Loading...
Netinfo Security

Table of Content

    10 September 2014, Volume 14 Issue 9 Previous Issue    Next Issue
    Orginal Article
    For Selected: Toggle Thumbnails
    Orginal Article
    Cloud Platform based Real-time Monitoring of the Abnormal Traffic in Massive-scale Network
    LI Tian-feng, YAO Xin, WANG Jin-song
    2014, 14 (9):  1-5.  doi: 10.3969/j.issn.1671-1122.2014.09.001
    Abstract ( 502 )   HTML ( 3 )   PDF (5347KB) ( 313 )  
    Concealment of the network security problems appear increasingly strengthen, more durable, lethality spread more widely. A single or a few data sources is difficult to find more concealed abnormal network events. Meaning while, facing the huge-scale data some methods such as data mining, classification, neural network, association rules, decision algorism, as the reason itself, are still existing the bottlenecks in the computing power. Base on the big data platform, the article puts forward a real-time monitoring system architecture to detect the abnormal traffic in the massive network. The article discusses the key technologies and methods. The platform build up an architecture combining the offline batch computing and real-time streaming processing together. Through the analysis of the flow rate, security logs and other large source data, it implements to monitor the network at instance and detect the abnormal flow in real-time, such as DDoS attack, worms, scanning, and password probe.
    References | Related Articles | Metrics
    Solution for Rule Conflict under Distributed SDN Controller System
    WANG Xin, GAO Neng, MA Cun-qing, XUE Cong
    2014, 14 (9):  6-6.  doi: 10.3969/j.issn.1671-1122.2014.09.002
    Abstract ( 505 )   HTML ( 0 )   PDF (6091KB) ( 239 )  
    The distributed SDN controller system has become the research focus, but the distributed architecture also introduces new security challenges, one of which is how to efficiently detect and reconcile the potential conflicting flow rules imposed by dynamic applications. By researching the conflict solution strategy FortNox with SDN single controller, in this paper we propose one kind of conflict resolution mechanism for the distributed SDN controller system. The scheme extends FortNox into distributed system, and adds controller rule conflict resolution mechanism based on end-to-end path and adds the bootstrap process of new controller so as to determine the conflict of flow rules in the distributed system. Our simulations show that it can not only check flow rule conflict in real time under distributed system, but is also effective to stop adversarial application inserting flow rules to bypass the security flow rules.
    References | Related Articles | Metrics
    Research on a New Proposed Fake Base Station Restraining Scheme based on Pseudo Signal
    LI Geng, ZHAO Yu-ping, SUN Chun-lai, ZHAO Hui
    2014, 14 (9):  12-16.  doi: 10.3969/j.issn.1671-1122.2014.09.003
    Abstract ( 412 )   HTML ( 0 )   PDF (4774KB) ( 143 )  
    This paper starts with introducing GSM fake base station system, describes system architecture, attack procedure and its bad influence in detail, then proposes a new fake base station restraining scheme based on pseudo signal. With the two phases of target recognition and interference attack on fake base station with pseudo signal, the scheme can efficiently lessen the illegal attack from fake base station and protect wireless infrastructure and users. Based on the promising prospect, a new technical proposal for information security of mobile communication is explored.
    References | Related Articles | Metrics
    A Method of Discriminating Microblog Topic Position based on the Text Classification with Correlation of Subject
    WANG Ming-yuan, JIA Yan, ZHOU Bin, HUANG Jiu-ming
    2014, 14 (9):  17-21.  doi: 10.3969/j.issn.1671-1122.2014.09.004
    Abstract ( 613 )   HTML ( 0 )   PDF (4940KB) ( 150 )  
    How to discriminate accurately the microblog topic position is one of the highlights in the short essay mining. This paper proposes a method based on the text classification with correlation of subject, which can discriminate users for the topic who is to support or oppose. The correlation of subject often leads to the text that have greatly different features. The method first obtain the topic keywords by extraction technology and mutual information, then classify the text to conversation corpus with the correlation of subject, at last adopt different method to analyze the comprehensive microblog topic position. The experimental results show that the method of correlated adopting machine learning and the uncorrelated adopting dictionary can greatly improve the discrimination accuracy. On this basis, we construct a model, can be used for the relevant government departments to monitor the Internet public opinion and business evaluate the products market, etc.
    References | Related Articles | Metrics
    Study on Evaluation of the Important Information System Security Safeguard Capability
    LV Xin, GUO Yan-qing, YANG Yue-yuan
    2014, 14 (9):  22-25.  doi: 10.3969/j.issn.1671-1122.2014.09.005
    Abstract ( 464 )   HTML ( 5 )   PDF (4295KB) ( 191 )  
    The important information systems security is of high importance for the national economic and social system. It is an urgent task to grasp the security safeguard capability of the important information systems in our country under the present state. This paper has made a close study of the traits and requirements in important information systems security and has analyzed two kinds of different information security evaluation methods. Based on integrated scientific idea, this paper has put up a framework of important information systems security safeguard capacity evaluation index system to provide reference for investigation.
    References | Related Articles | Metrics
    Research on Identification of Micro-blog Hyper Accounts in Internet Public Opinion Events
    YAN Ling, LI Yi-qun
    2014, 14 (9):  26-29.  doi: 10.3969/j.issn.1671-1122.2014.09.006
    Abstract ( 533 )   HTML ( 1 )   PDF (3998KB) ( 151 )  
    The hyper accounts in micro-blog have a significant impact on the spread and development of the events in the Internet public opinion. The hidden behind hyper accounts are a special group which can’t be neglected. This paper proposes a hyper accounts finding method based on the community detecting algorithm. In this method, by constructing the bloggers association network and mining the features of the constructed network, the goal of automatically finding the hyper speculation accounts is achieved. By using the related micro-blogs of the Hunan Linwu Watermelon Death event as the experimental corpus, the blogger association network is constructed and the hyper accounts we detected and distinguished by using the proposed method, which proves the feasible of the presented method.
