Loading...
Netinfo Security

Table of Content

    10 September 2015, Volume 15 Issue 9 Previous Issue    Next Issue
    Orginal Article

    Orginal Article

    Orginal Article

    For Selected: Toggle Thumbnails
    Orginal Article
    Research on the Security of APP Android Security Dynamic Analysis Method for Average Users
    Tong-bin JIA, Yang CAI, Yue-wu WANG, Neng GAO
    2015, 15 (9):  1-5.  doi: 10.3969/j.issn.1671-1122.2015.09.001
    Abstract ( 387 )   HTML ( 0 )   PDF (2003KB) ( 123 )  

    In this paper, a dynamic Android APP security evaluation method for average users is presented and a prototype based on this method is implemented. Firstly, a tailored Android system emulator AVD is implemented through introducing API calls monitoring codes in the Dalvik virtual machine of AVD. Secondly, with Python, we implemented an AVD control Script program. This program may take advantage of adb instructions and Monkey tool to load APP being tested on AVD and record test results. Finally, we implemented APP test service access interface in Web form.

    Figures and Tables | References | Related Articles | Metrics
    Research on Web Intrusion Detection Module Based on Hybrid Framework
    Ming ZHANG, Bo-yi XU, Fei XU
    2015, 15 (9):  6-9.  doi: 10.3969/j.issn.1671-1122.2015.09.002
    Abstract ( 339 )   HTML ( 3 )   PDF (2301KB) ( 176 )  

    Web intrusion detection system can monitor Web access transactions in real-time and detect attacks in time, which can solve the Web security problems effectively. This paper analyzes the advantages and shortcomings of the current Web intrusion detection techniques, and then proposes a Web intrusion detection hybrid framework. The hybrid framework integrates a signature-based detection module and an anomaly-based detection module. The signature-based detection module is mainly used to detect those known attacks, which easily are extracted features. The anomaly-based detection module is mainly used to detect those unknown attacks, which can hardly be detected by the signature-based module. The hybrid framework achieves a higher detection rate.

    Figures and Tables | References | Related Articles | Metrics
    A Ciphertext Search Scheme Based on DAS
    Yan SONG, Qing ZHOU, Guo-shuang ZHANG, Xin WANG
    2015, 15 (9):  10-14.  doi: 10.3969/j.issn.1671-1122.2015.09.003
    Abstract ( 465 )   HTML ( 0 )   PDF (2083KB) ( 85 )  

    Using the cryptographic characteristics of ElGamal public-key algorithm and stream symmetrical algorithm, we design a new cryptographic scheme which realizes fuzzy search over encrypted character data and implement it in the database-outsourcing application. The scheme makes the server rather than the client manage the huge amounts of keys. Moreover, the data model of the database efficiently reduces the performance penalty of time and dimension to a limited and available range. Following, we contrasts the scheme with ElGamal algorithm and comes to the conclusion that the scheme implements without security comprise.

    Figures and Tables | References | Related Articles | Metrics
    Research on Abnormal Behavior Analysis of Modern Networking Security Architecture
    Jin SHANG, Jun XIE, Dong-yi JIANG, Huai-lin CHEN
    2015, 15 (9):  15-19.  doi: 10.3969/j.issn.1671-1122.2015.09.004
    Abstract ( 504 )   HTML ( 2 )   PDF (2982KB) ( 118 )  

    Recently, due to the occurrence of a series of large scale of attack and data leaking affections, and the common of zero-day and APT attacks, the networking security architecture using cyber kill chain based on multi-stages emerges and is widely used in industry. The network abnormal behavior analysis is the key technology to detect the mass variants of malwares that intrude in the architecture. Most of existing abnormal behavior analysis models uses the simple algorithm without considering temporal association, indirect dimension, etc. This paper proposes an adaptive networking abnormal analysis model which applies into single and distribution dimensions, and considers time and periodic affections. This model has better usability and more accurate abnormal detection results, and can help a lot on overall analysis results by using cyber kill chain.

    Figures and Tables | References | Related Articles | Metrics
    Research on Multi-zone Secure Cloud Computing Fabrics Based on SDN Technology
    Gang WANG
    2015, 15 (9):  20-24.  doi: 10.3969/j.issn.1671-1122.2015.09.005
    Abstract ( 457 )   HTML ( 4 )   PDF (2141KB) ( 169 )  

    This paper presents a project of implementing cloud security protection in cloud computing environment, which can build secure cloud by using cloud technology and deploy safety procedure in cloud operation. By using SDN technology, the project can connect cloud operation, secure cloud, and safety procedure, and divides cloud operation into several logic isolation service areas dynamically through safety procedure. The project is independent of cloud operation implementation. Besides the almost zero configuration safety procedure, the project doesn’t change the structures of hardware and software of cloud operation, which has the features that is easy to deploy and maintain and security is high.

    Figures and Tables | References | Related Articles | Metrics
    Formal Analysis of Tracking Attack for RFID Security Protocols
    Yuan-yuan YANG, Zhen LU, Jian GU
    2015, 15 (9):  25-28.  doi: 10.3969/j.issn.1671-1122.2015.09.006
    Abstract ( 474 )   HTML ( 0 )   PDF (1959KB) ( 101 )  

    In order to solve the problem of malicious tracking attack that exists in RFID security protocols, a formal analysis model of tracking attack was proposed. At first, the model defined the concepts of attacker message element set. Then accroding to the algebraic calculation applied in the message in attacker message element set, the actions of attacker were deduced, and thus the attacker action set was determined. The concepts of attacker message element set and attacker action set regulated the actions and targets of attackers. Then the model introduced the concept of tag characteristic value, which confirmed the conditions that the tracking attack existed and clarified the attack target for tracking attack. Finally, using the proposed model, an RFID security protocol was analyzed. Through caculating the tag characteristic value of the protocol, a new tracking attack was found, which exactly proved the reliability of the model.

    Figures and Tables | References | Related Articles | Metrics
    Research on Android Device Forensic
    Hao-yang LIU
    2015, 15 (9):  29-32.  doi: 10.3969/j.issn.1671-1122.2015.09.007
    Abstract ( 385 )   HTML ( 1 )   PDF (2442KB) ( 124 )  

    In recent years, the device that using Android operating system (referred to as Android device) develops rapidly. Its typical representatives are mobile phone and tablet PC. While Android device provides the convenience to personal office and personal contact, Android device also provides a convenience to criminal. Android device has become a kind of criminal tool and objects to be on guard. As the operating mechanism of Android device is different from the traditional computer equipment, Android device forensic has become a difficult job to Android device forensic personnel. Public security organs and other law enforcement agencies are badly in need of effective technical means and methods to deal with the crime using Android device. This article elaborates on the basic knowledge of Android device and the tools and techniques that obtain electronic evidences from these devices.

