep forged content have become more difficult to identify, which has brought severe challenges to the security of information network. Aiming at resolving the difficulty of identifying the content of deep forgery and tampering, as well as the insufficient facial featured extraction and excessive parameter amount in the existing deep forgery detection methods, this paper proposes a deep forgery detection model i_Xception that integrates Xception network, SENet and WSDAN. The model embeds the SE module in the Xception network to extract features, and then uses the WSDAN module to enhance the training images with the guidance of attention, and feeds the augmented images back to the network for training, which improves the detection accuracy of the model. On this basis, this paper designs a lightweight network model i_miniXception by reasonably reducing the depth and width of the Xception network and fusing the above methods, which greatly reduces the parameters of the model. It is verified on the two types of datasets FaceSwap and DeepFakes of FaceForensics++, which are currently widely used in the field of deep forgery detection. The accuracy of i_Xception detection reaches 99.50% and 98.83%, and the accuracy of i_miniXception detection reaches 99.17% and 98.50% respectively, which are better than existing main algorithms. Table and Figures | Reference | Related Articles | Metrics

Select

Overview of Research on the Revocable Mechanism of Attribute-Based Encryption LI Li, ZHU Jiangwen, YANG Chunyan Netinfo Security    2023, 23 (4): 39-50.   DOI: 10.3969/j.issn.1671-1122.2023.04.005 Abstract （717）   HTML （68）    PDF （14235KB）（444）       Knowledge map    Attribute-based encryption is an important cryptographic technique for achieving fine-grained access control of data files in group communication systems. However, addressing the revocation of users or attributes is crucial due to the existence of user joining, exiting, and attribute changing in group communication systems. Based on the classification and construction of revocable attribute-based encryption schemes, this paper focused on the research progress and development of revocable attribute-based encryption schemes. This paper provided a comprehensive analysis and comparison of existing revocable attribute-based encryption schemes from three revocation mechanisms: direct revocation, indirect revocation, and hybrid revocation. At the same time, discussing the shortcomings and issues of revocable attribute-based encryption mechanisms and possible future directions. Table and Figures | Reference | Related Articles | Metrics

Select

Research on Dynamic Access Control Model of Sensitive Data Based on Zero Trust GUO Baoxia, WANG Jiahui, MA Limin, ZHANG Wei Netinfo Security    2022, 22 (6): 86-93.   DOI: 10.3969/j.issn.1671-1122.2022.06.009 Abstract （654）   HTML （34）    PDF （1588KB）（586）       Knowledge map    With the advent of the era of big data, the security of sensitive data has attracted increasing attention. At present, most of the existing systems consider the access subject’s identity to be trusted after successful authentication, but once the attacker uses the lost subject as a springboard to invade the network, he may steal or destroy sensitive data. Therefore, it is urgent to study a fine-grained and flexible access control mechanism to protect the sensitive information resources of the system. Based on zero trust architecture, this paper proposes a trust evaluation algorithm by analyzing the characteristics of access subject and access object of the current protected system. By acquiring multi-source attributes for dynamic trust evaluation, the algorithm can quickly reduce the trust value of the lost subject when it has abrupt behavior, and timely block the threat of the lost subject in the authentication. The system implements dynamic authorization through attribute encryption to reduce the possibility of excessive access to sensitive resources. Experimental results show that this model can realize dynamic control of access authorization, and ensure that the time and memory cost of the system are in a reasonable range. Table and Figures | Reference | Related Articles | Metrics

Select

Anomaly Detection Model Based on Generative Adversarial Network and Autoencoder GUO Sensen, WANG Tongli, MU Dejun Netinfo Security    2022, 22 (12): 7-15.   DOI: 10.3969/j.issn.1671-1122.2022.12.002 Abstract （642）   HTML （41）    PDF （12429KB）（282）       Knowledge map    In recent years, machine learning, especially deep learning algorithms, has been widely used in the field of network traffic intrusion detection, the distribution of dataset sample categories is an important factor affecting the performance of machine learning algorithms. To address the problem of diverse network attack categories and uneven distribution of existing network traffic dataset categories, this paper proposed a network traffic anomaly detection model based on generative adversarial networks and self-encoders. Firstly, a conditional generative adversarial network based on Wasserstein distance was used to resample the minority categories in the original network traffic data. Secondly, the resampled data were reconstructed using a stacked denoising self-encoder to obtain potential information of the data. Finally, the encoder network combined with a Softmax network was used to identify anomalous network traffic data. Experiments are conducted on the NSL-KDD intrusion detection dataset, and the experimental results show that proposed anomaly detection model can effectively improve the recognition rate of minority categories. Table and Figures | Reference | Related Articles | Metrics

