Table of Content

10 June 2014, Volume 14 Issue 6 Previous Issue    Next Issue

---

For Selected:

Download Citations EndNote Ris BibTeX

Toggle Thumbnails

Select

Design and Implementation of Data Storage Encryption Mechanism in Cloud Storage 2014, 14 (6):  1.  Abstract ( 297 )   PDF (2866KB) ( 242 )   Cloud storage is a new form of network storage. With the widespread use of cloud storage, data security in cloud storage, such as data leakage, data tampering, has become widespread concern. Cloud storage can be divided into the access layer (AL), the application interface layer (APIL), the infrastructure management layer (IML) and the storage layer (SL). Security of cloud storage can be divided into security of the access layer (SAL), security of the application interface layer (SAPIL), security of the infrastructure management layer (SIML) and security of the storage layer (SoSL). A data storage encryption mechanism is designed to deal with the conifdentiality of the data in cloud storage in this paper. The mechanism is implemented in an application environment of the ofifce system based on cloud desktop. The infrastructure management layer is implemented based on JAVA and JSP. The interface between the infrastructure management layer and the storage layer is implemented based on Bash Script. The data encryption on the sever is implemented based on open source projects TGT. Related Articles | Metrics

Select

Survey of Location-Data Security Strategy 2014, 14 (6):  6.  Abstract ( 288 )   PDF (1305KB) ( 195 )   Technology of Internet of Things is going deep into various field of our society. Location-based service is making great progress driven by technology of location. Such service brings great convenience to people, but in the meanwhile, it make location-data leak be possible. This paper introduced main technology of location-data protection, analyzed types of privacy-protection method, provided a reference for location-data protection. Related Articles | Metrics

Select

Review of Massive Small-ifle Storage Technology 2014, 14 (6):  11.  Abstract ( 244 )   PDF (1490KB) ( 265 )   With the rapid development of networking, cloud computing and big data technology, more and more applications are changing to data-intensive, meanwhile, the number of small-ifles is growing exponentially, traditional ifle system has been unable to meet the demand for storage of massive small-ifles , storage technology of small-ifles obtains more and more attention in storage ifeld. This paper introduces the problems of massive small-ifle storage and the reasons, then introduces some optimization technology of small-ifle storage, and introduces three typical small-ifle storage systems, makes a summary and outlook for the issue of small-ifle storage ifnally. Related Articles | Metrics

Select

Research and Implementation of Typical Document CVE Vulnerability Detection Tools 2014, 14 (6):  18.  Abstract ( 280 )   PDF (1507KB) ( 388 )   Recently, with the wide development of computer network, file format-based software vulnerability detection technology has become one of the research hotspots of information security. This paper ifrstly analyzes the ifle formats of Microsoft Ofifce and Adobe PDF. On the basis of the study on traditional vulnerability detection techniques, three document vulnerability detection methods are put forward:static detection method based on tainted data structure, dynamic detection method based on tainted data lfow, heuristic detection method based on behavior. Then the typical document class CVE vulnerability detection tool is realized and is experimented in the simulation platform. The results show that comparing with similar tools, the tool proposed in this paper has a higher detection rate. Related Articles | Metrics

Select

Design and Implementation of Network Protocol Auto Vulnerability Mining Tool based on Fuzzing 2014, 14 (6):  23.  Abstract ( 326 )   PDF (1355KB) ( 1590 )   Due to defects of traditional discovery in networking protocol, this paper analyzes methods of traditional network protocol analysis, vulnerability types, causes and discovery approaches, and disadvantages of traditional network protocol discovery. Thus, this paper proposes a design plan of automatic analysis and discovery tool based on integration of automatic protocol analysis technology, trafifc clustering sorting algorithm, deep packet inspection technique and Fuzz. This paper designs a set of vulnerability discovery system for automatic protocol, which provides systematic working procedure and structure, and function of each module and their interrelations;and finally gives a system model realization, based on which vulnerability discovery is conducted to the FTP server software to verify validity and efifciency of the system design plan. The major innovation of this paper is the integration of automatic protocol analysis technology, trafifc clustering sorting algorithm and DPI technology, which forms the network protocol vulnerability discovery technology that can conduct automatic protocol analysis and generate test path automatically. Related Articles | Metrics

