Netinfo Security

The Model of User-Centric Identity Management based on Trusted Terminal

2014, 14 (4): 1.

Abstract ( 349 )

PDF (2004KB) ( 293 )

For end-user identity management challenges and weakness of current identity management, in order to satisfy the need which users access network resources in any conditions, the model of user-centric identity management system is proposed which based on trusted terminal for inner-domain, cross-domain and open network environment, the security protection program is designed which includes the protection mechanism of end-user identity and the procedure of end-user identity management and the protocol of identity management, security analysis and formal analysis of the end-user identity management protocol are carried out, the security of the model and other models are compared. The result shows that the model can implement the safe of managing user identity and access control under a variety of environment.

Related Articles | Metrics

Action Description and Effectiveness Evaluation of Suter Attacks

2014, 14 (4): 7.

Abstract ( 357 )

PDF (2367KB) ( 332 )

This paper gives the formal description of suter attacks based on UML conceptual modeling language, designs the effectiveness evaluation index system of suter attacks, evaluates the effectiveness of suter attacks by synthesizing fuzzy analytic hierarchy process mothods, and lists some suggestions to counterstroke suter operations.

Related Articles | Metrics

The Design and Implemention of Windows System Access Control based on Process Monitoring

2014, 14 (4): 13.

Abstract ( 276 )

PDF (1417KB) ( 1281 )

In order to solve the problem that traditional system access control technology can’t limit system’s privilege in process-level, a new solution to Windows system Discretionary Access Control with low cost is proposed. By using Windows kernel mode driver, a process monitoring system which adopts the system access token control technology is designed, the components and key technologies of it are given after a deep analysis of Windows Access Control List (ACL) mechanism. It not only solves the system compatibility issues that traditional HOOK API methods are facing, but also achieves the goal that different processes can be adjusted in different run-level of specified privileges, while providing very fine-grained discretionary access control.

Related Articles | Metrics

Research on Matching Vulnerabilities and Exploitations based on Open Ports and References

2014, 14 (4): 20.

Abstract ( 311 )

PDF (1246KB) ( 169 )

Penetration test is an effective security testing method. One of the key questions in automated penetration testing is to match discovered vulnerabilities and exploitations. Two matching methods based on open ports and references are put forward in this paper. One method is to compare the port numbers of system vulnerabilities with those described in exploitations. The other one is to compare the references of vulnerabilities with those in exploitations. The experimental results show that the recall ratios of the two methods reach 96.8%and 90.3%. Both of the two methods are effective. Furthermore, they can be applied to the penetration test in practical.

Related Articles | Metrics

A Method of Net Flow Index Retrieval and Compression based on Inverted List

2014, 14 (4): 25.

Abstract ( 279 )

PDF (1801KB) ( 342 )

Nowadays, with the pervasive usage of computer and Internet, the amount of Internet traffic is increasing dramatically. Traffic monitor is essential in network security and traffic forensic analysis. To monitor the flow, we are able to record the flow information of traffic, such as source IP, destination IP, source Port, destination Port, Protocol field, and timestamp etc. With this information, one can collect the statistics of traffic and conduct further analysis of attack pattern etc. However, the amount of flow information increases very fast. Searching a specified IP address could be low efficiency if we do not index flow information completely. As we know, inverted index is the key method of a practical search engine. Thus, this paper applies the idea of inverted index and index compress algorithm to the net flow information retrieval. After the analysis and experiment, the result shows that inverted index method is feasible in flow information retrieval and can improve the query performance as expected.

Related Articles | Metrics

Research on the Method of Unearthing Process Space Deeply in Windows

2014, 14 (4): 31.

Abstract ( 364 )

PDF (2160KB) ( 343 )

To research the existing techniques of scanning process space in Windows, new methods different from traditional technology using structure scanning to unearth process space deeply was brought forth. These methods use of the inherent characteristics of process based on the important data structures in RAM, especially VAD binary tree and stack for specific function, then realize the extraction of key information. Experiments show that these methods are of higher reliability and efficiency.

Related Articles | Metrics

Image Tampering Authentication Algorithm based on Block Compressive Sensing Measurements

2014, 14 (4): 35.

Abstract ( 364 )

PDF (1724KB) ( 229 )

Based on the theory of compressed sensing, a new algorithm is proposed. The tampering can be positioned to block-level based on block certification, and with high positioning accuracy. Algorithm firstly divides the image into several blocks, and block size can be changed from tampering with positioning, then observed value of each block to obtain the observations compression. In the observational domain, we will get the observed value of LDPC code to generation watermark, and the watermark is embedded into the block in the image. Watermark extraction, compressed sensing theory will be used random projection image, and decoding the extracted watermark. Compared with before, it has realized the image tampering detection and image authentication. According to the experimental result, the algorithm has the local tamper detection function, good concealment algorithm. This algorithm is simple and more secure.

Related Articles | Metrics

A Parallel Image Encryption Algorithm based on Chaotic and Bit Level Permutation

2014, 14 (4): 40.

Abstract ( 361 )

PDF (2051KB) ( 537 )

This paper proposes a parallel image encryption algorithm based on chaotic and bit level permutation (CBLP). The CBLP algorithm includes the pixel position permutation operation, bit rotation and XOR operation, and therefore the image is confused by the pixel position permutation and diffused by the bit rotation and XOR operation. In order to take full advantage of the heterogeneous processing platform to enhance the efficiency of the algorithm substantially, an OpenCL-based implementation of the algorithm with NVIDIA's GeForce GTX 580 GPU device has been shown in this paper. Comparing to the implementation on CPU, the CBLP algorithm has the high encryption efficiency and the high security, and can be used effectively in practical encryption operation.

