Table of Content

10 July 2023, Volume 23 Issue 7 Previous Issue    Next Issue

---

For Selected:

Download Citations EndNote Ris BibTeX

Toggle Thumbnails

Select

Quantum Solving Euler’s Totient Function to Crack RSA ZHANG Xinglan, ZHANG Feng 2023, 23 (7):  1-8.  doi: 10.3969/j.issn.1671-1122.2023.07.001 Abstract ( 202 )   HTML ( 34 )   PDF (10367KB) ( 108 )   Quantum computing is a novel computing mode based on the principles of quantum mechanics, which has the natural advantages of parallel computing. Shor’s algorithm is an algorithm that can quickly decompose integers and is expected to crack RSA encryption technology. However, Shor’s algorithm is difficult to be implemented on a quantum computer due to the fact that the modular power circuit to be constructed is extremely complex, and the number of qubits affects the accuracy of the subsequent continued fractions. To solve the above problems, this paper proposed a new algorithm based on the knowledge of number theory and RSA algorithm, designed relevant quantum circuits to solve the Euler’s totient function of the integer N to be decomposed. After the Euler’s totient function of the integer N to be decomposed was solved by quantum computing, the two prime factors could be obtained by constructing and solving a system of binary linear equations. Moreover, the private key could be further calculated by combining the public key, so as to crack the ciphertext. On the basis of universality, this algorithm only uses 2n+2 qubits, only needs to solve the modular multiplication of numbers, and does not need to calculate continued fractions. Figures and Tables | References | Related Articles | Metrics

Select

Verifiable Outsourcing EMR Scheme with Attribute-Based Encryption in Cloud-Edge Environments SHI Runhua, XIE Chenlu 2023, 23 (7):  9-21.  doi: 10.3969/j.issn.1671-1122.2023.07.002 Abstract ( 225 )   HTML ( 31 )   PDF (13461KB) ( 110 )   With emerging of cloud and edge computing, attribute-based encryption (ABE) is a promising cryptographic primitive, which can provide a fine-grained access control strategy for Electronic Medical Record (EMR) in the cloud sever. However, in ABE, the finer the access control is, the bigger the number of required attributes is. Accordingly, it requires the higher encryption costs. In order, to reduce the encryption burden of data owner, we first presented a verifiable outsourcing ABE scheme, in which a fog node in the data owner side is fully responsible for the encryption of ABE, and another fog node in the user side assisted data users to perform the corresponding decryption. Furthermore, this paper introduced the proxy re-encryption algorithm, online indexing, and offline trapdoor, where proxy re-encryption algorithm is aimed to achieve the dual access control for EMRs, and online indexing and offline trapdoor ensure the anonymity of legitimate users. Finally, with the help of blockchain, management server and attribute authority, the scheme can verify the honesty of fog nodes and the correctness of the ciphertext. The experimental results show that the data owner of our scheme has the low encryption time, while this scheme reduces the encryption burden of the data owner, achieves finer grained access control, and realizes the verifiability of the ciphertext. Figures and Tables | References | Related Articles | Metrics

Select

Efficient Neural Network Inference Protocol Based on Secure Two-Party Computation XU Chungen, XUE Shaokang, XU Lei, ZHANG Pan 2023, 23 (7):  22-30.  doi: 10.3969/j.issn.1671-1122.2023.07.003 Abstract ( 197 )   HTML ( 17 )   PDF (10062KB) ( 126 )   Despite the rapid growth of Machine Learning as a Service(MLaaS) in recent years, there are still many performance and security issues in real-world applications, with the risk of leakage of user data and enterprise neural network model parameters. There are currently some machine learning schemes with privacy protection, but there are problems with low computational efficiency and high communication overhead. To address the above problems, the paper proposed an efficient neural network inference protocol based on secure two-party computation, where the linear layer used secret sharing to protect the privacy of the input data and the nonlinear layer used a low communication overhead comparison function based on oblivious transfer to compute the activation function. The experimental results show that the protocol is at least 23% more efficient and reduces communication overhead by at least 51% on two benchmark datasets compared to existing solutions. Figures and Tables | References | Related Articles | Metrics

