Most Down Articles

Published in last 1 year | In last 2 years| In last 3 years| All| Most Downloaded in Recent Month | Most Downloaded in Recent Year|

In last 2 years

Please wait a minute...


For Selected: Download Citations EndNote Ris BibTeX Toggle Thumbnails

Select

Review of Fuzzing Based on Machine Learning WANG Juan, ZHANG Chong, GONG Jiaxin, LI Jun’e Netinfo Security    2023, 23 (8): 1-16.   DOI: 10.3969/j.issn.1671-1122.2023.08.001 Abstract （555）   HTML （81）    PDF （20467KB）（411）       Knowledge map    Fuzzing is one of the most popular vulnerability discovering techniques today. Traditional fuzzing often requires a lot of labor, which increases the application cycle of fuzzing. Besides, expert experience determines the effect of fuzzing. The wide application of machine learning has enabled machine learning techniques to be applied to software security testing. Many research works use machine learning to optimize the fuzzing process, making up for many defects of traditional fuzzing technology. This paper provided a review of fuzzing based on machine learning. Firstly, common vulnerability discovery methods, fuzzing process and classification, and the shortcomings of traditional fuzzing were summarized. Then, from the perspective of test case generation, mutation, screening, and scheduling of fuzzing, this paper focused on the application research of machine learning methods in fuzzing, as well as the research work on combining machine learning and fuzzing to realize other functions. Finally, based on the existing work, this paper analyzed and summarized the limitations and challenges in the current research work, and prospected the future development directions of this field. Table and Figures | Reference | Related Articles | Metrics

Select

Research on Dynamic Access Control Model of Sensitive Data Based on Zero Trust GUO Baoxia, WANG Jiahui, MA Limin, ZHANG Wei Netinfo Security    2022, 22 (6): 86-93.   DOI: 10.3969/j.issn.1671-1122.2022.06.009 Abstract （506）   HTML （28）    PDF （1588KB）（390）       Knowledge map    With the advent of the era of big data, the security of sensitive data has attracted increasing attention. At present, most of the existing systems consider the access subject’s identity to be trusted after successful authentication, but once the attacker uses the lost subject as a springboard to invade the network, he may steal or destroy sensitive data. Therefore, it is urgent to study a fine-grained and flexible access control mechanism to protect the sensitive information resources of the system. Based on zero trust architecture, this paper proposes a trust evaluation algorithm by analyzing the characteristics of access subject and access object of the current protected system. By acquiring multi-source attributes for dynamic trust evaluation, the algorithm can quickly reduce the trust value of the lost subject when it has abrupt behavior, and timely block the threat of the lost subject in the authentication. The system implements dynamic authorization through attribute encryption to reduce the possibility of excessive access to sensitive resources. Experimental results show that this model can realize dynamic control of access authorization, and ensure that the time and memory cost of the system are in a reasonable range. Table and Figures | Reference | Related Articles | Metrics

Select

Research on Anonymous Traffic Classification Method Based on Machine Learning ZHAO Xiaolin, WANG Qiyao, ZHAO Bin, XUE Jingfeng Netinfo Security    2023, 23 (5): 1-10.   DOI: 10.3969/j.issn.1671-1122.2023.05.001 Abstract （396）   HTML （63）    PDF （10333KB）（387）       Knowledge map    Anonymous communication tools not only protect users’ privacy, but also provide shelter for crimes, making it more difficult to purify and supervise the network environment. Classification of anonymous traffic generated during information exchange in anonymous networks can refine the scope of network supervision. Aiming at the problems of insufficient granularity of traffic classification and low accuracy of anonymous traffic classification in the application layer in the existing anonymous traffic classification field, this paper proposed an application layer multi classification method for anonymous traffic based on machine learning. It included the feature extraction model based on auto-encoder and random forest, and the anonymous traffic multi classification model based on convolutional neural networks and XGBoost. The classification effect is improved through feature reconstruction and model combination, and is verified on Anon17 public anonymous traffic dataset, proving the usability, effectiveness and accuracy of the designed model. Table and Figures | Reference | Related Articles | Metrics