    References | Related Articles | Metrics
    A Review of Security Threats of Mobile Internet
    WANG Xue-qiang, LEI Ling-guang, WANG Yue-wu
    2014, 14 (9):  30-33.  doi: 10.3969/j.issn.1671-1122.2014.09.007
    Abstract ( 528 )   HTML ( 5 )   PDF (4276KB) ( 200 )  
    The era of Mobile Internet has come with the broad adoption of mobile intelligent terminal and its integration into Internet. However, accompanying the new technology, novel user experience and revolutionized business model that Mobile Internet brings us, there also arise some severe threats to user’s information and property security. Attacks could happen in each layer of mobile terminal and communication network, which make up the main architecture of Mobile Internet. In this paper, a multilayer analysis of security threats about Mobile Internet is proposed based on an extensive research process.
    References | Related Articles | Metrics
    Design of Secure SDN Controller Architecture
    XUE Cong, MA Cun-qing, LIU Zong-bin, ZHANG Qing-long
    2014, 14 (9):  34-38.  doi: 10.3969/j.issn.1671-1122.2014.09.008
    Abstract ( 525 )   HTML ( 3 )   PDF (5465KB) ( 248 )  
    Controller is the core of Software Defined Network, and its security is crucial for SDN maintenance. Based on open source SDN controller architectures, we analyze its security issues of network information protection, application management and module processing under different control patterns, and further propose a secure SDN controller architecture, which integrates shared network information base, collision detection, intrusion tolerance module etc. This design can solve single controller invalidation and logic inconsistency and improve the robustness of SDN.
    References | Related Articles | Metrics
    Network Collaborative Defense Oriented Dynamic Risk Assessment System
    WANG Xing-he, YU Yang, XIA Chun-he
    2014, 14 (9):  39-43.  doi: 10.3969/j.issn.1671-1122.2014.09.009
    Abstract ( 505 )   HTML ( 1 )   PDF (4715KB) ( 162 )  
    a hierarchical risk assessment model is designed to provide evidence for the auto plan generating process of collaborate defense. The model organizes vulnerability by using attribute based attack graph, finding out all possible attack paths and calculating possibility of each single attack path. Analytic hierarchy process is used to calculate the hierarchical risk of the network. The model provides reliable evidence for the collaborate defense to solve two important problems, that is when to response and what measures to take in the response.
    References | Related Articles | Metrics
    Research on Microblogging Event Correlation Analysis Method based on Bipartite Graph Projection
    LIU Jun, ZHOU Bin, HUANG Jiu-ming
    2014, 14 (9):  44-49.  doi: 10.3969/j.issn.1671-1122.2014.09.010
    Abstract ( 576 )   HTML ( 0 )   PDF (5548KB) ( 358 )  
    In this paper, we introduce a new method of using the theory of bipartite graph to analysis the correlation of microblogging event by comparing the new features in the process of transmission between microblogging event and traditional event. We give a method on how to convert the relationship between microblogging event and microblogging users to bipartite graph. According to the role of microblogging users in microblogging event, users’ general weight is given to construct the weighted bipartite graph of microblogging event-microblogging users. By comparing a variety of bipartite graph projection algorithm, this paper proposes a one-mode weighted projection algorithm, and comes to a quantitative representation of the correlation and influences without losing the information of bipartite graph. Finally, a systematic experiment is conducted to verify the rationality and correctness of the proposed algorithm.
    References | Related Articles | Metrics
    Privacy Protection Using Face Recognition in Android Platform
    CAI Zhi-ling, LIN Bo-gang, JIANG Qing-shan
    2014, 14 (9):  50-53.  doi: 10.3969/j.issn.1671-1122.2014.09.011
    Abstract ( 521 )   HTML ( 2 )   PDF (3946KB) ( 251 )  
    With the popularization of Android devices, they have become a part of our lives. At the same time, the information security of Android devices comes into the picture. As the development of face recognition, it has been successfully used in real life. Face recognition is an effective approach of security protection. This paper focuses on face recognition technology, designs and implemen of privacy protection system on Android. Considering the limitation of calculation and storage on Android mobile devices, this paper uses the simple and effective algorithms such as AdaBoost face detection algorithm base on Haar-like features and Local Binary Pattern (LBP) operator. This paper finally realizes face recognition on Android.
    References | Related Articles | Metrics
    A System of Privacy Protection based on Android
    HUANG Ke-zhen, LI Yu-xiang, LIN Bo-gang
    2014, 14 (9):  54-57.  doi: 10.3969/j.issn.1671-1122.2014.09.012
    Abstract ( 738 )   HTML ( 5 )   PDF (3857KB) ( 204 )  
    With the rapid development of mobile Internet, the mobile payment and the mobile office will be integrated into people's lives. The protection of commercial secrets, personal privacy and other sensitive information becomes critical. However, a variety of information leakage, malicious tampering, system sabotage and other malicious behavior often occur. To compensate for the lack of Android system privacy protection, this paper designs a cell phone privacy data security solution based on an Android security policy, and implements privacy protection system of local and remote data protection. The system can effectively protect the user privacy data security and provide a secure mobile environment.
