Loading...
Netinfo Security

Table of Content

    10 November 2021, Volume 21 Issue 11 Previous Issue    Next Issue
    For Selected: Toggle Thumbnails
    Research on Key Problems of Scientific Data Security Standard
    ZHU Yanhua, LIAO Fangyu, HU Lianglin, WANG Zhiqiang
    2021, 21 (11):  1-8.  doi: 10.3969/j.issn.1671-1122.2021.11.001
    Abstract ( 308 )   HTML ( 43 )   PDF (9654KB) ( 161 )  

    Scientific data are important achievements of scientific research and the resource base of technological innovation. At the same time, the security of scientific data has become increasingly serious, and unprecedented challenges have been encountered in the practice of data sharing. It is urgent to strengthen the research of scientific data security standard system. This paper analyzes the characteristics of scientific data security from these dimensions of information security attributes, characteristics of scientific data resources and subject area data security. Five key research directions of scientific data security standards are proposed, namely, scientific data security framework, scientific data security classification, scientific data rights protection, life cycle security of scientific data and basic technical standards of scientific and technological resources security in the field. Research on the characteristics and standard system of scientific data security is of great significance to promote the construction of an innovative country and the full implementation of “Measures for Managing Scientific Data”.

    Figures and Tables | References | Related Articles | Metrics
    Research on Premise Selection Technology Based on Machine Learning Classification Algorithm
    XIONG Yan, CHENG Chuanhu, WU Jianshuang, HUANG Wenchao
    2021, 21 (11):  9-16.  doi: 10.3969/j.issn.1671-1122.2021.11.002
    Abstract ( 309 )   HTML ( 34 )   PDF (8355KB) ( 250 )  

    Premise selection is the key technology to improve the success rate of automatic theorem provf. It can choose the lemma which is most likely to prove the current conjecture successfully according to the relevance of the proving goal. However, the relevance of the lemmas recommended by the existing premise selection algorithm is not high, and the automatic proof ability of the theorem cannot be further improved. To solve the above problems, a combination algorithm based on machine learning classification is proposed. The scheme starts from the relationship between formula structure and symbols, extracts effective feature vector set, and introduces LDA topics extraction techniques on the basis of k-nearest neighbor algorithm and naive Bayes algorithm to further capture the correlation between symbols and dependencies, which makes the final combination algorithm more accurate. Experimental results show that this method has higher accuracy than that the existing premise selection algorithm, and can effectively improve the success rate of automatic theorem provf.

    Figures and Tables | References | Related Articles | Metrics
    Research on Network Security Measurement Method Based on Attack Identification
    ZHAO Xiaolin, ZHAO Bin, ZHAO Jingjing, XUE Jingfeng
    2021, 21 (11):  17-27.  doi: 10.3969/j.issn.1671-1122.2021.11.003
    Abstract ( 305 )   HTML ( 34 )   PDF (12382KB) ( 279 )  

    At present, most of the traditional system security state assessment criteria are qualitative assessment, The disadvantage of this method is that it can not quantify the risk, and there are many kinds of quantitative assessment methods, most of which have the problems of incomplete assessment and low accuracy of attack identification. Attack-based identification plays an important role in network security measurement, this paper proposed a network security measurement model of asset threat vulnerability management, which combined static assessment with dynamic assessment. Static evaluation used AHP analytic hierarchy process, combined with common vulnerability scoring system vulnerability evaluation system to rate asset vulnerability and management. In the aspect of dynamic evaluation, the combination of DW-K-means++ algorithm and XGBoost method were used to improve the effect of attack recognition. The overall evaluation results of the network system are given by combining static and dynamic evaluation. This paper uses public dataset CICIDS2017 to prove the clustering advantage of DW-K-means++ algorithm on large dataset. At the same time, the validity of the network security measurement model proposed in this paper is verified by the data based on simulation experiments.

