Netinfo Security

Comparative Study of Intrusion Detection Methods Based on Machine Learning

Xiang HE, Sheng LIU, Jiguo JIANG

2018, 18 (5): 1-11. doi: 10.3969/j.issn.1671-1122.2018.05.001

Abstract ( 1136 )

HTML ( 31 )

PDF (2119KB) ( 510 )

With the network security situation becomes more and more severe, intrusion detection technology has already become an important means to ensure network security. Therefore, it has become a consensus to introduce the theory and method of machine learning to intrusion detection. In recent years, considerable progress has been made in this field. The article analyzes the application of different machine learning methods in intrusion detection. First of all, The article introduces the general process of machine learning and compares and analyzes the theories of typical machine learning methods. Then the article uses different machine learning methods for simulation study to observe the performance changes. Finally, the article carries out the horizontal comparison of different models on the basis of simulation. Based on the simulation experiments, the article draws a more reliable conclusion, which is of great significances to search for a machine learning algorithm which has better performances.

Figures and Tables | References | Related Articles | Metrics

A Markov Prediction-based Algorithm for Continuous Query Privacy Protection

Lei ZHANG, Bin WANG, Lili YU

2018, 18 (5): 12-12. doi: 10.3969/j.issn.1671-1122.2018.05.002

Abstract ( 635 )

HTML ( 2 )

PDF (1865KB) ( 223 )

In current, a lot of privacy protection algorithms had been proposed, and these algorithms were mainly designed to resist the attack of query probability correlation. As the adversary can utilize the region of the which query is requested much more than other region to guess the real location of the user, these algorithms can provide service to make the sent query has the same probability in multi-locations, so the location privacy of the user is protected. However, these algorithms were mainly designed for the snapshot query, and they all provide a worse performance in continuous query. Furthermore, because of the locations with the same query probability of the user in the continuous query is difficult to be linked, the adversary can be easier to identify the real location or trajectory with the in-contiguous location in anonymity. Thus, in order to cope with this problem, this paper propose a prediction scheme based Markov chain to provide location privacy protection service. In this scheme, the query probability of the continuous query is generalized, and locations with the similar query probability of per-query are attachable. Protected by our scheme, the user can resist the attack of query probability guess as well as the attack of anonymous locations in-contiguous. At last, security analysis and experimental verification are proposed to further verify the superiority of our scheme, and the detail validation procedure and results analysis are also proposed, so the privacy protection ability and the execution efficiency are verified.

Figures and Tables | References | Related Articles | Metrics

Reversible Data Hiding for Three-dimensional Image Based on Depth No-synthesis-error Model

Bo OU, Xianglian SHI

2018, 18 (5): 24-31. doi: 10.3969/j.issn.1671-1122.2018.05.003

Abstract ( 656 )

HTML ( 2 )

PDF (1875KB) ( 147 )

Traditional reversible data hiding methods mainly focus on traditional two-dimensional (2D) images, and only a few researches involve three-dimensional (3D) images. A 3D image is synthesized by a 2D image and depth map. The reversible data hiding method for 3D images using the depth map as embedding carriers can obtain non-distortion 3D images after embedding. The existing algorithms have some drawbacks in embedding performance. To improve this, we proposed a reversible data hiding method for 3D synthetic images based on the depth no-synthesis-error model (D-NOSE) model. Combined with the prediction-error expansion algorithm and the histogram-shift algorithm, the prediction error value and the pixel frequency are used as the selectors for embedding pixels. By controlling the selected number of peaks and the distance of pixel mapping, the embedding quality can be improved, and the capacity can be adaptively controlled. Experimental results show that this method has good performance, which can adaptively adjust the embedding capacity while reducing the embedding distortion of the depth map.