    References | Related Articles | Metrics
    Conformance Assessment and Standards System Research on Data Forensics Equipment
    FAN Hong, HU Zhi-ang, DU Da-hai, WANG Guan
    2014, 14 (9):  58-62.  doi: 10.3969/j.issn.1671-1122.2014.09.013
    Abstract ( 569 )   HTML ( 0 )   PDF (5526KB) ( 116 )  
    In this paper, we studied the technologies and standards developments of data forensics equipment in domestic and abroad. The requirements and conformance assessment methods for data forensics equipment are discussed. Since there are no open domestic standards for data forensics equipment, we propose a standards system for data forensics equipment. The standards system is mainly on technology requirements and test standards for data forensics equipment, which can provide useful helps for product design and manufacture guides for corporations. And it can also provide a blueprint for standard formulation and revision on data forensics equipment. Meanwhile, the standards system can improve the products test and product quality. Hence, it can help the police to get effective data and improve the criminal case investigation efficiency.
    References | Related Articles | Metrics
    Present Situation and Enlightenment of the Foreign Network Range Technology
    LI Qiu-xiang, HAO Wen-jiang, LI Cui-cui, XU Li-ping
    2014, 14 (9):  63-68.  doi: 10.3969/j.issn.1671-1122.2014.09.014
    Abstract ( 1092 )   HTML ( 14 )   PDF (6385KB) ( 458 )  
    With the rapid development of information technology, network security has become the focus of attention of governments. In order to combat the growing network attacks on critical infrastructures in the field of the government, national defense and industrial control, many countries in the world to carry out technology research and application of network range. This paper describes the definition and characteristics of network range, introduces the construction contents of the network range and the present situation of the United States and other developed countries, puts forward some enlightenments to our country network range construction.
    References | Related Articles | Metrics
    Research on DDoS Attack and Defense based on Network Self-similarity Detecting
    HUANG Chang-hui, WANG Hai-zhen, CHEN Si
    2014, 14 (9):  69-71.  doi: 10.3969/j.issn.1671-1122.2014.09.015
    Abstract ( 502 )   HTML ( 0 )   PDF (2690KB) ( 167 )  
    DDoS attack is a widely-used and most dangerous attack mode of Internet. It takes availability of network service as the target. This paper introduces the principle of DDoS attack, and focus on methods of network self-similarity in detecting DDoS Attack. Finally, the methods of DDoS attack are analyzed comprehensively.
    References | Related Articles | Metrics
    2014 Domestic Government Website Security Analysis
    ZHANG Xin, CHEN Jian-min, LIU Yan
    2014, 14 (9):  72-75.  doi: 10.3969/j.issn.1671-1122.2014.09.016
    Abstract ( 452 )   HTML ( 1 )   PDF (4057KB) ( 141 )  
    China is a big country Internet applications, in recent years there have been many domestic network security incidents. Some of the event has a major social and political implication. The main role of government is to promote the portal of the party and state policies and local government decision-making and deployment. Due to the high credibility of government websites, website traffic, influence, and high PageRank, easy targets hackers and foreign hostile organization. Therefore, the government needs to ensure the safety of the site, enhanced security measures the government website, a comprehensive good construction site security to ensure full safety.
    References | Related Articles | Metrics
    Cyber Resilience: New Ideas of Cyber Security Development
    LI Zhan-bao, ZHANG Wen-gui
    2014, 14 (9):  76-79.  doi: 10.3969/j.issn.1671-1122.2014.09.017
    Abstract ( 728 )   HTML ( 0 )   PDF (3907KB) ( 88 )  
    Recently, United States, European Union and other western developed countries pay their close attentions to the cyber resilience. A series of related documents have been published. As the research deepened gradually, there already have many research results come out. This paper introduces definitions and insights of cyber resilience, discusses principles, scope, main approaches, objectives as well as all kinds of project indicators for measuring cyber resilience, which are used to plan and solve cyber resilience.
    References | Related Articles | Metrics
    Research on E-commerce-oriented User Abnormal Behaviour Detection
    JI Bing-shuai, LI Hu, HAN Wei-hong, JIA Yan
    2014, 14 (9):  80-85.  doi: 10.3969/j.issn.1671-1122.2014.09.018
    Abstract ( 712 )   HTML ( 4 )   PDF (6356KB) ( 190 )  
    In order to detect users’ abnormal trading behavior in e-commerce, users’ behavioral log data were firstly classified into two categories, namely static attribute sets and operational sequence sets respectively. Then Apriori algorithm based on axis attribute and GSP algorithm for mining sequential patterns were used on these two different data sets, and users’ normal behavior patterns were then established. Finally, user's current behavior patterns and their past normal behavior patterns were compared using pattern matching method based on sequence, and then one could judge whether the user’s trading behavior is normal or not. The experiment on real data sets shows that the method could effectively detect users’ abnormal behavior in e-commerce trading.
    References | Related Articles | Metrics
    Discussion about the Industrial Control Network Intrusion Prevention Technology based on On-line Ensemble Learning
    TANG Jian, SUN Chun-lai, LI Dong
    2014, 14 (9):  86-91.  doi: 10.3969/j.issn.1671-1122.2014.09.019
    Abstract ( 400 )   HTML ( 1 )   PDF (6606KB) ( 231 )  
    Industrial control network systems are popularly used in national infrastructure, such as metallurgy, coal, electric power, petrochemical, nuclear energy, aviation, railway, water treatment, Metro et.al. There are many characteristics in these networks, such as multi-network layers (device net, control net and manager net), multi-type network links (online/wireless link, local/remote link, long time/temporary link), multi-type link devices (intelligent instrument, computers of process control system, computers of management execution system) and multi-level users (operational workers in practice, hard-device engineer, soft ware engineer, official manager staff). How to effective protect such network system has been a focus in information security domain. In this paper, we analyze the technologies of information security and intrusion prevention for industrial control network system. How to develop artificial intelligence based on-line adaptive intrusion prevention model is the further research direction. Then, the on-line ensemble modeling technology is reviewed. Finally, the research problem about how to integrate on-line ensemble leaning with industry control network intrusion prevention system is presented.
