Loading...
Netinfo Security

Table of Content

    10 March 2021, Volume 21 Issue 3 Previous Issue    Next Issue
    For Selected: Toggle Thumbnails
    Research on Unknown Threat Blocking Technology of Web Application Based on URL Intelligent Whitelist
    HUANG Changhui, HU Guangjun, LI Haiwei
    2021, 21 (3):  1-6.  doi: 10.3969/j.issn.1671-1122.2021.03.001
    Abstract ( 634 )   HTML ( 68 )   PDF (1159KB) ( 724 )  

    With the increasing confrontation in cyberspace, the security of a large number of Web application systems constructed in the process of information development of important industry units in China is facing severe challenges. Protection technology and measures of various industries are insufficient, and it is urgent to establish effective technical protection system. This paper proposes an unknown threat blocking protection scheme for Web applications based on URL intelligent whitelist. This scheme proceeds from the perspective of compliance behavior, taking access control whitelist and non-compliance behavior blocking as the core. Through building dynamic model of business whitelist and URL access control whitelist, this scheme establishes an active defense system against unknown threats of Web applications which can improve the security protection level of Web application system of important industry units in China.

    Figures and Tables | References | Related Articles | Metrics
    A Trusted Data Access Control Scheme Combining Attribute-based Encryption and Blockchain
    LU Xiaofeng, FU Songbing
    2021, 21 (3):  7-8.  doi: 10.3969/j.issn.1671-1122.2021.03.002
    Abstract ( 828 )   HTML ( 54 )   PDF (1266KB) ( 511 )  

    The traditional way of data storage often adopts centralized architecture, which is prone to trust and security problems. This paper proposes a data access control scheme combining attribute-based encryption and blockchain, which combines symmetric encryption algorithm and attribute-based encryption algorithm to realize the fine-grained access control of data owners and protect the privacy protection rights of data owners. At the same time, this paper combines the blockchain technology with distributed storage, and only stores the hash value of the data and the hash value of the ciphertext location, access control policy and other information on the blockchain, which solves the storage bottleneck of blockchain system. Experiments show that the scheme can effectively protect the security and privacy of data owners, and realize the secure sharing of data.

    Figures and Tables | References | Related Articles | Metrics
    An Improved Probabilistic Neural Network Method of Security Situation Assessment for Industrial Control System
    SHI Leyi, XU Xinghua, LIU Yihao, LIU Jia
    2021, 21 (3):  15-25.  doi: 10.3969/j.issn.1671-1122.2021.03.003
    Abstract ( 442 )   HTML ( 21 )   PDF (1652KB) ( 230 )  

    Industrial control system is interconnected equipment system for monitoring and controlling physical equipment in industrial environments. In recent years, industrial control system has been increasingly exposed to a variety of new attacks. Aiming at the operation safety problem of industrial control system, this paper proposes an improved probabilistic neural network method of security situation assessment for industrial control system. Firstly, the method preprocesses the collected industrial control data and uses principal component analysis to reduce the dimension of the data. Then, the improved fruit flew optimization algorithm is used to optimize the parameters of the probabilistic neural network. After that, This paper used the improved probabilistic neural network for training and prediction to obtain the classification results of attack types. Finally, the situation value is calculated based on the structured security situation assessment method of industrial control system in this paper, and the system state is evaluated. Experiments show that the improved probabilistic neural network's classification accuracy and accuracy of attack types reach 87.784% and 96.027%, respectively. Compared with the original probabilistic neural network method, the accuracy and accuracy are increased by 2.654% and 4.820%, respectively.

    Figures and Tables | References | Related Articles | Metrics
    Privacy Protection Scheme Supporting Interval Query for LBS Outsourced Data
    ZHOU Yousheng, WANG Ming, LIU Yuanni
    2021, 21 (3):  26-36.  doi: 10.3969/j.issn.1671-1122.2021.03.004
    Abstract ( 407 )   HTML ( 12 )   PDF (1486KB) ( 230 )  

    With the rapid development of cloud computing technology, more and more LBS services are being outsourced to the cloud to reduce local computing and storage costs. However, cloud servers are generally considered to be a semi-trusted entity in outsourced environment, the data security of LBS providers and the personal privacy of users will face new security challenges. In view of the fact that the absence of interval query and sufficient privacy protection in the existing LBS data outsourcing using cloud computing, a LBS interval query scheme with privacy protection features is proposed. Asymmetric scalar-product-preserving encryption and public key searchable encryption are used to encrypt LBS coordinates and point interest keywords to realize the confidentiality of LBS data and the user query mode. Lightweight matrix computing enables users to accurately obtain LBS data without revealing query intervals. In terms of new user registration, the bilinear pairing operation structure is adopted to realize user identity authentication. The performance analysis demonstrates that the proposed scheme has some advantages over existing similar schemes.

