Netinfo Security

Research on the Application of AR-OSELM Algorithm in Network Intrusion Detection

Shuning WEI, Xingru CHEN, Yong JIAO, Jin WANG

2018, 18 (6): 1-6. doi: 10.3969/j.issn.1671-1122.2018.06.001

Abstract ( 894 )

HTML ( 2 )

PDF (1762KB) ( 226 )

Considering the low learning efficiency and poor detection precision of the traditional learning algorithms caused by the redundant attributes of the incremental network intrusion data, this paper proposes an online sequential extreme learning machine algorithm based on attributes reduction in rough set (AR-OSELM). Firstly, the attribute kernels are obtained by using the methods of rough set positive domain and discernibility matrix on intrusion data ,thus characteristic collections of non-redundant attributes are obtained. Then using the online sequential extreme learning machine as the classification algorithm to classify the data sets. The results of the simulation experiment show that that the AR-OSELM algorithm is more efficient in learning and training incremental data and has lower error rates with comparison to BP, ELM and HELM algorithms. The AR-OSELM algorithm has better ability of generalization than other tradition algorithms which provides a new method for network intrusion detection.

Figures and Tables | References | Related Articles | Metrics

Research on Dynamic Data Gathering Algorithm Based on Biological Immune Mechanism in WSANs

Yan WANG, Chen PAN

2018, 18 (6): 7-11. doi: 10.3969/j.issn.1671-1122.2018.06.002

Abstract ( 594 )

HTML ( 2 )

PDF (1925KB) ( 266 )

How to achieve data gathering efficiently and balance network energy consumption in the process of sensor and actor collaboration has always been a hot research topic of wireless sensor and actor networks (WSANs). Aiming to solve data packet loss, delay and the nodes energy hole caused by data aggregation during the cooperative work of sensor-actor (S-A), inspired by biological immune mechanisms, a dynamic data gathering algorithm based on biological immune mechanism (DDG-BIM) is proposed. The algorithm aims at optimizing the relay nodes, proxy sinks nodes and design the movement trajectories of actor node. Firstly, under the influence of the learning factor, the selection probability of the relay node is calculated by using the affinity and the node residual energy. In order to optimize the number of activated nodes, the probability threshold of the cooperative response is dynamically modified by the information distortion degree. Secondly, the probability of selection of the proxy sink is calculated by taking advantage of the affinity, node residual energy, and load conditions. Finally, the mobile actor uses bidding mechanism to dynamically to dynamically select the bidding sinks, and independently decide the direction of its movement according to the probability of successful campaign, so as to complete the dynamic data collection. The simulation results show that the proposed algorithm has better performance than other algorithms in terms of packet loss rate, load balancing and network lifetime.

Figures and Tables | References | Related Articles | Metrics

A Group RFID Tag Ownership Transfer Protocol without Trusted Third Party

Zhibin ZHOU, Shaobo ZHANG, Entao LUO, Chaoliang LI

2018, 18 (6): 18-27. doi: 10.3969/j.issn.1671-1122.2018.06.003

Abstract ( 811 )

HTML ( 2 )

PDF (1699KB) ( 136 )

When ownership of an RFID tagged item changes, how to transfer securely between the old and new owners is a problem to be addressed in the RFID tag ownership transfer protocol. Existing ownership transfer agreements tend to focus on the transfer of ownership of a single item, rarely involving the transfer of ownership of bulk items. By using group proof protocol and elliptic curve encryption, a group RFID tag ownership transfer protocol with forward / backward privacy is proposed. It supports batch transfer of multiple tag ownership, and records the transfer by grouping proof to ensure data integrity; Use elliptic curve encryption to secure security and privacy in the ownership transfer through group keys. Through security and performance analysis, the protocol has high security, scalability, and lower performance overhead.

