Loading...
Netinfo Security

Table of Content

    10 September 2023, Volume 23 Issue 9 Previous Issue    Next Issue
    For Selected: Toggle Thumbnails
    Network Anomaly Detection Based on Dual Graph Convolutional Network and Autoencoders
    QIN Zhongyuan, MA Nan, YU Yacong, CHEN Liquan
    2023, 23 (9):  1-11.  doi: 10.3969/j.issn.1671-1122.2023.09.001
    Abstract ( 273 )   HTML ( 27 )   PDF (13563KB) ( 179 )  

    Considering the application of graph neural networks in the field of network anomaly detection mostly focused on the extraction of single point features, while ignoring the correlation features between continuous messages. This paper proposed a network anomaly detection method based on dual graph convolutional networks and autoencoders. This method first constructed the graph and divided the subgraph of the communication data, then sent the subgraph into the two-layer graph convolution neural network to extract the features of points and edges respectively, and finally used the unsupervised learning method to train the divided subgraph. In the experimental part, through the iterative experiment on the subgraph division time interval and iteration times, the subgraph division time interval and iteration times with the best effect were obtained. Comparative experiments with traditional algorithms on three data sets showed that our scheme is more accurate and has stronger generalization.

    Figures and Tables | References | Related Articles | Metrics
    A Method of Feature Extraction for Network Traffic Based on Time-Frequency Diagrams and Improved E-GraphSAGE
    ZHANG Yuchen, ZHANG Yawen, WU Yue, LI Cheng
    2023, 23 (9):  12-24.  doi: 10.3969/j.issn.1671-1122.2023.09.002
    Abstract ( 150 )   HTML ( 14 )   PDF (15660KB) ( 92 )  

    Due to the time variability of the network system, the instability of time-space network traffic and the difficulty of separation, and the traditional spatiotemporal network model are insufficient in characterizing the spatial structure of spatiotemporal sequence data and mining spatiotemporal features. Therefore, a method of feature extraction for network traffic based on time-frequency diagrams and improved E-GraphSAGE was proposed. Firstly, based on the potential change of the bior1.3 wavelet basis function, the mapping transformation of original traffic from the one-dimensional time domain to the time-frequency domain was completed, and the noise band was removed by visual analysis. Then, the 1D ConvLSTM model was fused within the E-GraphSAGE model to construct a 3D feature extraction method that integrated spatiotemporal and long-term dependent features. Finally, edge embedding of spatiotemporal frequency 3D features containing local and global information was obtained to solve the problem of global information loss in traditional spatiotemporal feature extraction models. The visual analysis and multi-classification experiments show that the traffic characteristics processed in this paper have higher stability and separability. At the same time, comparing with other methods with higher correlation degrees, this method achieves better results in accuracy, accuracy, recall rate, and F1-score.

    Figures and Tables | References | Related Articles | Metrics
    Efficient Attribute-Based Encryption Scheme from Lattices for Cloud Security
    LIU Qin, WANG Zhuobing, YU Chunwu, WANG Zhangyi
    2023, 23 (9):  25-36.  doi: 10.3969/j.issn.1671-1122.2023.09.003
    Abstract ( 139 )   HTML ( 9 )   PDF (14119KB) ( 89 )  

    As more companies adopt cloud computing services, the importance of cloud security has increased significantly. To ensure secure data storage in the cloud, encryption and Identity and Access Management (IAM) are essential components. One solution for access control of encrypted data is Ciphertext-Policy Attribute-Based Encryption (CP-ABE), which can also be used in IAM systems. However, most of existing ABE schemes are not resistant to quantum adversaries, and only support single-valued attributes. To address the demand for IAMs using Attribute-Based Access Control (ABAC) mechanisms, this paper constructed a multi-authority CP-ABE scheme based on the ring learning with error problem. This scheme presented attributes in key-value pairs and supported access structures of Disjunctive Normal Form (DNF) formulas to achieve fine-grained access control. At the same time, this scheme allowed multiple decentralized authorities to manage and distribute keys. Furthermore, relying on a ring variant of evasive LWE assumption, this scheme was proven static secure. This article implemented the CP-ABE scheme in C++, and conducted performance testing. The experimental result shows that this scheme enjoys high efficiency and is suitable for practical application.

    Figures and Tables | References | Related Articles | Metrics
    Blockchain Access Control Scheme with SM9-Based Attribute Encryption
    ZHOU Quan, CHEN Minhui, WEI Kaijun, ZHENG Yulong
    2023, 23 (9):  37-46.  doi: 10.3969/j.issn.1671-1122.2023.09.004
    Abstract ( 173 )   HTML ( 21 )   PDF (10985KB) ( 130 )  

    The issue of secure sharing of data in the information society has attracted a lot of attention. The key to secure data sharing is to control the access or use of data through cryptography. However, traditional access control or public key encryption systems have gradually revealed their shortcomings in data sharing, such as the number of access control policies tends to increase with the size of users, which is not easy to manage; the traditional public key encryption system needs to obtain the public key information of each user and send the cipher text one-to-one, which is costly to communicate; relying on third-party service providers to store data carries the risk of a single point of failure, etc. To solve the above problems, the paper introduced distributed technology blockchain and Interplanetary File System (IPFS), and proposed a blockchain access control scheme with SM9-based attribute encryption, which achieved secure and efficient one-to-many data sharing and fine-grained access control, while the blockchain made user data uncompiled and achieved secure storage and auditable data. Finally, the safety of the proposed scheme is proved by the deterministic q-parallel BDHE assumption.

