Netinfo Security

A Data Deduplication Scheme Supporting Dynamic Management of Data Ownership

LANG Weimin, MA Weiguo, ZHANG Yin, YAO Jinfang

2020, 20 (6): 1-9. doi: 10.3969/j.issn.1671-1122.2020.06.001

Abstract ( 374 )

HTML ( 6 )

PDF (9799KB) ( 61 )

Introducing data deduplication into the cloud storage system of big data center can improve the utilization of disk space and save user bandwidth consumption, but it will lead to security problems such as data confidentiality, integrity and privacy. How to achieve secure data deduplication has become a research hotspot in the field of cloud storage security. Based on the semi trusted cloud computing environment of big data center, this paper designs an encrypted data deduplication scheme supporting dynamic management of data ownership and privacy protection, which implements fine-grained access control through user-level key management and update mechanism. The experimental environment for performance simulation evaluation of the scheme is built. The cost of storage, communication and calculation is analyzed with the simulation results, which proves that the scheme has obvious advantages in overall efficiency and security.

Figures and Tables | References | Related Articles | Metrics

Design of Directional Decryption Protocol Based on Multi-key Fully Homomorphic Encryption in Cloud Environment

LI Ningbo, ZHOU Haonan, CHE Xiaoliang, YANG Xiaoyuan

2020, 20 (6): 10-16. doi: 10.3969/j.issn.1671-1122.2020.06.002

Abstract ( 651 )

HTML ( 14 )

PDF (7961KB) ( 97 )

How to analyze and process the privacy data of multiple users in the cloud environment without leaking personal privacy is an urgent problem to be solved. Multi-key fully homomorphic encryption (MKFHE) supports computations on encrypted data under different public keys (users), and the result ciphertext can be jointly decrypted by all involved users, which can be used to realize secure data process and privacy protection between different users in cloud environment. During the process of joint decryption, current MKFHE schemes usually need relevant techniques in secure multi-party computing (MPC), such as oblivious transfer (OT) protocol, to ensure the security of the ciphertexts broadcast process, thus making the decryption process complicated. Beyond that, the final decryption result is not controllable, which is not suitable for the scenario that we need the specified legitimate users to get the final result. In order to solve this problem, this paper designs a directional decryption protocol based on MKFHE,and protocol’s security is based on LWE (learning with errors) problem, which can be reduced to the worst-case hardness of problems on ideal lattices. Comparing to the decrypting process in MKFHE scheme MW16, the directional decryption protocol in this paper allows any legitimate user to perform the final decryption process, thus enhance the controllability of decryption result for the data owner. Moreover, the relevant techniques of MPC are not needed in our protocol, which reduces the complexity of the decryption process, and is promising for future applications.

Figures and Tables | References | Related Articles | Metrics

Android Malware Detection Based on SM3 and Multi-feature

ZHENG Dong, ZHAO Yue

2020, 20 (6): 17-25. doi: 10.3969/j.issn.1671-1122.2020.06.003

Abstract ( 282 )

HTML ( 17 )

PDF (8818KB) ( 69 )

The MessageDigest tool class provided by the Android system uses the SM3 hash algorithm to calculate the integrity of the APK, obtains its hash value, compares the obtained hash value with the correct hash value in the server. IF two Hash values are inconsistent,, indicating that the APK has been tampered and can be uninstalled. The permission static analysis and multi-feature malware detection model are designed. By decompiling the application, the AndroidManifest.xml and smali files are obtained, and the permission feature and API method call feature are obtained. Permission static analysis is to calculate the dangerous permission score according to the permission weight score and judge the application danger degree. Multi-feature malware detection uses Jaccard distance calculation permission feature similarity and API method call feature similarity to identify benign software and malware. The experimental results show that the SM3 integrity calculation speed is about 3 times faster than the MD5 and SHA-1 algorithms. The detection model can effectively identify malicious applications and classify malicious applications, thus protecting users' private data and preventing malware theft. User privacy.

Figures and Tables | References | Related Articles | Metrics

Large-scale Mobile RFID System Shamir’s Key Sharing PUF Security Authentication Protocol

SUN Ziwen, ZHANG Xiangyang

2020, 20 (6): 26-35. doi: 10.3969/j.issn.1671-1122.2020.06.004

Abstract ( 345 )

HTML ( 4 )

PDF (11016KB) ( 84 )

Aiming at the diverse and serious security risks of large-scale mobile RFID systems, a Shamir’s key sharing scheme security authentication protocol is studied. The two-step session key generation mechanism based on PUF can avoid the counterfeiting attack caused by physical intrusion on tags and readers. The server authenticates the legality of the reader to comply the application scenario of the mobile RFID system. The timestamp threshold and update mechanism are used to defend against replay attacks. To meet the requirements of large-scale RFID systems, Shamir’s key sharing scheme is adopted to reduce the computational overhead of server search. The improved Vaudenay model is used to prove the security and privacy of the authentication protocol, the results show that the protocol can resist multiple attacks. Using C# to simulate the time-consuming of server authentication, the results show that the time spent on protocol server authentication in this paper has obvious advantages over other protocols, which meets the application requirements of large-scale mobile RFID systems.