    References | Related Articles | Metrics
    Research on Tibetan Public Opinion Platform of Cloud Analysis System
    JIANG Tao, JIANG Jing, DAI Yu-gang, LI Ai-lin
    2014, 14 (9):  92-94.  doi: 10.3969/j.issn.1671-1122.2014.09.020
    Abstract ( 540 )   HTML ( 1 )   PDF (3366KB) ( 107 )  
    This article described the system framework and core modules of Tibetan public opinion cloud analysis platform, the system applied the cloud computing technology without increasing the high performance equipment to achieve the users, who know nothing about Tibetan, can implement monitoring the public opinion from various sources, such as Tibetan printed text, Tibetan documents obtained from various types of storage media, the Internet and so on. Combining the maximum entropy with conditional random field to recognize the named entity, the Tibetan public opinion analysis results are reported in Chinese by word level and sentence level for the users.
    References | Related Articles | Metrics
    A Simple Discussion on the Impact of SDN Development on Network Security
    QI Zhong-hou, XIE Xu-dong, ZHANG Nai-bin
    2014, 14 (9):  95-97.  doi: 10.3969/j.issn.1671-1122.2014.09.021
    Abstract ( 545 )   HTML ( 2 )   PDF (3087KB) ( 227 )  
    This paper briefly introduces the basic ideas and characteristics of software defined network (SDN) and analyzes the relations between SDN and virtual technology. Mainly, the paper discusses the impact of SDN on network security, and advances the idea of Big Security and the direction of software defined security, thus to deal with the impact of SDN development on network security.
    References | Related Articles | Metrics
    Moving Target Defense Mechanisms
    WANG Dong-xia, FENG Xue-wei, ZHAO Gang
    2014, 14 (9):  98-100.  doi: 10.3969/j.issn.1671-1122.2014.09.022
    Abstract ( 348 )   HTML ( 2 )   PDF (3169KB) ( 155 )  
    Moving Target Defense (MTD) is a new research theme to cyber security, which takes away the adversary’s advantage by dynamical variance to increase the security of the system. In this paper, the security principle under the counter conditions is proposed and the model and validity of MTD are analyzed. The MTD technology architecture is introduced to describe various MTD mechanisms in different levels. At last, the challenges to realize MTD are described.
    References | Related Articles | Metrics
    Design and Implementation of Multi-level Security System on Desktop Virtualization in Classified Environment
    WU Yue, LIU Xiang-dong
    2014, 14 (9):  101-104.  doi: 10.3969/j.issn.1671-1122.2014.09.023
    Abstract ( 394 )   HTML ( 0 )   PDF (4037KB) ( 107 )  
    Aiming to achieve the goal of multi-level security to desktop virtualization in classified environment, a new model vDesktop-BLP is proposed. The model which improves the classical BLP model can control path of information flow in desktop virtualization and realize the control of network communication between virtual desktops and access behaviors to storage devices based on principles of multi-level security in classified environment. Afterwards, a prototype system is implemented to verify the feasibility and effectiveness design of vDesktop-BLP.
    References | Related Articles | Metrics
    Analysis of Physics Isolation Vulnerability and Its Countermeasure
    SHI Jun
    2014, 14 (9):  105-108.  doi: 10.3969/j.issn.1671-1122.2014.09.024
    Abstract ( 423 )   HTML ( 0 )   PDF (4340KB) ( 151 )  
    In view of the “Stuxnet” and “Snowden” events, physical isolation exists the fact that network security perimeter has been broken,and its real security isolation effect arouse bitter controversy. This paper introduces three implementation technology approaches and two evolution processes of physical isolation and make safety analysis of each process. Some proposals related to physical isolation security problems are discussed; for instance, to establish global file exchange management system, to unify file exchange format, to establish electromagnetic compromising emanation protection requirements and to prevent memory information leakage. The network connection new methods based on one-way input technology and quantum cryptography are proposed, and its applicable occasions are analyzed. Problems to be solved on security segregation and information-exchanging product are proposed and emerging cryptology technology will be the end of physical isolation. It hope that the research results to the further development of network security perimeter protection work play a positive role.
    References | Related Articles | Metrics
    An Anti-APT Scheme Research for High-Security Network
    LI Feng-hai, LI Shuang, ZHANG Bai-long, SONG Yan
    2014, 14 (9):  109-114.  doi: 10.3969/j.issn.1671-1122.2014.09.025
    Abstract ( 513 )   HTML ( 1 )   PDF (6079KB) ( 345 )  
    Based on the analysis of some security risks within high-security network, this paper briefly introduces the concept of APT and the design purpose of Anti-APT scheme research, elaborates on the anit-APT framework of, high-security network and then proposes some idea and strategy to defend APT.
    References | Related Articles | Metrics
    Building Security Check and Risk Assessment Index System on Cloud Computing Environment
    ZHANG Heng, LU Kai
    2014, 14 (9):  115-119.  doi: 10.3969/j.issn.1671-1122.2014.09.026
    Abstract ( 587 )   HTML ( 1 )   PDF (5206KB) ( 191 )  
    With the increasing development and wide application of cloud computing, the issue of security in cloud computing environment has attracted more attentions in technology information. Initially, this article involves in analyzing the status of security in cloud computing environment. It establishes the framework for cloud computing environment security under basic requirements through the deep research of this subject. In addition, it clearly identifies the specifications and methods required by this framework. It focuses on considering the risk analysis, the actual environmental safety requirements investigation, cloud security event analysis and related research achievements. From above, it takes effective measures when the protection objects faces risks in cloud computing framework and then draws the corresponding manipulated variables. Finally, according to marking model, it can measure and evaluate the security risks in cloud computing environment and the efficiency of security measures. This article could provide the relative reference for the relevant departments to develop cloud computing security standards and fulfill the evaluation of inspection and duty.
