Most Down Articles

Published in last 1 year | In last 2 years| In last 3 years| All| Most Downloaded in Recent Month | Most Downloaded in Recent Year|

All

Please wait a minute...


For Selected: Download Citations EndNote Ris BibTeX Toggle Thumbnails

Select

Power Analysis Attack against SM4 in Frequency Domain Min WANG, Jin-tao RAO, Zhen WU, Zhi-bo DU Netinfo Security    2015, 15 (8): 14-19.   DOI: 10.3969/j.issn.1671-1122.2015.08.003 Abstract （1053）   HTML （33）    PDF （1755KB）（124265）       Knowledge map    SM4 algorithm is the first open promulgated Chinese commercial block cipher algorithm. Since the algorithm is promulgated, some study on cryptanalysis of SM4 algorithm including side channel attack(SCA) by domestic and foreign scholars have been done. Recent literature study on SCA aremanily focus on power attack in time domain to compromise the secret password. But pure signal analysis in time domain has limitation. For instance, the alignment quality of power signal in time domain is the key factor to in fluence power analysis attack. In order to eliminate the effect of the signal alignment on the power analysis attack, the method of the power analysis attack against in frequency domain is proposed. The power analysis attack in frequency domain is not only feasible, but also can elimi nate the effect of the signal alignment. Finally, the method in this paper is successfully im plemented on the SM4 cryptographic in FPGA, in the case of no alignment operation in the frequency domain. The experimental results show that the proposed attack method is effec tive. Table and Figures | Reference | Related Articles | Metrics

Select

A Revocable Authorization Provable Data Possession Scheme in Clouds Yang ZHAO, Yang CHEN, Hu XIONG, Hua-qiang REN Netinfo Security    2015, 15 (8): 1-7.   DOI: 10.3969/j.issn.1671-1122.2015.08.001 Abstract （503）   HTML （13）    PDF （2071KB）（32905）       Knowledge map    There are two main provable data possession schemes: public verification and verification, but it is very difficult when users want to specify a third party to verify the data. In this regard, we propose a revocable authorization provable data possession scheme in clouds. The scheme allows users to authorize a third party audit to help them perform remote data integrity verification. This can protect users’ privacy. In addition, users can revoke the third party audit’s authorization when they need and authorize a new third party. In our scheme only the third party it has the authorization can complete the verification process and give back the result to users. Furthermore, users can choose to keep the authorized evidence secret, authorize to a third party or public to achieve private verification, authorized verification or public verification. The scheme is designed base on bilinear pairing and identity-based encryption (IDE) technology. And it achieves authorization verification or revocation by embedding authorized evidence to integrity verification. Then we analyze the security and performance of the scheme to prove the scheme is safety and efficiency at last of the paper. Table and Figures | Reference | Related Articles | Metrics

Select

Netinfo Security    2015, 15 (8): 82-82.   Abstract （397）   HTML （19）    PDF （1120KB）（13330）       Knowledge map    Table and Figures | Reference | Related Articles | Metrics

Select

Baseline for Classified Protection of Cybersecurity (GB/T 22239-2019) Standard Interpretation Li MA, Guobang ZHU, Lei LU Netinfo Security    2019, 19 (2): 77-84.   DOI: 10.3969/j.issn.1671-1122.2019.02.010 Abstract （12441）   HTML （808）    PDF （8866KB）（9538）       Knowledge map    Baseline for Classified Protection of Cybersecurity(GB/T 22239-2019) will be formally implemented soon. This paper introduces the background and process of the revision GB/T 22239-2019, the main changes in comparison with GB/T 22239-2008, the main contents of its security general requirements and security special requirements, etc., so as to enable users to better understand and master the contents of GB/T 22239-2019. Table and Figures | Reference | Related Articles | Metrics

Select

Information Security Technology—Evaluation Requirement for Classified Protection of Cybersecurity(GB/T 28448-2019) Standard Interpretation Guangyong CHEN, Guobang ZHU, Chunling FAN Netinfo Security    2019, 19 (7): 1-8.   DOI: 10.3969/j.issn.1671-1122.2019.07.001 Abstract （17869）   HTML （868）    PDF （7610KB）（7606）       Knowledge map    Evaluation requirements for classified protection of cybersecurity(GB/T 28448-2019) will be formally implemented soon. This paper introduces the revision background and process of this standard, the main changes in comparison with GB/T 28448-2012, the main contents of security general requirements and security special requirements, etc., so that to the main contents can be understood better. Table and Figures | Reference | Related Articles | Metrics