Figures and Tables | References | Related Articles | Metrics

Research on a Fingerprint Liveness Detection Algorithm Based on Deep Convolution Neural Networks

Min LONG, Xiaohai LONG, Li MA

2018, 18 (6): 28-35. doi: 10.3969/j.issn.1671-1122.2018.06.004

Abstract ( 878 )

HTML ( 10 )

PDF (2457KB) ( 248 )

With the wide application of fingerprint authentication system in recent years, forged fingerprint detection has been paid more and more attentions. Based on the application characteristics of convolutional neural network in the fields of computer vision, face recognition and image classification, this paper proposes a fingerprint liveness detection algorithm called F-net. The algorithm uses BN layer, inception structure and global mean pool level to optimize the network, so as to reduce the large number of parameters in F-net network and the computational complexity. This also makes the algorithm get a higher recognition rate when the algorithm uses a large learning rate to train the network. Many algorithms are tested on LivDet2011 and LivDet2013 datasets. The experimental results show that F-net has high recognition rate and real-time detection performance.

Figures and Tables | References | Related Articles | Metrics

Research on Smart Home Vulnerability Mining Technology Based on Taint Analysis

Jian ZHAO, Rui WANG, Siqi LI

2018, 18 (6): 36-44. doi: 10.3969/j.issn.1671-1122.2018.06.005

Abstract ( 1376 )

HTML ( 8 )

PDF (2469KB) ( 226 )

The control center is the core of the smart home, and it can be controlled remotely through mobile phones, flat panels and other terminals. Once the control center is attacked, the attacker can get the majority of the household control authority, resulting in great destruction. At present, in the intelligent Home Furnishing system, control center through the router using wireless communication technology to connect to the remote terminal equipment, operation and control of all kinds of intelligent home furnishing in the system, the router is directly related to the safety of the whole intelligent system home furnishing and user privacy security.This paper designs a framework to discover vulnerabilities of the router based on sulley, and proposes a three-phase test case generation module (TPFTGM) to guide the generation of specific test cases in the process of fuzzing, and applies the framework to mining vulnerabilities in the Dlink. The experimental results show that the framework can successfully mine and restore the remote code execution vulnerability in the Dlink, and optimize the low efficiency of test cases and low code coverage in Fuzzing.

Figures and Tables | References | Related Articles | Metrics

Formal Analysis Method of Security Protocol Based on Correlation Degree of Principals

Lei YU, Shimin WEI, Mingming JIANG

2018, 18 (6): 45-51. doi: 10.3969/j.issn.1671-1122.2018.06.006

Abstract ( 609 )

HTML ( 1 )

PDF (1140KB) ( 152 )

The correlation degree of principals established on recent consistency of protocol principals parameters can correctly reflect the logical relationship between protocol security properties and protocol structure, message components and message parameters, which not only can provide accurate and rigorous formal judgment basis for the analysis of the correctness of the security protocol, but can further reduce the complexity of protocol analysis. Therefore, this paper proposes a formal analysis method for security protocols based on correlation degree of principals. Firstly, on the authentication test model, the parameters of message components are classified, and the quantitative definition of the correlation degree of the protocol principals is given. Then according to the rules of authentication test and the criteria for determining the consistency of the parameters on the components, the logical association between the correlation, authentication and the consistency of the negotiation data of the protocol and correlation degree of protocol principals is established. Next, the correctness of the design goals of security protocol is analyzed on the correlation degree of protocol principals. This paper analyzes the Neuman-Stubblebine protocol using the method, which accurately finds the potential defects and its roots in the protocol, and confirms the application feasibility and efficiency of the correlation degree of protocol principals in the correctness analysis of the security protocol.

Figures and Tables | References | Related Articles | Metrics

Identity-based Encryption Scheme Support Authorization Equality Test in Cloud Environment

Qi ZHANG, Xijun LIN, Haipeng QU

2018, 18 (6): 52-60. doi: 10.3969/j.issn.1671-1122.2018.06.007

Abstract ( 747 )

HTML ( 2 )

PDF (2066KB) ( 321 )

Recently, the encryption algorithm in public cloud environment has been a hot topic. Among these encryption algorithms, the identity-based encryption with equality test (IBEET) algorithm which can support the equality test attracts much attention. This kind of algorithm can compare the encrypted ciphertexts of two different users and determine whether the corresponding message of the ciphertexts are equal, which bring convenient for information comparing, matching and querying. However, there is still lacking of fine-grained authorization mechanism up to date for the identity-based encryption algorithm that supports the equality test in the public cloud. In order to enhance the privacy of user’s data, this paper proposes an identity-based encryption scheme support authorization equality test (IBE-SAET), and design two kinds of authorization which are user specific authorization and ciphertext specific authorization for cloud servers. In the new scheme, the user can authorize the cloud server with two different types of authorization. What’s more, this thesis gives the corresponding system model, formal algorithm definition and security model of IBE-SAET. In addition, specific encryption algorithms and authorization algorithms are designed based on the Diffie-Hellman problem on bilinear maps. Finally, this paper proves the security of the IBE-SAET scheme in random oracle model, which is one-way secure against chosen identity and chosen ciphertext attacks.

