Netinfo Security

Research on Privacy Preserving ECG-based Identification Technology

Shaopeng GUAN, Xin GE, Yuan ZHANG, Sheng ZHONG

2016, 16 (8): 1-5. doi: 10.3969/j.issn.1671-1122.2016.08.001

Abstract ( 478 )

HTML ( 2 )

PDF (1907KB) ( 151 )

ECG data are physiological characteristics that are closely related to an individual, which has an unparalleled advantage for authentication. However, ECG data reflect the health situation of an individual, which belong to the important personal privacy. This paper proposes a privacy preserving ECG-based identification technology. Firstly, a certain mechanism is adopted to protect the ECG data in the data training phase and the data matching phase, and then identification experiments on the protected ECG data are conducted by the Euclidean distance algorithm and the cross-correlation algorithm. The results show that the ECG data in MIT-BIH Normal Sinus Rhythm Database are 100% identified by the Euclidean distance algorithm and the cross-correlation algorithm, and the ECG data in MIT-BIH Arrhythmia Database are 96.77% identified by the Euclidean distance algorithm and the cross-correlation algorithm.

Figures and Tables | References | Related Articles | Metrics

Research on Location Privacy Protection in People-centric Sensing Network

Ziling WEI, Baokang ZHAO, Jinshu SU

2016, 16 (8): 6-11. doi: 10.3969/j.issn.1671-1122.2016.08.002

Abstract ( 617 )

HTML ( 1 )

PDF (1670KB) ( 79 )

As a new type of wireless sensor network system, people-centric sensing network plays a key role in many areas. However, location privacy information is easily leaked due to the semantics-aware threat. Therefore, designing a privacy-reserving scheme which is suitable for people-centric sensing network and can resist the semantics-aware threat is an important and challenging work. Firstly, this paper combines the semantics attributes of geographic position and the obfuscation space technology to reduce the probability of an adversary using the semantics-aware threat to get the user's position privacy information. Then, a new obfuscation space selection algorithm is proposed by using BP neural network technology, which can obtain the appropriate obfuscation space in case of user not transmitting its own actual position information, in order to prevent an adversary to acquire the user’s location privacy information by using the non trusted third party such as obfuscation space generator and server. The theoretical analysis and experimental results show that the scheme can protect the user's location privacy information in a reasonable amount of time and space consumption.

Figures and Tables | References | Related Articles | Metrics

Research on Real- time Synchronization Security Scheme for Wireless Sensor Nodes

Fangbo CAI, Jingsha HE, Yuqiang ZHANG, Jing XU

2016, 16 (8): 12-17. doi: 10.3969/j.issn.1671-1122.2016.08.003

Abstract ( 383 )

HTML ( 1 )

PDF (1733KB) ( 123 )

Time synchronization plays a very important role in the wireless sensor network system. MRN-SCS algorithm is not the best clock synchronization algorithm in wireless sensor networks with limited energy and bandwidth, this paper analyzes the shortcomings of MRN-SCS algorithm in clock synchronization, and presents a new security real-time synchronization method, which is called "SRTS"(Secure Real-time Synchronization Method). The comparison of the simulation results show, this algorithm than MRN-SCS algorithm effectively improves the synchronization accuracy and safety.

Figures and Tables | References | Related Articles | Metrics

An APP Sensitive Behaviors Detection Method Based on Android Kernel and Its Implementation

Weiping WEN, Yang TANG, Li SHEN

2016, 16 (8): 18-23. doi: 10.3969/j.issn.1671-1122.2016.08.004

Abstract ( 805 )

HTML ( 15 )

PDF (2453KB) ( 219 )

In the era of intelligent mobile terminal, because of the characteristics of openness and free of charge, Android has become one of the major operation systems on the market. However, a large number of Android viruses, Trojans and malicious software have been serious threats to the privacy and property securities of smart phone users. In the Android operation system, although it is necessary to apply the authorities to the system for sensitive operations, and there are some system modules related to authority control, malicious software can use the system vulnerabilities or third party program vulnerabilities to carry out the attack. To meet the need of Android applications sensitive behaviors detection, this paper analyzes the popular applications behaviors detection tools in the Android system, designs and implements an Android applications dynamic detection system. The system can monitor the Android applications sensitive behaviors in real time, and provides help for the detection of malicious programs.