Select

Differential Privacy-Preserving Dynamic Recommendation Model Based on Cloud Federation LIU Gang, YANG Wenli, WANG Tongli, LI Yang 2023, 23 (7):  31-43.  doi: 10.3969/j.issn.1671-1122.2023.07.004 Abstract ( 176 )   HTML ( 14 )   PDF (13639KB) ( 64 )   This paper proposed a cloud-based federated differential privacy-Preserving dynamic recommendation model (P2RCF). The model employed an attention mechanism to dynamically adjust the fusion of short-term and long-term user interests, increasing the flexibility of the recommendation system. The paper also introduced differential privacy and cloud federation technologies to protect user privacy information. Experimental evaluations were conducted on public datasets to assess the performance of the proposed model. The results demonstrate that the model improves recommendation accuracy and personalization while preserving user data privacy. Figures and Tables | References | Related Articles | Metrics

Select

Attribute-Based Anti-Quantum Threshold Ring Signcryption Scheme for Blockchain-Based Finance YU Huifang, QIAO Yifan, MENG Ru 2023, 23 (7):  44-52.  doi: 10.3969/j.issn.1671-1122.2023.07.005 Abstract ( 211 )   HTML ( 9 )   PDF (10097KB) ( 64 )   To solve the problems of coarse granularity of user access control, uncontrolled flow of transaction data, and vulnerability to eavesdropping of transmission data in public chain in blockchain finance systems, this paper proposed an attribute-based anti-quantum threshold ring signcryption Scheme for blockchain-based finance (BCF-AAQTRSC). BCF-AAQTRSC improves the flexibility of blockchain access control and protects the security of blockchain access control because multi-attribute mechanism can make any user create the attributes and authorize different users. BCF-AAQTRSC satisfies the confidentiality, unforgeability, anonymity and anti-quantum security while achieving the decentralization. NTRU lattice is used to construct the system parameters, master key and user private key, BCF-AAQTRSC uses the message block sharing technology and pad-permutation technology to construct the ciphertext, so its security and computation efficiency are greatly improved. BCF-AAQTRSC is suitable for blockchain-based finance application scenarios with high distribution storage efficiency. Figures and Tables | References | Related Articles | Metrics

Select

HTTP Payload Covert Channel Detection Method Based on Deep Learning YUAN Wenxin, CHEN Xingshu, ZHU Yi, ZENG Xuemei 2023, 23 (7):  53-63.  doi: 10.3969/j.issn.1671-1122.2023.07.006 Abstract ( 391 )   HTML ( 28 )   PDF (13136KB) ( 132 )   Aiming at the problem that existing network traffic statistical features and packet payload features cannot effectively detect HTTP payload covert channels, this article proposed a convolutional neural network detection method based on session flow payload representation. First, packets generated by HTTP communication were aggregated into bidirectional session flows based on five-tuple and expiration time conditions. Then, selected a set of packets that can reflect the communication interaction behavior and session flow structure, extract the original byte sequence of their transport layer payload, forming a session flow payload representing each HTTP session flow. Finally, the detection model was constructed using 2D-CNN that can fully mine temporal and spatial dimensional information in byte sequences. Experimental results show that the proposed session flow payload representation method can depict HTTP traffic from more perspectives than the session flow packet payload representation method, thereby providing more useful information for the detection task. The detection rate of the proposed method is as high as 99%, which is better than traditional machine learning detection methods based on network flow behavior statistical features. Figures and Tables | References | Related Articles | Metrics

Select

Transferable Image Adversarial Attack Method with AdaN Adaptive Gradient Optimizer LI Chenwei, ZHANG Hengwei, GAO Wei, YANG Bo 2023, 23 (7):  64-73.  doi: 10.3969/j.issn.1671-1122.2023.07.007 Abstract ( 246 )   HTML ( 27 )   PDF (12944KB) ( 195 )   Most network models are vulnerable to adversarial attack, which poses a serious threat to the security of network algorithms. Therefore, adversarial attack becomes an effective method to evaluate network security and robustness. The existing white-box attack methods have been able to achieve high success rates, but black-box condition remains to be improved. This paper referred to gradient optimization and introduced AdaN optimizer to the process of generating adversarial examples. The main purpose was to accelerate gradient convergence. Thus, the overfitting was relieved and transferability was enhanced. In order to further enhance the attack effectiveness, the method proposed in the article is combined with other data augmentation methods to form a more effective attack method. Besides, generating adversarial examples by ensemble models shows better performance on defense models. The experimental results show that the adversarial samples optimized using AdaN gradient can achieve higher success rates in black-box attacks than the current benchmark method and have better transferability. Figures and Tables | References | Related Articles | Metrics