    References | Related Articles | Metrics
    Research on Information Security for Industrial Control System and the Solution for Numerical Control Network
    WANG Qi-kui, LI Xin, ZHAO Fu
    2014, 14 (9):  120-122.  doi: 10.3969/j.issn.1671-1122.2014.09.027
    Abstract ( 561 )   HTML ( 9 )   PDF (3513KB) ( 206 )  
    The requirements of connection between numerical control network and office network are given by analyzing the problem of information security in industrial control system. The security risks of numerical control network in military industry are studied, and the solution of information security for is this network proposed. In this solution the functions of security isolation equipment and the terminal security equipment for numerical control system are illustrated. The deployment way of these two equipments are also expressed. The implementation of the scheme would upgrade information security of numerical control network in military industry to insure its information security.
    References | Related Articles | Metrics
    Emergency Response Collaborative System Design for Network Security based on Business Process Management
    WANG Hong-yan, ZHANG Yan-li, LI Yu-peng
    2014, 14 (9):  123-126.  doi: 10.3969/j.issn.1671-1122.2014.09.028
    Abstract ( 515 )   HTML ( 1 )   PDF (4187KB) ( 111 )  
    The network security emergency response is described throughout the life cycle and the major phase content in this paper, and for current network security emergency response’s problems and requirements of resources sharing and collaborative labor division across systems and networks, the idea of emergency response collaborative workflow management is proposed based on business process management, the correspondence between emergency response procedure and emergency response coordination system function is discussed, BPM based emergency response collaborative system architecture is given, and collaborative workflow management’s main function is described in detail.
    References | Related Articles | Metrics
    Classification-based Hot Topic Detection Approach on Chinese Micro-blog
    ZHENG Fei, ZHANG Lei
    2014, 14 (9):  127-131.  doi: 10.3969/j.issn.1671-1122.2014.09.029
    Abstract ( 446 )   HTML ( 0 )   PDF (5288KB) ( 105 )  
    Smart-phones and micro-blog client reinforce the micro-blog media features. Therefore, Micro-blog hot topic real-time detection can provide valuable research results in relevant fields. The paper introduces a real-time hot micro-blog topic detection method based on keywords classification. Filtered micro-blog messages were classified according to keywords. A multi-weight function based on the word frequency and growth in the time window was used to extract the key words of micro-blog information. An improved single-pass clustering algorithm based on same-text conditional probability was used to find the micro-blog hot topic. The results show that the approach is effect in clustering micro-blog hot topic in real time.
    References | Related Articles | Metrics
    Analysis and Research on Security Protocol of Wireless LAN
    ZHANG Lei, ZHENG Fei
    2014, 14 (9):  132-137.  doi: 10.3969/j.issn.1671-1122.2014.09.030
    Abstract ( 372 )   HTML ( 1 )   PDF (5460KB) ( 169 )  
    This paper describes several types of security protocols technology standards、 development process for wireless LAN, describes the wireless LAN security standards WEP, 802.11i and 802.11w security mechanism analyzes the WEP, 802.11i standard applications and 802.11w existing security Typical problems and possible attacks, finally proposed to strengthen the wireless LAN security measures.
    References | Related Articles | Metrics
    Information Security Work of the Procuratorial Organ under the New Situation
    FAN Jiang
    2014, 14 (9):  138-143.  doi: 10.3969/j.issn.1671-1122.2014.09.031
    Abstract ( 468 )   HTML ( 3 )   PDF (6728KB) ( 174 )  
    Information security refers that the information system and its carrier of classified information are not leaked or damaged in all aspects of generation, transmission, processing, storage and destruction, the aim is to ensure the confidentiality, integrity and controllability, to protect the information resources, and make sure the information process can be developed in a healthy, well-organized, sustainable way. Information security has become an important part of national security. This article embarks from the new situation of social intangible information, tries to analyze the characteristics of prosecutors information security, challenges and countermeasures to adapt to information-based demands that the procuratorial organ need to meet under the new situation, so that requirements of keeping information security can be fulfilled, it could also strengthen the most procuratorial officers the quality and ability of information security, making the security of informatization nationally guaranteed.
    References | Related Articles | Metrics
    Internet Security Protection in Personal Sensitive Information
    WANG Yu-bin, LI Chao, CHENG Nan
    2014, 14 (9):  144-148.  doi: 10.3969/j.issn.1671-1122.2014.09.032
    Abstract ( 538 )   HTML ( 0 )   PDF (4349KB) ( 202 )  
    Personal sensitive information is now a target in non authorizer’s eye. Therefore, the existence of security risks cannot be optimistic. The personal sensitive information will be lost with lack of information security protection strategy and technical support. According to the safety status of the personal sensitive information protection, personal sensitive information problems is analyzed, then the site of personal sensitive information protection measures is proposed between Internal and external Internet security to ensure the security of personal sensitive information.
    References | Related Articles | Metrics
    The Construction of Security Subsystem for 4G Wireless Multimedia Corporation Communication System
    MU Xuan-she, WANG Shou-yin
    2014, 14 (9):  149-151.  doi: 10.3969/j.issn.1671-1122.2014.09.033
    Abstract ( 461 )   HTML ( 0 )   PDF (3375KB) ( 99 )  
    With the quick development of 4G technology, the construction of 4G wireless multimedia communication system is blooming. The security subsystem is the foundation and key component of 4G wireless multimedia communication system. This paper introduced significance of security subsystem used for 4G wireless multimedia communication system, analyzed requirements of the security system, and detailed function components and architecture of the system.