    Figures and Tables | References | Related Articles | Metrics
    A Lattice-based Identity-based Proxy Partially Blind Signature Scheme in the Standard Model
    ZHOU Yihua, DONG Songshou, YANG Yuguang
    2021, 21 (3):  37-43.  doi: 10.3969/j.issn.1671-1122.2021.03.005
    Abstract ( 370 )   HTML ( 10 )   PDF (1152KB) ( 212 )  

    A lattice-based identity-based proxy partially blind signature scheme is widely used in E-business, E-government, software security, and many applications. Considering the problems of master key leakage, malicious user attack and signature forgery in lattice-based proxy blind signature, a lattice-based identity-based proxy partially blind signature scheme under the standard model is proposed, which constructs the public key of signature by using matrix cascade technology rather than matrix multiplication technology. It solves the problem of master key leakage in the existing schemes, and uses partial blind signature technology to solve the problem of malicious user attack in the fully-blind signature scheme. The analysis of security shows that the scheme not only realizes the functions of proxy signature and blind signature, but also contains some security features such as preventing the disclosure of the master private key, resisting the attacks from malicious user and existential unforgeability under adaptive chosen message attacks(EUF-CMA).

    Figures and Tables | References | Related Articles | Metrics
    An Anonymous Data Authentication Method Based on User Behavior Pattern
    LIU Yanhua, LIU Zhihuang
    2021, 21 (3):  44-52.  doi: 10.3969/j.issn.1671-1122.2021.03.006
    Abstract ( 344 )   HTML ( 19 )   PDF (1153KB) ( 234 )  

    Aiming at the characteristics of massive and redundant anonymous user data, in order to improve the performance of user identification based on digital evidence, this paper proposes an anonymous data authentication method based on user behavior pattern. Firstly, this paper studies the mining method of frequent user behavior patterns based on BIDE algorithm, which provides a high-quality user frequent sequence behavior pattern library for data authentication. Then, the similarity method based on the longest common subsequence is used to obtain the comprehensive similarity of patterns, which can comprehensively describe the matching degree between user data. Finally, experiments are carried out using Web browsing data set and Unix operating command line data set. The results show that the proposed digital evidence authentication method has good applicability and computational efficiency, which provides technical support for the same authentication of anonymous data.

    Figures and Tables | References | Related Articles | Metrics
    Research on Anomaly Detection of Power Industrial Control System Based on Gaussian Mixture Clustering
    LI Jiawei, WU Kehe, ZHANG Bo
    2021, 21 (3):  53-63.  doi: 10.3969/j.issn.1671-1122.2021.03.007
    Abstract ( 299 )   HTML ( 11 )   PDF (1396KB) ( 150 )  

    The data of power industrial control system has periodicity in the time dimension, but its time series shows the characteristic of multiple Gaussian distribution and the period length is not fixed, which makes it difficult to carry out similarity measurement to find anomalies. According to the above problem, this paper proposes a power control system based on multivariate gaussian clustering anomaly temporal detection method, this method first obtains power system flow control in the data, adopts the multivariate Gaussian hybrid algorithm to realize the symbolization of time series, and then uses the Markov chain from the length of time series to extract transition probability matrix of the same size as the data characteristics. At last, anomaly detection is realized by using hierarchical clustering method to calculate the sample rate of abnormal. The experimental results show that this method can effectively realize the abnormal automatic detection of power industrial control system with different timing data cycle lengths.

    Figures and Tables | References | Related Articles | Metrics
    User-oriented Data Privacy Preserving Method for Federated Learning that Supports User Disconnection
    LU Honglin, WANG Liming
    2021, 21 (3):  64-71.  doi: 10.3969/j.issn.1671-1122.2021.03.008
    Abstract ( 719 )   HTML ( 31 )   PDF (1484KB) ( 301 )  

    Federated learning is an effective method to solve the problem of multi-organization collaborative training. However, existing federated learning has problems such as not supporting user disconnection and model API leaking sensitive information. This paper proposes a user-oriented federated learning data privacy preserving method that supports user disconnection, which can train a differential privacy disturbance model under user disconnection and protected model parameters. This paper uses a federated learning framework to design a data privacy preserving model based on deep learning. It mainly contains two execution protocols, server and user execution protocol. User trains a deep model locally, adds differential privacy disturbance to the local model parameters, and adds sum noise of dropped users to the aggregated parameters so that the federated learning process meets (ε,δ)-differential privacy. Experiments show that when the number of users is 50 and ε=1, a balance can be reached between model privacy and usability.

