Netinfo Security

Catalog

2019, 19 (9): 0-0.

Abstract ( 342 )

PDF (2663KB) ( 174 )

Related Articles | Metrics

Research on Android Malware Detection Based on Random Forest

Xin SONG, Kai ZHAO, Linlin ZHANG, Wenbo FANG

2019, 19 (9): 1-5. doi: 10.3969/j.issn.1671-1122.2019.09.001

Abstract ( 736 )

HTML ( 18 )

PDF (5769KB) ( 391 )

Based on the strong classifier random forest, an Android malware detection method is proposed. With the permission of Android as the feature, the effective permission is defined; the support and association rules in the data mining algorithm are employed to analyze the permission and realize the effective permission identification. Finally, a random forest classifier is constructed, and the effective permission matrix is used as the input of the classifier for training and testing. The experimental results show that the accuracy of the proposed method is 92.84%, and the F-value is 93.05%, which is obviously superior to other detection models.

Figures and Tables | References | Related Articles | Metrics

Research on Industrial Internet Platform Security Protection

Chonghua WANG, Jun LI, Xuehong CHEN

2019, 19 (9): 6-10. doi: 10.3969/j.issn.1671-1122.2019.09.002

Abstract ( 1119 )

HTML ( 17 )

PDF (5693KB) ( 422 )

This paper studies the security risks of different levels (e.g., Edge, IaaS, PaaS, SaaS) of industrial Internet platform, discusses domestic and foreign policy standards and the protection measures adopted by Industrial Internet Platform enterprises, analyzes the problems faced by chinese industrial internet platform security construction. This paper proposes related recommendations to strengthen the security construction of chinese industrial internet platform and protection mechanisms for industrial internet platform enterprises.

Figures and Tables | References | Related Articles | Metrics

Information System Security Risk Analysis Based on Evidence Distance Theory

Jinhua LINGHU, Ping PAN, Yaoyao DU

2019, 19 (9): 11-15. doi: 10.3969/j.issn.1671-1122.2019.09.003

Abstract ( 634 )

HTML ( 3 )

PDF (5941KB) ( 270 )

Aiming at the diversity of expert evaluation opinions in the process of information security risk assessment and the difficulty in quantifying uncertain information, this paper proposes a risk assessment method based on evidence distance theory. Firstly, according to the level protection requirements and on-site inspection data, the matrix norm is used to solve the vulnerability evidence distance of the system assets. Secondly, the D-S evidence theory synthesis rules are applied to solve the evidence distance that threat may act on system assets. Finally, The result of the fusion of the vulnerability evidence distance and the evidence distance that threat may act on system asset is taken as the risk value of the system. Practice has proved that this method can effectively reduce the subjectivity and randomness of multi-source risk assessment, make the assessment results more scientific and reasonable, and provide a scientific and effective way for information security risk assessment.

Figures and Tables | References | Related Articles | Metrics

Implementation Methods and Technical Measures for Security Inspection of Important Information Systems

Guogang ZHENG

2019, 19 (9): 16-20. doi: 10.3969/j.issn.1671-1122.2019.09.004

Abstract ( 758 )

HTML ( 9 )

PDF (5536KB) ( 436 )

In this paper, starting from the urgent needs of important information system security, according to the national level protection policies and standards, on the basis of safety inspection practice, put forward the important information system level security checks the working method, working content, working procedure, implementation procedures and technical measures, to the competent department of industry and responsibility unit, deployment, provide reference for important information system security checks.

Figures and Tables | References | Related Articles | Metrics

A Model for Anomaly Intrusion Detection with Different Feature Extraction Strategies in IoT

Jian KANG, Jie WANG, Zhengxu LI, Guangda ZHANG

2019, 19 (9): 21-25. doi: 10.3969/j.issn.1671-1122.2019.09.005

Abstract ( 688 )

HTML ( 12 )

PDF (4561KB) ( 467 )

In this paper, an intelligent intrusion detection system was proposed. We pay attention to the feature extraction problem which can make the detection model robust and improve the performance. A framework containing six different strategies is adopted. IDS in this paper was demonstrated using UNSW-NB15 dataset. The simulation results were quite satisfactory compared to some existing models.