Figures and Tables | References | Related Articles | Metrics

Protection Technology of Network Camera Based on SM2 Digital Signature

Liming ZUO, Pingping XIA, Zuosong CHEN

2018, 18 (5): 32-40. doi: 10.3969/j.issn.1671-1122.2018.05.004

Abstract ( 723 )

HTML ( 4 )

PDF (1939KB) ( 218 )

With the rapid development of Internet of things (IOT) technology, smart home network is gradually popularizing. However, security problems such as privacy leaks and malicious tampering of data are emerging constantly. The typical vulnerabilities of recent network camera are analyzed, including weak default credential vulnerabilities, authentication bypass vulnerabilities, use of built-in WebShell and proprietary protocol remote control vulnerabilities, and the intrusion access control for a network camera is implemented. Aiming at the security logins problems for current network camera system, the login authentication protocol of camera management system based on SM2 digital signature is proposed. According to the different key processing methods in the protocol implementation, two schemes of electronic key and no electronic key are proposed. In the case of an electronic key, the electronic key is used as a security key container. When there is no electronic key, a password-based key scheme is provided to solve the key management problem. Finally, an experimental simulation platform is constructed by using Raspberry Pi 3B development board. The authentication protocol is implemented under the framework of C/S, B/S and APP/S. Simulation results show that this scheme can effectively prevent sniffing attacks against login passwords.

Figures and Tables | References | Related Articles | Metrics

Design and Implementation of a DPDK-based Virtual NIPS

Chaoling LIU, Yan ZHANG, Huiran YANG, Hongjing WU

2018, 18 (5): 41-51. doi: 10.3969/j.issn.1671-1122.2018.05.005

Abstract ( 971 )

HTML ( 19 )

PDF (2015KB) ( 645 )

As the threat of network security, NIDS/NIPS have become an important way to protect network environment. Considering the existing NIDS/NIPS software, such as Snort and Iptables have ineffective data processing performance, this paper propose a DPDK based Virtual NIPS(vD-IPS).This paper design the overall architecture of the system, highlighting the packet connection and detection module and packet cleaning module. Considering the multiple attack environments, this paper design and implement a mechanism of pattern matching algorithm selection. After experimental verification, vD-IPS Satisfy the requirements of intrusion detection and packet cleaning. Compare to Snort, the performance of packet connection and detection of vD-IPS with one core increased by 1.64 times and two cores has increased by 2.62 times. Comparing to Iptables, the performance of packet cleaning of vD-IPS with one core has increased by 1.56 times and two cores have increased by 1.89 times and three cores have increased by 2.21 times. In conclusion, vD-IPS performs better with the same abilities of detection and protection comparing to Snort and Iptables. With the increasing numbers of cores, vD-IPS has further improvement of performance. vD-IPS can select different pattern matching algorithm which has the best matching effect according to the character set size and string length of different pattern string.

Figures and Tables | References | Related Articles | Metrics

Research on Power Analysis of SM4 Hardware Implementation

Ying CHEN, Changsong CHEN, Honggang HU

2018, 18 (5): 52-58. doi: 10.3969/j.issn.1671-1122.2018.05.006

Abstract ( 758 )

HTML ( 6 )

PDF (2668KB) ( 246 )

SM4 is a block cipher used in wireless LAN products. This paper mainly studies the power analysis on SM4 cipher implemented in hardware, and proposes a novel chosen-plaintext method power analysis attack based on Welch's t test and principal component analysis.This paper achieves an attack of SM4 on FPGA in ChipWhisperer experimental platform. The results show that this method can effectively reduce the number of power consumption waveforms required for a successful attack,and reduce the complexity of analysis.

Figures and Tables | References | Related Articles | Metrics

Blockchain System for Creating Digital Assets Based on Reputation Value

Xing WANG, Jian WENG, Yue ZHANG, Ming LI

2018, 18 (5): 59-65. doi: 10.3969/j.issn.1671-1122.2018.05.007

Abstract ( 923 )

HTML ( 3 )

PDF (1346KB) ( 704 )

The types of digital assets traded on the blockchain are getting richer. When digital assets other than cryptocurrencies are created, the problem of the authenticity and validity of the creation is produced. This paper builds trust mechanism based on blockchain technology, regards digital assets creation as the process of evaluating behaviors, designs smart contracts that deal with assessment behaviors, and builds a blockchain system based on reputation values of alliance members. The system uses sidechain technology to transfer created digital assets, which can increase the authenticity guarantee for blockchains in other trading scenarios. The experimental results show that the system has the characteristics that the cost is low and the storage space is not easy to expand.