    Figures and Tables | References | Related Articles | Metrics
    Research on Virtual Network Construction and Scalability in Network Testbed
    Cai-hong AN, Wei-hong HAN
    2015, 15 (9):  33-36.  doi: 10.3969/j.issn.1671-1122.2015.09.008
    Abstract ( 477 )   HTML ( 0 )   PDF (2733KB) ( 99 )  

    Network testbed as development platform that simulates the real-world environment for running extensive tests and validation experiments, it’s essential to enhance capability of independent innovation for network technology and capability of network security. Firstly, this paper introduces two topology generation methods in the virtual network construction: based on graphical interface and based on configuration file. Then, for supporting larger test scenarios or more concurrent tests under limited physical resources, this paper proposes to build a virtual network which has scalability, and describes the implementation scheme of scalability in detail. Finally, this paper introduces the virtual network construction and scalability adjustment process when executes DDoS attack test in the network testbed.

    Figures and Tables | References | Related Articles | Metrics
    Analysis of the Technique of Breaking TCP MD5 Encryption and Authentication for BGP
    Ze-min SUN, Tian-liang LU, Yang ZHOU
    2015, 15 (9):  37-40.  doi: 10.3969/j.issn.1671-1122.2015.09.009
    Abstract ( 714 )   HTML ( 0 )   PDF (2799KB) ( 110 )  

    BGP is an important inter domain routing selection protocol, through which routers can exchange information and select inter domain routing. There are vulnerabilities in BGP protocol, coming from the little consideration for safety in its initial design. One existing security policy is to make the TCP MD5 encryption and authentication between BGP neighbors. However, this simple encryption and authentication mechanism can not ensure safety. After analysis and research on the TCP MD5 certification process,a method is proposed to break the TCP MD5 encryption and authentication in this paper, which takes use of the key dictionary, as well as the principle of MD5 collision. By establishing a real route environment, a breaking verification for TCP MD5 encryption and authentication with a weak key is realized at last.

    Figures and Tables | References | Related Articles | Metrics
    Research of the Present Legislation and Policy of American Critical Information Infrastructure Protection and Development Trend
    Kang-qing WANG, Shao-wu ZHANG
    2015, 15 (9):  41-45.  doi: 10.3969/j.issn.1671-1122.2015.09.010
    Abstract ( 466 )   HTML ( 3 )   PDF (2164KB) ( 279 )  

    American focus on critical infrastructure security long-standing. In 1990s, 62, 63 executive orders issued laid the foundation America critical infrastructure protection system of legislation, policy. After 9.11 incident, America has promulgated many laws, national strategy, executive orders to improve critical infrastructure, legal policy, security system, and gradually formed a perfect system, accountability unity, distinct critical infrastructure security system. Critical infrastructure protection concept is clear, the protection mechanism of the division of labor between the more reasonable, perfect protection framework tends to become a prominent feature of this period America critical infrastructure protection legislation, policy protection system.

    Figures and Tables | References | Related Articles | Metrics
    A Performance Analysis Method for Intrusion Prevention System
    LIU Wei, LI Quan-lin, RUI Li
    2015, 15 (9):  46-49.  doi: 10.3969/j.issn.1671-1122.2015.09.011
    Abstract ( 473 )   HTML ( 0 )   PDF (2576KB) ( 113 )  
    Intrusion prevention system (IPS) is a crucial defensive measure against malicious attacks to information system. However, the improper IPS configuration can have a negative impact on network performances in terms of end-to-end delay or packets loss. Most researchers mainly focus on putting forward new IPS and analyzing the different methodologies, but ignoring the research of quantitative analysis on IPS. By analyzing the system as a quasi-birth-and -death process, this paper obtains the steady probabilities distribution to compute some important indices by establishing a two-dimensional Markov chain model. The experimental results prove that the general analytical method can effectively evaluate the performances of IPS, and also testify the correctness of the model indirectly.
    References | Related Articles | Metrics
    Orginal Article
    The New Ideas and Technologies of American Cybersecurity Game-Change Program
    Yan-ling ZHAO
    2015, 15 (9):  50-53.  doi: 10.3969/j.issn.1671-1122.2015.09.012
    Abstract ( 408 )   HTML ( 0 )   PDF (1778KB) ( 126 )  

    In the highly developed information society, cybersecurity receives much concern. Particularly, the United States, who is highly dependent on network, largely promotes its cybersecurity and information technology research and development program, putting forward a revolutionary idea of Cybersecurity Game-Change Program, releasing the federal cybersecurity research and development strategic plan, and determining technology research and development goals on Cybersecurity Game-Change Program. This paper briefly introduces the new idea and technology of American Cybersecurity Game-Change Program and provides the readers with some useful thoughts.

    References | Related Articles | Metrics
    Analysis of the European Union's Critical Infrastructure Protection Policy and Guarantee System
    Peng YAN, Kang-qing WANG
    2015, 15 (9):  54-57.  doi: 10.3969/j.issn.1671-1122.2015.09.013
    Abstract ( 490 )   HTML ( 4 )   PDF (1778KB) ( 99 )  

    The protection of critical infrastructure security is crucial to the operation of society significance. The European Union earlier realized the importance of protecting critical infrastructure security, and promulgated a series of laws, policies, and gradually formed a set of relatively complete and mature key legal infrastructure security system. The changing international situation, the urgent demand of the critical infrastructure protection, the EU has accelerated the construction of security system of key infrastructure construction law, policy, analysis of EU critical infrastructure security system can give our country established the key basis for improving design provide a reference implementation of the protection system.

    References | Related Articles | Metrics
    Research on Network Situation Assessment Method Based on Fuzzy Rough Set
    Yuan FAN, Zhi-le LIU, Ji-wen WANG
    2015, 15 (9):  58-61.  doi: 10.3969/j.issn.1671-1122.2015.09.014
    Abstract ( 403 )   HTML ( 1 )   PDF (2177KB) ( 179 )  

    Recently, the network security has become a severe issue. Obtaining the current network security status and predicting the future network security status may contribute to the decisions given by the decision makers. Under the large-scale and complex network environment, the traditional network management method cannot completely meet the demand of network situation awareness, and the network situation awareness based on information fusion has become the development direction of the future. Because network situation assessment is the core of network situation awareness, this paper introduces fuzzy rough set theory based on technologies of network security situation assessment, overcoming the defect that rough set method has to discretize while lost accuracy. By combining the advantages of the fuzzy set and rough set in dealing with uncertainty and vagueness of the data, this paper establishes a network security situation assessment model based on fuzzy rough set. The experiment shows that the model can provide high accuracy, and can provide a more accurate and reasonable evaluation results for the network security situation assessment.

    Figures and Tables | References | Related Articles | Metrics
    Research on Android Malware Detection Technology
    Wen-yang LI
    2015, 15 (9):  62-65.  doi: 10.3969/j.issn.1671-1122.2015.09.015
    Abstract ( 496 )   HTML ( 0 )   PDF (2710KB) ( 142 )  

    With the popularity of Android smart phones, the number of malware on Android platform has increased greatly. How to realize the malware detection in Android system has become a problem worthy of study. This paper summarizes the current research on Android malware detection, compares the static analysis and the dynamic analysis, and lists some related domestic and foreign research results.