Figures and Tables | References | Related Articles | Metrics

A Method of Office Data Fragmentation Recognition, Sorting, Reorganization and Repair

Guotian XU

2019, 19 (9): 26-30. doi: 10.3969/j.issn.1671-1122.2019.09.006

Abstract ( 563 )

HTML ( 2 )

PDF (5921KB) ( 177 )

Restoring deleted office documents is of great significance to the investigation and evidence collection. When the deleted office file data is stored on disk in multiple segments and MFT records are overwritten, the existing data recovery tools can not effectively recover the deleted data. In order to solve this problem, this paper proposes a method of office data fragmentation recognition, sorting, reorganization and repair. According to the data in the catalog area at the end of the Office file, locate all data fragments, determine the order of fragmentation, reorganize the Office file, and repair the damaged data fragments. Practice has proved that the method proposed in this paper can effectively restore the version of Office documents above 2007.

Figures and Tables | References | Related Articles | Metrics

Network Crime Profile Based on Intelligent Analysis of Electronic Data Forensics

Taixun CAO

2019, 19 (9): 31-35. doi: 10.3969/j.issn.1671-1122.2019.09.007

Abstract ( 509 )

HTML ( 8 )

PDF (6174KB) ( 191 )

With the rapid development of Internet technology, intellectualization is changing traditional production and life and driving the world's economic, military, and cultural development. Crime profile technology based on intelligent analysis of network crime data can not only retrospectively restore the scene of network crime, but also predict and judge online behavior to prevent the occurrence of illegal and criminal actions. This paper briefly introduces the technology of electronic data forensics, and discusses the technology of network crime profile based on big data. The conclusion of this paper is helpful to the research of electronic data forensics under the current Internet and intelligent development environment, and makes a positive and meaningful exploration and reflection on the investigation of cybercrime.

References | Related Articles | Metrics

Research on Data Ingestion Method Based on Deep Learning

Yongheng XIE, Yubo FENG, Qingfeng DONG, Mei WANG

2019, 19 (9): 36-40. doi: 10.3969/j.issn.1671-1122.2019.09.008

Abstract ( 657 )

HTML ( 7 )

PDF (5595KB) ( 211 )

When ingesting multi-source heterogeneous data, big data centers need to analyze standard conversion problems that deal with data of different standards. In the past, most of this work relied on manual analysis. In recent years, the fast-developing deep learning technology has excellent feature extraction and classification ability. This study designed a data access matching algorithm based on deep learning technology which combined data morphological model and semantic model, and completed verification by using sample data. The results show that the proposed method could achieve a reasonable level of accuracy, and has potential for future improvement, which could replace some manual work in many practical applications.

Figures and Tables | References | Related Articles | Metrics

Achieving Privacy Preserving and Flexible Access Control in Fog Computing

Jinmiao WANG, Guowei WANG, Mei WANG, Ruijin ZHU

2019, 19 (9): 41-45. doi: 10.3969/j.issn.1671-1122.2019.09.009

Abstract ( 563 )

HTML ( 8 )

PDF (6189KB) ( 221 )

This paper proposes a privacy preserving and access control scheme for fog computing based on attribute-based encryption, and take the Internet of vehicles as an instance to illustrate the implementation framework of the scheme. By deploying the proposed scheme, the data transmitted between fog node and end user is in ciphertext, and only the authorized users or fog nodes can decrypt successfully. The proposed scheme gives data the ability to ensure its security entirely relying on itself, without depending on other third parties, which achieves privacy preserving and flexible access control in fog computing.

Figures and Tables | References | Related Articles | Metrics

Mobile Application Security Construction of the National Medical Products Administration

Meng LI

2019, 19 (9): 46-50. doi: 10.3969/j.issn.1671-1122.2019.09.010

Abstract ( 635 )

HTML ( 2 )

PDF (4979KB) ( 166 )

By analyzing the development of mobile applications, combining with the current situation of mobile application security in the industry of national medical products administration and the network security regulatory requirements of China, this paper discusses and studies how to construct mobile application security. This paper puts forward some suggestions on the construction plan to solve the problems of mobile application safety of the National Medical Products Administration. By establishing the baseline of mobile application security, integrating security capability and using big data technology to achieve security operation and monitoring, mobile application security risks in the industry of national medical products administration can be reduced, and information security problems caused by mobile applications also can be reduced.