    References | Related Articles | Metrics
    Research on How to Handle the Balance of Internet Vitality and Order
    ZHUO Gang, JIAO Guo-lin
    2014, 14 (9):  152-156.  doi: 10.3969/j.issn.1671-1122.2014.09.034
    Abstract ( 491 )   HTML ( 0 )   PDF (5465KB) ( 124 )  
    Recently, the severe imbalance between internet vitality and order has put a serious challenge to the sustainable development of network society in China, which has become an urgent theoretical and realistic problem to resolve. In order to keep the balance of internet vitality and order, we need to appreciate the key roles of vitality and order in the development of internet, and get a clear understanding of the internet’s ideal prospect in the dimensions of atmosphere, environment and ecology. Only then could we analyze the underlying reasons of the imbalance and probe a feasible way to realize the dynamic balance of internet vitality and order in the aspects of theory, institute, legality, consensus, technology and management, etc.
    References | Related Articles | Metrics
    Brief Discussion on the Standardization of Obtaining Electronic Evidence in Cyber Crime
    XU Chao
    2014, 14 (9):  157-160.  doi: 10.3969/j.issn.1671-1122.2014.09.035
    Abstract ( 441 )   HTML ( 0 )   PDF (4147KB) ( 492 )  
    With the rapid development of computer and information technology, network has become indispensable to modern society of information and communication tool, but also the use of computer network implementation of fraud, theft, gambling, obscene articles, infringement of intellectual property rights and many other crimes also presents the fast rising trend. By E-mail, and chat online electronic data records exist, Webpage, domain name and other electromagnetic record form, as the core and foundation of network crime of criminal procedure, the value orientation in relation to the entity with the program of this kind of crime justice, crime control and human rights protection, conflict of interest and between the state power and civil rights balance and the purpose of criminal proceedings. But at present our country electronic evidence has many problems, urgently needs to be standardized.
    References | Related Articles | Metrics
    Study on Configuration Methods of Unacquainted Network Edge Firewall Rules
    WANG Yi-fei
    2014, 14 (9):  161-164.  doi: 10.3969/j.issn.1671-1122.2014.09.036
    Abstract ( 529 )   HTML ( 3 )   PDF (3948KB) ( 147 )  
    This article summarizes the reason and damage of unacquainted network edge problem in firewall engineering configuration, proposes three traditional solutions to this problem. Combining project experiences in large network, a demand analysis and log-exploring technical system is put forward as a new solution to configurate unacquainted network edge access rules. Based on many case studies and managerial psychology, demand analysis method is detailed design. Based on database and firewalls log analysis technology, log-exploring method is detailed design. The method in this article has been test and proven to be successful by using the mainstream firewall.
    References | Related Articles | Metrics
    A Smart Inspection Recording Scheme based on OTP Token
    ZHU Peng-fei, YU Hua-zhang, LU Zhou, ZHANG Yi-fei
    2014, 14 (9):  165-166.  doi: 10.3969/j.issn.1671-1122.2014.09.037
    Abstract ( 443 )   HTML ( 0 )   PDF (2273KB) ( 114 )  
    Smart inspection is one of the typical IOT applications. It is necessary to avoid the inspection records from being fabricated or juggled including time information. A scheme base on OTP is designed to backdate the time information accurately and safely. According fully enclosed OTP token is developed with techniques that dispel the accumulative deviations.
    References | Related Articles | Metrics
    iOS Forensics
    LIU Hao-yang
    2014, 14 (9):  167-170.  doi: 10.3969/j.issn.1671-1122.2014.09.038
    Abstract ( 425 )   HTML ( 3 )   PDF (3603KB) ( 159 )  
    iOS electronic equipment, for example, iPhone or iPad, is the typical smart devices.The mechanism of iOS is different from the traditional computer. Smart device forensic is a chanllage to investigators. This article shows the constitute,mechanism, technical and procedure of smart device forensics.
    References | Related Articles | Metrics
    A Secure Computer Terminal Coping with Various Threats
    ZHANG Xue-jun, LI Yu-wen
    2014, 14 (9):  171-175.  doi: 10.3969/j.issn.1671-1122.2014.09.039
    Abstract ( 399 )   HTML ( 0 )   PDF (4918KB) ( 128 )  
    As an important part of the information system, computer faces security threats from external and internal. The current way of protection, mainly against viruses, Trojans and other security threats and attacks from the network and external, has little effect on negligence and deliberate leaks from behavior of internal staff. Furthermore, the protection function is based on the computer to be protected, its own reliability is limited. This article proposes secure computer architecture with independent protection system, theoretical analysis and practice show that this architecture can effectively respond to external and internal security threats, protect the security of the computer itself and internal data information.
    References | Related Articles | Metrics
    Analysis of Attack Techniques and Crime Methods of the Mobile Internet
    LU Tian-liang, ZHOU Yun-wei, CAO Wei
    2014, 14 (9):  176-179.  doi: 10.3969/j.issn.1671-1122.2014.09.040
    Abstract ( 437 )   HTML ( 0 )   PDF (4132KB) ( 151 )  
    With the development of wireless network access techniques, such as 3G, 4G and WiFi, andthe popularity of smart phones, the mobile Internet is changing the way of our work and life. As a result of a variety of security vulnerabilitiesexist in the mobile Internet during design and implementation, the mobile Internet brings not only convenience and efficiency but also provides new attack ways andcrime methods for the illegal criminal offender. First, the development situation of mobile Internet was summarized, and then typical network attacks and crimesin recent years of the mobile Internet were analyzed, including pseudo base stations, operating system vulnerabilitiesof mobile phones, malicious code and information disclosure. Finally, prediction was carried out to the future network attacks and crime situation of the mobile Internet.