Select

Security Survey of Internet of Things Driven by Block Chain Technology Kuo ZHAO, Yongheng XING Netinfo Security    2017, 17 (5): 1-6.   DOI: 10.3969/j.issn.1671-1122.2017.05.001 Abstract （1094）   HTML （31）    PDF （1332KB）（3368）       Knowledge map    Nowadays, after the Internet, Internet of Things brings great changes to people’s production and life as a new direction of the third industrial revolution and the future internet technology. The development and application of Internet of Things has achieved remarkable results in recent years. A large number of sensors are connected to the machines and are combined with the Internet, which achieves intelligent management and operation. At the same time, the security and privacy problem in the Internet of Things environment is still the one of the threats to the Internet of Things technology. Because of the topology of the Internet of Things as well as the constraint of resources, the traditional security technologies are not entirely applicable to the Internet of Things. As the basic technology of bitcoin, block chain technology has the characteristics of decentralization, detrust, data encryption and so on. It is suitable for building a distributed system. This paper analyzes the characteristics of block chain technology to solve the security problems in the application of Internet of Things, and discusses the security problems of the combination of block chain and Internet of Things. Table and Figures | Reference | Related Articles | Metrics

Select

Design and Application of General Framework for Side Channel Attack Qing WANG, Chenyang TU, shenjiahui@iie.ac.cn Netinfo Security    2017, 17 (5): 57-62.   DOI: 10.3969/j.issn.1671-1122.2017.05.009 Abstract （754）   HTML （15）    PDF （1030KB）（2189）       Knowledge map    At present, many cryptographic algorithms and cryptographic devices add the process of evaluating the risk of side channel when being designed. Side channel attack object is divided into two categories: unprotected cipher algorithm / module and protected cipher algorithm / module. If the attacks are designed separately for each attack object, it is time-consuming and laborious. Therefore, this paper proposes a new generalized analysis framework which can be applied to the vast majority of side channel attacks. Actual side channel attacks would be divided into three steps, the progressive side channel logic vulnerability assessment, side channel information collection, and side channel analysis optimization, in this paper, we detail the realization method of each step. Then, this framework covers all attacking processes and can be applied on the software which is protected by improved low entropy mask and out-of-order instructions. The experiment results verify the rationality and validity of the framework which adapts to most side channel attacks. Table and Figures | Reference | Related Articles | Metrics

Select

Research on the Consensus Mechanisms of Blockchain Technology Xuan HAN, Yamin LIU Netinfo Security    2017, 17 (9): 147-152.   DOI: 10.3969/j.issn.1671-1122.2017.09.034 Abstract （823）   HTML （28）    PDF （5330KB）（2102）       Knowledge map    As the underlying technology in Bitcoin, the blockchain technology has gained wide attention. Blockchain is a kind of feasible method to solve the consistency problem of distributed system. Consensus mechanism is the core of the blockchain technology. Delicate consensus mechanism can improve system performance and promote the application of blockchain in many fields. Based on the consensus mechanisms in existing design of blockchain, this paper summarizes the basic consensus mechanisms including proof of work, proof of stake and Byzantine consistency agreement, and evaluates them from various aspects such as security, scalability, performance, etc. The future research on the blockchain consensus mechanism will be based on the different characteristics of the consensus mechanisms, and design should be carried out around the combination of different consensus mechanisms. Table and Figures | Reference | Related Articles | Metrics

Select

A New Cloudware PaaS Platform Based on Microservices Architecture Dong GUO, Wei WANG, Guo-sun ZENG Netinfo Security    2015, 15 (11): 15-20.   DOI: 10.3969/j.issn.1671-1122.2015.11.003 Abstract （799）   HTML （7）    PDF （1649KB）（2056）       Knowledge map    With the development of microservice, container technology, the software paradigm is evolved towards Cloudware in cloud environment. Cloudware is based on service, supported by cloud platform, and it is the important method to cloudlization traditional software. It is the most important method for software development, deployment, maintains and usage in future cloud environment, and it is also a new thought for software in cloud platform. We proposed a new Cloudware PaaS platform based on microservice architecture and light weighted container technology. The traditional software can be directly deployed in this platform without modification, and provide service to the client by a browser. By utilizing the microservice architecture, this platform has the following characteristics, such as scalability, auto-deployment, disaster recovery and elastic configuration. Table and Figures | Reference | Related Articles | Metrics

Select

The Summary of Fuzzing Testing Technology null null    2014, 14 (3): 0-0.   Abstract （230）      PDF （907KB）（1473）       Knowledge map    software security%fuzzing testing%code coverage Related Articles | Metrics

