Loading...
Netinfo Security

Table of Content

    10 February 2016, Volume 16 Issue 2 Previous Issue    Next Issue
    Orginal Article
    For Selected: Toggle Thumbnails
    Orginal Article
    Design on Data Access Control Scheme for Cloud Storage Based on CP-ABE Algorithm
    Sijia CHENG, Changhong ZHANG, Shuaiqing PAN
    2016, 16 (2):  1-6.  doi: 10.3969/j.issn.1671-1122.2016.02.001
    Abstract ( 708 )   HTML ( 2 )   PDF (2882KB) ( 342 )  

    Cloud storage obtains more and more social concerns as a new data storage management system. Cloud storage exposes many safety problems during using process. This paper puts forward a safety, efficient and fine-grained ciphertext access control scheme based on CP-ABE. Firstly, this paper introduces CP-ABE algorithm theory and improves CP-ABE in order to reduce the amount of key calculation and enhanced operation speed. Then this paper establishes models of key management center, users and cloud servicer, and describes systems initialization, key application, upload and download procedure of the files. Data owner uses key to signature file summary to complete data authentication and avoid authenticate PKI license. This paper uses convergent encryption to complete ciphertext redundancy test and improve storage space utilization ratio. At last, this paper analyses the scheme security and tests operation efficiency by simulated experiment. Compared to general methods, the new scheme consumes less time and storage space in case of user attributes and amount in growth. Experiment result shows the scheme has certain advantages in the case of massive users.

    Figures and Tables | References | Related Articles | Metrics
    Research on Protection Scheme for Malicious USB Storage Devices in APT
    Cheng TAN, Ruyi DENG, Lina WANG, Jing MA
    2016, 16 (2):  7-8.  doi: 10.3969/j.issn.1671-1122.2016.02.002
    Abstract ( 591 )   HTML ( 3 )   PDF (2745KB) ( 156 )  

    This paper designs a protection scheme for malicious USB storage devices in APT. The protection scheme constructs a white list of USB storage devices, and only allows the USB storage devices in white list to interact with the computer system, in order to prevent customized malicious USB storage devices in APT to get unauthorized access to the host. The scheme makes USB storage devices bind with staff at all levels and write-protects the specific USB storage device on the specific host so as to effectively prevent APT attackers utilizing social engineering to induce insiders’ exceeding accesses to system data, and prevents hidden malware stealing data from the system through monitoring the process behavior that writes data to USB storage devices. As a result, the protection scheme can guard against data theft and leakage and has good practicality. This paper describes some functional tests about the protection scheme. The test results show that the scheme is feasible.

    Figures and Tables | References | Related Articles | Metrics
    Design and Implementation of Privilege Escalation Attack Detecting System Based on Android Platform
    Tao ZHANG, Bei PEI, Weiping WEN, Zhong CHEN
    2016, 16 (2):  15-21.  doi: 10.3969/j.issn.1671-1122.2016.02.003
    Abstract ( 495 )   HTML ( 1 )   PDF (2410KB) ( 87 )  

    Along with the rapid development of Android mobile operation system, its security issue has taken attentions. In the Android, it is necessary to apply the authorities to the system for sensitive operations. Although some system modules related to authority control have been designed in the Android, the attackers still can use the system vulnerabilities or third party program vulnerabilities to carry out the privilege escalation attack, and then illegally use some functions beyond their application permissions. This kind of attack is not only a great threat to the security of the system, but also has the feature of concealment. Based on the analysis and innovation on the past research, this paper proposes a new light weight method for detecting the privilege escalation attack, which uses the control flow detection and Android sensitive authority dictionary matching. In addition, detection software with high degree of automation and high detection efficiency is designed and implemented on the basis of privilege escalation attack detecting method.

    Figures and Tables | References | Related Articles | Metrics
    A Method of Intrusion Detection in Wireless Sensor Network Based on Similarity Algorithm
    Dunhao ZHONG, Dongmei ZHANG, Yu ZHANG
    2016, 16 (2):  22-27.  doi: 10.3969/j.issn.1671-1122.2016.02.004
    Abstract ( 493 )   HTML ( 1 )   PDF (2799KB) ( 107 )  

    Wireless sensor network(WSN) security issues are getting more attention by researchers due to unreliable and untrusted circumstances. Even encryption and authentication are applied into WSN, and they cannot prevent the intrusion of malicious network when they have attacked the WSN successfully. In this paper, we describe an online, sequential intrusion detection algorithm for the intrusion of data temper in application layer, RREQ flooding in network layer, collision in link layer and jamming in physical layer. The proposed algorithm is based on the similarity algorithm and linear fitting algorithm, and raises an alarm of intrusion immediately upon encountering a deviation or countertrend from the previous data. Based on the experiments results of intrusion detection system(IDS) using this algorithm, we demonstrate that our online algorithm is effective and achieving its desired results.

