Loading...
Netinfo Security

Table of Content

    20 December 2018, Volume 18 Issue 12 Previous Issue    Next Issue
    For Selected: Toggle Thumbnails
    Host Behavior Analysis Based on Bipartite Graph Model
    Jinsong WANG, Huirong NAN, Honghao ZHANG
    2018, 18 (12):  1-7.  doi: 10.3969/j.issn.1671-1122.2018.12.001
    Abstract ( 446 )   HTML ( 6 )   PDF (7625KB) ( 151 )  

    In recent years, with the continuous increase of the network scale, diversification of network applications and the gradual maturity of the encrypted data transmission technology, the analysis of the terminal host behavior have become more and more complicated. This paper presents a graph-based approach that uses community detection to discover end hosts with similar behavior. And the approach are scalable and practical by introducing Spark GraphX technology. The experimental results show that this method has strong validity and reference in the data analysis based on NetFlow, and can be referenced for large-scale network analysis.

    Figures and Tables | References | Related Articles | Metrics
    Spectral Clustering Bipartite Graph Segmentation Method Based on Color Invariant Features
    Wei ZHAO, Na ZHAO, Yixing ZHANG
    2018, 18 (12):  8-14.  doi: 10.3969/j.issn.1671-1122.2018.12.002
    Abstract ( 471 )   HTML ( 1 )   PDF (8602KB) ( 80 )  

    The segmentation results of segmentation methods based on spectral clustering are significantly affected by the performance of superpixels clustering. However, the performance of superpixels clustering mostly depends on the construction of affinity model. Bipartite graph segmentation framework with cross-affinity matrix makes superipixels clustering more efficient, but its affinity model uses simple color features without considering the effect of illuminant changes such as highlights, shading et al, which may result in failed object segmentation. To improve the coherence of superpixels clustering, this paper uses color descriptor with color invariant features and Ridge feature which reflects physical reflection of imaging surface to construct cross-affinity model. Based on the validation in Berkeley database, the spectral clustering segmentation method based on color invariant features achieves better performances compared to existing segmentation techniques.

    Figures and Tables | References | Related Articles | Metrics
    Iris Ciphertext Authentication System Based on SEAL
    Xinxia SONG, Jiamin MA, Zhigang CHEN, Kefei CHEN
    2018, 18 (12):  15-22.  doi: 10.3969/j.issn.1671-1122.2018.12.003
    Abstract ( 689 )   HTML ( 3 )   PDF (8557KB) ( 150 )  

    With the application and promotion of biometric technology, biometrics has become more and more important to identity authentication. In order to ensure the privacy of the user, the biometrics cannot be stored or manipulated in clear text. Aiming at this problem, this paper analyzes and summarizes the scheme and performance of the existing biometric authentication system, and proposes to construct and design an iris-like ciphertext authentication system based on full homomorphic encryption using FV scheme. SEAL (Simple Encrypted Arithmetic Library) library. The entire system can complete iris authentication without decrypting the iris feature template, and the database stores the homomorphic ciphertext of the iris feature template, so there is no need to worry about the leakage of the iris feature template. At the same time, the system does not require a trusted center for authentication, and the authentication is completed on the server side directly through the one-time MAC authentication method. Tests have shown that when the system adopts an iris algorithm with a low depth of calculation circuit such as the Hamming distance comparison algorithm, it has good performance, which basically meets the requirements of real application scenarios.

    Figures and Tables | References | Related Articles | Metrics
    Authentication Scheme for Smart Power Management Schemes in V2G
    Sheng WANG, Gen LI, Honglin ZHUANG, Zhigang JIN
    2018, 18 (12):  23-30.  doi: 10.3969/j.issn.1671-1122.2018.12.004
    Abstract ( 462 )   HTML ( 6 )   PDF (9304KB) ( 84 )  

    Electrical vehicles play more and more important roles in the development of smart grid. Vehicle-to-Grid technologies becomes a hot research issue. A novel VANET based V2G communication model is proposed in this paper. In order to deal with the problem of power management and security of V2G networks, smart power management schemes and secure authentication protocols for these schemes are proposed basing on the model for effective and secure service for electrical vehicles’ users and the security of smart grid. Based on VANET technologies, distributed and centralized strategies are combined in the proposed smart power management schemes, which is different with the traditional centralized strategy in power grid, so that charge and discharge requests can be effectively disseminated and matched in V2G networks. Authentication schemes between electrical vehicles and aggregate units are designs to serve the electrical vehicle users and smart grid efficiently and safely. Logic language are used to prove the authentication for the smart management schemes can mutual authenticate the participants to prevent the electrical vehicles’ users and smart grid from network attacks.