Figures and Tables | References | Related Articles | Metrics

Parallel Implementation of SM4 Algorithm on GPU

LI Xiuying, JI Chenhao, DUAN Xiaoyi, ZHOU Changchun

2020, 20 (6): 36-43. doi: 10.3969/j.issn.1671-1122.2020.06.005

Abstract ( 754 )

HTML ( 27 )

PDF (8878KB) ( 285 )

The speed of cryptographic algorithm is proportional to the calculation force. In order to improve the speed of cryptographic algorithm, scholars achieve their goals by increasing CPU speed, using hardware encryption card and other solutions. With the wide application of GPU in the field of high-performance parallel computing, scholars have carried out research on GPU accelerated cryptographic algorithm. Most of these researches are focused on the international open algorithms such as DES and AES, and the research on SM4 of domestic commercial cryptographic algorithm is still rare. On the basis of in-depth study of GPU parallel computer system, the author presents an optimal encryption and decryption scheme for GPU parallel SM4 algorithm by studying the optimal plaintext block, GPU storage type and thread block's speed ratio for SM4 encryption, and combining the characteristics of CPU and GPU. The experimental results are as follows. When the plaintext data block is less than 8 KB, the acceleration ratio (EP) is less than 1. When the plaintext block size is 64 KB, the acceleration ratio starts to increase significantly, and reaches the maximum at 256 KB. When constant storage is selected as the intermediate data storage, the encryption speed is improved, which is necessary for the demand of large data and high-speed operation. The optimal size of thread block is 128~512(must be a multiple of 32) threads. In the experimental environment given in this paper, the optimal GPU encryption scheme can be implemented 26 times faster than the ordinary CPU encryption scheme.

Figures and Tables | References | Related Articles | Metrics

A Graph Information Collection Method Based on Local Differential Privacy in Big Data Environment

ZHANG Jiacheng, PENG Jia, WANG Lei

2020, 20 (6): 44-56. doi: 10.3969/j.issn.1671-1122.2020.06.006

Abstract ( 433 )

HTML ( 8 )

PDF (14675KB) ( 88 )

Big data brings many conveniences to users of various network services, but it also leads to a serious risk of privacy leakage. In the era of 5G, data transmission is more convenient, and privacy protection will face more severe challenges.At present, centralized differential privacy and local differential privacy technology represented by RAPPOR can provide some protection for the query and collection of private information.However, for complex graph data such as social networks, business networks, and financial networks, there is still no effective method to collect relevant information and build a highly usable graph structure while fully protecting node privacy. In practical applications, problems such as the correlation between nodes and information enrichment have caused difficulties in collecting and restoring graph data. Regarding the problem sabove, in this paper, we propose a new method that applies RAPPOR technology to collect the edge information of the node, while not leaking the degree information. Our new method achieves local differential privacy protection fortheedge information and restores the real graph structure with high accuracy. In addition, our method fully considers the privacy protection of the entire cycle of data collection. Not only the privacy information of the nodesis protected during the data collection process, but the constructed graph has only the structural information of real data. The nodesin the constructed graph get pseudonymized protection.

Figures and Tables | References | Related Articles | Metrics

Research on Covert Channel Construction Method Based on HTTP Protocol Combination

CHEN Cheng, LUO Senlin, WU Qian, YANG Peng

2020, 20 (6): 57-64. doi: 10.3969/j.issn.1671-1122.2020.06.007

Abstract ( 473 )

HTML ( 17 )

PDF (9189KB) ( 144 )

Aiming at the problem that the existing covert storage channel has a low concealment, and the covert timing channel has a high bit error rate and a low transmission rate, a covert channel construction method combining HTTP protocol behaviors is proposed. In the method, HTTP requests are sent by simulating a browser application and allocated dynamically among different browsers, the concealed information is embedded by means of mathematical combination. The access object, the packet time interval and the packet length are also dynamically adjusted to improve the concealment of channel. At the same time, the channel is based on the reliable transmission of TCP protocol, so that it is not affected by the network jitter, thus ensuring the reliability of the channel. The experimental results show that the proposed method can resist the application signature based detection method, protocol fingerprint detection method and combined model detection method, and has strong concealment. It can adjust the concealment and channel capacity according to the application scenario.