    Figures and Tables | References | Related Articles | Metrics
    ECC Scanning Attack Based on Grover Algorithm
    Yuhang CHEN, Huihui JIA, Liying JIANG, Chao WANG
    2016, 16 (2):  28-32.  doi: 10.3969/j.issn.1671-1122.2016.02.005
    Abstract ( 793 )   HTML ( 12 )   PDF (1575KB) ( 199 )  

    Compared with the traditional public key cryptography such as RSA, ECC has a shorter key length but a higher computational complexity. So the attack against ECC encryption system is much harder. Research on the attacks to ECC public key cryptography is in favor of improving and preventing nonessential losses. Grover’s algorithm as a quantum search algorithm, which makes the number of steps of the search of the problem from the classic algorithm of N reduced to N. It realized the secondary acceleration to classical algorithm. It can more quickly find the solutions. Meanwhile, scanning attack, which is a new side channel attack techniques, brings great threat to the current cryptographic system. Utilizing the advantages of the quantum Grover search algorithm, we improve the scanning attack on ECC, and then propose a new scanning attack on ECC which based on the Grover algorithm. For the ECC key length of N, the computational complexity is reduced from 2N to 2N3/2, furthering improve the efficiency of the cracks. Because of the determinate of Grover algorithm, the algorithm can success attack the cryptographic algorithms with the success rate of 100%.

    Figures and Tables | References | Related Articles | Metrics
    Research on the Model of Cloud Computing Trust Management Based on Evaluation Credibility
    Ziyuan LIAO, Mingzhi CHEN, Hui DENG
    2016, 16 (2):  33-39.  doi: 10.3969/j.issn.1671-1122.2016.02.006
    Abstract ( 584 )   HTML ( 1 )   PDF (2364KB) ( 165 )  

    At present, cloud computing is developing rapidly, and trust management is one of the most challenging problems to the sustainable development of cloud computing. The highly dynamic, distributed, and non-transparent nature of cloud computing introduces several key issues such as privacy, security, and availability. Protecting cloud services providers against attacks from malicious users is also a difficult problem. Based on the design of the cloud computing trust management, this paper introduces a method to calculate users’ evaluation credibility which uses the calculated trust results as the credibility weights of the evaluation evidences. Users are generally divided into two kinds, one kind is the normal user who gives the credibility evaluation according to the actual transaction situation, and the other is the malicious user who attacks the service entity by submitting malicious evaluation. By calculating the evaluation credibility of the user, the method can identify the malicious user entity and protect the trust management model. In this paper, the experiment is based on the real trust feedback in cloud computing, which eliminates malicious user according to the user’s evaluation credibility. The feasibility of the model is proved by using the normal user feedback.

    Figures and Tables | References | Related Articles | Metrics
    Research and Implement on Network Visual Analytic System Based on TcpFlow
    Hao MENG, Jinsong WANG, Jingyun HUANG, Huirong NAN
    2016, 16 (2):  40-46.  doi: 10.3969/j.issn.1671-1122.2016.02.007
    Abstract ( 572 )   HTML ( 1 )   PDF (3313KB) ( 262 )  

    This paper designs a visual analytic system for analyzing the structure of network by using TcpFlow data. Its functions include distinguishing the hosts between clients and servers in the network, dividing the topology of network, classing the servers, and finding communication modes. The system has two modules. The first module is used to analyze the structure and hosts of the network by visual analysis of the TcpFlow data. And we can also use it to discover special communication modes through visualizing the session procedures of the TcpFlow data. Meanwhile, the second module can be used to analyze the network communication modules real-timely. With these two modules, the system can help network administrators and network security analysts understand the structure of the whole network and characteristics of the network quickly, and make it convenient to the management of the network and perception of network security situation.

