Loading...

Table of Content

    10 July 2016, Volume 16 Issue 7 Previous Issue    Next Issue

    Orginal Article
    For Selected: Toggle Thumbnails
    Orginal Article
    Research on An Efficient and Practical Cloud-based Digital Signature Scheme
    Yongqiang ZHANG, Weilong LU, Chunming TANG
    2016, 16 (7):  1-6.  doi: 10.3969/j.issn.1671-1122.2016.07.001
    Abstract ( 462 )   HTML ( 2 )   PDF (1447KB) ( 152 )  

    With the rapid development of cloud computing, models of cloud-based digital signature become practical. More enthusiastic responses from enterprises confirm that cloud computing plays an important role in many fields of IT with its features of reliable, convenient, on-demand network access to security infrastructures that perform cryptographic operations. This paper proposes a scheme of generating digital signature in the cloud. The scheme achieves centralized management of certificates and their private keys, and ensures the security of certificates and their private keys by using the combination of distributed processing with key segmentation. Meanwhile, the scheme presents lower performance requirements of cryptographic operations for cloud signature service platform, which meet the need of simultaneous processing from a large number of users.

    Figures and Tables | References | Related Articles | Metrics
    RSSP-II Protocol Security Analysis Based on Communicating Sequential Process Method
    Debiao LU, Shengjiao HE, Jian WANG
    2016, 16 (7):  7-8.  doi: 10.3969/j.issn.1671-1122.2016.07.002
    Abstract ( 699 )   HTML ( 8 )   PDF (2780KB) ( 476 )  

    Nowadays, the increasing number of cyber security events in industry control system (ICS) are emerged. Railway Signalling System as a specific application of the industrial control system, including reliability and completeness, the transmission network security is also the stringent task to be focused on. This paper analysed the RSSP-II protocol as the security protocol for railway signalling system, the Communication Sequential Processes (CSP) method was introduced. CSP is one of the model checking method, this method using discrete event to describe the system, the process and its environment were described by algebraic operations in formal language. Each CSP process can be converted into equivalent state. The processes of the key service and peer entity authenticating are analysed through CSP. At last the model checking tool Casper-FDR was applied to verify the confidentiality and authenticity properties of the protocol. The result showed that the parameters are acceptable, and the reverse item number is 0, thus verified RSSP-II in key service and peer entity authenticating.

    Figures and Tables | References | Related Articles | Metrics
    Research on Trust Model for Security Strength Evaluation of Cloud Computing
    Ziyuan LIAO, Wei WANG, Mingzhi CHEN
    2016, 16 (7):  15-19.  doi: 10.3969/j.issn.1671-1122.2016.07.003
    Abstract ( 573 )   HTML ( 0 )   PDF (1700KB) ( 190 )  

    The application of cloud computing is becoming more and more popular, but the security strength of cloud computing system is always difficult to be accurately evaluated. This paper proposes a trust model which can objectively evaluate the security strength of cloud computing system. The model uses a trust value to describe the overall security strength of the cloud computing system, and the trust value is generated by a list of parameters that cover the multidimensional securities. Trust model can help users to choose the appropriate cloud services effectively, and can help service providers to find their deficiencies. The experimental results show that the trust model has good completeness and accuracy for the evaluation of the security strength of cloud computing system.

    Figures and Tables | References | Related Articles | Metrics
    Research Survey on Security Issues in Cyber-Physical Systems
    Kunlun PENG, Wei PENG, Dongxia WANG, Qianqian XING
    2016, 16 (7):  20-28.  doi: 10.3969/j.issn.1671-1122.2016.07.004
    Abstract ( 1415 )   HTML ( 10 )   PDF (1589KB) ( 455 )  

    A cyber-physical system (CPS) is a complex system which integrates information systems with physical systems. It realizes the function of real-time sensing and dynamical control of the physical world by environment perception and the integration of computing, communication and control process. CPS is viewed as the next information revolution after the Internet and security problem is one of the key issues affecting the wide application of CPS. This paper introduces the requirements and goals of CPS security, as well as security challenges that a CPS faces. Attacks on a CPS from physical layer, transport layer and application layer are also discussed in detail. By analyzing current research on techniques of anti-attack, identity authentication, privacy preservation and risk assessment in CPS, the paper discusses the future research trends in this area.

