Most Down Articles

Published in last 1 year | In last 2 years| In last 3 years| All| Most Downloaded in Recent Month| Most Downloaded in Recent Year|

Most Downloaded in Recent Month

Please wait a minute...


For Selected: Download Citations EndNote Ris BibTeX Toggle Thumbnails

Select

NULL null null    2010, (6): 0-0.   Abstract （110）      PDF （279KB）（460）       Knowledge map    NULL Related Articles | Metrics

Select

New Research Progress on Intrusion Detection Techniques for the Internet of Things FENG Guangsheng, JIANG Shunpeng, HU Xianlang, MA Mingyu Netinfo Security    2024, 24 (2): 167-178.   DOI: 10.3969/j.issn.1671-1122.2024.02.001 Abstract （237）   HTML （58）    PDF （15179KB）（378）       Knowledge map    Compared to traditional intrusion detection mechanisms, the intelligent intrusion detection technology can fully extract data features, demonstrating higher detection efficiency, however, it also imposes greater demands on data sample labels. Considering data sample labels, this article provided a comprehensive review of the latest developments in the intrusion detection technology for the Internet of things(IoT) from the perspectives of supervised and unsupervised learning. Firstly, it outlined signature-based intrusion detection methods and analyzed recent traditional machine learning based intrusion detection methods based on the classification of supervised and unsupervised learning. Then, it analyzed recent deep learning based intrusion detection methods based on supervised, unsupervised, generative adversarial network, and deep reinforcement learning, respectively. Finally, it summarized the research challenges and future trends in the IoT intrusion detection technology. Table and Figures | Reference | Related Articles | Metrics

Select

null null    2001, 1 (5): 0-0.   Abstract （154）      PDF （123KB）（900）       Knowledge map    null Related Articles | Metrics

Select

An Identity Authentication Method Based on SM9 and Blockchain in the IoT Environment ZHAI Peng, HE Jingsha, ZHANG Yu Netinfo Security    2024, 24 (2): 179-187.   DOI: 10.3969/j.issn.1671-1122.2024.02.002 Abstract （117）   HTML （17）    PDF （10303KB）（279）       Knowledge map    Terminal devices in the Internet of Things (IoT) environment need to identify and authenticate each other to ensure network security and data security, and authentication is the first line of defense for IoT security, and the existing traditional public key cryptosystem (PKI) is cumbersome and computationally intensive, which can not satisfy the resource-constrained, open, and distributed IoT environment well. In this paper, a blockchain-based two-way authentication scheme for IoT terminals was designed based on the SM9 identity cryptography algorithm, which could greatly satisfy the confidentiality and unforgeability based on the assumptions of the computational Diffie-Hellman hard problem, the q-Diffie-Hellman inverse problem, and the bilinear Diffie-Hellman hard problem, and was more in line with the practical application environment of the IoT. The scheme adopted the device identity as the public key, which simplified the key distribution management process. In addition, the blockchain, as a decentralized underlying storage database used to record information such as keys, certificates, signatures, etc., could be used to carry out credible endorsement for the authentication process. Through performance and Proverif formalized security analysis, and comparing several current mainstream authentication methods, the scheme can meet the time, performance and security requirements in the IoT environment. Table and Figures | Reference | Related Articles | Metrics

Select

Baseline for Classified Protection of Cybersecurity (GB/T 22239-2019) Standard Interpretation Li MA, Guobang ZHU, Lei LU Netinfo Security    2019, 19 (2): 77-84.   DOI: 10.3969/j.issn.1671-1122.2019.02.010 Abstract （12469）   HTML （812）    PDF （8866KB）（9588）       Knowledge map    Baseline for Classified Protection of Cybersecurity(GB/T 22239-2019) will be formally implemented soon. This paper introduces the background and process of the revision GB/T 22239-2019, the main changes in comparison with GB/T 22239-2008, the main contents of its security general requirements and security special requirements, etc., so as to enable users to better understand and master the contents of GB/T 22239-2019. Table and Figures | Reference | Related Articles | Metrics

