Loading...
Netinfo Security

Table of Content

    10 January 2024, Volume 24 Issue 1 Previous Issue    Next Issue
    For Selected: Toggle Thumbnails
    Federated Learning Incentive Scheme Based on Zero-Knowledge Proofs and Blockchain
    WU Haotian, LI Yifan, CUI Hongyan, DONG Lin
    2024, 24 (1):  1-13.  doi: 10.3969/j.issn.1671-1122.2024.01.001
    Abstract ( 330 )   HTML ( 37 )   PDF (15951KB) ( 202 )  

    In cross-silo federated learning, participants contribute differently to the final trained model. Evaluating their contributions and providing appropriate incentives has become a key issue in federated learning research. Current incentive methods primarily focus on rewarding participants who provide valid model updates while penalizing dishonest ones, emphasizing incentivizing computational behavior. However, the quality of data provided by participants also affects learning outcomes, yet existing methods inadequately consider data quality and lack means to verify data authenticity. To enhance incentive accuracy, it is necessary to evaluate the quality of participants' data. This paper introduced, for the first time, a protocol for assessing the quality of participants' data by integrating zero-knowledge proofs and blockchain technology, leading to a novel federated learning incentive scheme. This scheme can assess the quality of participants' datasets without disclosing plaintext data, utilizing blockchain systems to provide incentives to eligible participants while excluding those who don't meet the criteria. Experimental results confirm that even in scenarios where some users provide falsified data, this scheme remains capable of delivering accurate incentive results, while simultaneously improving the accuracy of the federated learning model.

    Figures and Tables | References | Related Articles | Metrics
    Survey on Byzantine Fault Tolerance Accountability Mechanisms
    SUN Huiping, ZHOU Jinjue, LIU Shuxuan, CHEN Zhong
    2024, 24 (1):  14-23.  doi: 10.3969/j.issn.1671-1122.2024.01.002
    Abstract ( 342 )   HTML ( 25 )   PDF (12038KB) ( 149 )  

    The Byzantine Fault Tolerance (BFT) protocol plays a crucial role in ensuring the consistency and reliability of blockchain or distributed systems in the face of node failures and malicious behavior. The BFT accountability mechanism aims to identify Byzantine nodes by recording and sharing the behavior of consensus nodes during the consensus process. It is designed to effectively address the security and liveness issues that traditional BFT protocols cannot guarantee when the number of Byzantine nodes exceeds 1/3. This paper systematically summarized existing BFT accountability protocols, including server-side accountability mechanisms, client-side accountability mechanisms, and embedded BFT accountability mechanisms. Through a comprehensive comparison and analysis of these involved mechanisms, this paper delved into the challenges and anticipated possible future directions.

    Figures and Tables | References | Related Articles | Metrics
    An Anomaly Detection Scheme for Blockchain Transactions Based on AdaBoost Model
    SONG Yuhan, ZHU Yuefei, WEI Fushan
    2024, 24 (1):  24-35.  doi: 10.3969/j.issn.1671-1122.2024.01.003
    Abstract ( 153 )   HTML ( 16 )   PDF (13476KB) ( 127 )  

    In response to potential anomalous behaviors, such as coin theft in the transaction records of the blockchain-based cryptocurrency, a detection scheme with privacy protection function based on the adaptive boosting (AdaBoost) model was proposed. This scheme integrated additive homomorphic encryption and matrix perturbation techniques, ensuring the preservation of transaction data privacy while effectively identifying and predicting anomalies. The scheme’s underlying protocol was designed and implemented in a cloud outsourcing environment, and its correctness and privacy protection properties were proven. Compared with similar protocols, this scheme has high detection accuracy and recall while ensuring privacy. The detection time for each record was at the millisecond level, making it suitable for real cryptocurrency transaction detection scenarios.

    Figures and Tables | References | Related Articles | Metrics
    The Proxy Voting Scheme Based on the Blockchain and SM9 Digital Signature
    ZHU Guocheng, HE Debiao, AN Haoyang, PENG Cong
    2024, 24 (1):  36-47.  doi: 10.3969/j.issn.1671-1122.2024.01.004
    Abstract ( 183 )   HTML ( 17 )   PDF (13800KB) ( 151 )  

    With the popularization of the Internet, electronic voting technology is gradually replacing traditional paper voting. However, traditional electronic voting schemes are mainly designed for the one-person-one-vote system, and this voting system will no longer be applicable in some special voting scenarios. For example, in the scenario where voters must vote despite lacking professional knowledge. In this case, voters without professional knowledge generally cannot understand the content of the election, so they will vote negatively, resulting in unprofessional and unfair election results. In addition, traditional electronic voting technology also has problems with opaque election process and unverifiable votes. To address these problems, this paper proposed the proxy voting scheme based on the blockchain and SM9 digital signature to solve these problems. This algorithm first used blockchain technology to solve the problem of verifiable votes, then used the zero-knowledge range proof technique to prevent malicious vote scores, and then the homomorphic property of the modified ElGamal algorithm based on the elliptic curve was used to realize the function of ballot encryption and self-counting. Finally, voting rights transfer process was realized by the proxy voting certificate designed by SM9 digital signature algorithm and chameleon Hash function. Through the security analysis, it is proved that the proposed scheme satisfies robustness, legitimacy, confidentiality, global verifiability, and fairness. Theoretical analysis and experimental data show that the proposed scheme performs well, and can be applied to an election that requires professional knowledge.