    Figures and Tables | References | Related Articles | Metrics
    Discovery and Optimization Method of Attack Paths Based on PPO Algorithm
    ZHANG Guomin, ZHANG Shaoyong, ZHANG Jinwei
    2023, 23 (9):  47-57.  doi: 10.3969/j.issn.1671-1122.2023.09.005
    Abstract ( 121 )   HTML ( 9 )   PDF (13282KB) ( 55 )  

    Selecting penetration actions based on policy networks and discovering the optimal attack path is a crucial technology in automated penetration testing. However, existing methods have issues such as excessive ineffective actions and slow convergence speed during the training process. To address these problems, this paper applied the proximal policy optimization (PPO) algorithm to the attack path optimization problem and proposed an improved version called improved PPO with penetration action selection (IPPOPAS) that incorporated a penetration action selection module. This module enabled the algorithm to select actions based on the penetration testing scenario during the experience collection phase. The paper designd and implemented various components of the IPPOPAS algorithm, including policy networks, value networks, and the penetration action selection module, to enhance the action selection process. Parameter tuning and algorithm optimization were also performed to improve the performance and efficiency of the algorithm. Experimental results demonstrate that the IPPOPAS algorithm achieves faster convergence speed compared to traditional DQN algorithms and their variations in specific network scenarios. Additionally, the algorithm exhibits even faster convergence speed with an increasing number of vulnerabilities in the host. Furthermore, the effectiveness of the IPPOPAS algorithm is validated in scenarios with expanded network scales.

    Figures and Tables | References | Related Articles | Metrics
    Survey on Deep Neural Architecture Search
    XUE Yu, ZHANG Yixuan
    2023, 23 (9):  58-74.  doi: 10.3969/j.issn.1671-1122.2023.09.006
    Abstract ( 219 )   HTML ( 30 )   PDF (21099KB) ( 168 )  

    In recent years, deep neural networks have been applied to image recognition, speech recognition, target detection, machine translation and other aspects of life. Greatly accelerating the performance evolution and flexibility improvement of the network. But these networks often have complex structures, require personnel with a large amount of professional knowledge, and require a significant amount of time to adjust parameters to suit specific environments. The efficiency of adjusting parameters using conventional manual methods is too low and errors occur frequently. Therefore, research on neural network architecture search has also been put on the agenda. In order to provide readers with a comprehensive understanding of the research progress of neural network architecture search, the article introduced and evaluated existing relevant algorithms, and proposed ideas for the future development of neural network architecture search.

    Figures and Tables | References | Related Articles | Metrics
    Research on Hybrid Recommendation Algorithm for Points of Interest in Location-Based Social Network
    WU Wei, XU Shasha, GUO Sensen, LI Xiaoyu
    2023, 23 (9):  75-84.  doi: 10.3969/j.issn.1671-1122.2023.09.007
    Abstract ( 104 )   HTML ( 6 )   PDF (11775KB) ( 39 )  

    With the popularization of smartphones and the increasing use of services utilizing geolocation information, user data has experienced explosive growth, and the sparsity of massive data has become a major factor limiting the performance of recommendation systems in location-based social network (LBSN). Regarding this, this paper proposed a LBSN point-of-interest hybrid recommendation algorithm named Geographical LightGCN (GLGCN), which consists of a collaborative preference module and a geographical preference module. The collaborative preference module utilized the graph convolutional network to deeply mine the embedded representations of users and their interest points, thereby obtaining users’ collaborative preferences. Meanwhile, the geographical preference module combined the relevance of interest points and user trajectories, capturing users' sequence preferences with a sequence model based on the gate recurrent unit (GRU). The final recommendation results were obtained by combining the recommendation scores of the two modules in a linearly weighted manner. The experiments indicate that the hybrid recommendation algorithm proposed in this paper exhibits superior recommendation performance compared to other existing algorithms.