Select

Insider Threat Detection Model Based on LSTM-Attention ZHANG Guanghua, YAN Fengru, ZHANG Dongwen, LIU Xuefeng Netinfo Security    2022, 22 (2): 1-10.   DOI: 10.3969/j.issn.1671-1122.2022.02.001 Abstract （586）   HTML （73）    PDF （1708KB）（492）       Knowledge map    Information materials are illegally leaked, copied and tampered by insider personnel, which often cause huge financial losses to governments and enterprises. In order to prevent information from being illegally stolen by insiders, an insider threat detection model ITDBLA based on LSTM-Attention was proposed. Firstly, the user’s behavior sequence, user behavior characteristics, role behavior characteristics and psychological data were extracted to describe the daily activities of users. Secondly, the long short-term memory (LSTM) network and the attention mechanism were used to learn the user’s behavior pattern, and calculate the deviation between the real behavior and the predicted behavior. Finally, multilayer perceptron was used to make comprehensive decisions based on these deviations to identify abnormal behaviors. Experimental results on the CERT insider threat dataset show that the proposed ITDBLA model achieves an AUC score of 0.964, which show a stronger ability to learn user activity patterns and detect abnormal behaviors. Table and Figures | Reference | Related Articles | Metrics

Select

Key Technologies and Advances in the Research on Automated Exploitation of Computer System Vulnerabilities FENG Guangsheng, ZHANG Yizhe, SUN Jiayu, LYU Hongwu Netinfo Security    2022, 22 (3): 39-52.   DOI: 10.3969/j.issn.1671-1122.2022.03.005 Abstract （585）   HTML （70）    PDF （1058KB）（657）       Knowledge map    The security situation of cyberspace is becoming more and more complex. Security vulnerabilities exploded in the past few decades with the acceleration of software iteration. Facing with the challenge of hidden and numerous vulnerabilities, traditional methods relying on security experts to conduct assessments often requires huge manpower and material resources. Thus, how to efficiently find software vulnerabilities automatically, generate corresponding EXP (exploit) and make subsequent usage have become a hot spot which attracts widespread attention. This paper aims to summarize the latest developments in the automated exploitation of vulnerabilities. First, this paper refines the related technologies for software vulnerabilities automated exploiting. Second, this paper reviews mainstream software vulnerability automated exploitation systems. Finally, this paper analyzes and summarize the current problems and prospect the future research. Table and Figures | Reference | Related Articles | Metrics

Select

An Enhanced Lattice Attack to DSA and ECDSA Scheme YU Fajiang, JIA Yaomin Netinfo Security    2022, 22 (2): 11-20.   DOI: 10.3969/j.issn.1671-1122.2022.02.002 Abstract （584）   HTML （47）    PDF （1124KB）（317）       Knowledge map    The basic idea behind one type of lattice attack to DSA and ECDSA scheme is to construct a system of congruences, and convert the hidden number problem into the nearest vector problem. if one of the solutions of the congruences is below a certain bound, the private key can be found by solving the closest vector. If the bound becomes larger, the size of solution within which the attack is effective can be broadened accordingly, thus reducing the level to construct such congruences. A new bound based on the oretical analysis and calculation was presented. The new bound was 6.92 times larger than the original one, reducing the level to launch an effective lattice attack significantly. This paper designed and implemented experiment to verify this new bound by collecting signatures from OpenSSL. The results show that under the new bound, the lattice attack only require solution vector’s elements’ 3 most significant bits to be known, compared with 6 most significant bits to be known before. For DSA, the success rate is about 80% with a lattice of size 350. For ECDSA, the success rate is about 97% with a lattice of size 260. Furthermore, by subtracting a base vector from the solution vector, the requirement of known bits can be reduced to just one, the difficulty to mount an attack can be reduced even further. Table and Figures | Reference | Related Articles | Metrics

Select

Research and Implementation of Data Security Sharing and Controlled Distribution Technology Based on Blockchain HOU Yutong, MA Zhaofeng, LUO Shoushan Netinfo Security    2022, 22 (2): 55-63.   DOI: 10.3969/j.issn.1671-1122.2022.02.007 Abstract （583）   HTML （38）    PDF （1389KB）（461）       Knowledge map    Data sharing and data distribution is the inevitable trend of social development. Meanwhile the security issues caused by data sharing also need to be concerned. Blockchain has the characteristics of traceability and non-tampering, which can effectively solve the single point of failure problem caused by the traditional data sharing and distribution scheme, and protect the data security at the same time. This paper proposed a data security sharing and controlled distribution model based on blockchain and cryptography, including data upload algorithm, data sharing algorithm and data distribution algorithm. IPFS is used to store data, and blockchain is used to record the whole process of data from upload to sharing and distribution, which traceable and fully ensures the security of data. Table and Figures | Reference | Related Articles | Metrics