Select

New Research Progress on Intrusion Detection Techniques for the Internet of Things FENG Guangsheng, JIANG Shunpeng, HU Xianlang, MA Mingyu Netinfo Security    2024, 24 (2): 167-178.   DOI: 10.3969/j.issn.1671-1122.2024.02.001 Abstract （239）   HTML （59）    PDF （15179KB）（379）       Knowledge map    Compared to traditional intrusion detection mechanisms, the intelligent intrusion detection technology can fully extract data features, demonstrating higher detection efficiency, however, it also imposes greater demands on data sample labels. Considering data sample labels, this article provided a comprehensive review of the latest developments in the intrusion detection technology for the Internet of things(IoT) from the perspectives of supervised and unsupervised learning. Firstly, it outlined signature-based intrusion detection methods and analyzed recent traditional machine learning based intrusion detection methods based on the classification of supervised and unsupervised learning. Then, it analyzed recent deep learning based intrusion detection methods based on supervised, unsupervised, generative adversarial network, and deep reinforcement learning, respectively. Finally, it summarized the research challenges and future trends in the IoT intrusion detection technology. Table and Figures | Reference | Related Articles | Metrics

Select

A Dynamic and Hierarchical Quantum Secret Sharing Protocol Based on Starlike Cluster States YANG Yuguang, LU Jiayu Netinfo Security    2023, 23 (6): 34-42.   DOI: 10.3969/j.issn.1671-1122.2023.06.004 Abstract （223）   HTML （54）    PDF （9581KB）（370）       Knowledge map    A hierarchical cluster state was constructed on the basis of the starlike cluster state, and then a dynamic, hierarchical quantum confidentiality sharing protocol was proposed using the constructed cluster state. The secret possessor distributed cluster particles with a hierarchical structure to each agent as his share. Agents assigned to higher ranking particles had higher authority while agents assigned to lower ranking particles had lower authority. Each class of agent did not have access to share information for agents of the same class, higher classes and lower classes. Due to the scalability of the cluster states, the proposed hierarchical quantum secret sharing scheme was dynamic, allowing for the additon of new agents at the same level, removal of old agents, and the upgrading and downgrading of agents between different layers. Finally, the article analysed the security of the proposed protocol. Table and Figures | Reference | Related Articles | Metrics

Select

Overview of Research on the Revocable Mechanism of Attribute-Based Encryption LI Li, ZHU Jiangwen, YANG Chunyan Netinfo Security    2023, 23 (4): 39-50.   DOI: 10.3969/j.issn.1671-1122.2023.04.005 Abstract （553）   HTML （56）    PDF （14235KB）（319）       Knowledge map    Attribute-based encryption is an important cryptographic technique for achieving fine-grained access control of data files in group communication systems. However, addressing the revocation of users or attributes is crucial due to the existence of user joining, exiting, and attribute changing in group communication systems. Based on the classification and construction of revocable attribute-based encryption schemes, this paper focused on the research progress and development of revocable attribute-based encryption schemes. This paper provided a comprehensive analysis and comparison of existing revocable attribute-based encryption schemes from three revocation mechanisms: direct revocation, indirect revocation, and hybrid revocation. At the same time, discussing the shortcomings and issues of revocable attribute-based encryption mechanisms and possible future directions. Table and Figures | Reference | Related Articles | Metrics