Figures and Tables | References | Related Articles | Metrics

Research on a Content Security Leakage Detection Method of the Application Based on Context

Bei SUN, Yan YU, Yongwen WANG

2018, 18 (5): 66-74. doi: 10.3969/j.issn.1671-1122.2018.05.008

Abstract ( 608 )

HTML ( 3 )

PDF (1223KB) ( 134 )

For a more comprehensive understanding of the reasons leading to the Content Provider leakage in mobile terminal, this paper proposes a content leakage detection method based on context of Content Provider (CLDC). This method locate the suspect string or statement in the test procedure, by forming the library of security rules based on the leakage cause, detection path and judgment basis, and determine the rationality and accessibility of suspect strings or statements, using information flow analysis and simulation execution method. The experimental results show: CLDC can detect Content Provider leakage in different directions, and improve the detection accuracy effectively.

Figures and Tables | References | Related Articles | Metrics

Chinese Event Detection Based on Recurrent Neural Network

Chenxi MA, Xingshu CHEN, Wenxian WANG, Haizhou WANG

2018, 18 (5): 75-81. doi: 10.3969/j.issn.1671-1122.2018.05.009

Abstract ( 786 )

HTML ( 3 )

PDF (1383KB) ( 215 )

With the development of Internet, the size of the Internet users has grown rapidly. The Internet has become more and more important to people’s life and social influence. In the face of the growing mass of Internet information, it is vital to quickly locate the events of public discussion. Event extraction is an important research in the field of information extraction. Event detection is the first step in the event extraction task, which plays a crucial role in the event extraction task.We designed a joint model based on recurrent neural network, to realize the recognition of event trigger and the classification of event category. Compared with the traditional method, our joint model can avoid error propagation, it doesn’t depend on the table of the trigger word and has good portability, and doesn’t need to design complex linguistic features.We used CEC corpus as training corpus and test corpus. The experimental results show that accuracy rate of the trigger word and event category is high, and the F value is 70.2%, better than the traditional method.

Figures and Tables | References | Related Articles | Metrics

Research on the Security Outsourcing Technology Based on Virtualization Platform

LI Yue, JIANG Wei, JI Jiahua, DUAN Dezhong

2018, 18 (5): 82-88. doi: 10.3969/j.issn.1671-1122.2018.05.010

Abstract ( 582 )

HTML ( 3 )

PDF (2574KB) ( 155 )

At present, with the development of the internet and the advance of the information security construction, it’s the main stream for the government to choose service outsourcing, effective supervision and management for outsourcing services will become an important means of ensuring information security. The development and operation of information “cooperation” confront with the dilemma and difficulties such as unable to guard by technical means, and difficult to protect by management system. This paper puts forward an innovative information technology about outsourcing management idea that deploying virtualization platform technology by combining zero-client terminal, customizing complete set of operations desktop and developing matching management system to realize innovation exploration and application in both technology and management.

References | Related Articles | Metrics

Research on the Security Outsourcing Technology Based on Virtualization Platform

Yue LI, Wei JIANG, Jiahua JI, Dezhong DUAN

2018, 18 (5): 82-88. doi: 10.3969/j.issn.1671-1122.2018.05.0010

Abstract ( 194 )

HTML ( 7 )

At present, with the development of the internet and the advance of the information security construction, it’s the main stream for the government to choose service outsourcing, effective supervision and management for outsourcing services will become an important means of ensuring information security. The development and operation of information “cooperation” confront with the dilemma and difficulties such as unable to guard by technical means, and difficult to protect by management system. This paper puts forward an innovative information technology about outsourcing management idea that deploying virtualization platform technology by combining zero-client terminal, customizing complete set of operations desktop and developing matching management system to realize innovation exploration and application in both technology and management.

Figures and Tables | References | Related Articles | Metrics

Table of Content