Loading...
Netinfo Security

Table of Content

    10 April 2023, Volume 23 Issue 4 Previous Issue    Next Issue
    For Selected: Toggle Thumbnails
    A Collaborative Obfuscation Method for JavaScript Code Based on Intensity Orientation
    LI Yuanzhang, MA Yujie, SUN Haipeng, ZHANG Zheng
    2023, 23 (4):  1-9.  doi: 10.3969/j.issn.1671-1122.2023.04.001
    Abstract ( 276 )   HTML ( 66 )   PDF (20068KB) ( 176 )  

    Code obfuscation is a kind of protection technique for software code. It is used to reinforce the software by increasing the difficulty of analyzing the code. Nowadays, the research on code obfuscation mainly focuses on analyzing the effect of single obfuscation method. There are few studies on collaborative obfuscation of multiple methods. To solve this problem, this article proposed a collaborative obfuscation method for JavaScript code based on intensity orientation. First, this paper evaluated the intensity of multiple independent obfuscation methods involved. Then this paper adjusted the execution order of obfuscation methods based on the evaluation result, and obtained a better obfuscation effect than simple multi-method stacking. Experimental results show that this method can obtain better obfuscation effect at a lower cost.

    Figures and Tables | References | Related Articles | Metrics
    Review of Research on Misbehavior Detection in VANET
    CAO Yue, LYU Chenchen, SUN Yaping, ZHANG Yu’ang
    2023, 23 (4):  10-19.  doi: 10.3969/j.issn.1671-1122.2023.04.002
    Abstract ( 527 )   HTML ( 77 )   PDF (13558KB) ( 237 )  

    The Internet of vehicles (IoV) has gradually penetrated into the lives of urban residents, while security threats such as remote malicious control of vehicles and leakage of personal information of vehicle owners have gradually been exposed in recent years. Compared with the security concern on devices and platform in vehicular Ad-hoc network (VANET), this paper focused on the security issues faced by the communication of VANET. Therefore, this paper systematically reviewed the literature on misbehavior detection mechanisms of VANET in recent years. Firstly, this paper analyzed the definition of misbehavior and summarized common threat models. Then, the classification of misbehavior detection mechanisms was discussed, including detection mechanisms based on message content, detection mechanisms based on message processing behavior, and detection mechanisms combined with sensors. Finally, this paper summarized open issues and possible future research trends in the current misbehavior detection mechanisms of VANET communication.

    Figures and Tables | References | Related Articles | Metrics
    Automatic Modulation Recognition Algorithm Based on Multi-Channel Joint Learning
    ZHAO Caidan, CHEN Jingqian, WU Zhiqiang
    2023, 23 (4):  20-29.  doi: 10.3969/j.issn.1671-1122.2023.04.003
    Abstract ( 243 )   HTML ( 30 )   PDF (11917KB) ( 139 )  

    Automatic modulation recognition technology can not only effectively improve the utilization rate of spectrum resources, but is also an effective way to identify illegal users. To further improve the performance of the recognition algorithm, the paper proposed a new asymmetric multichannel joint learning network by considering the connection between amplitude and phase features. The network used the amplitude, phase and the joint matrix of both as multi-channel input to achieve adaptive modulation coding by better extracting homogeneous and heterogeneous features in the amplitude and phase of the modulated signal using an asymmetric joint learning module without changing the number of parameters and computational speed. The experiments results show that the network proposed in the article achieves the highest recognition accuracy of 91.73% and 93.36% on the benchmark open source datasets RadioML2016.10a and RadioML2016.10b, respectively.

    Figures and Tables | References | Related Articles | Metrics
    Image Attribution Algorithm with Multi-Distortion Robustness
    QI Shuren, ZHANG Yushu, XUE Mingfu, HUA Zhongyun
    2023, 23 (4):  30-38.  doi: 10.3969/j.issn.1671-1122.2023.04.004
    Abstract ( 211 )   HTML ( 22 )   PDF (11060KB) ( 90 )  

    With the development of multimedia editing software and generative neural networks, the reliability of digital images is being continuously eroded. As an emerging forensic technique for provenance analysis, image attribution retraces the trustworthy source of the image under analysis and visualizes the editorial changes in such image. Thus, it can effectively combat malicious manipulation, assisting users to form correct judgments on image information. However, current image attribution methods are not sufficiently robust to the geometric transformations or signal corruptions in modern cyberspace, especially for images that contain multiple distortions. For this gap, an image attribution method with multi-distortion robustness was proposed. The method was based on an orthogonal and covariant image local representation strategy with robustness to multiple geometric transformations or signal corruptions. Two fast implementations were designed for sparse and dense representation tasks, respectively. The resulting image attribution method was able to efficiently retrace near-duplicate source in a trusted database, correct the geometric pose, and visualize potential tampering regions. In such process, the proposed method was robust to various benign transformations while maintaining sensitivity to subtle content manipulation. Simulation results show that the proposed image attribution method exhibits better forgery detection robustness and overall accuracy, as well as better feature compactness and implementation cost.