Select

SM Algorithm Analysis and Software Performance Research HU Jingxiu, YANG Yang, XIONG Lu, WU Jintan Netinfo Security    2021, 21 (10): 8-16.   DOI: 10.3969/j.issn.1671-1122.2021.10.002 Abstract （1144）   HTML （111）    PDF （10547KB）（636）       Knowledge map    Encryption technology is the core of information security, and the promotion of national secret algorithms is of great significance to safeguarding country’s network information security. In recent years, commercial encryption industry of China has developed rapidly, but the SM algorithm generally has the problem of low implementation efficiency. In order to explored the feasibility of the SM algorithm to replace the international encryption algorithm, this article mainly focused on the SM3, SM2, SM4 of SM algorithm and comprehensive comparison of the target international cryptographic algorithms, analyzed the calculation amount and security of the algorithms, and used OpenSSL and a SM algorithm optimized by a domestic manufacturer A to test the performance of each algorithm. The performance test results show that the SM3 is similar to the SHA-256, the performance of the SM2 digital signature algorithm and the ECDSA algorithm is affected by the Hash function they select, but the overall performance is similar. With small amount of data, the performance of SM2 public key encryption algorithm and ECIES algorithm depend on the size of the encrypted data. As the amount of data increases, the performance of the latter is significantly better than the former. The performance of the SM4 algorithm is between AES and 3DES. Table and Figures | Reference | Related Articles | Metrics

Select

Survey of Number Theoretic Transform Algorithms for Quantum-resistant Lattice-based Cryptography TAO Yunting, KONG Fanyu, YU Jia, XU Qiuliang Netinfo Security    2021, 21 (9): 46-51.   DOI: 10.3969/j.issn.1671-1122.2021.09.007 Abstract （595）   HTML （25）    PDF （1061KB）（401）       Knowledge map    With the rapid development of quantum computers, the traditional RSA cryptography, elliptic curve cryptography and other public key cryptosystems have been threatened seriously. In quantum-resistant cryptosystem, lattice-based cryptosystem is one of the important types and the research on its efficient implementation makes great significance. Number theoretic transform(NTT) is the important operation in lattice-based cryptosystems, and its efficiency is the key problem for efficient implementation of lattice-based cryptography. In this paper, the research progress of number theoretic transform algorithms in lattice-based cryptosystems is summarized and analyzed especially in software implementations on various CPU platforms. The improvements of NTT algorithm in butterfly structure, negative wrapped convolution and modulo reduction are analyzed and summarized. This paper can provide a research support for efficient implementation of quantum-resistant cryptographic algorithms. Reference | Related Articles | Metrics

Select

Security Overview of Cryptocurrency Trading Media and Processes LIU Feng, JIANG Jiaqi, HUANG Hao Netinfo Security    2024, 24 (3): 330-351.   DOI: 10.3969/j.issn.1671-1122.2024.03.001 Abstract （76）   HTML （29）    PDF （26113KB）（94）       Knowledge map    The decentralized cryptocurrency, formed by blockchain technology and cryptography, has been facing an increasing number of security attacks. Research on ensuring the security of cryptocurrency transactions has become a hot topic. The cryptocurrency as a medium of exchange and the encrypted wallets used for custody have become the focus of security research. Various key management and detection technologies have been developed to ensure the confidentiality, integrity, and availability of the encrypted wallets. At the same time, researchers have also proposed corresponding detection and prevention strategies for security vulnerabilities and attack methods in centralized and decentralized exchanges. Additionally, potential attack types, detection techniques, and defense measures in cryptocurrency transactions have been comprehensively reviewed. Finally, a summary of the security of cryptocurrency transactions is provided, along with a forward-looking discussion on future development directions. Table and Figures | Reference | Related Articles | Metrics

