Netinfo Security

A Formal Analysis Scheme for 5G Private Network Authentication Protocol

WANG Yuedong, XIONG Yan, HUANG Wenchao, WU Jianshuang

2021, 21 (9): 1-7. doi: 10.3969/j.issn.1671-1122.2021.09.001

Abstract ( 291 )

HTML ( 26 )

PDF (1101KB) ( 308 )

This paper proposed a fine-grained formal modeling and verification scheme for the 5G EAP-TLS protocol. According to the TS 33.501 document, the scheme first constructed a protocol interaction model based on the Diffie-Hellman mode. Then the scheme expanded the Dolev-Yao model by introducing two participant compromised scenarios and mixed channel model. Finally, the verification tool SmartVerif was used to verify three types of security properties including confidentiality properties, authentication properties, and privacy properties. Experimental results show that the protocol exist safety flaws in terms of confidentiality properties and authentication properties. This paper analyzes the root causes of safety flaws and proposes a revised protocol. The revised protocol can meet all the security properties defined in the paper.

Figures and Tables | References | Related Articles | Metrics

Research on Security Communication Protocol of Power Internet of Things

WU Kehe, CHENG Rui, ZHENG Bihuang, CUI Wenchao

2021, 21 (9): 8-15. doi: 10.3969/j.issn.1671-1122.2021.09.002

Abstract ( 429 )

HTML ( 25 )

PDF (1131KB) ( 229 )

In order to comprehensively improve the security comprehensive defense capability of power Internet of Things (IoT) and solve the lack of security protection, terminal authentication mechanism of power IoT terminal, this paper proposed a secure communication protocol based on IBC (Identity-based Cryptography) system based on the fingerprint and SM9 algorithm, the terminal identity authentication was completed by using the terminal unique identification mark instead of the traditional digital certificate. It was applied to the data encryption transmission of the power IoT terminal. Finally, the security analysis of the protocol was carried out, and the comparison was made with the traditional power communication access protocol. The results show that the protocol can effectively prevent various network attacks, save computing and network resources, and effectively solve the security access problems of mass power IoT terminals.

Figures and Tables | References | Related Articles | Metrics

Network Security Test of Airport Fuel Supply Automatic Control System Based on Semi-physical Object

GU Zhaojun, YAO Feng, DING Lei, SUI He

2021, 21 (9): 16-24. doi: 10.3969/j.issn.1671-1122.2021.09.003

Abstract ( 197 )

HTML ( 8 )

PDF (1892KB) ( 122 )

Simulation modeling is an important research method in ICS network security, but pure software simulation methods have difficulties in modeling security functions and lacking of response from the core control layer, which leads to the blurred focus of network security protection of the target system and the deterioration of the ability to defend against attacks. Combining the shortcomings of inflexible simulation modeling and incomplete testing methods in actual research,this paper proposed a network security testing method for airport fuel supply automatic control system based on a semi-physical platform for civil aviation industry control systems. Firstly, the DCS design model was used to build a semi-physical simulation test platform, and PLC was used as the core controller to construct the oil sending and receiving module, the tank dumping module and the tank group management module. Subsequently, based on the premise that the attacker completed the system intrusion, ARP attacks, flooding attacks, and industrial protocol tampering attacks were used to conduct network test attacks on the production process of the system, and the configuration demonstration interface and physical objects were used to jointly verify the attack effect. Finally, industrial firewalls and gatekeepers were used to test and verify the protection capabilities, and the protection opinions of airport fuel supply automatic control system were given.

Figures and Tables | References | Related Articles | Metrics

Blind Watermarking Algorithm of Color Images Based on DCT-DQFT and QR Decomposition

MA Ling, QIN Liangcheng

2021, 21 (9): 25-31. doi: 10.3969/j.issn.1671-1122.2021.09.004

Abstract ( 288 )

HTML ( 15 )

PDF (1509KB) ( 104 )

In order to improve the performance of color image digital watermark and take into account the correlation between three color channels of color image, a QR matrix decomposition watermark embedding algorithm based on discrete cosine transform(DCT) and discrete quaternion Fourier transform(DQFT) was proposed, which integrated the good robustness of watermark algorithm based on transform domain and could embed watermark information by processing the three channels of color image as a whole. Firstly, the three RGB channels of the color image were discrete cosine transformed respectively, and the transformed three 1/4 medium and low frequency components were selected as the three imaginary parts of the quaternion matrix to construct a pure quaternion matrix Q. The Q was discrete quaternion Fourier transformed, and the transformed real part was selected for 4×4 blocks, the data of which was QR decomposed and the watermark information was embedded. Experimental results show that the proposed watermarking algorithm is robust to noise attacks, JPEG compression, median filtering and other attacks.