Select

An Improved Algorithm based on Abstract Syntax Tree for Source Code Plagiarism Detection null null    2014, 14 (1): 0-0.   Abstract （222）      PDF （1011KB）（1419）       Knowledge map    abstract syntax tree%AST%improved algorithm Related Articles | Metrics

Select

Multi-parties Key Agreement Protocol in Block Chain Chunming TANG, Long GAO Netinfo Security    2017, 17 (12): 17-21.   DOI: 10.3969/j.issn.1671-1122.2017.12.004 Abstract （662）   HTML （16）    PDF （1027KB）（1316）       Knowledge map    The key agreement protocol is a shared key mechanism between two or more participants in a public channel to ensure the secure communication and encryption of sensitive information. Communication agents need to trust each other, and a trusted center is needed to authenticate each other to negotiate the key securely. In order to resist the attack on the trusted center and the abuse of power of the trusted center, this paper gives a multi-parties key agreement protocol in block chain system, which uses the characteristics that when store data, data only can increase, but can not be deleted and changed, which makes the protocol more secure. Reference | Related Articles | Metrics

Select

Authenticated Encryption Modes Based on Block Ciphers null null    Abstract （378）   HTML （5）    PDF （1668KB）（1306）       Knowledge map    It is an inevitable trend to provide authentication encryption modes of operation, which satisfy all kinds of requirements, and have good performance such as high-efficiency, high security, low-cost and simple structure. Authenticated encryption modes based on block ciphers provide both privacy and authenticity of users’ information. As they have many good properties: high-speed, easy standardization, high-efficiency in hardware and software implementation, they have been widely used in the field of information security. In this paper, we give a survey on authenticated encryption modes based on block ciphers, and discuss further research trend in the future. Related Articles | Metrics

Select

Multi-level File Operations Recording System Based on Minifilter Driver null null    Abstract （220）   HTML （1）    PDF （1089KB）（1171）       Knowledge map    This paper studied for different levels of extraction and monitoring the behavior of file operations, aimed at the existing bypass filter drivers detection method was improved, more effective against malicious software behavior, multi-level technology to extract the file operations. Firstly the paper introduces the file filter driver technology , principle and current application situation,then introduces the widely application of micro file filter driver (Minifilter) technology development principle, steps and application field. Subsequent to the underlying behavior of file operations process are analyzed, and the Minifilter detection principle of the related introduction. To analyze its security and puts forward several methods of current can bypass the filter drivers detection principle. Including by adding filter drivers and send Hook function principle to bypass filter drivers, which the filter driver behavior cannot be detected.Lists the existing several attack methods from different levels to bypass the filter driver, including attached new filter drivers, direct access to the kernel, the sending of the underlying file structure function of different hook skills and so on. According to its attack principle is analyzed, puts forward corresponding detection methods.By adding the above on the basis of the original Minifilter several detection methods, which can realize to test the present a variety of means of attack, so as to add multi-layered protective measures. And then the improved filter drivers for targeted on the function and performance test, shows that the improved test drive to be able to use a smaller time cost to complete more deeper detection. Therefore the behavior of the improved extraction technology can bypass the normal file filter driver to expand to detect malicious behavior, the extraction of deeper malicious software file operations, so as to realize the target of suspicious file operations for a more comprehensive monitoring. Related Articles | Metrics

Select

Review of Network High Flow Distributed Denial of Service Attack and Defense Mechanisms Heng LI, Huawei SHEN, Xueqi CHENG, Yong ZHAI Netinfo Security    2017, 17 (5): 37-43.   DOI: 10.3969/j.issn.1671-1122.2017.05.006 Abstract （684）   HTML （11）    PDF （1122KB）（1171）       Knowledge map    Distributed Denial of Service (DDoS) attack is one of the extremely familiar network attack methods. In the condition of high flow capacity, DDoS causes network congestion by means of manufacturing useless data, finally leading to resource exhausting and normal service interrupt. No effective defense for now is against the high flow capacity DDoS. Based on preliminary study and literature researches, this thesis summarizes and analyses the domestic and international research progress of network high flow DDoS defense mechanisms, emphasis on attacks detection and defense principle and attack test, makes a summary of features and disadvantages of different detection and defense mechanisms, in order to establish the comprehensive and effective network high flow DDoS defense mechanisms. Table and Figures | Reference | Related Articles | Metrics