Figures and Tables | References | Related Articles | Metrics

Virtual SDN Network Embedding Algorithm Based on Fruit Fly Optimization

RAN Jinpeng, WANG Xiang, ZHAO Shanghong, GAO Hanghang

2020, 20 (6): 65-74. doi: 10.3969/j.issn.1671-1122.2020.06.008

Abstract ( 390 )

HTML ( 4 )

PDF (12254KB) ( 61 )

Network virtualization (NV) effectively enhances network security through isolation and multi-tenancy, and meets the network isolation security and service customization needs for various applications and users. Virtual network embedding is the core link to realize NV, and embedding strategy is the most important part of network embedding. Aiming at software defined network (SDN) virtualization environment, this paper proposes a virtual SDN (vSDN) network embedding algorithm based on fruit fly optimization (FOA-vSDNE), constructs a multi-objective integer programming model of vSDN embedding in network virtualization environment, determines the embedding evaluation index and resource constraints combined with the particularity of vSDN network, and uses the optimized fruit fly algorithm to solve the embedding scheme. Simulation results show that compared with the traditional algorithms, FOA-vSDNE algorithm has good performances in load balancing, acceptance rate, and control delay.

Figures and Tables | References | Related Articles | Metrics

An Attribute-based Encryption Scheme for Cloud Storage Supporting Range Ciphertext Search

SHI Guofeng, ZHANG Xinglan

2020, 20 (6): 75-81. doi: 10.3969/j.issn.1671-1122.2020.06.009

Abstract ( 361 )

HTML ( 9 )

PDF (8000KB) ( 82 )

As a flexible fine-grained access control scheme, attribute-based encryption provides a good solution to the security problems existing in cloud computing. But because the scale of data stored in the cloud is very large, how to retrieve the data needed by users while ensuring the security is worth studying. At present, most of the existing ciphertext search schemes do not support range search. This paper uses 0/1 encoding to construct a ciphertext search attribute-based encryption scheme based on online/offline strategy. 0/1 coding can transform the range domain problem into the set operation problem, and solve the problem that the range search cannot be carried out in the state of ciphertext. The analysis shows that the proposed scheme can achieve the range ciphertext search with less computation cost and keyword cost, and has computational efficiency and security in the range search.

Figures and Tables | References | Related Articles | Metrics

A Malicious Domain Name Detection Model Based on S-Kohonen Neural Network Optimized by Evolutionary Thinking Algorithm

LUO Zheng, ZHANG Xueqian

2020, 20 (6): 82-89. doi: 10.3969/j.issn.1671-1122.2020.06.010

Abstract ( 379 )

HTML ( 9 )

PDF (8357KB) ( 68 )

As one of the main means of Internet attack, malicious domain name brings huge network use risk to users and enterprises. In order to resist the attack of malicious domain names more effectively and ensure the security of cyberspace, this paper proposes a malicious domain name detection model based on thought evolution algorithm to optimize S-Kohonen neural network. This model using Kohonen neural network, and in the hidden layer after adding an additional output layer, the improvement for supervised neural network S-Kohonen, make its better learning characteristics of malicious domain name, related recycle mind evolutionary algorithm, the initial weights and threshold of neural network are optimized, finally it is concluded that the model can quickly and accurately detect the malicious domain name. Through MATLAB simulation of the model, and the mind evolutionary algorithm to optimize the BP neural network, from the confusion matrix, classification of histogram, ROC curve and AUC value in the form of specific analysis of the classification of the two models, the results show that the classification model for malicious domain with high accuracy, fast identification characteristics, can be used in the malicious domain of network security protection, and have higher practical value.

Figures and Tables | References | Related Articles | Metrics

Cyber Threat Intelligence Propagation Based on Conformal Prediction

ZHANG Yongsheng, WANG Zhi, WU Yijie, DU Zhenhua

2020, 20 (6): 90-95. doi: 10.3969/j.issn.1671-1122.2020.06.011

Abstract ( 575 )

HTML ( 6 )

PDF (6642KB) ( 93 )

The ability to acquire and utilize unknown threat intelligence is the core competitiveness of the current cyberspace security. The threat intelligence has the characteristics of short-lived, fast mutation, large quantity and so on. Therefore, the detection method based on static threshold cannot fully utilize known threat intelligence. This paper proposes an approach of threat intelligence propagation method based on conformal prediction. By introducing the credibility and confidence from statistical learning, this approach could propagate unknown threat intelligence from known ones with selectable maximum error probability. The experimental results show that the average F1 score of DGA domain names detected by this approach is above 90%, meanwhile, the error rate of DGA domain name after propagation is under 2.5%.

Figures and Tables | References | Related Articles | Metrics

Table of Content