    Figures and Tables | References | Related Articles | Metrics
    Research on Monitoring Mechanism and Model of Network Security Situation
    Peng LIU, Hou-wu CHEN, Xiao FANG, Jian YANG
    2015, 15 (9):  66-69.  doi: 10.3969/j.issn.1671-1122.2015.09.016
    Abstract ( 465 )   HTML ( 3 )   PDF (2078KB) ( 90 )  

    Security situation monitoring is an effective means of security operation. Based on situation awareness theory, this paper proposes a network security situation monitoring model, presents the model structure, analyzes situation monitoring needs of different types of users, and proposes some design principles of security monitoring system. This paper provides a theory foundation for developing network security situation monitoring platform of future.

    Figures and Tables | References | Related Articles | Metrics
    Research on Trusted Computing Device Virtualization Critical Assurance Mechanisms
    Qiang HUANG, De-hua ZHANG, Lun-wei WANG
    2015, 15 (9):  70-73.  doi: 10.3969/j.issn.1671-1122.2015.09.017
    Abstract ( 446 )   HTML ( 0 )   PDF (2720KB) ( 187 )  

    This paper analyzes the virtualization requirements of trusted computing hardware device, and studies the virtual support mode and assurance mechanism, and puts forward two principles of key independent principle and complete state independent principle that are needed when constructs trusted computing mechanism on virtual platform. On the basis of analyzing virtualization mechanisms of the main I/O equipments, this paper also puts forward two key virtualization assurance mechanisms of trusted computing hardware device: to ensure the secure inter-domain communication in the virtualization software layer; to ensure the trusted computing hardware device has an expandable internal storage space.

    Figures and Tables | References | Related Articles | Metrics
    The Criminal Law Regulation of the Rubbish Electronic Information
    Xiu-chun WU, Yong QING
    2015, 15 (9):  74-77.  doi: 10.3969/j.issn.1671-1122.2015.09.018
    Abstract ( 475 )   HTML ( 0 )   PDF (1781KB) ( 76 )  

    The flood of rubbish electronic information has become a global problem, and the regulations on the rubbish electronic information of China mostly stay in the field of civil law and administrative law. For preventing the cyber crime and avoiding the rubbish electronic information becoming the hotbed of disseminating cyber crime, by referring to foreign experiences and practices in the criminal legislation of anti rubbish electronic information, this paper suggests to add a crime, sending rubbish electronic information crime, in the first verse, disrupting public-order crimes ,of the sixth chapter, hindering social management-order crimes, of the Criminal Law of the People's Republic of China. It’s also viable to break the traditional criminal legislation in the single track system, setting directly the crimes related to sending rubbish electronic information at the same time of drafting the law of anti rubbish electronic information.

    References | Related Articles | Metrics
    Network Intrusion Anomaly Detection Model Based on Dimension Reduction Strategy Using Principal Component Analysis and Mutual Information
    Jian TANG, Chun-lai SUN, Ke-feng MAO, Mei-ying JIA
    2015, 15 (9):  78-83.  doi: 10.3969/j.issn.1671-1122.2015.09.019
    Abstract ( 477 )   HTML ( 0 )   PDF (3058KB) ( 127 )  
    Aim

    to high dimensional co-linearity problem of network intrusion anomaly detection model’s input features and dynamic changes of network environment, a new fast anomaly detection model construction approach based on dimension reduction strategy using principal component analysis (PCA) and mutual information (MI) is proposed in this paper. At first, PCA based feature extraction method is used to extract independence latent features, to diminish co-linearity among these input variables. Then, MI based feature selection method is used to select important features from PCA extracted latent features. Thus, these independent features that have much relation to anomaly detection model’s output are selected. At last, a kind of machine learning algorithm with fast learning speed, i.e., random vector function link (RVFL) net, is used to construct the final intrusion detection model with these extract and selected features. Simulation results based on KDD99 data set show that the proposed method can extract and select features effectively with fast learning speed.
    Figures and Tables | References | Related Articles | Metrics
    Research and Realization of Domestic Encryption System Based on GDOI
    Cai-hua ZHUO, Da-peng LI, Kai-guo YUAN
    2015, 15 (9):  84-88.  doi: 10.3969/j.issn.1671-1122.2015.09.020
    Abstract ( 557 )   HTML ( 2 )   PDF (2097KB) ( 94 )  

    Facing with the increasingly complex network environment and network application security needs, it appears all kinds of limitations when uses IPSec encryption and decryption, such as the QoS problem, the tunnel real-time problem and the multicast communication problem. Network encryption system based on GDOI protocol is gradually becoming the first choice. For the high security requirements of domestic network equipments, in use of the method that extends the private load properties in the standard RFC6407 framework, this paper completely designs a network password system that conforms to the standard GDOI protocol, supporting in extra for all kinds of custom algorithms at the same time using the national commercial code algorithms. The design and implementation of the whole system strictly follow the relevant algorithms and equipment safety requirements of the National Commercial Code Management Bureau.

    Figures and Tables | References | Related Articles | Metrics
    A Framework Design for Preventing Android from Apps Privilege-Escalation Attacks
    Xu-dong SHAO, Yang LIU
    2015, 15 (9):  89-92.  doi: 10.3969/j.issn.1671-1122.2015.09.021
    Abstract ( 498 )   HTML ( 0 )   PDF (2284KB) ( 160 )  

    Android has been pointed in recent researches it is easy suffered from app’s privilege-escalation attacks. But most of the researches focus on confused deputy attacks, and they are lack of consideration about collusion attacks. In this paper, Android’s security framework is analyzed, and the defense methods for the collusion attacks are studied. Also, a new system level security framework for Android be designed and implemented, in order to taming the potential collusion attacks exploiting its vulnerabilities.

    Figures and Tables | References | Related Articles | Metrics
    Review-attached Electronic Signing Scheme Following Autonomous Cryptographic Standards
    Peng-fei ZHU, Wei LI, Li-qin ZHANG, Hai-yan LIU
    2015, 15 (9):  93-96.  doi: 10.3969/j.issn.1671-1122.2015.09.022
    Abstract ( 445 )   HTML ( 0 )   PDF (2751KB) ( 102 )  

    The article extracts the basic features of the review-attached electronic signing based on the standards of the financial industry, analyzes the feasibility of the implement about review-attached electronic signing, and designs a review-attached electronic signing scheme based on attached digital signing certificate under the autonomous cryptographic standards framework. The article points out that the scheme is compatible with a set of existing autonomous cryptographic standards, proving that the review-attached electronic signing is feasible under the autonomous cryptographic standards framework.

    Figures and Tables | References | Related Articles | Metrics
    Research on Trusted Identity Architecture in Cyberspace Based on eID
    Zhi-peng WANG, Ming-hui YANG, Liang LV
    2015, 15 (9):  97-100.  doi: 10.3969/j.issn.1671-1122.2015.09.023
    Abstract ( 477 )   HTML ( 1 )   PDF (1904KB) ( 266 )  

    Trusted identity management in cyberspace is a main problem to be resolved today. In this paper, for the security issues and requirements in cyberspace, we researched on trusted identity architecture. A framework for trusted identity architecture in cyberspace based on eID was proposed, key processes working in this architecture were described, and privacy protection method against big data analysis was presented. The research shows this architecture can ensure the user identity credibility, the privacy protection, and the participation of various parts in society, and will play a crucial role in the orderly development of internet applications and the guarantee of cyberspace security.