Figures and Tables | References | Related Articles | Metrics

Research on Analysis Method of Fund Trading Network

Chunhe TAO, Xi ZHANG, Zhen WANG, Xiaoying GAN

2019, 19 (9): 51-55. doi: 10.3969/j.issn.1671-1122.2019.09.011

Abstract ( 579 )

HTML ( 4 )

PDF (5395KB) ( 139 )

In this paper, the design idea of Randomized HITS algorithm is combined with the capital flow characteristics of the personnel in the fund trading network to analyze the key suspects in the transaction network. Based on the characteristics of the amount of funds and the frequency of transactions in the personnel relationship of the capital transaction network, this paper expounds in detail how to construct the probability transfer matrix.

Figures and Tables | References | Related Articles | Metrics

Mitigating DDoS Attack Based on DNS Response Value Assessment

Qiaoli YUE, Wanbo LV, Weihong HU, Haikuo ZHANG

2019, 19 (9): 56-60. doi: 10.3969/j.issn.1671-1122.2019.09.012

Abstract ( 529 )

HTML ( 4 )

PDF (5664KB) ( 260 )

The prevalent defense mechanisms against DDoS focus on detecting and filtering the attack traffic before it can reach the target host based on the traffic patterns. However, this strategy overlooks the impact of attack traffic on the outbound bandwidth of name servers. In this paper, we proposed a method for assessing DNS response value based on analytic hierarchy process. The authoritative servers can be protected by discarding low-value traffic and prioritizing to serve high-value responses, thereby improving the quality of DNS service.

Figures and Tables | References | Related Articles | Metrics

Network Security Risk Analysis and Assessment of Large-scale Sports Events

Yue QIU

2019, 19 (9): 61-65. doi: 10.3969/j.issn.1671-1122.2019.09.013

Abstract ( 1015 )

HTML ( 23 )

PDF (5805KB) ( 415 )

This paper discusses network security risk analysis and assessment of large-scale sports events. Firstly, the development trend of network security in sports events is reviewed. Then it analyzes the risk it faces from the aspects of security situation, attack motive and process influence. Then, the necessary management, construction and research suggestions are put forward from the aspects of risk relationship analysis, safety process and process risk control. Finally, the prospect of network security of large-scale sports events is forecasted from the development trend of times.

Figures and Tables | References | Related Articles | Metrics

Research on Defense Technology of Adversarial Attacks Based on Adversarial Training and VAE-repairing

Min GUO, Yingming ZENG, Ran YU, Zhaoxiong WU

2019, 19 (9): 66-70. doi: 10.3969/j.issn.1671-1122.2019.09.014

Abstract ( 802 )

HTML ( 8 )

PDF (5468KB) ( 506 )

The artificial intelligence system is facing the threat of adversarial attacks from the physical world. The artificial intelligence algorithm is very sensitive to the attacks. Taking the target recognition as an example, the attacker adds a very small disturbance to the sample data, then the target recognition accuracy reduces or even the result of recognition can be targeted induced. How to effectively resist the threat of adversarial examples has become a research hotspot in the industry. This paper focuses on the security reinforcement model based on stochastic adversarial training and the adversarial examples repair technology based on variational self-encoder. The pre-active reinforcement and after-active repair are carried out in response to the adversarial attacks, combined with the concept of “active + passive”, which achieves the security enhancement of artificial intelligence algorithm, and ensures that artificial intelligence technology can be applied safely and reliably.