Select

Research and Implementation of Cross-Chain Security Access and Identity Authentication Scheme of Blockchain WANG Shushuang, MA Zhaofeng, LIU Jiawei, LUO Shoushan Netinfo Security    2022, 22 (6): 61-72.   DOI: 10.3969/j.issn.1671-1122.2022.06.007 Abstract （551）   HTML （25）    PDF （1399KB）（425）       Knowledge map    This paper proposes a blockchain cross-chain secure access and identity authentication scheme. Aiming at the research on access chain secure access and cross-chain identity authentication in cross-chain technology, a secure cross-chain model architecture is designed. The digital identity is used as the global identifier of the whole cross chain network of the blockchain to complete the identity identification of cross-chain transactions. A cross-chain identity authentication scheme of IBE based on relay chain is proposed. The access chain security access and cross-chain identity authentication are carried out through relay chain. At the same time, the transaction information of the two chains carrying out cross-chain transactions is encrypted and transmitted by using security key negotiation strategy, so as to ensure the anonymity security of transaction information and solve the problems of security and isolated data island in the existing cross-chain model. Finally, the experimental analysis and evaluation show that the scheme is safe and feasible. Table and Figures | Reference | Related Articles | Metrics

Select

Analysis on Characteristics of Victims of Telecom Network Fraud Based on Bayesian Network LUO Wenhua, ZHANG Yaowen Netinfo Security    2021, 21 (12): 25-30.   DOI: 10.3969/j.issn.1671-1122.2021.12.004 Abstract （546）   HTML （46）    PDF （6322KB）（201）       Knowledge map    As a typical non-contact crime, the prevention and control of telecom network fraud emphasizes the combing and analysis of the characteristics of victims. However, most of the existing research results are carried out for the single characteristics of victims, and rely on a small number of cases, which is difficult to fully and deeply reflect the characteristics and laws, and the application is weak. This paper took the self characteristics and case characteristics of telecom network fraud victims as indicators, constructs Bayesian network and establishes victim characteristic analysis model. Then, starting from the types of cases, this paper discussed the vulnerable groups. Starting from the characteristic population, this paper expounds its gullible types. Table and Figures | Reference | Related Articles | Metrics

Select

A Survey of Cyber Security Open-Source Intelligence Knowledge Graph WANG Xiaodi, HUANG Cheng, LIU Jiayong Netinfo Security    2023, 23 (6): 11-21.   DOI: 10.3969/j.issn.1671-1122.2023.06.002 Abstract （545）   HTML （73）    PDF （13519KB）（354）       Knowledge map    With the development of informatization, a large amount of cyber security information is generated online every day. However, the majority of security intelligence consists of multi-source and heterogeneous text data that are challenging to directly analyze and apply. Therefore, the introduction of a knowledge graph assumes paramount significance in order to facilitate profound semantic knowledge mining and enable intelligent reasoning analysis. On this basis, this paper first described how the cybersecurity knowledge graph was built. Then, it outlined the core technologies of the knowledge graph and related research work, including information extraction and knowledge reasoning. Finally, the challenges of building a cybersecurity knowledge graph were discussed, and some directions for further research were suggested. Table and Figures | Reference | Related Articles | Metrics

Select

Construction of Crime Predicting Model Based on Macro Data of Society XU Boyang, WANG Dawei, TANG He, JIN Yifeng Netinfo Security    2022, 22 (10): 114-120.   DOI: 10.3969/j.issn.1671-1122.2022.10.016 Abstract （541）   HTML （33）    PDF （2352KB）（349）       Knowledge map    The fluctuation of crime is affected by various macro social factors. Scientific predicting of the regular patterns of crime is undoubtedly of great guiding value for the organizations of social governing. Based on criminological theories and six sides elastic equilibrium model, the current study utilized social structure variables and crime rates’ data in Chinese statistical yearbook from 2001 to 2021 and the major analysing method of Granger causality test to construct the six sides elastic equilibrium model for crime predicting in China. Results showed that education level, urbanization’s rate, population mobility, GDP per capita, gender structure and population’s number had significant effects on crime rates in China. The determining coefficient of crime rates in 2025, 2027, 2031, 2032, 2033 and 2035 may break through the warning line of stable standardization. The conclusion aims to provide systematic suggestions for social governing departments on the application of prediction via big data, transformation of social structure under the background of normalization of pandemic prevention, and crime control in cyberspace. Table and Figures | Reference | Related Articles | Metrics