Select

Design and Implementation of Software Plagiarism Detection Tool based on Structural Alignment 2014, 14 (6):  31.  Abstract ( 249 )   PDF (1780KB) ( 432 )   This paper discusses the software plagiarism detection technologies which are based on text, token and abstract syntax tree, and especially discusses the technology based on abstract syntax tree (AST) in detail. At the same time, according to the study of software plagiarism detection applications, this paper mainly introduces the architecture of software source code homologous detection system and some kinds of key functional modules. For a demonstration of the feasibility on the proposed algorithm, this paper makes a deep analysis and evaluation of the source code homologous detection system. Related Articles | Metrics

Select

Study of Non-Heapspray IE’s Vulnerability Exploitation Technique 2014, 14 (6):  39.  Abstract ( 455 )   PDF (1415KB) ( 1184 )   With the progress and development of Internet technology, the computer has been the indispensable tool in people's daily life. The security issue of computer system becomes increasingly significant. At present, vulnerability exploitation of systems or software has become a popular attacking method. In order to defend the attack to vulnerability more effectively, we need to study various methods of vulnerability exploitation. This paper introduces a new technique of browser’s vulnerability-exploitation, which has been veriifed in the known vulnerabilities, based on popular methods of IE’s vulnerability exploitation. Related Articles | Metrics

Select

Keyboard Monitoring Technology Research based on Windows 2014, 14 (6):  43.  Abstract ( 275 )   PDF (1370KB) ( 1067 )   Keylogger is the most basic computer monitoring technology and is widely used by malicious code, it has important signiifcance in the ifeld of computer security testing. This paper describes the keyboard information processing mechanism on Windows systems, analyzes and summarizes the four kinds of typical keylogger technology:messages HOOK, kernel function HOOK based on function intercept and keyboard scanning, active polling based on keyboard state detection. The experimental results show that the recall of the four kinds of mainstream keylogger technology can reach 100%. But these four keylogger technology lack of imperceptibility, cannot avoided searching and killing of mainstream security software. While in addition to polling the keyboard, the rest kinds of keylogger technology can’t resist the interference of mainstream anti-theft mechanisms. Related Articles | Metrics

Select

One-way Communication Mechanism for Network Security Isolation and Information Exchange 2014, 14 (6):  48.  Abstract ( 284 )   PDF (1417KB) ( 216 )   With the rapid development of the Internet, information leakage occurred frequently. Today, network security isolation and information exchange technology has become a research focus in information security. Analyzing the advantages and disadvantages of the existing isolation techniques, this paper proposed a mechanism for security isolation and information exchange, which overcomes unreliability issue in one-way communication with the potential covert channels under controlled. It coordinates the contradiction between security isolation and information exchange among different security level networks. In addition, the mechanism also has advantages, such as security isolation in physical level, reliable communication and good expansibility. It is well suited for multi-level security isolation and information exchange occasions. Related Articles | Metrics

Select

Design and Implementation of Voice and Video Flow Identiifcation and Control Scheme based on VOIP 2014, 14 (6):  53.  Abstract ( 277 )   PDF (1929KB) ( 222 )   With the development of network technologies and protocols, voice and video chat applications increasingly prevalent based on VOIP, which has brought new challenges for operators and regulators. This paper proposes a new Depth-Association recognition technology according to review of previous research results and traditional recognition technology for such applications, and designed a flow identification and control scheme. Finally, the recognition results of several applications are given, which show that the use of this system can achieve good results to identify and control. Related Articles | Metrics