Figures and Tables | References | Related Articles | Metrics

A Technology to Prevent Ransomware Attacks Based on Solid State Drives in LAN

Ming YIN, Shijie JIA

2019, 19 (9): 71-75. doi: 10.3969/j.issn.1671-1122.2019.09.015

Abstract ( 597 )

HTML ( 3 )

PDF (5610KB) ( 271 )

In order to alleviate the impact of ransomware in LAN, this paper proposes a SSD-based defense technology, which uses a host with a large-capacity SSD as a server, and uses network drive mapping technology to share with other hosts in the LAN to further utilize the solid state. Moreover, this paper utilized the out-of-place of the SSD and modified garbage collection for data backup, and a binary search method is proposed for data recovery. The experimental results of the prototype system show that this scheme can recover the data attacked by the ransomware quickly and effectively, and its impact of the read and write performance is samll.

Figures and Tables | References | Related Articles | Metrics

A Survey of Attribute-based Encryption Technology

Shengyu WANG, Jinmiao WANG, Qingfeng DONG, Ruijin ZHU

2019, 19 (9): 76-80. doi: 10.3969/j.issn.1671-1122.2019.09.016

Abstract ( 1274 )

HTML ( 62 )

PDF (6126KB) ( 640 )

There are some limitations regarding efficiency, security and so on in the classic ABE scheme. To address these problems, researchers extended the classic ABE scheme on different aspects to satisfy the requirements of various applications. In this paper, we first introduce the mechanism of ABE. Then, we discuss the researches of ABE on the aspects of efficiency improvement, policy hiding, permission revocation and security enhancement. Finally, we provide an outlook of the potential future research directions of ABE.

References | Related Articles | Metrics

Design and Implementation of File Encryption System Based on Wechat Mini Program

Juru HAN, Zhi YANG, Zhaoxuan JI, Cunqing MA

2019, 19 (9): 81-85. doi: 10.3969/j.issn.1671-1122.2019.09.017

Abstract ( 1056 )

HTML ( 27 )

PDF (5815KB) ( 357 )

As the needs of personal data security protection increase, we should protect the confidentiality of data in both storage and movement. In this paper, we use the technology of BitLocker component in the Windows system to encrypt and decrypt the virtual disk, and authenticate based on Wechat Mini Program to realizeunlock and lock of the BitLocker in the virtual disk, achieving the full disk encryption protection of personal sensitive data during storage and movement.

Figures and Tables | References | Related Articles | Metrics

Research on Unified Identity Authentication System Based on Biometrics

Fuyou ZHANG, Qiongxiao WANG, Li SONG

2019, 19 (9): 86-90. doi: 10.3969/j.issn.1671-1122.2019.09.018

Abstract ( 542 )

HTML ( 8 )

PDF (5286KB) ( 262 )

The identity management system is the foundation for establishing trust between end users and service provider, the drawbacks of the independent identity management system have become more and more obvious. The unified identity authentication system enable service providers to ensure that user privacy is effectively protected, without the need of remembering multiple passwords, and to access multiple services by authenticating just once. However, the current unified identity authentication system still does not solve the problem faced by the initial strong authentication interaction process between the user and the server. The security problem of username and password still exists. This paper designs and implements a unified identity authentication system based on mobile-side trusted environment for identity authentication on the mobile side, which avoids user’s frequent input of username and password, and users can use biometrics to complete identity authentication.

Figures and Tables | References | Related Articles | Metrics

A New Cloud Cryptographic Computing Platform Architecture and Implementation

Liangqin REN, Wei WANG, Qiongxiao WANG, Linli LU

2019, 19 (9): 91-95. doi: 10.3969/j.issn.1671-1122.2019.09.019

Abstract ( 819 )

HTML ( 11 )

PDF (6258KB) ( 428 )

This paper proposes a cryptographic cloud service platform, which can provide flexible cryptographic operation ability through speed-limiting module and scheduling the underlying cryptographic machine. It can identify the user’s identity through a uniform identity authentication system and isolate the key specifically. The prototype system is implemented based on the cipher machine complying with national standard in this paper. Compared with connect to cipher machine directly, the performance loss can reach 18.201%.