    Figures and Tables | References | Related Articles | Metrics
    Privacy-preserving Data Aggregation with Fine Grained Access Control for Smart Grid
    XIA Zhe, LUO Bin, XU Guibin, XIAO Xinxiu
    2021, 21 (11):  28-39.  doi: 10.3969/j.issn.1671-1122.2021.11.004
    Abstract ( 335 )   HTML ( 23 )   PDF (11843KB) ( 216 )  

    Smart grid enables dynamic power allocation and intelligent pricing, thanks to collecting and analyzing power consumption data in real time. This feature is of great significance to improve the efficiency and reliability of power grid. However, in the process of power data acquisition, security threats need to be considered with respect to the leakage of user’s privacy. In addition, based on the principle of minimum necessary knowledge, the statistical information of various power consumption data should only be read by the designated authorized entity. To address the above problems, a privacy-preserving data aggregation with fine grained access control for smart grid was proposed. The scheme used Horner rule to aggregate multi-user and multi region power consumption data in a multi-dimensional way. The homomorphic encryption was used to ensure the privacy of user power consumption data, the digital signature was used to ensure authenticity of power consumption data. And the proxy re-encryption was used to achieve fine-grained access control of aggregated data, that is to say, the designated authorized entity could only read the aggregated data. Security analyses show that the proposed scheme can not only guarantee user’s privacy and the integrity of power consumption data, but also enables fine-grained access control of the aggregated data. Therefore, the scheme is suitable for real-world applications.

    Figures and Tables | References | Related Articles | Metrics
    Access Control Methods of Data Sharing in Cloud Storage Based on Smart Contract
    WANG Jian, YU Hang, HAN Zhen, HAN Lei
    2021, 21 (11):  40-47.  doi: 10.3969/j.issn.1671-1122.2021.11.005
    Abstract ( 225 )   HTML ( 24 )   PDF (8257KB) ( 161 )  

    Cloud storage has become the main method of data storage such as data outsourcing and enterprise data storage. However, the security of cloud storage is facing challenges, and data security urgently needs to implement access control and access auditing to data. Based on the attribute-based access control model, this paper implements static and dynamic access control methods based on smart contracts by storing user attribute information and access history information in the blockchain, which improves system security and user privacy protection. Theoretical analysis and experiments show that the data access control method proposed in this paper can solve the problems of data security and system scalability more effectively.

    Figures and Tables | References | Related Articles | Metrics
    Research and Implementation of a Image Steganography Method Based on Conditional Generative Adversarial Networks
    LEI Yu, LIU Jia, LI Jun, KE Yan
    2021, 21 (11):  48-57.  doi: 10.3969/j.issn.1671-1122.2021.11.006
    Abstract ( 415 )   HTML ( 17 )   PDF (10436KB) ( 193 )  

    Steganography by texture image synthesis was a kind of common carrier synthesis steganography method. However, the texture image did not have semantic features, so this kind of method was easy to attract the attention of attackers after multiple transmission. The generative adversarial networks used game strategy to make the generator confront the discriminator. In theory, the generator with the best training could make the distribution of the generated samples the same as the real data. In ideal conditions, using GAN to realize synthesis steganography could construct a natural image. One of the problems of the image synthesis steganography based on GAN was that it couldn’t control the content of the generated image. To solve this problem, this paper proposed an image steganography method based on conditional generative adversarial networks. In this method, the combination of random noise and condition information was used as the representation of hidden space to train the generator, so that the generated image was controlled by condition information. The combination of generated image and condition information was used as the representation of probability space to train the extractor, so that the extracted noise was consistent with the driving noise. The experimental results showed that this method could complete the function of generating the image and extracting the message. The outstanding feature was that it could use the condition information to control the content of the image. At the same time, the image quality and accuracy rate of the message extraction were close to the method in the comparison.

    Figures and Tables | References | Related Articles | Metrics
    Light-weight Mutual Authentication Protocol for Mobile Edge Computing
    LI Tong, ZHOU Xiaoming, REN Shuai, XU Jian
    2021, 21 (11):  58-64.  doi: 10.3969/j.issn.1671-1122.2021.11.007
    Abstract ( 297 )   HTML ( 14 )   PDF (7914KB) ( 107 )  

    Mobile edge computing is a new computing paradigm, which can provide real-time computing, data optimization and smarter application to mobile smart devices by deploying mobile edge computing servers that are closer to the data sources. This paper focuses on the problem of secure identity authentication between mobile devices and mobile edge computing servers, and proposed a light-weight mutual authentication protocol for mobile edge computing based on elliptic curve cryptography and Hash function. The protocol achieved mutual authentication, mobile user anonymous protection and mobile user untraceability, and was secure against replay attack and man-in-the-middle attack. According to performance analysis and comparison with similar protocols, the proposed protocol has lower computational costs, and is suitable for resource constrained mobile smart devices.