    Figures and Tables | References | Related Articles | Metrics
    A Framework of Privacy Metric in LBS Combining Query Privacy with Location Privacy
    Yijie ZHU, Changgen PENG, Jiashuai LI, Haifeng MA
    2016, 16 (2):  47-53.  doi: 10.3969/j.issn.1671-1122.2016.02.008
    Abstract ( 711 )   HTML ( 2 )   PDF (2226KB) ( 194 )  

    Traditional LBS privacy measurement mechanism was designed for a given LBS privacy protection technology, and only considered one in between query privacy and location privacy. So it’s not universal. To solve this problem, the article present a framework of privacy metric in LBS combining query privacy with location privacy. The framework formally defined the system elements such as user, time, location and query, and formally descripted the privacy protection mechanisms and the attacker model. And it proposed a generalized mechanism of LBS privacy measurement considering the attacker’s background knowledge. This mechanism was a combination of location privacy and query privacy, and considered the user’s personal privacy requirements at the same time. It can measure the effectiveness of a variety of LBS privacy protection mechanism. Finally, we verified the validity of the measurement mechanism from the simulation results.

    Figures and Tables | References | Related Articles | Metrics
    A Detecting System for Android Malicious Behavior Based on Binder Information Flow
    Guizhi LI, Zhen HAN, Qihui ZHOU, Yazhe WANG
    2016, 16 (2):  54-59.  doi: 10.3969/j.issn.1671-1122.2016.02.009
    Abstract ( 508 )   HTML ( 1 )   PDF (2213KB) ( 103 )  

    Currently, malwares based on the Android system are in flood. The malicious behavior not only brings a huge threat to users’ property, but also limits the development of mobile terminal application. In order to solve this problem, this paper designs and realizes a system for malicious behavior detection based on Binder information flow. According to the collected universal information, this paper sets privacy data detection as the specific safety requirements to discover the malicious behavior of applications, and builds information-flow graph showing the communication path between applications. Malicious behavior analysis is based on communication content and graph traversal. This paper analyzes 300 applications and finds 30.7% of the applications have malicious behavior of illicit access to private data. The performance test shows that the proposed scheme in this paper only brings 6.9% performance loss to Android system.

    Figures and Tables | References | Related Articles | Metrics
    IT Assets Safety Monitoring System Based on Huge Data
    Hongkai WANG, Shengjun ZHENG, Longhua GUO, Yun LIU
    2016, 16 (2):  60-65.  doi: 10.3969/j.issn.1671-1122.2016.02.010
    Abstract ( 596 )   HTML ( 2 )   PDF (2393KB) ( 197 )  

    The emergence of security attack for industrial control networks causes the smart grid which is an important part of the industrial control networks facing huge security threat. The upgrade of information devices increases the possibility for creating isolated islands of information. Confused management of IT assets causes bad influence to the security and stability of information system. Real-time information security situation can be aware through security monitoring means. The detection of IT asset vulnerability and other security issues provide a basis for the development of effective security measures which play significant role in solving security problems in power system. How to deal with huge data is also a valuable topic deserving research. In this paper, we design the IT assets distributed monitoring system based on huge data, to solve increasingly serious problems of IT assets management. It collects IT assets information through hardware component details, ports scanning and the distributed vast web crawler. It constructs distributed engine clusters to implement information acquisition tasks and data processing tasks, implements the IT assets detecting and leaks analyzing effectively and fast. The system can autonomous discover and locate IT assets so that it detects the cyber space comprehensively, accurately and in real time.

    Figures and Tables | References | Related Articles | Metrics
    Research and Analysis on the Novel SQL Injection and Defense Technique
    Xin LI, Weiwei ZHANG, Zichang SUI, Lixin ZHENG
    2016, 16 (2):  66-73.  doi: 10.3969/j.issn.1671-1122.2016.02.011
    Abstract ( 821 )   HTML ( 23 )   PDF (1834KB) ( 390 )  

    SQL injection is one of the most serious threats for Web security, and has developed new technologies in recent years. Researchers put more focus on detection and prevention of traditional SQL injection technique, rather than the novel SQL injection technique. Based on the introduction of traditional SQL injection and existing defense technologies, this paper introduces client SQL injection, detection bypass and second-order SQL injection. Finally we compare 5 traditional SQL injection technologies and 3 new SQL injection technologies through the aspects of effects and prevention. Analysis of the injection effect shows that the new SQL injection technology has the characteristics of great harm, wide influence, and relying on the manual implementation. Analysis of the defense method shows that although the new SQL injection technology can break through some of the traditional defense schemes, the existing defense technology still can effectively defend it. At the end of the analysis a suitable, Web defense scheme for each technology is proposed.

    Figures and Tables | References | Related Articles | Metrics