    Figures and Tables | References | Related Articles | Metrics
    The Generation of Black Box Adversarial Sample Based on Spatial and Energy Dimension
    YU Kechen, GUO Li, YAO Mengmeng
    2021, 21 (3):  72-78.  doi: 10.3969/j.issn.1671-1122.2021.03.009
    Abstract ( 312 )   HTML ( 8 )   PDF (1540KB) ( 218 )  

    As a significant role in image recognition, neural network can be disturbed by adversarial samples, resulting in recognition errors. Considering that classical adversarial sample generation methods are limited in terms of constraint variables and measurement metrics, this paper puts forward an adversarial sample generation method based on spatial and energy dimensions constrained by cosine similarity, which generates an adversarial sample by spatially translating and rotating the original sample and superimposing a certain strength of Gaussian noise on the energy dimension. Compared with the classic artificial perturbations, rotational shift of spatial dimension and noise of energy dimension exist in large probability in picture generation, transmission, and processing, therefore, the generation of adversarial samples is more natural. The experimental results demonstrate that adversarial sample with both energy and spatial dimensions acting simultaneously is more effective than adversarial sample with only spatial dimensions.

    Figures and Tables | References | Related Articles | Metrics
    Speaker Identity Tracing Scheme in 5G Communication Based on Fingerprint
    SHANG Wen, WANG Hongxia
    2021, 21 (3):  79-86.  doi: 10.3969/j.issn.1671-1122.2021.03.010
    Abstract ( 363 )   HTML ( 20 )   PDF (2434KB) ( 149 )  

    With the widespread popularization and application of 5G communication technology, concerns about security issues of 5G communication system are rising. To solve the difficulty of identity tracing caused by counterfeiting, forging or denying of speaker identity, in this article, a speaker identity tracing scheme for 5G remote communication is proposed. The biometric fingerprint information of speaker has been acquired from smartphone before calling. During the calling, the biometric fingerprint information which represents speaker identity is embedded into the voice signal using digital watermarking technology, thus the relevance between the speaker identity and the speech is established. Once the speaker identity is queried, it can be traced by extracting the biometric fingerprint information from speech signal. The performance of extracting fingerprint from speech which contains fingerprint information and is transferred through wireless channel after modulated by Generalized Frequency Division Multiplexing is presented. The simulation results show that, the fingerprint extraction performance of the scheme in 5G modulated by Generalized Frequency Division Multiplexing outperforms than that in 4G communication system, and it has potential application worth for preventing telecommunication fraud in the next generation of mobile communication.

    Figures and Tables | References | Related Articles | Metrics
    DNS Rebinding Detection Technology Based on Passive DNS Data Analysis
    GUO Xuanzhen, PAN Zulie, SHEN Yi, CHEN Yuanchao
    2021, 21 (3):  87-95.  doi: 10.3969/j.issn.1671-1122.2021.03.011
    Abstract ( 435 )   HTML ( 17 )   PDF (1906KB) ( 309 )  

    DNS rebinding attack based on the domain name system (DNS) can effectively bypass the homologous strategy and firewall, steal sensitive information, and control intranet devices, causing great harm to the Internet community. DNS rebinding can only be realized by setting malicious domain name. Aiming at the detection of malicious domain names related to DNS rebinding, this paper proposes a DNS rebinding classifier (DRC) based on passive DNS data analysis. By introducing passive DNS data, the domain names related to DNS rebinding are characterized from the four measure sets of domain name, time, abnormal communication and malicious behavior. Based on C4.5 decision tree, KNN, SVM and naive Bayes classification methods, the data are classified, trained and weighted. Cross validation experiments show that the accuracy of DRC model for identifying related malicious domain names can reach more than 95%. Compared with the malicious domain name detection tool FluxBuster, DRC model can identify related malicious domain names more accurately.

    Figures and Tables | References | Related Articles | Metrics