    Figures and Tables | References | Related Articles | Metrics
    Study on the Application of Coupling Technology Based on Electromagnetic Compromising Emanation
    Jun SHI
    2015, 15 (9):  101-105.  doi: 10.3969/j.issn.1671-1122.2015.09.024
    Abstract ( 356 )   HTML ( 0 )   PDF (2354KB) ( 161 )  

    This security problem based on information leakage caused by electromagnetic coupling of metal cables nearby information technology equipment is mentioned.The fundamental electromagnetic compromising emanation models based on network terminal and coupling signal are set up. Three kinds of cable electromagnetic coupling emission model experiment based on QQ instant messaging, mobile and fixed telephone communication are proposed. Coupling leakage signal cann’t be eliminated by communication relay and can be transmitted to the range of communication systems under the condition of a communication system A/D sampling rate to satisfy the Nyquist sampling theorem and the coupling signal not lost by system coding. It is proved by experiments on RS-232 that available data can be reproduced from metal cables nearby information equipment. The highest leakage signal rate and the increasing signal rate methods of the experimental models are discussed. It is proved that the distortionless leakage signal transmission rate is related to A/D sampling and coding system and limited. In addition,the information leakage Approaches based on power line carrier communication, leakage communication and “Soft - TEMPEST virus” are discussed and a actual Coupling Emanation case is given. Finally, these methods of reducing electromagnetic information leakage are discussed. It is hoped that the results play an important role in electromagnetic coupling emanation and better prevent information leakage.

    Figures and Tables | References | Related Articles | Metrics
    Research on the Hidden Web Technology for the Network Content Security
    Yue QIU
    2015, 15 (9):  106-108.  doi: 10.3969/j.issn.1671-1122.2015.09.025
    Abstract ( 493 )   HTML ( 0 )   PDF (2024KB) ( 85 )  

    With the rapid development of network technology, a variety of illegal messages spread suddenly in the network, which endanger the network content security seriously. From the reality of network security in this paper, we analyzed and summarized some kinds of recognition technologies for the Hidden Web, and analyse the development tendency of the Hidden Web recognition technique in the future.

    References | Related Articles | Metrics
    Construction of Three-dimensional Framework of Youth Network Protection
    Wen-jiang HAO, Cui-cui LI, Li-ping XU, Fang TIAN
    2015, 15 (9):  109-112.  doi: 10.3969/j.issn.1671-1122.2015.09.026
    Abstract ( 377 )   HTML ( 0 )   PDF (1846KB) ( 119 )  

    With the advent of the Internet era, the modern network society, relying on the network culture and network environment, has a revolutionary impact on the ideology, value and life style of young people. We present the main problems faced by China Youth Network protection is proposed, in which the government, society, school, family and individual and work together to build a five into one of the "pyramid" type protection framework.

    Figures and Tables | References | Related Articles | Metrics
    Design and Implementation of Android Security Data Storage Platform
    Wei TIAN, Neng GAO, Ping-jian WANG, Ling-chen ZHANG
    2015, 15 (9):  113-118.  doi: 10.3969/j.issn.1671-1122.2015.09.027
    Abstract ( 527 )   HTML ( 2 )   PDF (2550KB) ( 194 )  

    As mobile devices of Android are becoming very prevalent, more and more personal privacy data is stored in the Android mobile terminal. Due to the openness of Android, lots of malicious programs are attacking the system, which result in problems of privacy data leakage. Private data protection is necessary to be resolved. This paper designs and implement a kind of Android security data storage platform, which used a key protection scheme with the collaboration of Android APP and cloud server. Simultaneously, the technology of key split and multiple-key system is used to ensure the security. The platform can ensure the data security storage based on the above. The Third-party APP can store privacy data securely in the terminal through this platform. Also user can login cloud server to control of all privacy data in Android, which shows a very high security and scalability.

    Figures and Tables | References | Related Articles | Metrics
    Problems of User’s Privacy Leakage During Insecure Communication
    Tian-liang LU, Qiao WANG, Ying-qing LIU
    2015, 15 (9):  119-123.  doi: 10.3969/j.issn.1671-1122.2015.09.028
    Abstract ( 436 )   HTML ( 0 )   PDF (3600KB) ( 166 )  

    The Internet has become an inseparable part of our daily life and work, but also become the chief culprit of user’s privacy leakage. First, the current status of privacy leakage was overviewed, and the typical privacy leakage events in recent years were summarized. Second, the major approaches of user’s information leakage were analyzed from three aspects: the client, the network communication and the server. Then, the privacy leakage caused by insecure communication during the users surfing the Internet was mainly studied, including plaintext login, MD5 authentication login and user registration. Finally, suggestions are put forward from the aspects of privacy protection technology, laws and regulations.

    Figures and Tables | References | Related Articles | Metrics
    Design and Implementation of a Multi-cloud Based Browser Password Manager
    Ding-bo LI, Lu-ning XIA, Zhan WANG
    2015, 15 (9):  124-128.  doi: 10.3969/j.issn.1671-1122.2015.09.029
    Abstract ( 592 )   HTML ( 0 )   PDF (2336KB) ( 155 )  

    The current browser built-in password manager and some third-party password manager store user`s ciphertext data locally or bring in a single cloud, which may leak user`s passwords. To address such problem, in this paper we proposed a browser built-in Password Manager based on multi-cloud storage. We disperse user`s ciphertext information and then store them across multiple cloud storage provider. The proposal can improve the difficulty of gain ciphertext for an attacker. In this way we can improve the security of user information in plain text, in addition multi cloud storage technology can also improve the usability of Password Manager service.

    Figures and Tables | References | Related Articles | Metrics
    Research on SQL Injection Attack and Defense Technology
    Wen-sheng LIU, De-guang LE, Wei LIU
    2015, 15 (9):  129-134.  doi: 10.3969/j.issn.1671-1122.2015.09.030
    Abstract ( 598 )   HTML ( 12 )   PDF (2354KB) ( 155 )  

    With the rapid development of computer network technology, the human is more and more reliance on the ubiquitous network, and a series of network security problem that make people pay more attention on it. At present, the SQL injection attack has become one of the primary means of hacking by hackers. This paper introduces the principle of SQL injection, depth study on the cause of SQL injection and actual combat encounter common SQL injection attack, proposed a new SQL injection detection techniques and tools to achieve in practice on the basis of actual penetration testing, and provides strong technical support for future testing SQL injection attacks or provides powerful guarantee for the information system in the SQL injection defense.

    Figures and Tables | References | Related Articles | Metrics
    The Yoking-proofs Based Authentication Protocol for Wearable Devices in the Cloud Computing
    Zhan-bin LIU, Hong LIU, Xiao-fei CAO
    2015, 15 (9):  135-138.  doi: 10.3969/j.issn.1671-1122.2015.09.031
    Abstract ( 429 )   HTML ( 1 )   PDF (2061KB) ( 105 )  

    Along with the development of cloud computing and wireless communications, wearable devices become emerging terminals for providing intelligent service support. Due to the openness of cloud environments and limitations of communication channels, it makes that the wearable devices confront severe security issues during the user data monitoring. In this work, a yoking-proofs based authentication protocol is proposed for the wearable devices to realize that a user’s smart phone simultaneously identifies and verifies two wearable devices. The proposed protocol establishes yoking-proofs to integrate two wearable devices’ main parameters, and achieve security properties of data confidentiality and integrity, forward security, and dual authentication. It indicates that the proposed protocol is flexible for resource-constrained interactive applications.