    Figures and Tables | References | Related Articles | Metrics
    Research and Design of Remote Control System of Host Resources
    Jian ZHAO, Chang ZHANG, Xiangdong WEN
    2016, 16 (7):  29-34.  doi: 10.3969/j.issn.1671-1122.2016.07.005
    Abstract ( 483 )   HTML ( 0 )   PDF (1576KB) ( 147 )  

    Nowadays, the security and controllability of the host resources are getting more attention. Especially when the host is out of control, how to ensure the sensitive information to be security by the remote control system is a problem which should be solved. After analyzed current research situation of remote control and secure deletion of the host files, a remote control system of host resources is designed, and the system architecture and workflow are proposed. The realization method of the hardware platform based on a remote communication module and the control software including control instruction transmission, security authentication, and host resources control and so on. Finally, the system functions are tested and analyzed. The remote control system is designed based on mobile communication module and control agent software. The communication module will be put in the protected computer, and the agent software run in it. The manager controls the protected computer by the command message. To enhance the security of the system, only these command messages which are identified can be carried out, in order to delete the sensitive information, shut down the endpoint and so on. The experiments show that the system can improve the management of the protected computer, and reduce the security risk when the computer is out of control.

    Figures and Tables | References | Related Articles | Metrics
    A Binary Code Analysis of Vulnerability Scanning Method for SDN Smart Power Grid
    Yingcong CHEN, Guangqing CHEN, Zhiming CHEN, Neng WAN
    2016, 16 (7):  35-39.  doi: 10.3969/j.issn.1671-1122.2016.07.006
    Abstract ( 668 )   HTML ( 3 )   PDF (4529KB) ( 161 )  

    Software defined network provides smart power grid with virtual network control and compatible capability. However, security vulnerabilities are also brought in. A binary code analysis of vulnerability scanning method is proposed for SDN smart power grid. Code lexical analysis rules and code to vulnerability reflection database are built to scan the vulnerabilities from SDN smart power grid. Ignored specific service characteristics, new method improves the security. Simulations and tests demonstrate the improved performance of new method.

    Figures and Tables | References | Related Articles | Metrics
    Research on Method of Android System Malware Behavior Monitoring Based on Multi-level and Cross-view Analysis
    Jingya YANG, Senlin LUO, Shuai ZHU, Lewei QU
    2016, 16 (7):  40-46.  doi: 10.3969/j.issn.1671-1122.2016.07.007
    Abstract ( 598 )   HTML ( 1 )   PDF (1750KB) ( 279 )  

    The existing methods applying to behavior monitoring of Android system need to either recompile the system or alter the applications which is monitored. Most of them are not comprehensive enough and cannot identify the hidden behaviors of malicious codes. According to the problems raised before, this paper proposes a method of Android system malware behavior monitoring which bases on multi-level and cross-view analysis. The paper uses the technology of process injection and loadable kernel, which monitors malware behavior in Java level, Native level and Kernel level. Then this paper obtains the result of behavior monitoring and identifies the hidden behaviors by cross-view analysis. Under Android simulator environment, the experiment uses 12 kinds of malware which can cover most of the malware behaviors. The results shows that the monitoring accuracy rate of malicious behavior reaches to 91.43%, and the method can detect the hidden behaviors effectively. So it has fine audit granularity and strong practicality.

    Figures and Tables | References | Related Articles | Metrics
    Research on ASLR Bypass Technology Based on Arbitrary Function Address
    Xin XU, Songnian ZHANG, Jianwei HU
    2016, 16 (7):  47-52.  doi: 10.3969/j.issn.1671-1122.2016.07.008
    Abstract ( 799 )   HTML ( 4 )   PDF (7599KB) ( 149 )  

    For many years buffer overflow vulnerability has been the most important and harmful mean of the field of network attacks. In Microsoft and other vendors did not use the DEP and ASLR on buffer overflow protection technology, the attackers use EIP to jump to the required position to complete the exploits. However, with the application of DEP and ASLR technology, during the current exploit, bypass the ASLR, Address Space Layout Randomization, protection mechanism is an essential part . Almost all of the vulnerabilities mining practitioners and attackers, both in the study through the way to bypass DEP and ASLR. From the content of ASLR protection mechanism, this paper mainly analyzes the current commonly used ASLR bypass technology of the Microsoft’s Windows system. Then, this paper puts forward a through relative offset bypass ASLR protection mechanism, and focuses on the analysis of the cve-2013-2551 vulnerabilities principles and details, and through the use of loopholes in the cve-2013-2551 demonstration in Microsoft's Windows 8 application this method successfully bypass ASLR protection mechanism of the Microsoft. The shortcoming of the method that proposed in this paper is that the attacker must be able to bypass the ASLR to read the memory, and its advantage is that the attacker can obtain the address of any function in the system.

