Loading...
Netinfo Security

Table of Content

    10 April 2015, Volume 15 Issue 4 Previous Issue    Next Issue
    For Selected: Toggle Thumbnails
    The Development Trends of the Network Security and Information Technology
    CHEN Ming-qi, HONG Xue-hai, WANG Wei, LIAN Yi-feng
    2015, 15 (4):  1-4.  doi: 10.3969/j.issn.1671-1122.2015.04.001
    Abstract ( 427 )   HTML ( 0 )   PDF (4359KB) ( 156 )  

    This paper analyzes the technology development trends of internet, network security, information technology. In internet area, the next generation of internet architecture, internet basic resources management authority and control technology, and internet search technologies are undergoing profound changes. In the network security area, the new social media becomes a new avenue that the network attacks can use. National and industrial big data platforms and critical infrastructures become the new targets of cyber attacks. The sophisticated cyber attacks such as the active monitoring technique become a new way of network attacks. In IT area, IT itself evolves to the post-computer era. IT applications evolve to the pervasive computing era. The third-generation IT platform is forming. Based on the above technology development trends, this paper suggests that China should strengthen technical pre-warning, achieve the independent controllable technological innovation, improve network security management and control system, and expand international influence and the right of speech.

    References | Related Articles | Metrics
    Analysis of Security Risk Controllability for Windows OS
    QING Si-han, CHENG Wei, DU Chao
    2015, 15 (4):  5-12.  doi: 10.3969/j.issn.1671-1122.2015.04.002
    Abstract ( 633 )   HTML ( 5 )   PDF (7398KB) ( 213 )  

    With the popularization and rapid development of internet, the problems concerning information security have become increasingly prominent, causing increasing security risks. Information systems, networks, and network applications have been attacked frequently, and the attacking methods have become increasingly sophisticated, mature, and diverse. As the most popular OS worldwide, Windows system naturally has received more attacks than others. Facing the more advanced attacks, Microsoft constantly launches new version of Windows with new security features. Among these security features, the improvement of controllability is important to reduce security risks. Not only the security risk controllability of an information system should be assured, but also the users can control the security risks to a certain extent. This paper analyzes and discusses what new security mechanisms have been introduced based on Windows 8, and what existing security solutions have been improved in this new version, and lastly how these new measures impact on the security risk controllability.

    Figures and Tables | References | Related Articles | Metrics
    Research on Conference Identity Authentication System Based on Two-dimensional Bar Code and Face Recognition
    XU Jian, ZHAO Ying-nan, TIAN Yong-chun, ZHOU Fu-cai
    2015, 15 (4):  13-18.  doi: 10.3969/j.issn.1671-1122.2015.04.003
    Abstract ( 550 )   HTML ( 2 )   PDF (6102KB) ( 115 )  

    Each year many conferences will be held by government agencies, large corporations, and universities, the conference organization is very complex and involves many works to do. The registration and identity authentication is very important for the conference management, especially for the conference which its confidentiality requirement is high. However the current solutions for conference identity authentication are usually verifying cards artificially, using smart cards and RFID cards, which have the problems of information leakage, certificates forgery and resources waste etc. In order to solve the problems, this paper constructs a conference identity authentication system mixing together the technologies of two-dimensional bar code, face recognition, digital signatures and decoding and encoding two-dimensional bar code. This system can prevent the problems of information leakage and identity forgery, which ensures the safe and order of the conference. This system has a certain value for the conference which the security requirements are high.

    Figures and Tables | References | Related Articles | Metrics
    Survey of Mobile Botnet
    LI Na, DU Yan-hui, GAO Feng
    2015, 15 (4):  19-27.  doi: 10.3969/j.issn.1671-1122.2015.04.004
    Abstract ( 383 )   HTML ( 1 )   PDF (9975KB) ( 120 )  

    With the popularity of smart devices and the rapid development of 4G technology, the living environment of mobile botnet has been ripe. Mobile botnet has made great damages to infrastructural facilities and property of people. But current security solutions for smart phones and mobile devices are very limited in preventing those attacks. So mobile botnet has become one of the important security problems of the mobile network. Mobile botnet has a close relationship to mobile malware, because construction of mobile botnet dependents on the propagation of mobile malware. This paper first introduces the evolution process of mobile malware. The important part of a botnet construction is the command and control (C&C) channel which is the key point for both the attacker and defender for mobile network control. The mobile botnet is different than the traditional botnet in command and control channel design. Command and control channel is also a mainly sign which is the mobile botnet be distinguish from mobile malware. In order to understand the current research works and the evolution process of mobile botnet, the command and control mechanisms of mobile botnet are discussed. The situation of the command and control based on SMS, Bluetooth, HTTP, Web 2.0 and others researches are analyzed and compared. And the different kinds of propagation of mobile botnet are further more discussed. In this part, to understand the propagation behavior of mobile botnets, many propagation models of mobile botnet as a foundation for further exploration. Those propagation models include deterministic epidemic models, stochastic models and spatialtemporal models. To study the mobile botnet is to connect with the simulator of mobile botnet. Mathematical models simulator, event-based simulator, trace-driven simulator and agent-based simulator of mobile botnet are reviewed. At last, the defense policies of mobile botnet are proposed. The defense policies can help defenders develop defense strategies or make prevention policy to block the propagation of the moblie botnet. And it is important and practical significance for protecting mobile network security and attacking mobile network crime. So the study mobile botnet is very valuable to provide a workable solution to enhance the defense ability of mobile network.