    References | Related Articles | Metrics
    The Analysis and Comparison of Website Security Scanning Products
    DI Hong-bo, YU Shao-hui, SU Ji-cheng
    2014, 14 (9):  180-183.  doi: 10.3969/j.issn.1671-1122.2014.09.041
    Abstract ( 447 )   HTML ( 1 )   PDF (4079KB) ( 142 )  
    With the rapid development of the internet, the problems of Web security are more and more serious, almost everyday lots of websites have been tampered, or injected with trojans horse, backdoors and other malicious programs. The scanning products of website security have sprung up, although these products cannot protect websites, they can help administrators understand vulnerabilities and security risks. But how to define the quality of these products? In this paper, website security scanning principles are explained in detail, after the comparative analysis, some suggestions on how to improve the capability of website security scanner are put forward.
    References | Related Articles | Metrics
    Electronic Evidence and Forensic Analysis System Design of IaaS Cloud Service-oriented Infrastructure Preservation
    WU Yu-xiang, LI Ning-bin, JIN Xin, LOU Ye
    2014, 14 (9):  184-188.  doi: 10.3969/j.issn.1671-1122.2014.09.042
    Abstract ( 498 )   HTML ( 0 )   PDF (4865KB) ( 140 )  
    With the cloud technology is widely used in the field of computer networking, security, audit and e-discovery needs of cloud environments is increasingly urgent. As the cloud with traditional computer forensics evidence is quite different in the forensic environment, obtaining evidence and evidence analysis, the current lack of effective methods for cloud forensics and electronic techniques, the cloud system as an information system, which was auditability can not be guaranteed. This paper presents a new set of cloud forensics systems for infrastructure IaaS cloud services, data collection terminals through cloud system virtual machine monitor and actively collect evidence, and the evidence collected will be stored centrally in one place, forensics system Real-time forensics, evidence preservation features centralized cloud environment can effectively deal with volatile evidence, the evidence difficult to extract features, to achieve efficient forensics.
    References | Related Articles | Metrics
    Legal Protective System of Cyber Surveillance in the United States and Its Meaning to China
    HOU Yu-chen
    2014, 14 (9):  189-192.  doi: 10.3969/j.issn.1671-1122.2014.09.043
    Abstract ( 535 )   HTML ( 0 )   PDF (4307KB) ( 160 )  
    The exposure of PRISM scandal has been stimulating global discussions on both national security and privacy protection. Surveying on foreign intelligence surveillance programs of National Security Agency, under the legal framework of cyber surveillance in the U.S., it reveals that these surveillance programs enjoy so clear and precise applying scope, strict examination and supervision system and rigid procedure regulations that the U.S. government can maintain national security interests, as well as do utmost to protect public privacy with legal supports. Both building a two-win relationship between governments and Internet companies and improving legal system and legal procedure are meaningful steps to China.
    References | Related Articles | Metrics
    Feasibility Study on Automobile Electronic Control System of ECU Intrusion and Virus
    XIA Zi-yan, ZHOU Zhi-tong, LI Xiang, MO Jia-shuai-zi
    2014, 14 (9):  193-195.  doi: 10.3969/j.issn.1671-1122.2014.09.044
    Abstract ( 539 )   HTML ( 0 )   PDF (3047KB) ( 161 )  
    The car as the most important modern transportation convenience and risk always coexist, vehicle safety has been a topic of wide concern, but the traditional manufacturers and the automotive safety have focused on driving safety, but new research suggests the existence of a large number of vulnerability auto control system most, if a hacker to take control of the automobile, there may be remote manufacturing car accident, consequences be unbearable to contemplate. Therefore, for the industrial control system security car becomes a focus in the field of information security, this paper explores the auto control system intrusion and automobile virus writing feasibility from the viewpoint of the system.
    References | Related Articles | Metrics
    Fake Base Station Recognition and Locating Technology Research
    ZHOU Zhi-tong, XIA Zi-yan, XING Jia-shuai, LI Zhen-ni
    2014, 14 (9):  196-198.  doi: 10.3969/j.issn.1671-1122.2014.09.045
    Abstract ( 504 )   HTML ( 0 )   PDF (2967KB) ( 174 )  
    Fake base station as the latest high-tech crime method due to its high mobility and camouflage, makes the introduction of pseudo base station technology widely circulated in the underground market in China, the ministry of public security special operation are many times back through the source tracking method of pseudo base station, and it is difficult to directly get the current.This paper, based on the principle of pseudo base station based on this study a comprehensive detect recognition and positioning method of pseudo base station system.
    References | Related Articles | Metrics
    The Analysis of Financial Crime in Mobile Internet
    GUO Chen-yang, ZHU Yan-jun, HE Su-ping
    2014, 14 (9):  199-202.  doi: 10.3969/j.issn.1671-1122.2014.09.046
    Abstract ( 598 )   HTML ( 0 )   PDF (4139KB) ( 157 )  
    With the rapid development of mobile Internet, financial business was taken into the mobile network, but the related crime problems gradually presents. In this paper, the authors analyze the related cases, fucos on "WiFi Deception" and"Supplementary Card Attacks", and discusses the characteristics of crime and prevention strategies.In the end,the authors make some advice from how the public security organs to do and how the people to prevent.
    References | Related Articles | Metrics
    Research on Industrial Control System Security Risks and Countermeasures
    WANG Zhi-qiang, WANG Hong-kai, ZHANG Xu-dong, SHEN Xiao-jun
    2014, 14 (9):  203-206.  doi: 10.3969/j.issn.1671-1122.2014.09.047
    Abstract ( 565 )   HTML ( 0 )   PDF (3927KB) ( 161 )  
    With the integration of information technology and industry, various types of IT technology are applied to industrial enterprises, industrial control system faces greater information security risks. This article describes the typical architecture of industrial control system and the industrial control systems used mainly to study the threats, analyzes the fragility of the system, while putting forward a response.