    Figures and Tables | References | Related Articles | Metrics
    Survey on Data Aggregation and Privacy Protection of User Query in Smart Grid
    LI Kunchang, SHI Runhua, LI En
    2021, 21 (11):  65-74.  doi: 10.3969/j.issn.1671-1122.2021.11.008
    Abstract ( 269 )   HTML ( 25 )   PDF (12129KB) ( 281 )  

    Privacy protection is an important and popular research topic for the smart grid. First of all, this article introduced the background of the smart grid and the existing security issues, and analyzed the importance of privacy protection. Then, this article introduced the current research directions and main technical means of privacy protection in the smart grid, including cryptography technology, blockchain and secure multi-party computing, etc. There were some new breakthroughs in the smart grid privacy protection by combining artificial intelligence technology, as well as aspected that need further research, provided a technical basis for further research. Finally, this article pointed out that in order to further improve the efficiency and light weight of privacy protection and sharing, we should combine several key technologies, such as cryptography, blockchain, artificial intelligence, privacy enhancement technology, and edge computing, etc. In order to solve these existing problems of privacy protection in the smart grid, including low sharing efficiency and high communication costs, this article pointed out some future research directions, hoping to promote the industry.

    Figures and Tables | References | Related Articles | Metrics
    Design of Blockchain-based High-value Data Sharing System
    YU Kechen, GUO Li, YAO Mengmeng
    2021, 21 (11):  75-84.  doi: 10.3969/j.issn.1671-1122.2021.11.009
    Abstract ( 347 )   HTML ( 18 )   PDF (11281KB) ( 395 )  

    There are currently many high-value data in practical business, yet without an effective sharing scheme, these data are difficult to be shared and cannot be fully utilized. Blockchain is an emerging technology that enables the node participating in the blockchain to trust each other without a center and reach an agreement finally. The data of each node in the blockchain system is shared with the node possessing the data of all transactions, and the data is written to the blockchain only after the agreement of the transaction data among the nodes is confirmed during the transaction. Therefore, the transaction data cannot be denied and likewise cannot be modified. Since blockchain has the characteristic of tamper-proof and traceability, this paper adopted FISCO BCOS, a federation chain whose participating members’ identities were audited by the system, as the underlying architecture and carried out security design at the system level, thereby completing the secure sharing of high-value data. Both qualitative and quantitative tests of the sharing system were conducted to prove that the designed system was feasible, user-friendly, and secure enough to ensure information security.

    Figures and Tables | References | Related Articles | Metrics
    An Anomaly Detection and Location Algorithm Based on TCN and Attention Mechanism
    WU Jiajie, WU Shaoling, WANG Wei
    2021, 21 (11):  85-94.  doi: 10.3969/j.issn.1671-1122.2021.11.010
    Abstract ( 506 )   HTML ( 19 )   PDF (11013KB) ( 350 )  

    With the development of cloud computing, the application of cloud has become the mainstream system deployment scheme. In order to meet the commercial needs, many systems adopt the micro service architecture and deploy to the hybrid cloud environment. The complexity of the system and the complexity of the operating environment make real-time monitoring and operation data processing, anomaly detection and location difficult. In this paper, we designed a real-time monitoring and data processing framework for complex cloud system. We proposed an anomaly detection algorithm based on TCN and attention mechanism (TCN-AT). The former is suitable for micro service system running in complex cloud environment, while the latter is used for point anomaly and window anomaly detection in time series data. A large number of experiments on simulation data, real microservice system data and open source data show that TCN-AT is superior to other state of art algorithms.

    Figures and Tables | References | Related Articles | Metrics