    Figures and Tables | References | Related Articles | Metrics
    Encryption Based on Alliance Chain and DNA Coding in Local Area Network
    Hongxia ZOU, Bin QI, Yu WANG, Jixing LI
    2018, 18 (12):  31-37.  doi: 10.3969/j.issn.1671-1122.2018.12.005
    Abstract ( 482 )   HTML ( 3 )   PDF (8374KB) ( 106 )  

    As an important branch of the blockchain, the alliance chain is widely used in trusted encryption computing. The current data encryption technology is widely studied, but it mainly focuses on encryption at the data, and there are few researches on the structure of encryption. In order to improve the encryption strength of data in local area network, the paper proposes a multi-centered coalition chain topology on the encryption structure, using the decentralized storage of encrypted information to improve the security. Based on this, an encryption technology based on chaotic mapping and DNA coding is also designed to further enhance the confidentiality and integrity. The experimental test results show that the change rate of the pixel number and the average intensity change rate of the simulated data have reached the ideal value, which can effectively resist the differential attack, and achieving better performance than the current mainstream encryption algorithm, which providing a reference for identity-based credibility and data encryption or communication in LAN.

    Figures and Tables | References | Related Articles | Metrics
    Reseach on U2R Attacks Detection Based on Improved Artificial Bee Colony Combined with Optimized Random Forest
    ZHAI Jiqiang, XIAO Yajun, YANG Hailu, WANG Jian
    2018, 18 (12):  38-45.  doi: 10.3969/j.issn.1671-1122.2018.12.006
    Abstract ( 567 )   HTML ( 3 )   PDF (8280KB) ( 101 )  
    Aiming at the problem of low detection rate of U2R attacks in IDS, this paper proposes a model that combined an improved artificial bee colony algorithm (ABC) with the optimized random forest (RF). Firstly, the model improved the initialization method and search strategy of the traditional ABC, optimized the method of ranking of feature importance scores in the traditional RF. Then the model combined the two improved algorithm. Experiments with NSL-KDD datasets show that the attack detection model based on the improved artificial bee combined with the optimization random forest algorithm (RF-IABC) can extract the optimal feature set of attack type accurately, then classify and predict the attack data, improve the detection rate of U2R type attacks by IDS effectively.
    References | Related Articles | Metrics
    Defensive Software Testing Service System Based on Cloud Platform
    Yue ZHOU, Wei WANG, Jianhong GUO, Jingsha HE
    2018, 18 (12):  46-53.  doi: 10.3969/j.issn.1671-1122.2018.12.007
    Abstract ( 471 )   HTML ( 2 )   PDF (8403KB) ( 147 )  

    Cloud computing is developing rapidly nowadays because of its powerful resource processing ability and efficient computing ability, and is popular because it can provide users with cheap and customizable services. With the progress of cloud computing technology, cloud platform bears more and more complex applications services. As a common application service, software testing has been increasing both in scale and complexity in recent years. Comparing with the traditional testing mode, cloud platform can meet the needs of software testing better. This paper divides the software testing system in cloud platform into five modules : upload, management, resource allocation, execution and test task database, and discusses the scheduling principles corresponding to the characteristics of the test task in order to accomplish the test task efficiently. This paper also discusses the security protection model for the cloud test platform, and analyzes the security guarantee of the model from two aspects of demand and technology.

    Figures and Tables | References | Related Articles | Metrics
    Detection and Recognition Strategy for Anomaly of Cloud Virtual Machine Based on Context Clustering
    Li HE, Yuanhui YAO
    2018, 18 (12):  54-65.  doi: 10.3969/j.issn.1671-1122.2018.12.008
    Abstract ( 499 )   HTML ( 5 )   PDF (13119KB) ( 62 )  

    According to the characteristics of virtual machine, an exception detection strategy based on context clustering is proposed, which uses a new clustering initial center selection strategy to aggregate virtual machine instances with similar context running environment. Then, the local anomaly factor algorithm that affects space is improved incrementally, and a context anomaly detection model is constructed for each contextual cluster. The real-time acquisition virtual machine is matched to the corresponding context anomaly detection model according to the context information contained. The corresponding context anomaly detection model can incrementally detect the newly collected virtual machine instance. Several numerical experiments show that the proposed anomaly detection model and recognition algorithm are effective and efficient.