    Figures and Tables | References | Related Articles | Metrics
    Research on Emulator-Based Sandbox Systems
    Hang YU, Li-min LIU, Neng GAO, Hong-da LI
    2015, 15 (9):  139-143.  doi: 10.3969/j.issn.1671-1122.2015.09.032
    Abstract ( 435 )   HTML ( 4 )   PDF (2205KB) ( 368 )  

    Malware authors frustrate the dynamic analysis by the means of detecting whether the malware is executed in the sandbox. This method is called anti-virtualization technology. To defeat anti-virtualization, malware analysts try their bests to guarantee the consistency of real world and sandbox. Firstly, this paper analyses the semantic monitoring capacities, internals and security issues of existing sandbox systems, and then summarizes that emulator-based sandbox systems have advantages over others in isolation, full-system view and high monitoring efficiency. Also, we analyze the reason why emulator-based sandbox systems are not transparent enough.

    Figures and Tables | References | Related Articles | Metrics
    The Application of Big Data Tools in Monitoring Network Attack
    Shi-yuan YU, San-jun CHENG
    2015, 15 (9):  149-153.  doi: 10.3969/j.issn.1671-1122.2015.09.034
    Abstract ( 512 )   HTML ( 2 )   PDF (2281KB) ( 344 )  

    Based on big data tools Iogstash, Elasticsearch analysis and configuration, in cyberattack monitor field , making the data to analyze, index, and applied to quickly locate the source of the attack, the attacker purpose and method of attack.

    Figures and Tables | References | Related Articles | Metrics
    Research on Image Recognition Technology for the Network Content Security
    Peng-fei CUI, Yue QIU, Rui SUN
    2015, 15 (9):  154-157.  doi: 10.3969/j.issn.1671-1122.2015.09.035
    Abstract ( 638 )   HTML ( 7 )   PDF (2343KB) ( 199 )  

    With the rapid development of network technology, a variety of illegal images spread suddenly in the network, which endangers the network content security seriously. From the reality of network security in this paper, aiming at the shortcomings of the traditional text filtering technology, this paper point out the importance of the image recognition technology for filtering the illegal and bad information. The paper analyzes and summarizes some kinds of recognition technologies of the illegal images, and discusses the application scene of each technology. Finally, combining with the essence of image recognition problems, the paper indicate that deep learning is the development trend of the image recognition technology in the future, and discuss how to use convolution neural network instead of the traditional method to recognize the illegal images.

    Figures and Tables | References | Related Articles | Metrics
    Design of Trusted Messaging Solution for Mobile Terminal
    Ying-sheng LIANG, Qiong-xiao WANG, Cun-qing MA, Li-ping WANG
    2015, 15 (9):  158-162.  doi: 10.3969/j.issn.1671-1122.2015.09.036
    Abstract ( 431 )   HTML ( 0 )   PDF (2095KB) ( 188 )  

    Research results show that a large number of mobile messaging applications either don’t use any security solutions, or design proprietary protocol with flaws, or inappropriately make use of standard security protocols (i.e. SSL/TLS), causing untrusted problems such as insufficient confidentiality protection and not verifiable message source, and therefore are not suitable for high security requirements of government affairs, business and military, etc. In order to meet the needs of mobile terminal high security message transmission, this paper designed a kind of mobile terminal trusted messaging scheme, which performs access control and only the unauthorized users and mobile terminals can access service securely. The identifications among mobile terminal, smartcard and trusted center server guarantee the legitimation of components which access the messages; public key and symmetric key cryptography encryption guarantees the confidentiality, and MAC guarantees the integrity; subscribers use smartcards to sign message to ensure the message source is verifiable and non-deniable.

    Figures and Tables | References | Related Articles | Metrics
    Network Security Emergency Response System Based on Metropolitan Area Network
    Yan LIU
    2015, 15 (9):  163-166.  doi: 10.3969/j.issn.1671-1122.2015.09.037
    Abstract ( 360 )   HTML ( 0 )   PDF (2096KB) ( 109 )  

    With the rapid popularization of the Internet, the security threat facing the network information security is also becoming more and more serious. This paper presents a based on metropolitan area network coverage throughout the city of the Internet and the key network infrastructure of network security emergency response system, and introduces the hierarchical architecture. The core functions of the system are described in detail. At key network nodes of MAN, the system can timely warn large-scale network attacks and virus spread, which can protect the Internet and key sites of network security. This paper also presents the measures of system validation.

    Figures and Tables | References | Related Articles | Metrics
    Research of Key Technologies for Classified Protection Testing and Evaluation on Cloud Computing Information System
    Hao-hao SONG
    2015, 15 (9):  167-169.  doi: 10.3969/j.issn.1671-1122.2015.09.038
    Abstract ( 468 )   HTML ( 3 )   PDF (2054KB) ( 153 )  

    With the rapid development of cloud computing information technology, more and more enterprises deploy cloud computing information system. Compared with the traditional information systems, cloud computing information system has its own characteristics and specialty. Information classified security protection evaluation for cloud computing and information systems, will be faced with many new technical concerns and evaluation problem. In this paper, the Key Technologies for information classified security protection evaluation on Cloud Computing Information system are researched and analyzed, so as to solve the key issues of information system security protection evaluation of cloud computing.

    Figures and Tables | References | Related Articles | Metrics
    A Study on Incremental Text Clustering in Sensitive Topic Detection
    Yue-jin ZHANG, Ding DING
    2015, 15 (9):  170-174.  doi: 10.3969/j.issn.1671-1122.2015.09.039
    Abstract ( 430 )   HTML ( 0 )   PDF (2381KB) ( 120 )  

    Faced with the huge amounts of news data which updated on the Internet all the time, Sensitive Topic Detection and Tracking has become an important research now. In this paper, we discuss and research the incremental text clustering algorithm for sensitive topic detection in a online consensus analysis system. We introduce the related work of text clustering. Based on the Single-pass algorithm, we improve its performance and propose a new incremental text clustering algorithm which based on simhash. Based on the real online news corpus from the online consensus analysis system, we conduct an experiment to test and verify the feasibility and effectiveness of the algorithm we proposed. The result shows that the new algorithm is much more efficient compared to the original Single-pass clustering algorithm. In the real application, the new incremental text clustering algorithm basically meet the real-time demand of online topic detection and has a certain practical value.