Select

Hardware Design and Implementation of Number Theoretic Transform in Post-Quantum Cryptography XIAO Hao, ZHAO Yanrui, HU Yue, LIU Xiaofan Netinfo Security    2023, 23 (4): 72-79.   DOI: 10.3969/j.issn.1671-1122.2023.04.008 Abstract （350）   HTML （26）    PDF （8696KB）（289）       Knowledge map    Number theoretic transform (NTT) is a key component of post-quantum cryptography algorithms, and its computing performance is critical to the running speed of the system. Compared with the classical NTT algorithm, the high-radix NTT algorithm can achieve better computational performance. In order to solve the problems of lengthy computing flow and complex control logic in the hardware implementation of high-radix NTT, this paper proposed a high-performance radix-4 NTT hardware architecture based on pipeline structure. Firstly, based on the classical NTT algorithm, a radix-4 recursive NTT was derived to facilitate hardware implementation, which simplified the computing flow of the high-radix algorithm. Secondly, a single-path delay feedback structure was presented to effectively pipeline the algorithm flow and reduced the complexity of the hardware architecture. Finally, the radix-4 butterfly unit was realized by coupling two-stage butterfly operations, and the reduction was optimized by using shift operations and additions, which could reduce the overhead of hardware resources. Taking the post-quantum cryptography algorithm falcon as an example, the proposed NTT hardware architecture has been implemented on Xilinx Artix-7 FPGA. The experimental results show that the proposed design has good performance in computing speed and hardware resources overhead compared to the related designs. Table and Figures | Reference | Related Articles | Metrics

Select

Blockchain and Smart Contract Based Dual-Chain Internet of Vehicles System HU Yi, SHE Kun Netinfo Security    2022, 22 (8): 26-35.   DOI: 10.3969/j.issn.1671-1122.2022.08.004 Abstract （195）   HTML （24）    PDF （21357KB）（283）       Knowledge map    In recent years, the exponential increase in the number of smart cars has generated massive amounts of data, and the traditional Internet of Vehicles(IoV) interaction model is inadequate in terms of data protection, key management, data storage, concurrency performance and response speed. This paper proposes a dual-chain IoV system, based on smart contracts to improve the centralized authentication and data storage methods, which improves performance while preventing single point of failure, identity forgery, data tampering, and privacy leakage caused by malicious attacks. The dual-chain IoV system automatically generates, updates and revokes key pairs for vehicles through the Chinese SM2 algorithm to achieve two-way authentication of peer nodes, after which sensitive data are stored encrypted in the distributed file system IPFS, and keyword matching search is achieved by block retrieval algorithm in data query occasions. Simulation experiments show that the system proposed in this paper has good security and performance, can meet the real-time and stability of high-speed vehicle data transmission,.and has better practicability and advancement. Table and Figures | Reference | Related Articles | Metrics

Select

Research and Implementation of Cross-Chain Security Access and Identity Authentication Scheme of Blockchain WANG Shushuang, MA Zhaofeng, LIU Jiawei, LUO Shoushan Netinfo Security    2022, 22 (6): 61-72.   DOI: 10.3969/j.issn.1671-1122.2022.06.007 Abstract （418）   HTML （23）    PDF （1399KB）（280）       Knowledge map    This paper proposes a blockchain cross-chain secure access and identity authentication scheme. Aiming at the research on access chain secure access and cross-chain identity authentication in cross-chain technology, a secure cross-chain model architecture is designed. The digital identity is used as the global identifier of the whole cross chain network of the blockchain to complete the identity identification of cross-chain transactions. A cross-chain identity authentication scheme of IBE based on relay chain is proposed. The access chain security access and cross-chain identity authentication are carried out through relay chain. At the same time, the transaction information of the two chains carrying out cross-chain transactions is encrypted and transmitted by using security key negotiation strategy, so as to ensure the anonymity security of transaction information and solve the problems of security and isolated data island in the existing cross-chain model. Finally, the experimental analysis and evaluation show that the scheme is safe and feasible. Table and Figures | Reference | Related Articles | Metrics

Select

An Identity Authentication Method Based on SM9 and Blockchain in the IoT Environment ZHAI Peng, HE Jingsha, ZHANG Yu Netinfo Security    2024, 24 (2): 179-187.   DOI: 10.3969/j.issn.1671-1122.2024.02.002 Abstract （118）   HTML （17）    PDF （10303KB）（279）       Knowledge map    Terminal devices in the Internet of Things (IoT) environment need to identify and authenticate each other to ensure network security and data security, and authentication is the first line of defense for IoT security, and the existing traditional public key cryptosystem (PKI) is cumbersome and computationally intensive, which can not satisfy the resource-constrained, open, and distributed IoT environment well. In this paper, a blockchain-based two-way authentication scheme for IoT terminals was designed based on the SM9 identity cryptography algorithm, which could greatly satisfy the confidentiality and unforgeability based on the assumptions of the computational Diffie-Hellman hard problem, the q-Diffie-Hellman inverse problem, and the bilinear Diffie-Hellman hard problem, and was more in line with the practical application environment of the IoT. The scheme adopted the device identity as the public key, which simplified the key distribution management process. In addition, the blockchain, as a decentralized underlying storage database used to record information such as keys, certificates, signatures, etc., could be used to carry out credible endorsement for the authentication process. Through performance and Proverif formalized security analysis, and comparing several current mainstream authentication methods, the scheme can meet the time, performance and security requirements in the IoT environment. Table and Figures | Reference | Related Articles | Metrics