Related Articles | Metrics

Big Data Dynamic Storage Integrity Verification Scheme based on Lattice

2014, 14 (4): 46.

Abstract ( 344 )

PDF (1457KB) ( 524 )

This paper presents a big data dynamic storage integrity verification scheme. This scheme, based on lattice problem--a difficult problem even for the quantum computers, has high security, supports dynamic changes of big data, and is also very efficient. In order to support the dynamic characteristics of big data, this scheme adopts the Merkle hash tree technique. This paper has demonstrated the correctness and security of this scheme which shows that it could be widely applied to verify the dynamic storage integrity.of big data.

Related Articles | Metrics

Finger Vein Recognition based on Two Direction K2DPCA

2014, 14 (4): 51.

Abstract ( 386 )

PDF (1448KB) ( 157 )

Finger vein recognition technology, also known as a biometric identify recognition technology, is more superior to fingerprint identification technology and has a broad application prospect. KPCA is a nonlinear feature extraction method, and it overcomes the drawback that linear feature extraction method cannot effectively deal with the higher-order statistics information and nonlinear correlation between pixels. K2DPCA can solve the problem of excessive computation in the one-dimensional matrix operation, but it would require more coefficients for image representation. So the compression effect is far less than the one-dimensional method. Based on KPCA、LDA and MMC,this paper studies the images of the vertical and horizontal directions respectively, obtaining optimal results on the finger vein recognition.

Related Articles | Metrics

A Remote Collaborative Identification System based on H.323 Protocol

2014, 14 (4): 55.

Abstract ( 349 )

PDF (1366KB) ( 292 )

The remote collaborative identification system is based on H.323 protocol. It is a real-time interactive system can be applied to various fields. By providing mixed audio, switching video, written communication technologies and so on, what’s more, transport high-definition image under low bandwidth conditions between remote experts and the work staff, this system can conveniently and efficiently identify the unknown samples, increase the accuracy and authority of the identification work. At the same time, this paper gives a subtle solution for the very knotty problem:NAT and the firewall penetration, exists in H.323 conference system and IP telephone in practical usage. And the solution does not need to change the existing firewall system.

Related Articles | Metrics

Analysis and Improvement of Digital Multi-signature on Generalized Conic Curve over Zn

2014, 14 (4): 60.

Abstract ( 484 )

PDF (1531KB) ( 159 )

This paper analyzes the security leaks of a digital multi-signature scheme on the generalized conic curve over Zn, named LWL. Demonstrates that the signatures of any message can be forged without solving the discrete logarithm problem. To solve these problems, this paper proposes an improved scheme, and analyzes its communication traffic and computational efficiency. Compared with the RSA scheme, the improved new scheme has less traffic and more efficiency.

Related Articles | Metrics

Construction and Investigation of ASP.NET Website

2014, 14 (4): 64.

Abstract ( 270 )

PDF (2756KB) ( 311 )

Website as a platform for obtaining and publishing information assumed a crucial role. Along with the rapid development of internet techniques, these events such as publishing false information and fraud are endless. In the process of investigation and evidence collection, investigation to website running platform and reconstruction of website need be operated. This paper reported the key configuration files, common files in ASP.NET website’s code. Then it puts forward how to structure website and solutions of common problems, how to investigate and analyze the characteristic information of website in shutdown state especially.

Related Articles | Metrics

Attack and Defense Research on Mobile Intelligent Terminals Used in Electrical Systems

2014, 14 (4): 70.

Abstract ( 301 )

PDF (1610KB) ( 411 )

Mobile intelligent terminals used in electrical systems store much information,including user identity,operation data of electricity, management information,and etc, which makes them have a great value of being attacked. . As the world's most widely used mobile operating system, Android is applied in a large number of applications within the area of power grid. However, the openness (third-party developers) has provided the possibility to vulnerabilities, malicious behaviors and other types of attacks along with the powerful functionality and flexibility. This paper,based on the Android system security model and existing security threats research, summarizez security threats in Android security, including remote and local attacks, privacy theft, hijacking and remote control techniques. And then this paper provides a corresponding solution by adding malicious code detection module and operating system reinforcement which can help us improve the security of grid management system.

Related Articles | Metrics

Research on APT-Trojan Forensics based on Virtual Machine and API Monitor

2014, 14 (4): 78.

Abstract ( 262 )

PDF (1540KB) ( 777 )

APT attack is the most serious threat to national organization and corporation. Generally,it is controlled by a meticulouslydesigned organization and can hardly be detected. It has advanced,persistent andhigh strategy characteristics.This paper presents a module for APT-TrojanForensic,which is based on Virtual machineand API monitor.

Related Articles | Metrics

Security Problems in the Social Network Set and Their Solutions

2014, 14 (4): 82.

Abstract ( 284 )

PDF (1062KB) ( 529 )

In order to roundly analyse the vulnerability in the Social Network, and provide the solutions and advices accordingly, the vulnerabilities in the Social Network are analyzed deeply. In the process of analyzing the vulnerabilities of the Social Network, Network security, information security, brand crisis, social life is discussed. The vulnerabilities and problems are extracted during the development of the Social Network, the security solutions and advices are presented to assure the advance of our nation’s Social Network and information security.

Related Articles | Metrics

Research on Centralized Authorization Platform for Information Systems

2014, 14 (4): 88.

Abstract ( 289 )

PDF (1452KB) ( 315 )

Considering the actual requirements from current police informatization work, this paper studies on a centralized authorization platform for information systems. Mainly this platform includes managements of authorization subject, authorization object and authorization information respectively. It allows or disallows a user to access an online police application system or resource according to his/her attributes such as position, title or needs of daily work, and consists of functions of ordinary authorizing, temporary authorizing, authorization cancelling etal.

Related Articles | Metrics

Table of Content