    Figures and Tables | References | Related Articles | Metrics
    A LBSs Cloaking Algorithm Based on Velocity Dynamic Variation
    WANG Yong, GAO Shi-meng, NIE Xiao, ZHANG Jun-hao
    2015, 15 (4):  28-35.  doi: 10.3969/j.issn.1671-1122.2015.04.005
    Abstract ( 407 )   HTML ( 0 )   PDF (8411KB) ( 78 )  

    With the extensive development of location-based services (LBSs), the potential threats to users’ privacy information have become one of the biggest challenges. With the disclosing of users’ location data, the related privacy such as users’ activities, living address may be leaked to others. Privacy issue becomes the most concerns in LBS application scenarios. Especially for continuous LBS queries, the correlations of users’ location data make it much easier to expose their privacy information. Hence, in this paper, we propose a novel privacy preserving algorithm, namely, velocity-based dynamic cloaking algorithm (V-DCA), for continuous LBS queries. V-DCA considers users’ moving properties and trends, including velocity and acceleration similarity while performing cloaking. Moreover, V-DCA utilizes the previous cloaked sets to generate current set, and provides users’ location privacy guarantees against users tracking attack while reserve their quality of service (QoS). The main contributions of this paper are as follows: we propose a novel algorithm V-DCA for continuous LBS queries, which considers users’ velocity and acceleration similarity and is balanced between privacy preserving and QoS reserving; we define the evaluation metrics to measure its performance including privacy guarantee, cloaking time, and QoS; we evaluate the algorithm in real geographic data set environment and compare its performance with other cloaking algorithms, which shows V-DCA effectiveness in continuous LBS query application scenarios.

    Figures and Tables | References | Related Articles | Metrics
    The Cross Layer Design Joint Rate and Power Control in Ad Hoc Network
    YAN Wei, XIAO Ming-bo, XU Xiang-nan
    2015, 15 (4):  36-40.  doi: 10.3969/j.issn.1671-1122.2015.04.006
    Abstract ( 490 )   HTML ( 0 )   PDF (4845KB) ( 98 )  

    In recent years, with increasing demands for mobile services in different scenarios, no-center, distributed and self-organized Ad Hoc network has rapidly developed and plays a more and more important role in social life. However, how to design a reasonable and effective resource allocation scheme in Ad Hoc network is facing enormous challenge. This paper introduces the distributed Newton algorithm to solve the resource allocation problem. The main idea of the algorithm is to use the current local information to solve the primary and dual variables in each iterative process. By introducing energy consumption cost into the utility maximization function, and using the information from network layer, data link layer and physical layer, this paper proposes a cross layer design joint rate and power control in the utility maximization model. This method transforms the maximization problem of object function after modeling the Ad Hoc network into sub-problems in each different layer, workingout the minimum power and the maximum rate of the Ad Hoc network, that the minimum power under the maximum sending rate. The simulation result shows that the secondary convergence speed of the algorithm is fast. Cross layer optimization joint rate and power control can guarantee network utility maximization and reduce the node transmit power at the same time, thus effectively prolonging the network lifetime. The lower power communication can also enhance the communication security of the Ad Hoc network.

    Figures and Tables | References | Related Articles | Metrics
    A Document Reranking Algorithm Based on Subjective Bayes Method and Relevance Feedback Technology
    ZHAO Yan, GU Yi-jun
    2015, 15 (4):  41-44.  doi: 10.3969/j.issn.1671-1122.2015.04.007
    Abstract ( 539 )   HTML ( 4 )   PDF (3844KB) ( 130 )  

    Relevance feedback method as a method of query expansion has many algorithm models, such as Rocchio relevance feedback algorithm of the Vector Space Model, BIM (binary independence model) of the Probabilistic Model, the RM (relevance model, RM) of the Language Modeling. In order to further improve the accuracy of query, this paper proposes a reordering algorithm combined with subjective Bayes method and relevance feedback technology. The documents are reranked by the extended terms and feedback documents. The extended terms are returned by RM3 algorithm. It used the Language Modeling as a baseline method, the RM3 method as the method of comparison in the experiments. It shows that our method performs well compars with the Language Modeling and RM3 method. The correct rate is better than the Language Modeling and RM3 method on precision at the first N returned documents .