Select

Survey on Application of Machine Learning in Disassembly on x86 Binaries WANG Juan, WANG Yunru, WENG Bin, GONG Jiaxin Netinfo Security    2022, 22 (6): 9-25.   DOI: 10.3969/j.issn.1671-1122.2022.06.002 Abstract （445）   HTML （43）    PDF （1393KB）（270）       Knowledge map    Binary disassembly technology is the core of vulnerability finding, control flow integrity and code similarity measurement. Traditional disassembly techniques highly rely on predefined heuristics and expert knowledge, and its application effect of identifying function boundaries, variable types and reconstructing control flow graphs and other tasks are not good enough. The development of machine learning in handling sequential and graphical data has enabled machine learning to be applied to binary analysis and make up for the defects of the traditional disassembly techniques, thus promoting the researches of binary reverse analysis. This paper focused on the application of machine learning in disassembly on x86 binaries and analyzed in-depth the research work related to function identification, function signature recovery and data flow reconstruction. Firstly, the traditional methods and challenges of disassembly on x86 binaries were summarized comprehensively. Secondly, the general workflow of machine learning in disassembly on x86 binaries including binary feature extraction, vectorization, and model training was distilled. This paper classified the methodologies of feature extraction and vectorization based on the feature contents and embedded approaches respectively, and subsequently summarized the significant techniques of model training utilized in specific disassembly tasks. Finally, the limitations and challenges of current work were concluded, and the future research directions were elaborated. Table and Figures | Reference | Related Articles | Metrics

Select

Research on Data Security Threats and Protection of Key Technologies in Cloud Environment YU Chengli, ZHANG Yang, JIA Shijie Netinfo Security    2022, 22 (7): 55-63.   DOI: 10.3969/j.issn.1671-1122.2022.07.007 Abstract （348）   HTML （31）    PDF （11457KB）（269）       Knowledge map    With the rapid development of cloud computing technology, the cloud has gradually become the main way to store data. Cloud storage owns massive storage space, which provides storage, management and other services and enables the users to access the cloud data at any time without limitations by location or device factors. However, after outsourcing data to the cloud, users usually lose their physical control over data, and data security has become the key factor to restrict the development of the cloud computing market. This paper started with the security threats faced by data in the cloud environment, followed by data security requirements. Then, this paper summarized and described the key technologies of the protection technologies for cloud data. Finally, current challenges and future research trends in the field of cloud data security were introduced, so as to promote the cloud data protection system. Table and Figures | Reference | Related Articles | Metrics

Select

Overview of the Research on Governance of Cross-Border Data Flow in China XIAO Xiaolei, ZHAO Xuelian Netinfo Security    2022, 22 (10): 45-51.   DOI: 10.3969/j.issn.1671-1122.2022.10.007 Abstract （547）   HTML （37）    PDF （1318KB）（268）       Knowledge map    The normalized development of cross-border data flows has brought impact and challenge to our country’s data security, the relevant research could provide a reference for enriching academic theory for exploring governance schemes for cross-border data flows in China. By using the method of systematic literature review, this paper expounded the research status of China’s cross-border data flow governance from the perspectives of interest concern, governance model and governance path. Through analyzing, the study found that the research on governance of cross-border data flow in China was still in primary stage, and it was necessary to establish a mechanism for balancing interests, explore a diversified cooperative governance model, and build a dual track governance path. In the future, the data governance criterion should be established with the overall view of national security, focus on the innovation of cross-border data compliance system construction, and explore the necessity evaluation system of data regulation measures. Table and Figures | Reference | Related Articles | Metrics