    Figures and Tables | References | Related Articles | Metrics
    A Performance Testing Framework of Virtual Desktop Based on User Motion Controlling Language
    Jingxuan ZHANG, Jinda CHANG, Dong GUO, Wei WANG
    2016, 16 (7):  53-60.  doi: 10.3969/j.issn.1671-1122.2016.07.009
    Abstract ( 680 )   HTML ( 0 )   PDF (2576KB) ( 112 )  

    There are several known challenges about performance analysis. The traditional methods just care about parts of system, yet the performance of the whole system. The existed methods often only measure the metrics of operating system, but not the experience perceived by users. To solve above problems, this paper proposes a novel method to measure the performance of virtual desktop system. This method need to use user motion controlling language, which allow the tester to simulate the user behaviors on embedded thin client directly. A test framework has been implemented in this method, with a serial of real test on a simple embedded thin client. The basic availability of this method has been proved through some qualitative and quantitative analysis.

    Figures and Tables | References | Related Articles | Metrics
    Security Supervisory Scheme for Industrial Control Networks
    Xiaobing CHEN, Kai CHEN, Zhen XU, Liming WANG
    2016, 16 (7):  61-70.  doi: 10.3969/j.issn.1671-1122.2016.07.010
    Abstract ( 566 )   HTML ( 1 )   PDF (4209KB) ( 128 )  

    Security events, represented by one nuclear power station of Iran attacked by the “Stuxnet” virus, ring the alarm bell of the industrial control system security situation. The supervision of industrial control system is imperative. Considering the state-of-the-art research, there exists the problems of restraint of the range of data acquisition, the inadequate consideration of the features of industrial control systems and lack of effective detection measures to identify APT attacks, such as “Stuxnet” and “Havex”. Thus, the article propose a supervisory frame for industrial control networks. The frame acquire data from different layers of industrial control networks, utilizing flexible data acquisition strategies, and correlate data acquired from different layers of industrial control networks and analyze abnormal operation behavior. The flexible data acquisition strategies perform preference to the availability of industrial control system, while the correlation and analysis of data acquired from different layers improved the ability of the system to detect some APT attacks.

    Figures and Tables | References | Related Articles | Metrics
    esearch on Access Control Model Based on the Trust Value Assessment of Cloud Computing
    Yundong FAN, Xiaoping WU, Xiong SHI
    2016, 16 (7):  71-77.  doi: 10.3969/j.issn.1671-1122.2016.07.011
    Abstract ( 541 )   HTML ( 0 )   PDF (3477KB) ( 144 )  

    To reduce the possible threats of users’ behavior, improve the security of cloud computing system, and ensure the dynamic access control, this paper proposes an access control model based on the trust value assessment of cloud computing. The model determines the level of trust and completes the authorization process by dynamically computing the integrated trust value of the user’s behavior. Considering the interaction characteristics of user behavior factors, the model introduces the theory of analytic network process on the basis of establishing the complete trust value evaluation model, which can realize the objective weight distribution of user behavior factor and improve the reliability and objectivity of the model. The attenuation factor is added in the model to further ensure the dynamic change of the integrated trust value of users’ behavior, so that the user can gain the dynamic access and this improves the security of cloud environment. This paper expounds the structure of model, composition elements, implementation process and strategies of access control. And at last the experimental results show that the model can achieve dynamic, secure and reliable access control in cloud environment.

    Figures and Tables | References | Related Articles | Metrics
    Research on Trusted Security Host Architecture Based on Trusted Computing Base
    Qiang HUANG, Le CHANG, Dehua ZHANG, Lunwei WANG
    2016, 16 (7):  78-84.  doi: 10.3969/j.issn.1671-1122.2016.07.012
    Abstract ( 635 )   HTML ( 1 )   PDF (1983KB) ( 117 )  

    Starting from the host computer security architecture studying background and the requirement of designing actual high-security computer, we discuss trusted & security union architecture here to fuse trusted computing mechanism with legacy security mechanism like access control or authentication. First, the relationship between trusted computing and legacy security architecture is discussed. The TCG architecture and China trusted computing architecture is also compared with their differences in data integrity and system integrity. At last, we make the conclusion that trusted computing mechanism can enhance the security architecture and assurance the TCB’s characters. Several critical mechanisms are discussed to help for realizing and supporting this architecture: authentication with trusted computing devices and other legacy methods, data protecting mechanism supported by trusted computing and file execution control mechanism combining trusted validation control and mandatory access control.

    Figures and Tables | References | Related Articles | Metrics