Select

Research on SQL Injection Vulnerabilities Detection Technology Based on Proxy Mode null null    Abstract （343）   HTML （6）    PDF （1275KB）（1115）       Knowledge map    SQL injection vulnerability is one of the most common vulnerabilities in the Web site; also it's one of the most destructive loopholes during business operations. SQL injection vulnerability detection mode can be divided into manual and automated analysis. Although there are many automated tools that can help us quickly detect SQL injection vulnerability, but the capacity of the tools is very limited. For now, the biggest problem is how to ensure the comprehensive of the test data. Restricted to the crawler technology, the probability of false positives and false negatives of the automated tools is relatively large. Although the manual analysis way can ensure the accuracy of the vulnerability detection, but the testing process consumes a lot of time and low efficiency. In such cases, based on a proxy mode, this paper presents a SQL injection vulnerability detection way which can take full advantages of the existing vulnerability detection tools and achieve high efficiency and accuracy of SQL injection vulnerability detection. On the other hand, we also used this method to detect and analyze the XSS vulnerability in Web applications and have achieved very good results. Related Articles | Metrics

Select

Study on Block Chain Technology and Its Applications Hui XIE, Jian WANG Netinfo Security    2016, 16 (9): 192-195.   DOI: 10.3969/j.issn.1671-1122.2016.09.038 Abstract （756）   HTML （24）    PDF （2343KB）（1087）       Knowledge map    Since 2009, blockchain was used for base record technology of account book in BitCoin. It has graduated as a new distributed, non-centralized and non-trust solution after several years. Especially in last two years, blockchain has gradually gotten out of BitCoin as an independent innovation hot point. It creating a new distributed data storage technology with an innovation change on system/program design. Maybe, it will subvert the organizational model of current business community in future. So it received more and more attention from Business and Technology communities. This article do more research and investigation on the design and implementation of blockchain. Include security investigation for blockchain and blockchain related application, and the security architecture compare for blockchain security system and traditional centralized mode system. Did the summaries for the advantages and disadvantages of the blockchain, and more actual application scenarios are derived. Table and Figures | Reference | Related Articles | Metrics

Select

The Application of a Kind of Reversible Matrix in Secure Communication Xiaoming CHEN, Weiqing YOU, Wenxi LI, Hao JIANG Netinfo Security    2017, 17 (5): 7-7.   DOI: 10.3969/j.issn.1671-1122.2017.05.002 Abstract （591）   HTML （5）    PDF （1323KB）（1077）       Knowledge map    The cyclic matrix is generated by its first row of elements, and then each row is shifted by the first row. Therefore, the cyclic matrix can not only maximize the utilization of the hardware circuit, but also save the storage space and have high computational efficiency. Constructing a reversible cyclic matrix conforming to the requirements of secure communication systems is a problem worthy of study. This paper corrects the erroneous application of the reversible matrix in secure communication in some documents, and gives the correct application examples and standards. Firstly, a necessary and sufficient condition for constructing the reversible cyclic matrix is obtained by studying the relation between the van Vandermonde Matrix and the cyclic matrix. Secondly, according to the finite field G(28) characteristics, the necessary and sufficient conditions for constructing the reversible cyclic matrix on the real field are extended to the finite field, and a fast generation algorithm of the reversible cyclic matrix is proposed. Finally, a sufficient condition for constructing the cyclic matrix with optimal diffusion performance is proposed. Table and Figures | Reference | Related Articles | Metrics

Select

SPNR:A Novel Rumor Propagation Model on Social Networks null null    2014, 14 (1): 0-0.   Abstract （232）      PDF （1050KB）（995）       Knowledge map    social networks%rumor identiifcation%rumor propagation%rumor control Related Articles | Metrics

Select

A Survey on Data Mining Privacy Protection Algorithms Yuejian FANG, Jinzhong ZHU, Wen ZHOU, Tongliang LI Netinfo Security    2017, 17 (2): 6-11.   DOI: 10.3969/j.issn.1671-1122.2017.02.002 Abstract （776）   HTML （23）    PDF （1018KB）（973）       Knowledge map    Nowadays the increasing of massive data in various fields has promoted the development of data mining, but the storage and mining of user data brings about threat of privacy leakage, so the user privacy needs to be protected in data mining process. Research on privacy protection data mining algorithms has become an important research area. This article introduces three main privacy protection data mining algorithms, which are perturbation algorithm, k-anonymity algorithm and association rules hiding algorithm. The perturbation algorithms include randomization protection algorithm and multiplicative perturbation algorithm. The two main techniques for k-anonymity are generalization and suppression. The usual association rules hiding algorithms include heuristic algorithm, boundary-based algorithm and precise algorithm. This article introduces and summarizes the new research works for these algorithms, and describes the research trends for privacy protection data mining algorithms. Reference | Related Articles | Metrics