Select

A Survey of Cyber Security Open-Source Intelligence Knowledge Graph WANG Xiaodi, HUANG Cheng, LIU Jiayong Netinfo Security    2023, 23 (6): 11-21.   DOI: 10.3969/j.issn.1671-1122.2023.06.002 Abstract （387）   HTML （64）    PDF （13519KB）（267）       Knowledge map    With the development of informatization, a large amount of cyber security information is generated online every day. However, the majority of security intelligence consists of multi-source and heterogeneous text data that are challenging to directly analyze and apply. Therefore, the introduction of a knowledge graph assumes paramount significance in order to facilitate profound semantic knowledge mining and enable intelligent reasoning analysis. On this basis, this paper first described how the cybersecurity knowledge graph was built. Then, it outlined the core technologies of the knowledge graph and related research work, including information extraction and knowledge reasoning. Finally, the challenges of building a cybersecurity knowledge graph were discussed, and some directions for further research were suggested. Table and Figures | Reference | Related Articles | Metrics

Select

A Hybrid Method of Joint Entropy and Multiple Clustering Based DDoS Detection in SDN WANG Zhi, ZHANG Hao, Jason GU Netinfo Security    2023, 23 (10): 1-7.   DOI: 10.3969/j.issn.1671-1122.2023.10.001 Abstract （318）   HTML （52）    PDF （8370KB）（259）       Knowledge map    Software Defined Networking (SDN), an emerging networking paradigm, has introduced more severe Distributed Denial of Service attacks (DDoS) along with convenience. Existing works typically use machine learning models to detect DDoS attacks, but ignore the additional overhead that models impose on SDN controllers. In order to detect DDoS attacks more efficiently and accurately, this paper adoptd a strategy of multi-level detection modules: the first-level module detectd suspicious traffic by calculating the joint entropy of the traffic in the current window; the second-level module used a semi- supervised model that used techniques such as feature selection, multi-training algorithms, and multiple clustering to improve detection performance by training multiple local models. Compared with other existing models, this model performs best on multiple data sets and has better detection accuracy and generalization ability. Table and Figures | Reference | Related Articles | Metrics

Select

Design of Log-Based Anomaly Detection System Based on Temporal and Logical Relationship NIU Yinuo, ZHANG Yifei, GAO Neng, MA Cunqing Netinfo Security    2022, 22 (11): 1-6.   DOI: 10.3969/j.issn.1671-1122.2022.11.001 Abstract （361）   HTML （45）    PDF （7249KB）（243）       Knowledge map    With the development of computer systems, logs have become an important data source for maintaining stable operation of computer systems. System logs record the status and important event information of key points during system operation, which can help technicians locate system faults and analyze their causes, provide data support for problem solving, and monitor illegal operations and provide help for system recovery, so log anomaly detection is of great significance. However, most of the existing researches only utilize a single feature of logs for anomaly detection. To this end, the paper designed a machine learning-based log anomaly detection system, which implemented a complete process of log collection, log parsing, log feature extraction and log anomaly detection; a machine learning method that incorporates log temporal and logical relationships is proposed to make better use of log features to increase the accuracy of detection results. Table and Figures | Reference | Related Articles | Metrics

Select

Review of Research on Misbehavior Detection in VANET CAO Yue, LYU Chenchen, SUN Yaping, ZHANG Yu’ang Netinfo Security    2023, 23 (4): 10-19.   DOI: 10.3969/j.issn.1671-1122.2023.04.002 Abstract （528）   HTML （77）    PDF （13558KB）（237）       Knowledge map    The Internet of vehicles (IoV) has gradually penetrated into the lives of urban residents, while security threats such as remote malicious control of vehicles and leakage of personal information of vehicle owners have gradually been exposed in recent years. Compared with the security concern on devices and platform in vehicular Ad-hoc network (VANET), this paper focused on the security issues faced by the communication of VANET. Therefore, this paper systematically reviewed the literature on misbehavior detection mechanisms of VANET in recent years. Firstly, this paper analyzed the definition of misbehavior and summarized common threat models. Then, the classification of misbehavior detection mechanisms was discussed, including detection mechanisms based on message content, detection mechanisms based on message processing behavior, and detection mechanisms combined with sensors. Finally, this paper summarized open issues and possible future research trends in the current misbehavior detection mechanisms of VANET communication. Table and Figures | Reference | Related Articles | Metrics