    Figures and Tables | References | Related Articles | Metrics
    Overview of Research on the Revocable Mechanism of Attribute-Based Encryption
    LI Li, ZHU Jiangwen, YANG Chunyan
    2023, 23 (4):  39-50.  doi: 10.3969/j.issn.1671-1122.2023.04.005
    Abstract ( 551 )   HTML ( 56 )   PDF (14235KB) ( 317 )  

    Attribute-based encryption is an important cryptographic technique for achieving fine-grained access control of data files in group communication systems. However, addressing the revocation of users or attributes is crucial due to the existence of user joining, exiting, and attribute changing in group communication systems. Based on the classification and construction of revocable attribute-based encryption schemes, this paper focused on the research progress and development of revocable attribute-based encryption schemes. This paper provided a comprehensive analysis and comparison of existing revocable attribute-based encryption schemes from three revocation mechanisms: direct revocation, indirect revocation, and hybrid revocation. At the same time, discussing the shortcomings and issues of revocable attribute-based encryption mechanisms and possible future directions.

    Figures and Tables | References | Related Articles | Metrics
    An Efficient Versatile Homomorphic Encryption Framework Based on Ciphertext Conversion Technique
    DU Weidong, LI Min, HAN Yiliang, WANG Xu’an
    2023, 23 (4):  51-60.  doi: 10.3969/j.issn.1671-1122.2023.04.006
    Abstract ( 195 )   HTML ( 18 )   PDF (12318KB) ( 93 )  

    Designing homomorphic encryption schemes to match the specific characteristics of different application algorithms is a key way to design efficient algorithms with privacy-preserving features. Firstly, the article designed a coefficient encoding-based RLWE homomorphic encryption scheme for deep learning prediction in which polynomial operations require only ciphertext-ciphertext addition and constant-ciphertext multiplication, using the polynomial vector space as the plaintext space Then a general homomorphic encryption framework supporting both polynomial and non-polynomial operations was constructed based on this scheme, which can perform polynomial operations on the RLWE ciphertext, extract the LWE ciphertext from the RLWE ciphertext, and perform non-polynomial operations by the looking up method. Finally, the LWE ciphertext was repackaged into RLWE ciphertext using the ciphertext conversion method to facilitate subsequent polynomial operations. The verification experimental results show that the RLWE ciphertext message capacity of the proposed framework is increased by a factor of 1 and the polynomial operation efficiency is increased by a factor of 1 compared with the newly proposed general homomorphic encryption framework PEGASUS. Besides, it does not need to convert the encodings in the ciphertext in non-polynomial evaluations, and it can repack LWE ciphertexts by only performing automorphism operations. Thus, our framework is more efficient in communication and computation.

    Figures and Tables | References | Related Articles | Metrics
    A Principal Component Analysis Scheme for Security Outsourcing in Cloud Environment Based on Secret Sharing
    MA Min, FU Yu, HUANG Kai
    2023, 23 (4):  61-71.  doi: 10.3969/j.issn.1671-1122.2023.04.007
    Abstract ( 242 )   HTML ( 22 )   PDF (12533KB) ( 63 )  

    The computational overhead of principal component analysis is so high that local devices cannot afford it and often require secure outsourcing of computational tasks. The data security issue in outsourcing computation has gradually become a difficult point for cloud computing security research. This paper proposed a secure outsourcing scheme based on secret sharing in cloud environment, which was based on additive secret sharing technology and designed with secure division and secure square root computation protocols. The PCA secure outsourcing computation could be finished by two cloud servers collaboratively performing the covariance matrix, Lanczos, Householder and other secure protocols. Compared with other secure outsourcing computation schemes, this scheme can better support client offline and multi-party data aggregation with better computational overhead, and the experiments verified the effectiveness of the scheme.