Select

Unsupervised Network Intrusion Detection Method Based on Ensemble Learning JIANG Rong, LIU Haitian, LIU Cong Netinfo Security    2024, 24 (3): 411-426.   DOI: 10.3969/j.issn.1671-1122.2024.03.007 Abstract （62）   HTML （15）    PDF （18554KB）（89）       Knowledge map    With the increasing demand for intelligent and autonomous intrusion detection in network counter, deep learning-based methods can distinguish complex attack patterns and behaviors through training and learning. However, supervised learning requires professional expert knowledge and the overhead of a large amount of manually annotated data. In response to the above issues, this paper proposed an unsupervised network intrusion detection method based on ensemble learning, which used deep learning detectors based on three different anomaly detection concepts in parallel to detect, and the results of individual detectors were combined under three different integration logics to provide the final detection decision. This method could comprehensively analyze the different types of anomalies in time series data, reduce the impact of unsupervised anomaly detection models caused by overfitting, and detect potential new attack data streams in an efficient online manner. Experiments are conducted on the KDDCUP 99 and the CSE-CIC-IDS 2018 datasets, and the results show that compared to other single unsupervised anomaly detection models, the integrated method proposed in the article combines the advantages of different unsupervised detectors and is suitable for anomaly detection situations caused by multiple network intrusions. Table and Figures | Reference | Related Articles | Metrics

Select

NULL null null    2010, (8): 0-0.   Abstract （142）      PDF （274KB）（240）       Knowledge map    NULL Related Articles | Metrics

Select

Power Analysis Attack against SM4 in Frequency Domain Min WANG, Jin-tao RAO, Zhen WU, Zhi-bo DU Netinfo Security    2015, 15 (8): 14-19.   DOI: 10.3969/j.issn.1671-1122.2015.08.003 Abstract （1059）   HTML （33）    PDF （1755KB）（124312）       Knowledge map    SM4 algorithm is the first open promulgated Chinese commercial block cipher algorithm. Since the algorithm is promulgated, some study on cryptanalysis of SM4 algorithm including side channel attack(SCA) by domestic and foreign scholars have been done. Recent literature study on SCA aremanily focus on power attack in time domain to compromise the secret password. But pure signal analysis in time domain has limitation. For instance, the alignment quality of power signal in time domain is the key factor to in fluence power analysis attack. In order to eliminate the effect of the signal alignment on the power analysis attack, the method of the power analysis attack against in frequency domain is proposed. The power analysis attack in frequency domain is not only feasible, but also can elimi nate the effect of the signal alignment. Finally, the method in this paper is successfully im plemented on the SM4 cryptographic in FPGA, in the case of no alignment operation in the frequency domain. The experimental results show that the proposed attack method is effec tive. Table and Figures | Reference | Related Articles | Metrics

Select

Information Security Technology—Evaluation Requirement for Classified Protection of Cybersecurity(GB/T 28448-2019) Standard Interpretation Guangyong CHEN, Guobang ZHU, Chunling FAN Netinfo Security    2019, 19 (7): 1-8.   DOI: 10.3969/j.issn.1671-1122.2019.07.001 Abstract （17904）   HTML （869）    PDF （7610KB）（7639）       Knowledge map    Evaluation requirements for classified protection of cybersecurity(GB/T 28448-2019) will be formally implemented soon. This paper introduces the revision background and process of this standard, the main changes in comparison with GB/T 28448-2012, the main contents of security general requirements and security special requirements, etc., so that to the main contents can be understood better. Table and Figures | Reference | Related Articles | Metrics

Select

null null    2002, 2 (6): 0-0.   Abstract （123）      PDF （193KB）（351）       Knowledge map    null Related Articles | Metrics

Select

A Location Privacy Protection Scheme Based on Hybrid Blockchain HE Yefeng, QUAN Jiahui, LIU Yan Netinfo Security    2024, 24 (2): 229-238.   DOI: 10.3969/j.issn.1671-1122.2024.02.006 Abstract （59）   HTML （10）    PDF （10513KB）（149）       Knowledge map    In the location privacy service of the Internet of Vehicles, mainstream models require communication through a trusted third party, but such models’ third-party servers are vulnerable to attacks by malicious users, which poses a risk of privacy leakage. Based on a hybrid blockchain, this paper proposed a new location privacy protection scheme. The scheme divided available location points on the map using longitude and latitude, and waited for users to select location points to represent their true location using K-anonymity technology to complete preliminary anonymity, and then participated in the location privacy protection service of the hybrid blockchain. Throughout the entire process of the location privacy service, user credit mechanisms and hybrid blockchain information isolation mechanisms were used to further enhance the user’s location privacy protection level. Simulation results show that compared to existing schemes, this scheme can shorten time costs. Table and Figures | Reference | Related Articles | Metrics