Select

Survey on Application of Machine Learning in Disassembly on x86 Binaries WANG Juan, WANG Yunru, WENG Bin, GONG Jiaxin Netinfo Security    2022, 22 (6): 9-25.   DOI: 10.3969/j.issn.1671-1122.2022.06.002 Abstract （539）   HTML （44）    PDF （1393KB）（407）       Knowledge map    Binary disassembly technology is the core of vulnerability finding, control flow integrity and code similarity measurement. Traditional disassembly techniques highly rely on predefined heuristics and expert knowledge, and its application effect of identifying function boundaries, variable types and reconstructing control flow graphs and other tasks are not good enough. The development of machine learning in handling sequential and graphical data has enabled machine learning to be applied to binary analysis and make up for the defects of the traditional disassembly techniques, thus promoting the researches of binary reverse analysis. This paper focused on the application of machine learning in disassembly on x86 binaries and analyzed in-depth the research work related to function identification, function signature recovery and data flow reconstruction. Firstly, the traditional methods and challenges of disassembly on x86 binaries were summarized comprehensively. Secondly, the general workflow of machine learning in disassembly on x86 binaries including binary feature extraction, vectorization, and model training was distilled. This paper classified the methodologies of feature extraction and vectorization based on the feature contents and embedded approaches respectively, and subsequently summarized the significant techniques of model training utilized in specific disassembly tasks. Finally, the limitations and challenges of current work were concluded, and the future research directions were elaborated. Table and Figures | Reference | Related Articles | Metrics

Select

Spectral Graph Convolutional Neural Network for Decentralized Dual Differential Privacy LIU Feng, YANG Chengyi, YU Xincheng, QI Jiayin Netinfo Security    2022, 22 (2): 39-46.   DOI: 10.3969/j.issn.1671-1122.2022.02.005 Abstract （529）   HTML （22）    PDF （1218KB）（121）       Knowledge map    Graph convolution neural network is a multi-task oriented and widely-used deep learning model. This paper focused on the protection of node relationship information and node feature information of graph convolutional neural network in spectral domain for decentralized scenes, and proposed a spectral graph convolutional neural network based on dual differential privacy protection mechanism called DDPSGCN. Given the total amount of privacy budget, the Laplacian mechanism and Gaussian mechanism are allocated privacy budget, and the parameters of the two distributions are estimated by privacy loss and Chernoff bound theory. The paper proposed a graph convolution neural network training algorithm based on block chain decentralized differential privacy processing mechanism under the influence of two kinds of distributed noise. Experiments show that the decentralized dual differential privacy mechanism can ensure the privacy of the original data without leakage under the premise that the accuracy of semi-supervised node classification task is reduced by less than 1%,which has higher privacy protection efficiency and stronger robustness against attacks compared with the single privacy protection mechanism. Table and Figures | Reference | Related Articles | Metrics

Select

Hardware Design and Implementation of Number Theoretic Transform in Post-Quantum Cryptography XIAO Hao, ZHAO Yanrui, HU Yue, LIU Xiaofan Netinfo Security    2023, 23 (4): 72-79.   DOI: 10.3969/j.issn.1671-1122.2023.04.008 Abstract （503）   HTML （30）    PDF （8696KB）（367）       Knowledge map    Number theoretic transform (NTT) is a key component of post-quantum cryptography algorithms, and its computing performance is critical to the running speed of the system. Compared with the classical NTT algorithm, the high-radix NTT algorithm can achieve better computational performance. In order to solve the problems of lengthy computing flow and complex control logic in the hardware implementation of high-radix NTT, this paper proposed a high-performance radix-4 NTT hardware architecture based on pipeline structure. Firstly, based on the classical NTT algorithm, a radix-4 recursive NTT was derived to facilitate hardware implementation, which simplified the computing flow of the high-radix algorithm. Secondly, a single-path delay feedback structure was presented to effectively pipeline the algorithm flow and reduced the complexity of the hardware architecture. Finally, the radix-4 butterfly unit was realized by coupling two-stage butterfly operations, and the reduction was optimized by using shift operations and additions, which could reduce the overhead of hardware resources. Taking the post-quantum cryptography algorithm falcon as an example, the proposed NTT hardware architecture has been implemented on Xilinx Artix-7 FPGA. The experimental results show that the proposed design has good performance in computing speed and hardware resources overhead compared to the related designs. Table and Figures | Reference | Related Articles | Metrics