    Figures and Tables | References | Related Articles | Metrics
    Research and Implementation on Hybrid Clustering Algorithm in Big Data Processing
    CHEN Xiao, ZHAO Jing-ling
    2015, 15 (4):  45-49.  doi: 10.3969/j.issn.1671-1122.2015.04.008
    Abstract ( 488 )   HTML ( 0 )   PDF (5131KB) ( 155 )  

    With the rapid development of information technology, the era of big data has arrived, analysis of the data has become the focus of research, data mining is to become a top priority, and has been extensively studied. This paper aims to study the clustering algorithm, puts forward a hybrid clustering algorithm which integrates the clustering algorithm based on partition and the clustering algorithm based on hierarchical. The algorithm can avoid the problem of randomly chosen initial cluster centers, and uses the clustering algorithm based on partition to initialize the data, then uses the clustering algorithm based on hierarchical to analysis the post-processed data from the bottom to the top, which can greatly enhance clustering speed. The algorithm can combine the advantages of this two kinds of traditional clustering algorithm, eliminate the deficiencies, achieve complementary advantages, and improve the operating efficiency of the algorithm without loss of accuracy. Finally, simulation experiments confirm the effectiveness and feasibility of the proposed algorithm through the R language tools.

    Figures and Tables | References | Related Articles | Metrics
    The Study of Two-state Channel Model Based on Markov Chain in the Mobile Satellite Communication
    WU Hai-long, ZHAO Dan-feng, LIAO Xi
    2015, 15 (4):  50-55.  doi: 10.3969/j.issn.1671-1122.2015.04.009
    Abstract ( 491 )   HTML ( 3 )   PDF (6116KB) ( 197 )  

    This paper puts forward a two-state land mobile satellite channel model on the basis of Markov chain. Transfer between the two states is described as Markov process, and probability density function of receiving signal envelope in each state follows the Loo distribution. Statistical characteristic of first order and second order is attained via doing mathematic modeling and simulation analysis of the process, and are compared with that of the measured data in the same environment. The simulation result shows that in various environments, the statistical characteristics of the two-state land mobile satellite communication channel model based on Markov chain are close with that of the measured data, which proves that the constructed channel model can be used to simulate the satellite mobile communication channel in practical environment. It not only provides an effective platform for the evaluation of mobile communication technology and the planning of communication system in future, but also has a wide applicability.

    Figures and Tables | References | Related Articles | Metrics
    Kernel-level Rootkit Detection Technology Based on VMM
    ZHANG Lei, CHEN Xing-shu, REN Yi, LI Hui
    2015, 15 (4):  56-61.  doi: 10.3969/j.issn.1671-1122.2015.04.010
    Abstract ( 650 )   HTML ( 0 )   PDF (6622KB) ( 172 )  

    Kernel-level Rootkits of virtual machine in cloud can destroy the integrity of virtual machine of tenant. This paper presents a kind of kernel-level Rootkit detection technology based on Virtual Machine Monitor (VMM). This technology establishes True Module List (TML) by critical path breakpoint and obtains the virtual machine’s kernel module view, the user mode view was established by bottom-up calls from VMM, and the reconstructed kernel mode view of virtual machine was get in the VMM layer, then by cross-referencing these three views to detect Rootkit hidden in a virtual machine. Finally, a prototype system was realized based on the Kernel-based Virtual Machine (KVM), experimental results showed that Rootkits in Virtual Machine could be quickly and ac-curately detected in the prototype system, details of Rootkit could be reported according to TML, the overall per-formance loss of the prototype system was in acceptable range.

    Figures and Tables | References | Related Articles | Metrics
    A Survey of Digital Passive Lossless Forensics on Forged and Altered Document
    SHANG Shi-ze, KONG Xiang-wei, YOU Xin-gang
    2015, 15 (4):  62-67.  doi: 10.3969/j.issn.1671-1122.2015.04.011
    Abstract ( 589 )   HTML ( 0 )   PDF (6800KB) ( 412 )  

    The examination of forged and altered document is an important part in judicial expertise. The traditional examination methods need professional testers and devices, the disadvantages include high cost, long testing time, damage on the documents, etc. In recent years, the digital passive lossless forensics on forged and altered document has been developed which only uses scanner and computer. In this paper, we first introduce the life-cycle of document and its forging and altering methods. Then, we summarize the passive lossless forensics on forged and altered document, and describe the technologies on device identification, copy paper identification and authenticity detection, respectively. We give a detailed description on the characteristics introduced by devices and altering methods, and their forensics methods. Finally, we describe the questions and challenges on digital passive lossless forensics on documents.