Select

Research on Multi-robot Cooperative Control and Formation Method 2014, 14 (6):  59.  Abstract ( 311 )   PDF (2458KB) ( 205 )   With the development and application of multi robot system, the cooperative control problem has become a core issue in the research .Multi robot formation problems are studied, the purpose is to explore a kind of general, effective research strategies and methods in formation control ifeld . This paper presented a formation control method, and studied and veriifed feasibility and stability of control algorithm through simulation experiment. And the real robot experiment has been ifnished in multi robot environment, received good results. Related Articles | Metrics

Select

Design of Obstacle Avoidance System for the Blind based on Fuzzy Control 2014, 14 (6):  67.  Abstract ( 289 )   PDF (1541KB) ( 271 )   Based on information collected on the ground by multi-ultrasonic sensors, this paper resorts to the fuzzy control algorithm to issue a voice message for the blind to avoid obstacle by processing information collected. This system adopts ultra-low power MSP430 single chip microcomputer as main control unit, the peripheral device contains five ultrasonic sensors to gather omnidirectional road information.After the detailed analysis of road information, it can guide the blind on the way forward and the appropriate speed by issuing voice messages so that to realize the function of obstacle avoidance for the blind. Related Articles | Metrics

Select

Android Application Behavior Detection based on Rights Management 2014, 14 (6):  72.  Abstract ( 268 )   PDF (1488KB) ( 529 )   With the increase of the market share occupied by the Android system, security issues become more and more troubled by the fetters of the Android system for further development. More of the current market for security software is not able to achieve real-time monitoring application behavior, very few security software requires root privileges to achieve real-time monitoring application behavior. Based on a custom Android application framework layer, using a dynamic model of Android system permission checking mechanism to achieve detection application runtime behavior. Application take advantage of the label ofto required permissions, during the runtime when the APP needs to call the corresponding API or access to system data, system privileges inspection will occur and get the application behavior monitoring. This method is more simple and effective to monitoring application behavior and binging a smaller loss system. Related Articles | Metrics

Select

Design and Implementation of Electric Power Information Security Attack and Defense Platform 2014, 14 (6):  78.  Abstract ( 255 )   PDF (1297KB) ( 265 )   With the fast development of informationization of electric power enterprises, especially after the implementation of SG-ERP, information system increasingly plays a basic and global role. In this paper, some techniques adopted in information security attack and defense platform are elaborated, including hook-based host computer monitoring technique, concealing technique, virtual machine management technique. Through analyzing the present information security situation, the overall framework of the platform is put forward and the functions of each part are described, the constitution, design and implementing procedure of management module, attack and defense examination module, training and drilling module and data daily record module are demonstrated with focus. By testing the system operation, the rationality and feasibility of each function are veriifed. Related Articles | Metrics

Select

Application Research on Petroleum Exploration Information System Using Desktop Cloud 2014, 14 (6):  84.  Abstract ( 212 )   PDF (1233KB) ( 162 )   Covering all kinds of scientific data during oil exploration and production procedure, oil and gas exploration information system provides strong support for the management and objective decision. Restricted to limited data processing capacity, the system can only be used in the internal network environment. Then the core data generated by oil and gas exploration information systems is downloaded to the client, which is faced with risks of leaking sensitive data. Through in-depth study of the desktop cloud and its application, we integrate several application systems, such as oil and gas exploration information systems, OA, E-mail and so on, into one uniifed cloud platform, which not only tackles the remote application problems of numerous terminal equipments, but also improves the ability of protecting core data. Related Articles | Metrics

Select

Social Network Analysis for Exploratory Mining of Criminal Gangs Engaged in Illegal Transactions 2014, 14 (6):  88.  Abstract ( 263 )   PDF (1328KB) ( 151 )   Social network theory is used to mathematically model massive transactions for aiding law enforcement agencies, in the status of art of increasing rate of gang crimes which are more dangerous than common crimes. Graph-based clustering algorithms are employed to mine out gangs of transactions, to analyze their structures and smartly identify gangs engaged in illegal transactions. Thereby, it provides for accurate crime clues for law enforcement agencies, and enhances initiative and efifciency to crack down on criminal offenses. Related Articles | Metrics