Figures and Tables | References | Related Articles | Metrics

Research on Key-insulated Group Signature Scheme Based on Bilinear Pairings

Yue WANG, Xiangguo CHENG, Xuqi WANG

2018, 18 (6): 61-66. doi: 10.3969/j.issn.1671-1122.2018.06.008

Abstract ( 712 )

HTML ( 2 )

PDF (1382KB) ( 148 )

In order to solve the problem of key leakage in group signature, this paper proposes a group signature scheme with key isolation property by combining key isolation technology with group signature. The scheme uses key isolation method to update secret keys of user and administrator periodically so that key leakage in one time slot will not affect secret keys in other time slots, which improves the security of signature and reduces the loss caused by key leakage. This scheme not only satisfies the security properties of group signature such as anonymity, traceability and unforgeability, but also has some security properties such as key isolation, strong key isolation and security key update. This scheme is more simple and quick to track the group members, and is more convenient to add and delete group members. The scheme greatly improves the efficiency of signature by using bilinear pairings algorithm.

Figures and Tables | References | Related Articles | Metrics

Research on AP Signal Characteristics of 3D Indoor Positioning Mechanism Based on WLAN

Runshen YU, Haodong MI, Minjun CHEN, Cheng CHENG

2018, 18 (6): 67-76. doi: 10.3969/j.issn.1671-1122.2018.06.009

Abstract ( 881 )

HTML ( 2 )

PDF (1710KB) ( 159 )

Nowadays, the existing GPS position technology has satisfied the positioning requirements of the mobile terminal in the outdoor environment, but it almost fails in the indoor environment, and most indoor positioning solutions are aimed at a small indoor area or on a two-dimensional plane, which is not conducive to promotion or integrated into indoor maps and navigation apps. Therefore, indoor positioning technologies based on various wireless technologies such as infrared, Bluetooth, ultra-wideband, and radio frequency have been proposed, among which the WLAN indoor positioning technology has received extensive attention because of its high cost-performance advantage. However, there is no systematic research on the characteristics of the received signal strength of the AP, which cannot meet the characteristics of the AP properties required for a specific indoor location environment, and cannot guarantee the correctness and rationality of the indoor location mechanism. For this reason, this article has conducted in-depth research on the characteristics of the received signal strength generated by the AP near its location. The distribution, stability, and detectability of RSS over time are discussed especially, and the factors that may interfere with RSS are analyzed. Based on the above conclusions, this paper discussed the applicability of the probabilistic location fingerprinting method in an actual indoor location environment.

Figures and Tables | References | Related Articles | Metrics

A CP-ABE Privacy Preserving Method for Wearable Devices

Le WANG, Zherong YANG, Rongjing LIU, Xiang WANG

2018, 18 (6): 77-84. doi: 10.3969/j.issn.1671-1122.2018.06.010

Abstract ( 674 )

HTML ( 3 )

PDF (2321KB) ( 291 )

Wearable health monitoring device based on wireless sensor networksgradually changes the traditional way of medical data monitoring, which brings the more advanced and convenient health data monitoring. However, privacy has become an issue of great concern in the transmission and distribution of monitoring data. Thus in this paper, we propose a novel privacy protection model which compromises anonymous algorithm and attribute based encryption schemes on the basis of previous studies.For cutting down LSSS matrix’s scale and exclude redundant attributes related to privacy, the rows associated with authorized attributes are firstly computed in LSSS matrix. After LSSS matrix is computed, we combine LSSS matrix with minimum authorized collection line search strategy to find minimum authorization attribute sets.Our experiment configures that the method proposed in this paper could stop redundant attributes to participate in encryption and decryption. At the same time,theefficiency of encryption and decryption are improved obviously. Privacy information is protected well without imposing any influence on final decryption.

Figures and Tables | References | Related Articles | Metrics

Table of Content