Figures and Tables | References | Related Articles | Metrics

Research on Intelligent Detection of Social Media Robot Accounts

Like CHEN, Shuhua RUAN, Xingshu CHEN, Haizhou WANG

2019, 19 (9): 96-100. doi: 10.3969/j.issn.1671-1122.2019.09.020

Abstract ( 1171 )

HTML ( 28 )

PDF (5698KB) ( 599 )

This paper summarizes human and robot account data into four categories of attributes: information attributes, credit attributes, social relationship attributes and posting attributes, which better reflects the essential differences between the two types of accounts. Based on the four categories of attributes, the social account data is preprocessed and seven kinds of detection features for social accounts are extracted. Combining with a variety of binary machine learning algorithms, intelligent detection model of robot accounts is established by using seven social account detection features.

Figures and Tables | References | Related Articles | Metrics

Intrusion Detection Model Based on Feedforward Neural Network

Wenying FENG, Xiaobo GUO, Yuanye HE, Cong XUE

2019, 19 (9): 101-105. doi: 10.3969/j.issn.1671-1122.2019.09.021

Abstract ( 624 )

HTML ( 3 )

PDF (6037KB) ( 301 )

However, due to the diversity of intrusion behavior features and the complex network environment, intrusion detection methods based on deep learning are prone to have complex models and poor flexibility. To solve this problem, this paper proposed an intrusion detection model called SFID (Simplified Feedforward Intrusion Detection) based on feedforward neural network, which can integrate feature extraction and intrusion classification by reducing the number of neurons layer by layer, thus simplify the training complexity of intrusion detection model. With the verification, the training efficiency of this model is higher than that of S-NDAE model under the same accuracy.

Figures and Tables | References | Related Articles | Metrics

Reversible Data Hiding in Videos Based on Adaptive Two-dimensional Histogram Modification

Hongqiong TANG, Ke NIU, Yingnan ZHANG, Xiaoyuan YANG

2019, 19 (9): 106-110. doi: 10.3969/j.issn.1671-1122.2019.09.022

Abstract ( 411 )

HTML ( 4 )

PDF (5924KB) ( 345 )

Directly modifying the motion vector for information hiding easily leads to the accumulation effect of inter-frame distortion. The reference frame interval parameter K is introduced to change the reference structure of the P frame and an adaptive two-dimensional histogram modification (A2DHM) algorithm based on motion vector is proposed by analyzing the influence of K on the motion vector distribution of the P frame. The algorithm keeps its directionality immovable as much as possible while modifying the motion vector. A adaptive strategy proposed by this paper is used to select the optimal migration center point (OMCP) in the m-neighborhood of zero point for motion vector modification.

Figures and Tables | References | Related Articles | Metrics

Research on Network Security Evaluation System Oriented to Critical Information Infrastructure

Mengru GAO, Fangjun XIE, Hongqin DONG, Xiang LIN

2019, 19 (9): 111-114. doi: 10.3969/j.issn.1671-1122.2019.09.023

Abstract ( 654 )

HTML ( 6 )

PDF (4917KB) ( 474 )

With the wide application of Internet and cloud computing, the security problem of critical information infrastructure has become increasingly prominent. At present, the three-tier hierarchical structure of the critical information infrastructure security index system has the problems that lacking of quantify indicators, and lacking of correlation between management indicators and technical indicators. These problems lead to the low degree of informatization and a long period of security risk assessment. In order to solve the above problems, this paper establishes the relationship between management indicators and technical indicators by introducing the knowledge graph, and forms the four-level network security quantitative evaluation system based on knowledge graph by classifying the actual situation data to refine the technical indicators. Through the practical application, the system can assess the security risk of Internet assets of critical information infrastructure in near real-time, and significantly improve the efficiency of supervision.

References | Related Articles | Metrics

DoS Traffic Identification Technology Based on Integrated Learning

Zewen MA, Yang LIU, Hongping XU, Hang YI

2019, 19 (9): 115-119. doi: 10.3969/j.issn.1671-1122.2019.09.024

Abstract ( 1013 )

HTML ( 18 )

PDF (6142KB) ( 487 )

Denial of service attack is a common cyber attack method that is difficult to detect and prevent for a long term. By consuming the bandwidth or computing resources of the target computer, the target computer network service is interrupted or stopped, which results in the normal users can not access it. With the rapid development of machine learning algorithms, decision tree, support vector machine, random forest and adaboost are gradually used to identify and detect DoS attacks network traffic. For most machine learning algorithms, the choice of network traffic characteristics directly determines the performance of the algorithm. This paper extracts and selects network traffic characteristics by using CICFlowMeter and random forest algorithm, and designs algorithm training model to detect DoS attack traffic, which achieves better accuracy and recall rate, and verifies the validity of the detection method.