Select

Anomaly Detection Model Based on Generative Adversarial Network and Autoencoder GUO Sensen, WANG Tongli, MU Dejun Netinfo Security    2022, 22 (12): 7-15.   DOI: 10.3969/j.issn.1671-1122.2022.12.002 Abstract （492）   HTML （34）    PDF （12429KB）（236）       Knowledge map    In recent years, machine learning, especially deep learning algorithms, has been widely used in the field of network traffic intrusion detection, the distribution of dataset sample categories is an important factor affecting the performance of machine learning algorithms. To address the problem of diverse network attack categories and uneven distribution of existing network traffic dataset categories, this paper proposed a network traffic anomaly detection model based on generative adversarial networks and self-encoders. Firstly, a conditional generative adversarial network based on Wasserstein distance was used to resample the minority categories in the original network traffic data. Secondly, the resampled data were reconstructed using a stacked denoising self-encoder to obtain potential information of the data. Finally, the encoder network combined with a Softmax network was used to identify anomalous network traffic data. Experiments are conducted on the NSL-KDD intrusion detection dataset, and the experimental results show that proposed anomaly detection model can effectively improve the recognition rate of minority categories. Table and Figures | Reference | Related Articles | Metrics

Select

Blockchain Transaction Data Privacy-Preserving Scheme Supporting National Cryptographic Algorithm WANG Jingyu, MA Zhaofeng, XU Danheng, DUAN Pengfei Netinfo Security    2023, 23 (3): 84-95.   DOI: 10.3969/j.issn.1671-1122.2023.03.009 Abstract （329）   HTML （32）    PDF （15939KB）（231）       Knowledge map    With the development of blockchain technology, the realization of data sharing on the chain has become an important application to promote the implementation of the blockchain industry. The transaction data of the current blockchain is open and transparent on the chain, with problems of restricted sharing. At the same time, considering that the Hyperledger Fabric platform is limited in domestic applications due to the lack of support of the national cryptographic algorithm, this paper transformed the Fabric platform by adopting the national cryptographic algorithm firstly. Secondly, a transaction data privacy-preserving scheme was proposed to complete the security and limited sharing of transaction data with national cryptographic algorithm. Finally, the modified Fabric platform and the proposed solution were tested for system implementation and performance. The experimental results show that this paper completes the national cryptographic algorithm transformation of the Fabric platform, which ensures the correctness of various operations. The implementation efficiency and system performance of the privacy protection scheme also meet the practical requirements. Table and Figures | Reference | Related Articles | Metrics

Select

Research on Testing Approaches for Network Security Products in Cloud Computing Environment CHEN Yan, WEI Xiang, LU Zhen Netinfo Security    2022, 22 (12): 1-6.   DOI: 10.3969/j.issn.1671-1122.2022.12.001 Abstract （231）   HTML （35）    PDF （7146KB）（214）       Knowledge map    While cloud computing is in-depth development, it is also facing new network security risks. Traditional network security products such as firewall and intrusion prevention system cannot fully meet the security protection requirements in cloud computing environment. Meanwhile, the form and type of network security products in cloud computing environment are also undergoing great changes in the concept of network security protection. This has led to changes in the mode and method of network security product testing in laboratory. By analyzing the security risks faced in cloud computing environment, this paper found out the development trend of network security products, and on this basis, provided the detection methods of network security products in cloud computing environment. On one hand, it can provide ideas for the design departments of network security products, on the other hand, it can also provide guidance for the detection institutions to carry out the detection of network security products in cloud computing environment. Reference | Related Articles | Metrics