Figures and Tables | References | Related Articles | Metrics

Research and Application of Information Protection Mechanism for Online Education Resource Alliance

SUN Li

2021, 21 (9): 32-39. doi: 10.3969/j.issn.1671-1122.2021.09.005

Abstract ( 251 )

HTML ( 18 )

PDF (1480KB) ( 115 )

Compared with the traditional centralized information system, blockchain has the advantages of tamper-proof, traceable and data sharing. This paper described the transaction process of the Fabric blockchain, which was the representative of the alliance blockchain, and made an in-depth study of its latest fine-grained data protection mechanism(privacy datasets). The core idea of information protection mechanism of online education resource alliance was put forward by combining Fabric blockchain channel and privacy datasets. The implementation method was designed for specific scenarios, and the application effect was verified in the actual blockchain environment. Finally, the development and improvement of the information protection mechanism of the online education resource alliance were discussed and prospected.

Figures and Tables | References | Related Articles | Metrics

Design and Implementation of Smart Token Based on THD89

JIANG Haozhen, JIANG Bifei, HE Langyue, SHAN Yiwei

2021, 21 (9): 40-45. doi: 10.3969/j.issn.1671-1122.2021.09.006

Abstract ( 518 )

HTML ( 20 )

PDF (1120KB) ( 228 )

The smart token is a terminal cryptographic product that combines cryptography and smart card technology. It can provide secure storage of keys and cryptographic computing services for information security infrastructure. It is widely used in identity authentication, privacy protection and financial transactions. The existing smart token have problems such as low level security, simple access control design, and low cryptographic performance, which restrict the application and development of smart token. According to relevant national standards and based on the THD89 security chip which has passed the international SOGIS CC EAL6+ certification, this paper designed and implemented a smart token with complete SM algorithms and high efficiency as well as high security.

Figures and Tables | References | Related Articles | Metrics

Survey of Number Theoretic Transform Algorithms for Quantum-resistant Lattice-based Cryptography

TAO Yunting, KONG Fanyu, YU Jia, XU Qiuliang

2021, 21 (9): 46-51. doi: 10.3969/j.issn.1671-1122.2021.09.007

Abstract ( 591 )

HTML ( 25 )

PDF (1061KB) ( 399 )

With the rapid development of quantum computers, the traditional RSA cryptography, elliptic curve cryptography and other public key cryptosystems have been threatened seriously. In quantum-resistant cryptosystem, lattice-based cryptosystem is one of the important types and the research on its efficient implementation makes great significance. Number theoretic transform(NTT) is the important operation in lattice-based cryptosystems, and its efficiency is the key problem for efficient implementation of lattice-based cryptography. In this paper, the research progress of number theoretic transform algorithms in lattice-based cryptosystems is summarized and analyzed especially in software implementations on various CPU platforms. The improvements of NTT algorithm in butterfly structure, negative wrapped convolution and modulo reduction are analyzed and summarized. This paper can provide a research support for efficient implementation of quantum-resistant cryptographic algorithms.

References | Related Articles | Metrics

Image-based Phishing Email Detection Method and Implementation

YI Xiaoyang, ZHANG Jian

2021, 21 (9): 52-58. doi: 10.3969/j.issn.1671-1122.2021.09.008

Abstract ( 373 )

HTML ( 27 )

PDF (1116KB) ( 223 )

Email phishing attack is an APT attack method that exploits lack of consciousness of cyber security and software vulnerability. It can cause serious damage and the number of attacks is gradually increasing. The class imbalance problem of phishing emails and normal emails has been a difficult topic in the field of cyber security. Extracting the characteristics of email body for analysis also has the risk of infringing the user’s personal privacy. The paper proposed an image-based phishing email detection method. It used Simhash algorithm to transform emails into images, and then used LBP method to extract its features. It could not only retain the original information of emails, but also protected the privacy of users. In the paper, DCGAN model was used to expand the phishing email data set. It solved the class imbalance problem in emails and improved the accuracy of Inception V3 model for image classification. Experiments show that this method can detect phishing emails effectively, and the precision of experiments can reach to 92.8%.

Figures and Tables | References | Related Articles | Metrics

A Website Fingerprinting Attack Method via Convolutional Neural Network Optimized by Genetic Algorithm

LI Yanlin, CAI Manchun, LU Tianliang, XI Rongkang

2021, 21 (9): 59-66. doi: 10.3969/j.issn.1671-1122.2021.09.009

Abstract ( 269 )

HTML ( 16 )

PDF (1378KB) ( 177 )

Website fingerprinting attack is often used to analyze the user access behavior of Tor network, and the analysis effect is limited by the construction of fingerprinting traffic feature set. After manual feature engineering and feature selection, a set of fingerprinting features can be obtained, which can represent the attack mode. With the update of Tor network protocol, the traffic characteristics extracted manually may be invalid. In this paper, a convolutional neural network fingerprinting attack method optimized by genetic algorithm was proposed to realize the automatic extraction of traffic characteristics. Compared with the existing fingerprinting attack research, the recognition accuracy of this method is improved in closed world dataset and open world dataset.