Figures and Tables | References | Related Articles | Metrics

Dynamic Network Topology Description Language for Mobile Cloud Computing Scenario

Yi YU, Liangshuang LV, Xiaojian LI, Tianbo WANG

2019, 19 (9): 120-124. doi: 10.3969/j.issn.1671-1122.2019.09.025

Abstract ( 672 )

HTML ( 2 )

PDF (6427KB) ( 237 )

Building a network emulation system, which is used for network security experiment, is an important way to study the security of mobile cloud computing. In order to solve the problems of high learning cost and poor portability in the emulation scenario modeling of mobile cloud computing emulation system, this paper proposes a dynamic network topology description language(DNTDL) according to the typical scenario of mobile cloud computing, introduces the syntax definition of its components in this scenario, and describes the functions and implement mechanism of DNTDL in network emulation platform. This paper realized the emulation scenario on OpenStack platform with the compiler of this language, which indicates the feasibility and effectiveness of DNTDL.

Figures and Tables | References | Related Articles | Metrics

A Shared Storage-based Virtual Machine Application Distribution Strategy for OpenStack

Zixuan WANG, Liangshuang LV, Xiaojian LI, Tianbo WANG

2019, 19 (9): 125-129. doi: 10.3969/j.issn.1671-1122.2019.09.026

Abstract ( 585 )

HTML ( 2 )

PDF (6389KB) ( 227 )

Cloud computing is one of the development trends of the Internet in the 21st century and is widely used in experimental and production environments. Cloud platform services can be provided in the form of virtual machines. To provide services required by users, it is necessary to finish on-demand application deployment on virtual machines before delivering virtual machines or during service providing. OpenStack is a typical open source cloud platform. Aiming at OpenStack platform, how to efficiently and steadily deploy applications on virtual machines is of great significance for improving cloud service quality. This article analyzes the characteristics of virtual machine application deployment in OpenStack platform, proposes application distribution strategy for virtual machines in OpenStack platform based on shared storage in computing nodes combining the ideal of content distribution network, and verifies the effectiveness of the strategy by simulation experiments.

Figures and Tables | References | Related Articles | Metrics

Research on Social Responsibility of Internet Enterprises and Its Enlightenment

Wenjiang HAO, Yun LIN

2019, 19 (9): 130-133. doi: 10.3969/j.issn.1671-1122.2019.09.027

Abstract ( 506 )

HTML ( 10 )

PDF (4450KB) ( 244 )

Corporate social responsibility refers to the consideration of the social impact of enterprises in business operations. In the data age, the social responsibility of Internet enterprises has become an inevitable issue for governments and enterprises, and social responsibility protection has new content. This paper explores the significance and division of corporate social responsibility, analyses the content of social responsibility that Internet enterprises should undertake, and gives some enlightenments to the construction of corporate social responsibility in China.

References | Related Articles | Metrics

Research and Implementation of Scientific DMZ Based on SDN

Yaqiu ZHOU, Yongmao REN, Zhuo LI, Xu ZHOU

2019, 19 (9): 134-138. doi: 10.3969/j.issn.1671-1122.2019.09.028

Abstract ( 712 )

HTML ( 2 )

PDF (6295KB) ( 173 )

The transmission of scientific big data usually has high requirements for network transmission performance different from ordinary Internet applications. In actual production networks, especially in LANs, many network security devices such as firewalls and IDS are usually deployed, these devices provide security for the transmission of traffic, but also affect network transmission performance. This paper uses the new software-defined networking technology, proposed a scientific DMZ network architecture based on software-defined networking. While protecting the security of common business flows, it handles the trusted scientific data stream flexibly to ensure the transmission performance of scientific data.

Figures and Tables | References | Related Articles | Metrics

Table of Content