    Figures and Tables | References | Related Articles | Metrics
    Research on Domain Flux Botnet Domain Name Detection Method Based on Weighted Support Vector Machine
    Jinwei SONG, Jin YANG, Tao LI
    2018, 18 (12):  66-71.  doi: 10.3969/j.issn.1671-1122.2018.12.009
    Abstract ( 523 )   HTML ( 1 )   PDF (6688KB) ( 160 )  

    Domain Flux botnet domain names are mostly used in botnet command control channels, so detection of Domain Flux botnet domain names is very important for botnet detection. There are many problems in the detection methods of Domain Flux botnet domain names at present. For example, resource consumption is high and detection accuracy is not high. To solve these problems, this paper proposes a Domain Flux botnet domain name detection method based on weighted support vector machine. By analyzing the difference between Domain Flux botnet domain name and traditional domain name, dozens of domain name features are extracted to distinguish normal domain name and Domain Flux botnet domain name. In order to maximize the distinguishing effect of each feature, the weights of each feature are calculated by the information gain ratio and weighted by the feature. The SVM algorithm is trained on the weighted feature data set to obtain the detection model. Experiments show that this method effectively improves the detection accuracy of Domain Flux botnet domain names, and can better identify Domain Flux botnet domain names.

    Figures and Tables | References | Related Articles | Metrics
    A Trusted Multicast Routing Protocol Based on Fluctuation Recognition
    Sanshun ZHANG, Hui XIA, Gongjing ZHANG
    2018, 18 (12):  72-81.  doi: 10.3969/j.issn.1671-1122.2018.12.010
    Abstract ( 557 )   HTML ( 2 )   PDF (11274KB) ( 95 )  

    Due to the openness and dynamic natures of the mobile ad hoc network topology, traditional routing protocols are vulnerable to various attacks from malicious nodes. This paper proposes a trust calculation model combining direct trust with recommendation trust. Direct trust is calculated by fluctuation-based system cloud grey prediction model, recommendation trust is calculated by different types of recommendation nodes, and the weights of direct trust and recommendation trust are determined dynamically to get the total trust value. Based on this trust model, this paper designs a fluctuation-based trust multicast routing protocol BTCMRP. The agreement can identify and eliminate malicious nodes in the network through trust calculation, and effectively deal with routing attacks. In routing maintenance, the forwarding group node reuse mechanism is proposed, which solve the problem of excessive multicast routing overhead in multi-source grid structure. The simulation results show that compared with the proposed trust-based multicast routing, BTCMRP improves the delivery rate and reduces the routing overhead and average delay.

    Figures and Tables | References | Related Articles | Metrics
    Design and Implementation of Network Public Opinion Monitoring System for Forest Public Security Based on Hadoop
    Chunxia ZHANG, Xinmeng WANG, Xiaoxi ZHANG
    2018, 18 (12):  82-86.  doi: 10.3969/j.issn.1671-1122.2018.12.011
    Abstract ( 458 )   HTML ( 7 )   PDF (5977KB) ( 190 )  

    The survey shows that the collection, analysis and reporting of network public opinion in the domestic forest public security application system is still in the original state of artificial mode, which leads the collection efficiency is low, the analysis time is long, and the accuracy of research and judgment is not high, specially conversion rate of effective public opinion is low. In order to improve the working mechanism of forest public security network public opinion monitoring, this paper designs a forest public security network public opinion monitoring system based on Hadoop according to the actual needs of forest public security network public opinion monitoring. The system realizes parallel crawling and analysis of forest public security network public opinion based on MapReduce distributed processing framework in Hadoop. The practice proves that forest public security network public opinion monitoring system based on Hadoop improves effectively the collection efficiency and analysis efficiency of forest public security network public opinion.

    Figures and Tables | References | Related Articles | Metrics
    Privacy-aware Power Injection in 5G Smart Grid
    Liang LI, Yinghui ZHANG, Kaixin DENG, Tiantian ZHANG
    2018, 18 (12):  87-92.  doi: 10.3969/j.issn.1671-1122.2018.12.012
    Abstract ( 507 )   HTML ( 2 )   PDF (7182KB) ( 154 )  

    To address the security and privacy protection issues of power collection in 5G smart grid, a privacy-aware power injection system is proposed based on V2G (Vehicle-to-Grid) for 5G smart grid. During peak hours, the power utility sends a power collection request through aggregation gateways in V2G. Power storage units such as electric vehicles encrypt and aggregate power bids of different time slots based on Paillier cryptosystem and Diffie-Hellman key agreement. Aggregation gateways further aggregate the power data of all power storage units and send the result to the power utility. The power utility decrypts the aggregated data based on secret keys to get the number of power collected in different time slots. Security analysis indicates that the proposed system not only protects privacy of power storage units, but also realizes confidentiality and integrity of injection data. Efficiency analysis indicates that the proposed system significantly reduces the computation complexity and improves the communication efficiency.

    Figures and Tables | References | Related Articles | Metrics