Select

AFLNeTrans: Fuzzing of Protocols with State Relationship Awareness HONG Xuanquan, JIA Peng, LIU Jiayong Netinfo Security    2024, 24 (1): 121-132.   DOI: 10.3969/j.issn.1671-1122.2024.01.012 Abstract （124）   HTML （15）    PDF （14259KB）（137）       Knowledge map    Network protocols are essential components of modern communication systems, and the security testing of their implementation programs is of great importance. Fuzzing has become the mainstream method for modern vulnerability discovery, and has achieved great success in the field of software security. Traditional fuzzing still has some problems in testing network protocol implementation programs. First, since different states in network protocol implementation programs correspond to different codes, the code coverage used in traditional gray-box fuzzing cannot accurately represent the internal state of network protocol implementation programs. Second, the state guidance mechanism in existing gray-box network protocol fuzzers depends on code coverage, which cannot effectively mine the state relationships in those programs. To address the above problems, this paper proposed AFLNeTrans, a fuzzer that guides the fuzzing process by both protocol state relationships and program code coverage to improve the fuzzing effect. AFLNeTrans used state relationships as the main guidance mechanism to guide fuzzing to quickly explore more state space of network protocol implementation programs. AFLNeTrans was evaluated on a benchmark of well-known protocol fuzzers. Experimental results show that AFLNeTrans has a significant increase in the number of state transitions found, and also has an improvement in code coverage and unique_crash number compared to existing tools. Table and Figures | Reference | Related Articles | Metrics

Select

Research and Implementation of a Image Steganography Method Based on Conditional Generative Adversarial Networks LEI Yu, LIU Jia, LI Jun, KE Yan Netinfo Security    2021, 21 (11): 48-57.   DOI: 10.3969/j.issn.1671-1122.2021.11.006 Abstract （417）   HTML （18）    PDF （10436KB）（197）       Knowledge map    Steganography by texture image synthesis was a kind of common carrier synthesis steganography method. However, the texture image did not have semantic features, so this kind of method was easy to attract the attention of attackers after multiple transmission. The generative adversarial networks used game strategy to make the generator confront the discriminator. In theory, the generator with the best training could make the distribution of the generated samples the same as the real data. In ideal conditions, using GAN to realize synthesis steganography could construct a natural image. One of the problems of the image synthesis steganography based on GAN was that it couldn’t control the content of the generated image. To solve this problem, this paper proposed an image steganography method based on conditional generative adversarial networks. In this method, the combination of random noise and condition information was used as the representation of hidden space to train the generator, so that the generated image was controlled by condition information. The combination of generated image and condition information was used as the representation of probability space to train the extractor, so that the extracted noise was consistent with the driving noise. The experimental results showed that this method could complete the function of generating the image and extracting the message. The outstanding feature was that it could use the condition information to control the content of the image. At the same time, the image quality and accuracy rate of the message extraction were close to the method in the comparison. Table and Figures | Reference | Related Articles | Metrics

Select

Study of Non-Heapspray IE’s Vulnerability Exploitation Technique null null    Abstract （455）      PDF （1415KB）（1191）       Knowledge map    With the progress and development of Internet technology, the computer has been the indispensable tool in people's daily life. The security issue of computer system becomes increasingly significant. At present, vulnerability exploitation of systems or software has become a popular attacking method. In order to defend the attack to vulnerability more effectively, we need to study various methods of vulnerability exploitation. This paper introduces a new technique of browser’s vulnerability-exploitation, which has been veriifed in the known vulnerabilities, based on popular methods of IE’s vulnerability exploitation. Related Articles | Metrics