Figures and Tables | References | Related Articles | Metrics

IoT Device Recognition Model Based on Depthwise Separable Convolution

CHEN Qinggang, DU Yanhui, HAN Yi, LIU Xiangyu

2021, 21 (9): 67-73. doi: 10.3969/j.issn.1671-1122.2021.09.010

Abstract ( 318 )

HTML ( 17 )

PDF (1706KB) ( 152 )

With the continuous growth of the number of IoT devices, the problem of IoT device management has become increasingly prominent. How to accurately identify IoT devices in the resource-limited IoT environment is a key problem to be solved urgently. To solve the difficulty in extracting the traffic features of devices in the Internet of Things (IoT), an Internet of Things device identification method based on deep separable convolution was proposed. In this method, device fingerprints were constructed using payload data at session granularity, and depth features were extracted from device fingerprints through convolutional layer. Experimental results show that this method can effectively identify device types with limited resources. Compared with the standard CNN method and manual feature extraction technique, the overall performance is improved.

Figures and Tables | References | Related Articles | Metrics

Bitcoin Illegal Transaction Identification Method Based on Graph Convolutional Network

ZHENG Haixiao, WEN Bin

2021, 21 (9): 74-79. doi: 10.3969/j.issn.1671-1122.2021.09.011

Abstract ( 377 )

HTML ( 17 )

PDF (1885KB) ( 185 )

Bitcoin as an anonymous encrypted digital asset has gradually become the choice of some illegal underground transactions. To purify the financial market and combat illegal transactions, it is necessary to identify illegal transaction activities in the Bitcoin network. Based on related work, this article proposed a method for detecting illegal transactions in the Bitcoin network (Multi-layer Perceptrons + Graph Convolutional Network, MP-GCN) based on the combination of a multilayer perceptron and a graph convolutional network. MP-GCN used a combination of multi-layer perceptrons and graph convolutional networks to build a model for identifying illegal transactions. Specifically, before the graph convolutional layer and in the middle of the two-layer graph convolutional layer, a multi-layer perceptron was used for auxiliary feature extraction, and a linear layer was used to divide illegal transactions finally. The experimental results verify that the detection effect achieved by MP-GCN is better than that of the traditional graph convolutional network with the same data set.

Figures and Tables | References | Related Articles | Metrics

A Secure Area Based Clustering Approach for Traffic Analysis in WSN

ZHANG Yongtang

2021, 21 (9): 80-89. doi: 10.3969/j.issn.1671-1122.2021.09.012

Abstract ( 259 )

HTML ( 7 )

PDF (2152KB) ( 264 )

Clustering is the most important task in wireless sensor network (WSN), which is characterized by data aggregation through each cluster head (CH), and reduces transportation costs. Because wireless sensor network is deployed in remote and hostile environments to transmit sensitive information, sensor nodes are more vulnerable to false data injection attacks. To overcome these existing issues and enhance the network security, this paper proposes a secure area based clustering approach for data aggregation using traffic analysis (SAC-TA) in WSN. The sensor network is grouped into small clusters, each of which has a CH to manage and collect information from normal sensor nodes. The CH is selected according to the predefined time slot, cluster center and maximum residual energy. The collected data is verified based on traffic analysis and one-time key generation process to identify malicious nodes on the route, provide a secure data collection process and improve energy efficiency. The simulation results show that compared with the existing secure data aggregation technology (SDAT), SAC-TA has lower average energy consumption rate, lower end-to-end delay, higher average residual energy, higher data aggregation accuracy and error data detection rate.

Figures and Tables | References | Related Articles | Metrics

Research and Design of Data Security Evaluation Model Based on DSMM Model

YANG Xiaoqi, BAI Lifang, TANG Gang

2021, 21 (9): 90-95. doi: 10.3969/j.issn.1671-1122.2021.09.013

Abstract ( 325 )

HTML ( 17 )

PDF (1660KB) ( 229 )

From the perspective of data security assessment, based on data security governance framework and data security capability maturity model, and combined with system for classified protection of cybersecurity 2.0, this paper studies and analyzes data security related technologies and assessment methods, and proposes a “management + technology” data security assessment model. The model takes data as the center, which can meet the security requirements reflected by the development of all kinds of data business of organizations. The evaluation items have good universality, and can be applied to the evaluation of organizations with information systems to carry out data security work.

Figures and Tables | References | Related Articles | Metrics

Table of Content