    Figures and Tables | References | Related Articles | Metrics
    Research on Anti-Cyber Terrorism
    WANG Yu-bin, WU Wei, CHENG Nan
    2015, 15 (9):  175-179.  doi: 10.3969/j.issn.1671-1122.2015.09.040
    Abstract ( 518 )   HTML ( 7 )   PDF (2983KB) ( 151 )  
    Cyber terrorism is a product of terrorism which expands to information technology area. It has the potential to become the most favored attack of terroristic organization in the future, poses a great threat to the citizen, social and national security. Based on the research of cyber terrorism, the anti- terrorism network should be phased in gradually is proposed. According to aim of the anti-terrorism, the anti-terrorism divided into three phases that monitoring and warning, emergency disposal, evidence tracking, using the corresponding security strategy and technology to defense and combat cyber terrorism, establishing an effective defense of anti-cyber terrorism .
    References | Related Articles | Metrics
    Orginal Article
    Analysis of E-mail Sample Correlation Based on Social Engineering
    Hong LIANG, Hui-yun ZHANG, Xin-guang XIAO
    2015, 15 (9):  180-185.  doi: 10.3969/j.issn.1671-1122.2015.09.041
    Abstract ( 556 )   HTML ( 4 )   PDF (4515KB) ( 157 )  

    Starting from the email attacks and hazards of view based on social engineering, the paper deeply analysis email attacks based on social engineering. Currently, email attack based on social engineering techniques is a common method of attack, and is an important channel of the malicious code. This paper relies on a number of captured events, and correlative analysis attack method by means of communication and attachment file of email. Finally, by extracting similar characteristic, the paper digs out more similar attack email, and gives the overall correlation analysis and summary.

    Figures and Tables | References | Related Articles | Metrics
    Two PUF-based Methods for Generation of Secure and Efficient Random Numbers on DSP
    Fei LI, Zong-bin LIU, Qing-long ZHANG, Jing-qiang LIN
    2015, 15 (9):  186-190.  doi: 10.3969/j.issn.1671-1122.2015.09.042
    Abstract ( 546 )   HTML ( 1 )   PDF (2042KB) ( 148 )  

    Random number is the foundation of information security system based on modern cryptography. Compared to pseudo-random number, True random number has the characteristics of better independence, uniform distribution and non-renewable. DSP technology is widely used for high-speed data and signal processing in embedded vision systems or some data mining server. With the increase of people's demand for data privacy, it’s necessary to guarantee the data security and integrity of online multimedia stream transmission inside these DSP-based embedded system. Based on TMS320C6678 platform, we use PUF (Physical Unclonable Function) technology to achieve the extraction of true random numbers from SRAM and Flash memory without using any extra equipment. At last we analyze and compare two methods. And the results are tested using the NIST test suite and is shown to pass all tests successfully. These two methods of true random number generation based on PUF satisfy the need of true random number of DSP platform.

    Figures and Tables | References | Related Articles | Metrics
    Design of Software Defined Intrusion Detection System in Cloud
    Yi-zhou ZHOU, Bin WANG, Xiao-quan XIE
    2015, 15 (9):  191-195.  doi: 10.3969/j.issn.1671-1122.2015.09.043
    Abstract ( 552 )   HTML ( 5 )   PDF (2649KB) ( 162 )  

    The technology of cloud computing has received the attention of academia and industry in the development of the last ten years, but the security problem restricts its development. Towards the security issues faced by the cloud, the cloud often use a variety of security means the combination of solutions to ensure its security. In these security measures, intrusion detection system (IDS) is an important and indispensable link in cloud security solutions. In this paper, towards to the cloud platform which used software defined network (SDN), and the intrusion detection system deployed on it. We analysis the issues the IDS faced and conclude the correspond solutions, put forward the design goal of the IDS, and designed a software defined IDS based on SDN. The system has robustness, it can save the cloud resource consumption, and after the virtual machine migration, it’s still under the protection of the IDS, finally realize the important modules of the system.

    Figures and Tables | References | Related Articles | Metrics
    A Quantitative Evaluation System and Calculation Method for Internet Public Opinion Influence
    Yi-qun LI, Ling YAN, Jun-feng LI
    2015, 15 (9):  196-200.  doi: 10.3969/j.issn.1671-1122.2015.09.044
    Abstract ( 755 )   HTML ( 11 )   PDF (2282KB) ( 106 )  

    With online media becoming a participation platform for public affairs, the demand of quantitative evaluation for public opinion influence is increasing. By analyzing those factors of network public opinion influence, we identify a series of information sources for public opinion influence evaluation and proposed an index system for quantitative evaluation for Internet public opinion influence. Based on this, we propose a quantum calculation method corresponds to the index system. The experimental results on selected events shows that the proposed index system and quantum calculation method can achieve good quantitative evaluation effect, and can be used for Internet public opinion monitoring work under the current network situation.

    Figures and Tables | References | Related Articles | Metrics
    Research and Application on Web Forensic Analysis Technology
    Rong XIA
    2015, 15 (9):  201-205.  doi: 10.3969/j.issn.1671-1122.2015.09.045
    Abstract ( 497 )   HTML ( 3 )   PDF (4251KB) ( 144 )  

    Computer forensics is one of the hottest research topics currently for fighting against crime. In this paper, it focuses on computer forensics technology for the Web, including forensic analysis for a variety of Web server and the client. In the continuous development of Web implement technology, the development of Web forensic analysis tools do not keep pace with it. In this paper, cases are used to analyze the features of Web forensics and constructed a log forensics analysis framework, and key technology of implementation is briefly introduced. Finally, a number of actual cases of Web forensics are presented to further describe the Web forensic applications.

    Figures and Tables | References | Related Articles | Metrics
    Research on Information Security Protection System Based on Security Domain
    Qun WANG
    2015, 15 (9):  206-210.  doi: 10.3969/j.issn.1671-1122.2015.09.046
    Abstract ( 536 )   HTML ( 0 )   PDF (2584KB) ( 258 )  

    This paper expounded how to adopted the strategy of layered depth protection and P2DR2 build a multi-level, three-dimensional dynamic protection model, dynamic network security protection system. This paper combined with the information security protection and the international standard, in the analysis of the current situation of Anhui tobacco business system of information security, on the basis of Anhui tobacco commercial system was put forward based on the security domain of network security architecture and security domain partition way, from the terminal, network, application, system, data security, five levels of building dynamic information and network security protection system.

    Figures and Tables | References | Related Articles | Metrics
    Research and Implementation of the Construction of Municipal Tobacco Companies Business Disaster Recovery System
    Yu-feng XIAO
    2015, 15 (9):  211-216.  doi: 10.3969/j.issn.1671-1122.2015.09.047
    Abstract ( 397 )   HTML ( 0 )   PDF (5178KB) ( 141 )  

    In recent years, with the rapidly development of the business, the management requires continuously lean, informatization construction and the security level require much higher than ever. It has become an important issue that how to provide higher availability of IT application platform for us.In the construction of information security, Our company remote the construction of disaster recovery system as a breakthrough, explores the disaster recovery of the double place-two center application level recovery solutions, Through the system construction and really practice, we accumulate the experience of the construction of Tobacco disaster recovery system and emergency management.

    Figures and Tables | References | Related Articles | Metrics
    Research on Security Model in Internet of Things for Tobacco Companies
    Zi-hong CHEN
    2015, 15 (9):  217-220.  doi: 10.3969/j.issn.1671-1122.2015.09.048
    Abstract ( 403 )   HTML ( 0 )   PDF (1963KB) ( 100 )  

    The development of modern Internet of Things (IoT) has realized the connections between objects via Internet preliminarily. In the IoT, we would face the security issues that appeared in the early Internet, also some new issues which would lead to a big risk. In this paper, the related secure threats in the IoT for tobacco companies are analyzed. Finally, security architecture of IoT for Tobacco companies based on P2DR2 model is presented.