Figures and Tables | References | Related Articles | Metrics

Research on 3GPP Authentication and Key Agreement Protocols

Chengzhe LAI, Dong ZHENG

2016, 16 (8): 24-31. doi: 10.3969/j.issn.1671-1122.2016.08.005

Abstract ( 719 )

HTML ( 5 )

PDF (2340KB) ( 262 )

Under 3rd Generation Partnership Project (3GPP), the introduction of 3GPP system and security architectures are given. Based on these, the communication scenarios and the corresponding security protocols in 3GPP are also introduced, which include the different authentication and key agreement protocols in the 3GPP-access, the trusted non-3GPP access and untrusted non-3GPP access network, respectively. In addition, large-scale group-oriented secure communication protocols for machine to machine communications are reviewed. Finally, we present key issues and research directions in the future.

Figures and Tables | References | Related Articles | Metrics

Research on Two-way Authentication Scheme for Wireless Mesh Network Based on CPK

Dongzhen LI, Chenghua YAN, Xun LUO

2016, 16 (8): 32-38. doi: 10.3969/j.issn.1671-1122.2016.08.006

Abstract ( 519 )

HTML ( 1 )

PDF (1944KB) ( 98 )

Mesh network is a new type of wireless network, which combined by WLAN and Ad-hoc, and it has great potentialities. But the security problems restrict the development of Mesh. This paper analyses the advantages and disadvantages of CPK and IBC, and finds that CPK is suitable to access for large-node. In order to solve the problem of authentication for wireless mesh network, this paper carried out a new protocol to deal with efficiently and safely access of Mesh, by taking CPK into Mesh access authentication. And the two-way authentication was achieved, by using CPK algorithm, public key system, random numbers and time stamp. According to the protocol, the process of authentication is simplified, and the delay is also reduced, meanwhile a new authentication method is provided to mass node access. In the end, security analysis and simulation proved the effectiveness and security of this method.

Figures and Tables | References | Related Articles | Metrics

Design and Implementation of Mobile Phone Application Recognition System Based on Traffic Analysis

Jianjun LIN, Bogang LIN, Yang YANG, Bo SUN

2016, 16 (8): 39-45. doi: 10.3969/j.issn.1671-1122.2016.08.007

Abstract ( 604 )

HTML ( 2 )

PDF (2848KB) ( 447 )

With the rapid development of mobile Internet, Mobile phones store a great deal of useful information. How to dig out valuable information according to actual needs is a problem that people pay close attention to. Identifying the applications installed on a mobile phone by analyzing the traffic generated by the mobile phone can be a preliminary work of mobile phone information mining. This paper designed a system based on Django to extract information of mobile phone applications from mobile phone traffic. By reading relevant material and literature, we investigated the mainstream traffic identification technology and pattern matching algorithms and selected proper technology and algorithms from them to apply to the design of the system. We divided the system into 4 modules: traffic analysis module, feature library module, database module and front end module, and explicated the realization of every module. Finally, we selected 44 mobile phone applications to test the system. It turned out that the recognition rate was high.

Figures and Tables | References | Related Articles | Metrics

Research on Access Control Method Based on Dynamic Trust Degree in Mobile Internet Environment

Jianyu SHAO, Fuzhen CHEN, Pengyu QIN, Jiujun CHENG

2016, 16 (8): 46-53. doi: 10.3969/j.issn.1671-1122.2016.08.008

Abstract ( 457 )

HTML ( 2 )

PDF (1935KB) ( 108 )

The existing role based access control (RBAC) is a kind of static access control method. A user can only be mapped to a fixed role, and can’t meet the dynamic relationship between user and role in this method. This paper, according to the characteristics of mobile Internet, introduces the location state and time state, gives the access control method based on dynamic trust in mobile Internet environment. The same user has different roles in different location states and time states, and has different access permissions. At the same time, user trust degree is no longer immutable, user’s trust will increase or decrease with access to different resources, and user’s trust degree will decreasing with the passage of time. By dynamically adjusting the user’s trust degree, it overcomes the shortcomings of the current access control in the mobile Internet environment, and effectively controls the user’s access permission in different conditions. Experiments show that the method is correct and effective.