Select

Dynamic Task Allocation for Crowd Sensing Based on Deep Reinforcement Learning and Privacy Protection FU Yanming, LU Shenglin, CHEN Jiayuan, QIN Hua Netinfo Security    2024, 24 (3): 449-461.   DOI: 10.3969/j.issn.1671-1122.2024.03.010 Abstract （37）   HTML （6）    PDF （13782KB）（72）       Knowledge map    In mobile crowd sensing(MCS), the outcome of dynamic task allocation is crucial for enhancing system efficiency and ensuring data quality. Most existing studies simplify dynamic task allocation into a bipartite matching model, which fails to sufficiently consider the impact of task and worker attributes on the matching results and overlooked the protection of worker location privacy. To address these shortcomings, this paper presents a privacy-preserving dynamic task allocation strategy for MCS based on deep reinforcement learning and privacy protection. The strategy first employed differential privacy techniques to add noise to worker locations, protecting their privacy. It then adapted task batch assignments using deep reinforcement learning methods. Finally, it employed a greedy algorithm based on worker task capability thresholds to compute the maximal total utility of the platform under the optimal strategy. Experimental results on real-world datasets demonstrate that the strategy maintains superior performance under various parameter settings while effectively safeguarding worker location privacy. Table and Figures | Reference | Related Articles | Metrics

Select

Anomaly Traffic Detection Based on Deep Metric Learning ZHANG Qiang, HE Junjiang, LI Wenshan, LI Tao Netinfo Security    2024, 24 (3): 462-472.   DOI: 10.3969/j.issn.1671-1122.2024.03.011 Abstract （83）   HTML （14）    PDF （13232KB）（69）       Knowledge map    The identification of network anomalous traffic is one of the important tasks of cyber security nowadays. However, traditional traffic classification models are trained based on traffic data, and most of the traffic data are unevenly distributed, leading to fuzzy classification boundaries, which will greatly limits the classification performance of the model. In order to solve the above problems, this paper proposed a deep metric learning based abnormal traffic detection method. Firstly, a new double-proxy mechanism was designed to improve the efficiency of model training by guiding the optimization direction of updateable proxy through the target proxy compared with the traditional deep metric learning algorithm of single proxy for each category, and to enhance the ability of aggregating traffic data of the same category and separating traffic data of different categories to minimize the intra-class distance and maximized the inter-class distance, which in turn maked the classification of data boundaries more clearly, breaking the performance bottleneck of traditional traffic classification models. Secondly, this paper built neural networks based on 1D-CNN and Bi-LSTM, which can efficiently extract traffic features from spatial and temporal perspectives. The experimental results show that the intra-class distance of NSL-KDD traffic data is significantly reduced and the inter-class distance is significantly increased after the model processing. The intra-class distance decreased by 73.5% compared to the original intra-class distance and the inter-class distance increased by 52.7% compared to the original inter-class distance. And the neural network built in this paper is compared to the widely used deep residual network for deep metric learning with shorter training time and better results. Applying the model proposed in this paper to the traffic classification task on the NSL-KDD and CICIDS2017 datasets, the classification effect is also significantly improved compared to the traditional traffic classification algorithms. Table and Figures | Reference | Related Articles | Metrics

Select

An Intrusion Detection Method Based on Federated Learning and Convolutional Neural Network WANG Rong, MA Chunguang, WU Peng Netinfo Security    2020, 20 (4): 47-54.   DOI: 10.3969/j.issn.1671-1122.2020.04.006 Abstract （1489）   HTML （78）    PDF （8159KB）（688）       Knowledge map    At present, intrusion detection based on deep learning is a hot topic in the field of intrusion detection, but most of the research focuses on how to improve the algorithm to improve the accuracy of intrusion detection, while neglecting that the limited label data generated by a single mechanism is not enough to train a depth model with high accuracy. In this paper, an intrusion detection method based on federated learning and convolution neural network is proposed, which can expand the amount of data through the joint training model of multiple participants. In this method, an intrusion detection model of deep learning is designed by using federated learning framework. Firstly, the data dimension is reconstructed to form two-dimensional data through data filling, and then the feature extraction learning is carried out by using DCNN network under the mechanism of federated learning. Finally, the training model of softmax classifier is combined and detected. The experimental results show that the method reduces the training time to a great extent and maintains a high detection rate. In addition, compared with the general intrusion detection model, the model also ensures the security and privacy of the data. Table and Figures | Reference | Related Articles | Metrics