    Figures and Tables | References | Related Articles | Metrics
    A Secure Access Control Mechanism for Data Storage in Cloud Computing
    Zhou ZHENG, Da-jun ZHANG, Yun-fa LI
    2015, 15 (9):  221-226.  doi: 10.3969/j.issn.1671-1122.2015.09.049
    Abstract ( 373 )   HTML ( 0 )   PDF (2316KB) ( 244 )  

    With the rapid development of technology and service of cloud computing, there has been a growing trend to use the cloud for large-scale data storage. This has raised the important security issue of how to control and prevent unauthorized access to data stored in the cloud. Under this state, we first put forward a role-based encryption (RBE) scheme that integrates the cryptographic techniques with the role-based access control (RBAC). Then, we present a RBE-based hybrid cloud storage architecture. All of these constitute a secure access control mechanism for data storage in cloud computing. In order to verify the feasibility of the mechanism, a series of experiments have been done. The experimental results show that it is feasible to ensure the security of access control about data storage in cloud computing.

    Figures and Tables | References | Related Articles | Metrics
    Research on ZooKeeper-based Data Synchronization in Distributed Environment
    Hui-hong HE, Yong WANG, Liang SHI
    2015, 15 (9):  227-230.  doi: 10.3969/j.issn.1671-1122.2015.09.050
    Abstract ( 389 )   HTML ( 0 )   PDF (3195KB) ( 149 )  

    As the existing technologies of synchronizing data in distributed environment all lack of effective control to process against exceptions such as node failure, connection loss and so on, this paper suggests synchronizing data based on ZooKeeper service, which is capable of handling aforementioned exceptions automatically. This paper conducts experiments to evaluate ZooKeeper synchronizing performance and control capability, which demonstrates ZooKeeper service effectiveness in synchronizing data in distributed environment.

    Figures and Tables | References | Related Articles | Metrics
    Research on Threat Traceback Method Based on IDS Alarms and Rootkit
    Kun-peng XIA, Zheng-yong XIE, Wei CUI
    2015, 15 (9):  231-235.  doi: 10.3969/j.issn.1671-1122.2015.09.051
    Abstract ( 368 )   HTML ( 2 )   PDF (2351KB) ( 107 )  

    With the popularization and development of Internet application, Internet-based network threat has posed a serious challenge to everyone’s work and life. In order to deal with this challenge as well as create a safe and trusted Internet environment for the cyber citizens, this paper reads up the problem of threat information traceback, analyzes the drawbacks of the existing method of threat traceback, proposes a threat traceback scheme which is based on the alarms of intrusion detection system and rootkit technology. This paper sets up the assumption of the scheme according to the fact when traceback threat, analyzes the feasibility, proposes the challenge.

    Figures and Tables | References | Related Articles | Metrics
    Research and Implement of Real-time Automatic Web Services Classification System
    Wei-hong HAN, Yan JIA, Yi ZHENG
    2015, 15 (9):  236-239.  doi: 10.3969/j.issn.1671-1122.2015.09.052
    Abstract ( 384 )   HTML ( 0 )   PDF (2748KB) ( 68 )  

    With the development of the Internet and communication technology, the Internet data growth rapidly, and the types of network services vary. Due to the variety of Web content and text length, the traditional classification methods can’t effectively solve the problem of large-scale Web pages classification. This paper designs and implements a real-time automatic Web services classification system (AWCS), including self-feedback system architecture, multi-dimensional network services classification standard, active and passive combining network service discovery and collection technology, and automatic self-correction network service classification techniques. Performance tests show that the classification accuracy of AWCS is significantly higher than the traditional algorithms. AWCS offers a promising approach for large-scale real-time network data classification system.

    Figures and Tables | References | Related Articles | Metrics
    Design and Implementation of Android Vulnerability Database
    Gang YANG, Tao WEN, Yu-qing ZHANG
    2015, 15 (9):  240-244.  doi: 10.3969/j.issn.1671-1122.2015.09.053
    Abstract ( 688 )   HTML ( 4 )   PDF (2226KB) ( 136 )  

    With the continuous development of mobile Internet, the security problem of mobile terminal equipment is more and more worthy of our attention. The popularity of android devices has also brought a lot of security problems. Android vulnerability is the key to this security problems. In this paper, we collected Android vulnerability from the domestic and foreign well-known vulnerability database and safety BBS. With vulnerability analysis technology, we are actively building and improving the android vulnerability database (AVD). We can come to the conclusion that the development of the relevant security issues of android.

    Figures and Tables | References | Related Articles | Metrics
    A Solution to Detecting Security Incidents in Police Network Based on the Big Data Technology
    Xiao-miao DAI, Lei GUAN, Guang-jun HU
    2015, 15 (9):  245-248.  doi: 10.3969/j.issn.1671-1122.2015.09.054
    Abstract ( 443 )   HTML ( 0 )   PDF (2007KB) ( 100 )  

    This paper starts from the apt incident in the private network, triggers the thinking of the solutions to security incidents of the police network. Then, according to the business characteristics and the advantage of big data of the police network, this paper presents a solution of security incident detection with big data analysis technology. The solution combined with attack process and business characteristics, constructs the attack model and the business model, which provide a intelligent analysis theory. In the artificial judgment mechanism and machine learning process, the data model could be improved and optimized, so that helping identifying unknown risks and security incidents, and early intervention.

    Figures and Tables | References | Related Articles | Metrics
    Research and Applications on Detector Generation Algorithm Based on Neural Networks
    Hai-bo WU
    2015, 15 (9):  249-252.  doi: 10.3969/j.issn.1671-1122.2015.09.055
    Abstract ( 412 )   HTML ( 0 )   PDF (2022KB) ( 100 )  

    Negative selection algorithm (NSA) is an important method of generating artificial immune detectors, and efficient detector generation algorithm is the kernel of intrusion detection. Aiming at conventional NSA detectors are not adaptive for dealing with time-varying circumstances, this paper analyzed the negative selection algorithm principle in an artificial immune system, and put forward a detector generation algorithm based on neural networks. Taking advantage of efficient neural networks training, it has the distinguishing capability of adaptation. Experimental results show that the algorithm performs well that it improves the detection rate and reduces the false dtection rate.

    Figures and Tables | References | Related Articles | Metrics
    Research on High Secure Computing Platform Architecture Based on Multi-kernel and Multi-domain Security Extended Level by Level
    Zhi-yin KONG, Xian-yong GUO, Lun-wei WANG
    2015, 15 (9):  253-256.  doi: 10.3969/j.issn.1671-1122.2015.09.056
    Abstract ( 410 )   HTML ( 0 )   PDF (2244KB) ( 126 )  

    This paper analyzed the reality of computing platform and the threats, aiming at the requirements of homemade and threat computing software and hardware platform, high security level, and security trusted, used secure hardware platform, secure kernel firmware, secure domain three level framework, put forward the high secure computing platform architecture based on multi-kernel and multi-domain security extended level by level. The architecture uses trust computing, security and virtualized technology, realizes embed trust root, combine several secure mechanisms, overcomes the limitations of original computing platform architecture, and promotes the safety of high secure computing platform comprehensively.