    Figures and Tables | References | Related Articles | Metrics
    Cross-Domain Dynamic Security Risk Analysis Method of Industrial Control System Based on Probabilistic Attack Graph
    PU Junyan, LI Yahui, ZHOU Chunjie
    2023, 23 (9):  85-94.  doi: 10.3969/j.issn.1671-1122.2023.09.008
    Abstract ( 139 )   HTML ( 5 )   PDF (11742KB) ( 54 )  

    Security risk analysis is the foundation for ensuring the long-term safe and stable operation of industrial control systems. The characteristics of cyber-physical coupling make the system security risk increase sharply. In order to realize accurate security situation awareness of large-scale industrial control systems, a cross-domain dynamic security risk analysis framework based on probabilistic attack graph was proposed. Firstly, the cross-domain attack graph was automatically generated by cross-domain attack graph generation algorithm based on system security metadata, system topology and association constraints between preconditions and postconditions of vulnerabilities in security knowledge graph. Then, based on the cross-domain attack graph, the basic attributes of vulnerabilities and the time-varying characteristics of threats were incorporated into the risk propagation probability calculation to realize the cross-domain dynamic security risk analysis of industrial control system. The experimental results show that the method realizing the automatic cross-domain dynamic security risk analysis of industrial control systems, and the representation of the two-layer attack graph effectively improves the convenience of security analysts in analyzing complex systems.

    Figures and Tables | References | Related Articles | Metrics
    Cross-Chain Data Consistency Verification Model Based on Dynamic Merkle Hash Tree
    ZHAO Jiahao, JIANG Jiajia, ZHANG Yushu
    2023, 23 (9):  95-107.  doi: 10.3969/j.issn.1671-1122.2023.09.009
    Abstract ( 115 )   HTML ( 8 )   PDF (15610KB) ( 64 )  

    Currently, blockchain is widely used in different fields due to its highly decentralized and tamper-proof features, this paper took the problem of unguaranteed inter-chain data interaction consistency and unsupported data dynamic updating faced by blockchain in the process of application as the research objective and designed a decentralized data consistency auditing model, which employed cross-chain technology to implement the security and trustworthy sharing of data between heterogeneous blockchains and constructed a dynamic Merkle hash tree using decentralized chameleon hash function to implement the data dynamic update operation. The audit chain was introduced to supervise the data interaction between the source and target chains and the Cosi multi-signature algorithm was used to ensure the consistency of the data transmission process. After theoretical analysis and experimental verification, the Cosi algorithm used in this model has the advantage over the current mainstream multi-signature algorithm in terms of time overhead and scalability. In addition, the model in this paper has the advantage over the common auditing models in terms of time overhead and communication overhead, which can complete the same auditing task at a low overhead, and can achieve 99% of the consistency of data auditing guarantee.

    Figures and Tables | References | Related Articles | Metrics
    The Multi-Leader Consensus Algorithm Based on Improvements to HotStuff
    GONG Pengfei, XIE Sijiang, CHENG Andong
    2023, 23 (9):  108-117.  doi: 10.3969/j.issn.1671-1122.2023.09.010
    Abstract ( 134 )   HTML ( 8 )   PDF (9972KB) ( 41 )  

    In response to the performance bottleneck caused by Byzantine fault tolerant (BFT) class consensus algorithm in blockchain, a HotStuff-based on improved multi-principal node consensus algorithm was proposed, namely multi leader HotStuff (MLH) consensus algorithm. The algorithm introduced a coordination phase that was not on the critical path, and combined mechanisms such as intra-round collection of votes and cross-round block submission, so that multiple nodes became master nodes, allowing the algorithm to submit blocks in parallel and improving the computational efficiency of the algorithm. At the same time, the communication complexity within the partition was reduced by combining schemes such as threshold signatures and aggregated signatures, so that the algorithm maintained linear communication complexity after amortization in the case of consecutive view switching. Experimental results verifies that MLH algorithm has a better performance in terms of latency and throughput.

    Figures and Tables | References | Related Articles | Metrics
    Handover Authentication Protocol Based on Chinese Remainder Theorem Secret Sharing
    DAI Yu, ZHOU Fei, XUE Dan
    2023, 23 (9):  118-128.  doi: 10.3969/j.issn.1671-1122.2023.09.011
    Abstract ( 90 )   HTML ( 11 )   PDF (12210KB) ( 53 )  

    With the development of intelligent automobile industry, the security of Internet of Vehicles(IoV) has important application significance and development prospect, and identity authentication is the first gate of IoV security. At present, researches on identity authentication protocols for IoV focus on the initial authentication and batch authentication process between two entities in IoV, and insufficient attention is paid to protocols for inter-entity handover authentication process, and most of the existing handover authentication protocols are designed based on blockchain. In view of the above situation, this paper used elliptic curve encryption and Chinese remainder theorem and secret value sharing technology to propose a vehicle-to-road handover authentication protocol based on Chinese remainder theorem secret sharing without the use of blockchain technology, so as to realize mutual initial authentication and handover authentication between vehicles and roadside units, and improve the authentication efficiency of vehicle handover authentication in roadside unit groups. The correctness of the protocol was proved by theoretical derivation, and the semantic security of the protocol was proved by random oracle model. Finally, the performance of the protocol was analyzed in three aspects: security, computation cost and communication cost, and the performance was compared with that of other protocols. The results show that with the increase of the number of handover authentication, the accumulative computation cost and communication cost of the protocol increase more slowly than that of other protocol, and the resource consumption is lower.

    Figures and Tables | References | Related Articles | Metrics