    References | Related Articles | Metrics
    Discussion of Mobile Internet Security Issues and Protection Measures
    WANG Hong-kai, WANG Zhi-qiang, GONG Xiao-gang
    2014, 14 (9):  207-210.  doi: 10.3969/j.issn.1671-1122.2014.09.048
    Abstract ( 402 )   HTML ( 0 )   PDF (4049KB) ( 279 )  
    With the rapid development of broadband wireless access technologies and mobile terminal technology, terminal mobility becomes increasingly apparent, the mobile Internet in the aspect of mobile terminal, access network, information security and application server data protection will face a series of new more severe challenges. Starting from the development status and characteristics of mobile Internet, this article studies current typical mobile Internet applications, analyzes the security threats and risks in the mobile Internet environment, and presents a security risk control measures and protection means for the mobile Internet environment.
    References | Related Articles | Metrics
    The Method of Decrypting FileVault2 Offline and Applications in Forensics
    LAN Chao-xiang, SHEN Chang-da, QIAN Jing-jie
    2014, 14 (9):  211-213.  doi: 10.3969/j.issn.1671-1122.2014.09.049
    Abstract ( 910 )   HTML ( 18 )   PDF (2937KB) ( 222 )  
    Apple launched OS X 10.3 (Panther) system, the introduction of a FileVault disk encryption feature. In the latest release of OS X Lion system, the introduction of a new encryption FileVault2. FileVault2 uses full disk, AES-XTS 128 encryption to help keep data secure. Given that most of forensic soft can’t achieve forensics quickly on FileVault2 encrypting disk. This paper first discusser encrypting principles of the FileVault2, then puts the FileVault2 decryption method offline. And on this basis, designs the decrypting FileVault2 tools, which works independent of the operating system on the target data source and able to in the absence of Mac OS system environment through FileVault2 encrypted disk forensics. Practice shows that offline decryption method enriches the evidence items.
    References | Related Articles | Metrics
    Analytical Techniques of BlackBerry File System
    LI Yong-xing, SHEN Chang-da, LIN Yi-bin, QIAN Jing-jie
    2014, 14 (9):  214-216.  doi: 10.3969/j.issn.1671-1122.2014.09.050
    Abstract ( 410 )   HTML ( 0 )   PDF (3245KB) ( 128 )  
    This paper describes a it to form a logical unit and the contents of the file to start the mapping file by the specific content of the general rules of the system analysis method, and stored in the directory structure of files and other information structures unfold, and ultimately get the basic structure of the file system and the various kinds of parameters to achieve a written argument based on manual semi-manual analytical techniques. In addition it can be used to parse the file system in general, and more importantly applied to the unknown file system - direct data file system mirroring BlackBerry resolution. By application of this method can be more in-depth understanding of the general rules of the file system, the file system to improve analytical thinking, and to master certain BlackBerry file systems thinking, and finally realize the mirror BlackBerry forensics.
    References | Related Articles | Metrics
    Analysis of Decrypting LUKS Encrypted Volume Offline
    QIAN Jing-jie, WEI Peng, SHEN Chang-da
    2014, 14 (9):  217-219.  doi: 10.3969/j.issn.1671-1122.2014.09.051
    Abstract ( 1443 )   HTML ( 79 )   PDF (3019KB) ( 374 )  
    LUKS as one of the popular disk encryption technology is common to all versions of Linux and has characteristics as follows: support multi-user / password access to the same device; master key does not rely on user password, the user password can be changed without re-encrypting the user data; use anti-forensic splitter to store the encrypted master key for the sake of safety. Given that most of current forensic software cannot obtain forensics quickly on LUKS volume, this paper researches the principles of LUKS encryption, and based on this, proposes a LUKS decryption method, dependent on the Linux system. This method can greatly improve the forensic efficiency.
    References | Related Articles | Metrics
    TrueCrypt Container Fast Detection Technology
    SHEN Chang-da, YOU Jun-sheng, QIAN Jing-jie
    2014, 14 (9):  220-222.  doi: 10.3969/j.issn.1671-1122.2014.09.052
    Abstract ( 670 )   HTML ( 4 )   PDF (3284KB) ( 205 )  
    TrueCrypt as one of the popular free open source encryption software has been widely applied on different platforms. Forensics process often to detected encrypted file for further decrypt and analysis, but TrueCrypt container has no signature and structure, so it is a difficult to detect TrueCrypt container. In view of the TrueCrypt container file, there is no accurate detection method, the available technology is signature rule out combined file size limit to detect TrueCrypt container. In this paper, on the basis of the existing detection technology, combined with chi-square test and information entropy theory, we came up with a fast TrueCrypt container detection technology. This method not only can quickly detect TrueCrypt container, but higher precision compared with the existing detection methods.
    References | Related Articles | Metrics
    Design of Auto-start Control System of Information System Contingency Plan
    FENG Rui
    2014, 14 (9):  223-225.  doi: 10.3969/j.issn.1671-1122.2014.09.053
    Abstract ( 451 )   HTML ( 0 )   PDF (3368KB) ( 221 )  
    This paper was start to do some research on contingency plan of information security of government departments, and aimed to design some kind of feasible and economical solution. During field testing of information security classified protection, the author found the poor situation of contingency plan application. In this paper, 150 representative information systems were chose as research objects, based on analysis of current situation, classification, and implementation of contingency plans of those information systems mentioned above, this paper designed a kind of auto-star control system of information system contingency plan.
    References | Related Articles | Metrics