    Figures and Tables | References | Related Articles | Metrics
    Research on Security Policies of U.S Government Cloud
    Ru-hui ZHANG, Chun-mei GUO, Xue-yao BI
    2015, 15 (9):  257-261.  doi: 10.3969/j.issn.1671-1122.2015.09.057
    Abstract ( 563 )   HTML ( 1 )   PDF (2216KB) ( 192 )  

    Recently, E-government cloud construction is carried out by governments. In this paper, the development of U.S government cloud is introduced, and the cloud security strategies adopted by U.S. government and mainstream cloud providers are deeply analysis. Based on the requirements of compliance and the development trend of security technology and security management in cloud, some considerations on our government cloud security strategies are proposed.

    Figures and Tables | References | Related Articles | Metrics
    Research on Recovery Technology of ReiserFS Deleted File
    Chang-da SHEN, Shao-hua WU, Jing-jie QIAN, Guang-gao HE
    2015, 15 (9):  262-265.  doi: 10.3969/j.issn.1671-1122.2015.09.058
    Abstract ( 406 )   HTML ( 0 )   PDF (3478KB) ( 118 )  

    ReiserFS is a kind of very good file system and also one of the earlier log file system on Linux. The file system has advanced logging mechanism, high disk utilization, fast search pattern and high performance characteristics. It is widely used on the system that requirement rapid processing of large files and many small files. At present, the domestic and foreign research on ReiserFS file system delete data recovery is less and there is no corresponding recovery technique documentation. Based on the understanding the file system structure and research, this paper proposes a ReiserFS delete file recovery method, the method in cases file is not overwritten to be able to complete recovery.

    Figures and Tables | References | Related Articles | Metrics
    Analysis of the Classification of Network Frauds and the Mechanism of How to Strike and Prevent Them
    Gang ZHUO, Guo-lin JIAO
    2015, 15 (9):  266-269.  doi: 10.3969/j.issn.1671-1122.2015.09.059
    Abstract ( 362 )   HTML ( 0 )   PDF (1787KB) ( 134 )  

    Currently, the occurring of internet frauds is at the peak time and presents some distinctive characteristics, such as high technical requirements, complex crime chains and cross-regional crime, etc. Because of the ever-revolving patterns of internet frauds and its different disciplines and approaches, internet frauds has brought great challenges to police detective work and become a malady seriously restricts the healthy development of internet. The reasons of the high incidence of internet frauds include the particularity of internet itself, the inefficiency of the police coping capacity, the inadequacy of network management and legal construction. In order to create a clear and bright cyberspace, we should resort to detecting and striking the crime, booty recovery and reducing losses, network management, propaganda and precaution, linkage mechanism, and the support of legislation.

    References | Related Articles | Metrics
    Secure Password Manager Based on Shadow DOM and Improved PBE
    Guo-feng JIANG, Neng GAO, Wei-yu JIANG
    2015, 15 (9):  270-273.  doi: 10.3969/j.issn.1671-1122.2015.09.060
    Abstract ( 395 )   HTML ( 1 )   PDF (1835KB) ( 89 )  

    Several types of Attacks targeted at password managers seriously threaten user’s privacy and data security. This paper finds off-line cracking and password stealing from login page is the major types of password attack on the client side, and traditional password protecting methods no longer effectively protect passwords. To prevent password leakage and cracking endanger user’s data, this paper proposes a design of secure password manager: utilizing improved PBE encryption and Shadow DOM based data isolation method to effectively solve the urgent secure problems of password managers.

    Figures and Tables | References | Related Articles | Metrics
    Research on BGP Prefix Classification Based on Data Panel
    Si-min YU, Zhen LI, Gang XIONG
    2015, 15 (9):  274-277.  doi: 10.3969/j.issn.1671-1122.2015.09.061
    Abstract ( 460 )   HTML ( 0 )   PDF (2026KB) ( 118 )  

    Boarder Gateway Protocol (BGP) has been a critical part of Internet routing system and drawn attention from many researchers. With the exhausting of IPv4 addresses and growing number of routing table size, researchers find it important to ensure BGP routing system’s security. To get better understanding for how BGP network operates, the classification for reasons which generates BGP prefixes becomes a vital work. In this paper a new method was proposed by utilizing data from data panel. Analyzing with data extracted from Traceroute program, prefix span is created to help get better classification result for BGP prefixes.

    Figures and Tables | References | Related Articles | Metrics
    Information Security Risks and Countermeasures of Container-Based Virtualization in Cloud Computing Environment
    Nan ZHANG
    2015, 15 (9):  278-282.  doi: 10.3969/j.issn.1671-1122.2015.09.062
    Abstract ( 413 )   HTML ( 0 )   PDF (2177KB) ( 174 )  

    In the last two years, the advanced container-based virtualization technology (which is represented by Docker) has been rapidly developed, and has been applied in more and more cloud computing infrastructures or services. However, for the security technology always falling behind, the containers cannot be secured by the existing cloud computing security technology. Therefore, using containers in cloud computing infrastructures will face huge risks of information security. This paper tries to analyze these risks and tries to give the corresponding countermeasures.

    Figures and Tables | References | Related Articles | Metrics
    Introduction of the Information Security Work of Procuratorate under the New Situation
    Yan-fei LIU
    2015, 15 (9):  283-286.  doi: 10.3969/j.issn.1671-1122.2015.09.063
    Abstract ( 464 )   HTML ( 0 )   PDF (1778KB) ( 132 )  

    In recent years, in order to respond to the command “Strengthen the Procuratorate by Science Technology”, the pace of informatization of the Procuratorate was accelerated. As an important part of the national security, information security required higher ability of profession and technology in the Procuratorate. However, the protection ability of information security, the Procuratorate has mastered, was difficultly deal with the problems that existed in the development of informatization in many aspects. This article embarks from the new characteristics of information security under the new situation, and centers on the current situation and the prominent issues of the Procuratorate, tries to put forward several solutions to improving the protection ability of information security. So that it could strengthen the protection ability of information security, providing more reliable network environment, and satisfying the requirement that the Procuratorate pursued in profession, organization, team and culture construction, and ensuring information of the Procuratorate are more security and stable.

    References | Related Articles | Metrics
    Research and Applicationon on Terminals Management Security System Based on Firmware
    CHEN Xiao-chun, SUN Liang, ZHAO Li-na
    2015, 15 (9):  287-291.  doi: 10.3969/j.issn.1671-1122.2015.09.064
    Abstract ( 487 )   HTML ( 0 )   PDF (3261KB) ( 109 )  
    At present, the terminals management system consists of the software which installed on the operating system. However, the software, running on the operating system, is easy to be unloaded. Persistence guard technology and terminals security management system is proposed based on trusted firmware in this paper. And the functions of terminals security management system include terminal information collection, USB interface control, Geo-fencing and policy management. Through the persistence guard technology, terminals security management is able to protect the file of key program of operation system in the boot process of computer. Terminals security management can carry on the automatic recovery in safety procedure when an exception occurs; even replace the hard disk, format partitions.
    References | Related Articles | Metrics