Figures and Tables | References | Related Articles | Metrics

An Enhanced Security Access Control Scheme for Inter-component Communication in Android

Lifang YU, Tianchang YANG, Shaozhang NIU

2016, 16 (8): 54-60. doi: 10.3969/j.issn.1671-1122.2016.08.009

Abstract ( 535 )

HTML ( 1 )

PDF (4719KB) ( 134 )

With the rapid development of Android smart mobile devices, its security issues emerge in endlessly. However, the sandbox mechanism, signature mechanism and access control of permission provided by Android system has its drawbacks, and unable to cope with a variety of security problems at present. Given the lack of access control mechanisms for the protection of communication components, this paper presents an enhanced security access control scheme, in which signature mechanism is used to sign the components in the scheme and achieve enhanced security access control for components communication need to be protected, and certificate verification is checked in the Android Framework layer. Experimental results show that the scheme can be effective for the security access control of process validation, and improve the security of the communication component.

Figures and Tables | References | Related Articles | Metrics

Research on the Method of Data Integrity Detecting on Android System

Lewei QU, Senlin LUO, Zhipeng SUN, Shuai ZHU

2016, 16 (8): 61-67. doi: 10.3969/j.issn.1671-1122.2016.08.010

Abstract ( 600 )

HTML ( 1 )

PDF (2071KB) ( 156 )

The malicious code causes huge damage. It not only steals users’ personal privacy, invades users’ rights, but also causes serious economic loss. Typical malicious code occupies with advanced technology such as hiding files, hiding progress and self-starting. However, all of these typical methods of attacking could destroy the integrity of system data. This paper proposes a method of data detecting integrity combined file data with memory data on Android system and solves the problems of not all-inclusive detection, relying on hardware, huge consumption of system and hard to transplant in existing methods. This method use the algorithm of MD5 Hash to detect the integrity of data based on credible baseline database. Firstly, the method ensures the integrity of file. Then the method detects the integrity of memory data. At last we obtain the result of detecting integrity of data. At the end of this paper, several experiments are done in the Android simulator environment. And the paper uses 7 malicious codes which attack detection of data in our experiments. The experiment shows that the rate of detecting is 100% and the CPU occupancy rate below 5%. This method has high accuracy, strong practicability, and does not rely on hardware.

Figures and Tables | References | Related Articles | Metrics

Design and Development of Remote File Management System Based on Smart Card

Junfu ZHANG, Aiqun HU

2016, 16 (8): 68-73. doi: 10.3969/j.issn.1671-1122.2016.08.011

Abstract ( 428 )

HTML ( 2 )

PDF (4395KB) ( 108 )

The network storage service is essential in our life now. However, the password of an account can’t guarantee the security completely. Therefore, a client of the remote file management system is designed, which is based on the physical security of smart cards. In this paper, a file encryption scheme is developed based on smart cards in order to protect the file itself. At the same time,a communication protocol is designed to enable many users to manage their files. In this case, every user can login the system with their authorized smart card, which protects the communication and files.

Figures and Tables | References | Related Articles | Metrics

Research and Design on Malware Detection System Based on N-gram Algorithm

Jiawang ZHANG, Yanwei LI

2016, 16 (8): 74-80. doi: 10.3969/j.issn.1671-1122.2016.08.012

Abstract ( 574 )

HTML ( 3 )

PDF (2274KB) ( 235 )

It is difficult to detect malware detection of unknown malicious programs, Aiming at solving this problem, this paper proposes an approach for extracting the dynamic features of malicious code semantics. This method extracts the permissions and API features of Android application to set up the semantic feature sequence with the N-gram algorithm. With screening of the feature sequence, the behavior sequence becomes more representative. First, in order to increase the effectiveness of the characteristics, analysis of experienced malware experts for each Android API function in SDK to add the corresponding weights, and the use of frequency and the weight value of each element of the N-gram sequence characteristics of re-calculated values in order to build a N-gram series model improved. Then, using a variety of machine learning algorithms for classification and detection, verify its effectiveness. The experimental results show that the improved N-gram algorithm and features in this paper can effectively detect malicious programs under Android platform.

Figures and Tables | References | Related Articles | Metrics

Table of Content