Select

Explainable Anomaly Traffic Detection Based on Sparse Autoencoders LIU Yuxiao, CHEN Wei, ZHANG Tianyue, WU Lifa 2023, 23 (7):  74-85.  doi: 10.3969/j.issn.1671-1122.2023.07.008 Abstract ( 249 )   HTML ( 14 )   PDF (14308KB) ( 90 )   Although many deep learning detection models achieve good results in various indicators, security managers do not understand the decision-making basis of deep models, on the one hand, they cannot trust the discrimination results of the model, and on the other hand, they cannot diagnose and track the errors of the model well, which greatly limit the practical application of deep learning models in this field. Faced with such a problem, this paper proposed a Sparse Autoencoder Based Anomaly Traffic Detection (SAE-ATD). The model used the sparse autoencoder to learn the normal traffic characteristics, and on this basis, a threshold was introduced to iteratively select the best threshold to improve the detection rate of the model. After the model was predicted, the outliers in the prediction results were fed into the explainer, and after iteratively updating the reference values through the explainer, the difference between each feature reference value and the outlier was returned, and interpretability analysis was carried out in combination with the original data. In this paper, experiments are carried out on the CICIDS2017 dataset and the CIRA-CIC-DoHBrw-2020 dataset, and the experimental results show that SAE-ATD has 99% accuracy and recall for most attacks detection on the two datasets, and can also provide explainability for the model. Figures and Tables | References | Related Articles | Metrics

Select

Distributed Denial of Service Attack Detection Algorithm Based on Two-Channel Feature Fusion JIANG Yingzhao, CHEN Lei, YAN Qiao 2023, 23 (7):  86-97.  doi: 10.3969/j.issn.1671-1122.2023.07.009 Abstract ( 173 )   HTML ( 8 )   PDF (13895KB) ( 64 )   With the rapid development of the Internet of things, the number of devices accessing the network is increasing rapidly, so the distributed denial of service (DDoS) attacks often have the characteristics of various attack methods and rapid changes. To deal with mixed and variable DDoS attacks with large traffic, the existing detection methods based on statistical analysis rely too much on artificially setting thresholds, while the anomaly detection methods based on machine learning have the problems of high false positive rate and high false negative rate. Therefore, this paper proposed a two-channel feature fusion detection model based on convolutional neural network (CNN) and attention mechanism, which was DCFD-CA. The model inputted the statistical feature samples into the local feature extraction channel based on CNN and the global feature extraction channel based on the attention mechanism respectively, and used the difference of the two model structures to achieve different effects. The former could abstract the relationship between local feature values, and the latter could assign more weight to important features. In order to fuse the functions of the two models, the abstract features output by each channel were normalized, and then the feature data of two different channels was fused by stacking, and finally the three-layer neural network was used for detection and classification. Conducting experiments on the public datasets CICIDS2017-DDoS, CICIDS2018-DDoS and CICDDoS2019, the F1 scores of the DCFD-CA model are 0.9863, 0.9996 and 0.9998 respectively, which are better than SAE-MLP, composite DNN models. Figures and Tables | References | Related Articles | Metrics

Select

A Multi-Server Federation Learning Scheme Based on Differential Privacy and Secret Sharing CHEN Jing, PENG Changgen, TAN Weijie, XU Dequan 2023, 23 (7):  98-110.  doi: 10.3969/j.issn.1671-1122.2023.07.010 Abstract ( 246 )   HTML ( 22 )   PDF (15395KB) ( 127 )   Federated learning relies on its central server scheduling mechanism, which can complete multi-user joint training without data leaving the domain. Most current federal learning schemes and their related privacy protection schemes rely on a single central server to complete encryption and decryption and gradient computation, which on the one hand tends to reduce the computational efficiency of the server, and on the other hand causes a large amount of privacy information leakage once the server is subject to external attacks or internal malicious collusion. Therefore, the paper combined differential privacy and secret sharing techniques to propose a multi-server federation learning scheme. Noise satisfying (ε,δ)-approximate differential privacy was added to the model trained by local users to prevent multiple servers from colluding to obtain private data. The noise-added gradients were distributed to multiple servers via a secret sharing protocol to ensure the security of the transmitted gradients while using multiple servers to balance the computational load and improve the overall computing efficiency. Experiments on the model performance, training overhead and security performance of the scheme based on public datasets show that the scheme has high security, and the performance loss of the scheme is only about 4% compared to the higher performance of the plaintext scheme, and the overall computational overhead is reduced by nearly 53% compared to the encryption scheme of a single server. Figures and Tables | References | Related Articles | Metrics