    Figures and Tables | References | Related Articles | Metrics
    The Design and Implementation of Data Processing Module with Cognitive Radio Function
    WANG Wei-ran, YUAN Chao-wei
    2015, 15 (4):  68-73.  doi: 10.3969/j.issn.1671-1122.2015.04.012
    Abstract ( 487 )   HTML ( 0 )   PDF (6897KB) ( 116 )  

    Cognitive radio technology has a strong ability of spectrum sensing, which can improve the anti-jamming capability of broadband communications, but is focused on theoretical research and has rarely practical applications at the present stage. So, it has a strong practical significance to integrate cognitive radio module into broadband communication system and make full use of the spectrum sensing capabilities of cognitive radio to improve the anti-jamming capability of broadband communications. This paper presents the design and implementation of a data processing module with cognitive radio function based on the broadband communication platform. It uses an improved SNR weighted cooperative detection algorithm for real-time broadband spectrum sensing to determine whether the work frequency is interfered, and replaces the interfered work frequency with the better performance of backup frequency to avoid interference and improve the anti-jamming capability of broadband communication platform. Finally, the module is tested over the broadband communications platform, the results show that the module designed in this paper can dynamically update broadband communication frequencies to avoid interference and improve the anti-jamming capability of the platform, which achieves the design requirements.

    Figures and Tables | References | Related Articles | Metrics
    Q-Learning-based Routing Protocol for the Balance of WSN Lifetime
    SU Bin-ting, FANG He, XU Li
    2015, 15 (4):  74-77.  doi: 10.3969/j.issn.1671-1122.2015.04.013
    Abstract ( 506 )   HTML ( 1 )   PDF (3969KB) ( 303 )  

    Wireless sensor network (WSN) is extensive concerned by academia and industry because of its good performances such as flexible deployment and low cost. But the nodes of wireless sensor network have the great limitation in the aspect of energy, computation, memory size and bandwidth, the complex routing protocols of traditional network can't be applied directly in wireless sensor network, thus a simple and efficient routing protocol became the research focus of wireless sensor network. In order to extend working hours, this paper proposes a routing protocol, Q-WRP, which can balance the wireless sensor network lifetime on the basis of reinforcement learning. The protocol takes account of the factors of residual energy, hop count to sink node, and propagation delay time, allocates Q-value for each node, and finds the optimal routing path according the Q-values of each node at last. Simulation result from NS2 shows that Q-WRP extends the occurrence time of the node that dies firstly, and can balance the wireless sensor network lifetime efficiently.

    Figures and Tables | References | Related Articles | Metrics
    Research on USB Device Redirection Technology in Cloud Desktop
    SUN Yu-wei, TONG Xin-hai, ZHANG Lin-hui, YANG Chun-yu
    2015, 15 (4):  78-85.  doi: 10.3969/j.issn.1671-1122.2015.04.014
    Abstract ( 797 )   HTML ( 8 )   PDF (8162KB) ( 164 )  

    With the continuous development of cloud computing, cloud desktop solution is increasingly mature, becoming a typical cloud computing application case. Using virtualization technology to pool computational resources, cloud desktop delivery traditional desktop or application which is deployed in pooling computational resources up to polymorphous terminal through the network. Cloud desktop transfer protocol is one of the core technologies of cloud desktop and provides users with use experience which is close to traditional desktop PC operating systems. Compared with the traditional physical desktop PC, cloud desktop support for USB device is not mature yet. The USB device with its plug and play, fast data transfer rate and other significant advantages has become the most widely used computer peripherals interface. A key of cloud desktop user experience is to support the USB and other external equipment. Deploying USB redirection in the cloud desktop, when the USB device was physically connected on the client side, users can read and write data and operate USB devices normally on the Guest system, providing more for office demand and daily use. The cloud desktop and mainstream desktop transport protocol were introduced in this paper. USB redirection solution was studied and had been addressed basing on the SPICE open source desktop transmission protocol and USBRedir technology. The key principle and technology such as USB device virtualization framework, virtual multi-channel technology and USBRedir technology, were analyzed. Deployment and application of the USB redirection in the cloud desktop were briefly explained.

    Figures and Tables | References | Related Articles | Metrics
    Research and Practice of the Classified Protection System of the Bank Data Center
    YUAN Hui-ping
    2015, 15 (4):  86-89.  doi: 10.3969/j.issn.1671-1122.2015.04.015
    Abstract ( 681 )   HTML ( 3 )   PDF (4031KB) ( 199 )  

    This paper analyses the key importance of classified protection, focuses on the experience of classified protection in the People's Bank of China.It gives the guideline and architect of classified protection for class 3 information system, pays more attention on its booster effects on information security assurance system to keep classified protection standard.

    Figures and Tables | References | Related Articles | Metrics