    Figures and Tables | References | Related Articles | Metrics
    Hardware Design and Implementation of Number Theoretic Transform in Post-Quantum Cryptography
    XIAO Hao, ZHAO Yanrui, HU Yue, LIU Xiaofan
    2023, 23 (4):  72-79.  doi: 10.3969/j.issn.1671-1122.2023.04.008
    Abstract ( 346 )   HTML ( 26 )   PDF (8696KB) ( 287 )  

    Number theoretic transform (NTT) is a key component of post-quantum cryptography algorithms, and its computing performance is critical to the running speed of the system. Compared with the classical NTT algorithm, the high-radix NTT algorithm can achieve better computational performance. In order to solve the problems of lengthy computing flow and complex control logic in the hardware implementation of high-radix NTT, this paper proposed a high-performance radix-4 NTT hardware architecture based on pipeline structure. Firstly, based on the classical NTT algorithm, a radix-4 recursive NTT was derived to facilitate hardware implementation, which simplified the computing flow of the high-radix algorithm. Secondly, a single-path delay feedback structure was presented to effectively pipeline the algorithm flow and reduced the complexity of the hardware architecture. Finally, the radix-4 butterfly unit was realized by coupling two-stage butterfly operations, and the reduction was optimized by using shift operations and additions, which could reduce the overhead of hardware resources. Taking the post-quantum cryptography algorithm falcon as an example, the proposed NTT hardware architecture has been implemented on Xilinx Artix-7 FPGA. The experimental results show that the proposed design has good performance in computing speed and hardware resources overhead compared to the related designs.

    Figures and Tables | References | Related Articles | Metrics
    Anonymous Domain Name Algorithm Based on Character Space Construction
    YIN Shu, CHEN Xingshu, ZHU Yi, ZENG Xuemei
    2023, 23 (4):  80-89.  doi: 10.3969/j.issn.1671-1122.2023.04.009
    Abstract ( 154 )   HTML ( 16 )   PDF (14389KB) ( 74 )  

    Domain name data contained in network traffic brings data privacy challenges to network traffic sharing. The existing anonymization algorithms for domain names mostly use text generalization and replacement. Their privacy processing effect is good, but they destroy the original structure and text characteristics of domain names, and cannot meet the needs of network security analysis scenarios. This paper proposed a domain name anonymization method for network security analysis. Through the hierarchical anonymous processing strategy based on the domain name structure and the anonymous algorithm based on the character space construction, the domain name text is reconstructed on the premise of retaining the domain name structure and linguistic features concerned in the network security analysis, so as to maintain the availability of the domain name data required by researchers and remove the privacy information in the domain name data. In order to resist exhaustive attacks, the method of random reconstruction by parameters was adopted to reduce the probability of repeated anonymous results of the same domain name in different batches, and the proposed method based on the real network traffic data of campus network was verified. The experimental results show that the method proposed in this paper can effectively improve the unrecognized and irreversible characteristics of anonymous domain name data, and retain its structural and linguistic utility.

    Figures and Tables | References | Related Articles | Metrics
    A Smart Grid Intrusion Detection Model for Secure and Efficient Federated Learning
    LIU Changjie, SHI Runhua
    2023, 23 (4):  90-101.  doi: 10.3969/j.issn.1671-1122.2023.04.010
    Abstract ( 349 )   HTML ( 47 )   PDF (13787KB) ( 185 )  

    The rapid development of smart grids has led to more efficient power transmission, and the high level of integration of grid systems and ICTs has exposed power systems to more cyber threats. Intrusion detection has received a lot of attention as an effective method to detect cyber attacks, and most of the existing schemes are based on the strong assumption that a single organization has enough high-quality attack examples and is willing to share their data. However, in real life, individual institutions not only generate a small amount of data but also have individual characteristics and are usually not willing to share their data, and using such single institution data is not sufficient to train a general model with high accuracy. In view of this, this paper proposed a secure and efficient approach for smart grid intrusion detection. Specifically, first, a federated learning framework was introduced to collaboratively train a generic intrusion detection model to protect the security of local data and allow indirect expansion of the data volume; Second, a secure communication protocol was designed to protect the security of model parameters in training and prevent eavesdroppers from eavesdropping on them for inference attacks; Finally, by selecting a good client for global aggregation, the fast convergence of the model was guaranteed and the number of participants was reduced to reduce the communication bandwidth. The experimental results show that the accuracy of intrusion detection is improved, data privacy is protected, and communication cost is reduced while ensuring model convergence.

    Figures and Tables | References | Related Articles | Metrics