    Figures and Tables | References | Related Articles | Metrics
    A Video Gait Privacy Protection Algorithm Based on Sparse Adversarial Attack on Silhouette
    XU Ke, LI Jiayi, JIANG Xinghao, SUN Tanfeng
    2024, 24 (1):  48-59.  doi: 10.3969/j.issn.1671-1122.2024.01.005
    Abstract ( 194 )   HTML ( 12 )   PDF (15860KB) ( 106 )  

    Deep network models can obtain human gait biometrics from video gait sequences and recognize character identities through feature matching, which threatens human privacy. Privacy protection treatments such as blurring and deformation of the human body in video images can to some extent change the appearance of the human body. Still, it is difficult to change the walking posture of the characters and cannot avoid recognition by deep network models. Moreover, this treatment often accompanies serious damage to video quality, reducing the visual usability of the video. In response to this issue, this article proposed a video gait privacy protection algorithm based on sparse adversarial attack on silhouette, which calculates effective modification positions around human silhouette in the image through adversarial attacks on gait recognition models. Compared with traditional methods, this algorithm reduces the modification of images while maintaining the same privacy protection capabilities. The optimal balance between privacy security and visual availability was obtained. The algorithm is tested on four gait recognition models using the public gait datasets CASIA-B and OUMVLP, and previous gait privacy protection methods are implemented and compared, verifying the effectiveness and availability of this algorithm in gait privacy protection.

    Figures and Tables | References | Related Articles | Metrics
    Design and Implementation of Tor Traffic Detection Algorithm Based on Federated Learning
    ZHAO Jia, YANG Bokai, RAO Xinyu, GUO Yating
    2024, 24 (1):  60-68.  doi: 10.3969/j.issn.1671-1122.2024.01.006
    Abstract ( 164 )   HTML ( 21 )   PDF (9451KB) ( 84 )  

    The Tor network, a second-gen anonymous internet communication system, has often been exploited by cybercriminals for malicious activities like network attacks and fraud, creating cybersecurity threats and challenges. In response, this paper presented a Tor traffic detection method using federated learning. Current Tor traffic detection mainly relies on single-host detection, resulting in low efficiency and data-sharing challenges. By utilizing federated learning technology and the DP-SGD algorithm, this paper empowers participants to construct a global model while safeguarding user privacy, addressing data isolation. Experimental results show the model achieves 92% overall accuracy, 90% precision, and 92% recall, ensuring user data privacy. Comparative experiments further confirm the model’s superiority in privacy protection and classification effectiveness.

    Figures and Tables | References | Related Articles | Metrics
    Research on Centralized Differential Privacy Algorithm for Federated Learning
    XU Ruzhi, DAI Lipeng, XIA Diya, YANG Xin
    2024, 24 (1):  69-79.  doi: 10.3969/j.issn.1671-1122.2024.01.007
    Abstract ( 223 )   HTML ( 27 )   PDF (13468KB) ( 170 )  

    Federated learning has received increasing attention in recent years for breaking down “data silos” with unique training methods. However, when the global model is trained, federation learning is vulnerable to inference attacks, which may reveal the information of some training members and bring about serious security risks. In order to solve differential attacks caused by semi-honest/malicious clients in federated training, this paper proposed a centralized differential privacy federated learning algorithm DP-FedAC. Firstly, the federal accelerated stochastic gradient descent algorithm was optimized to improve the aggregation mode of the server. After calculating the parameter update difference, the global model was updated by gradient aggregation mode to improve the stable convergence. Then, by adding centralized differential Gaussian noise to the aggregation parameters to hide the contributions of training members, the purpose of protecting the privacy information of participants was achieved. Time accounting (MA) was also introduced to calculate privacy loss to further balance the relationship between model convergence and privacy loss. Finally, comparative experiments were conducted with FedAC, distributed MB-SGD, distributed MB-AC-SGD and other algorithms to evaluate the comprehensive performance of DP-FedAC. The experimental results show that the linear acceleration of DP-FedAC algorithm is closest to that of FedAC in the case of infrequent communication, which is far better than the other two algorithms and has good robustness. In addition, the DP-FedAC algorithm achieves the same model accuracy as the FedAC algorithm on the premise of privacy protection, which reflects the superiority and usability of the algorithm.

    Figures and Tables | References | Related Articles | Metrics
    Differential Privacy Trajectory Protection Model Based on Personalized Spatiotemporal Clustering
    YIN Chunyong, JIANG Yiyang
    2024, 24 (1):  80-92.  doi: 10.3969/j.issn.1671-1122.2024.01.008
    Abstract ( 203 )   HTML ( 16 )   PDF (14107KB) ( 65 )  

    With the proliferation of location-aware devices, trajectory data has found widespread applications in real-life scenarios. However, trajectory data is often associated with sensitive labels, and improperly sharing or disclosing such data can pose privacy threats to users, with varying levels of sensitivity among different datasets. To address this issue, a differential privacy trajectory protection model based on personalized spatiotemporal clustering was proposed. Firstly, in response to the vast amount of temporal data in trajectories and the need for privacy protection, the fuzzy clustering means algorithm (FCM) was proposed. Secondly, during the spatial segmentation process, clustering was performed based on density, and personalized adjustments were made to allocate privacy budgets, thereby enhancing data utility. In the trajectory synthesis phase, a comparison was made with real trajectory data to select trajectories that were more representative. Finally, the Laplace mechanism was introduced in the release phase to protect the privacy of trajectory counts. To validate the achievements of the model in terms of trajectory utility and privacy protection, comparisons were made with various models in four stages. The experimental results indicate a 15.45% improvement in data utility for the proposed model and, under the same privacy budget, enhances privacy protection strength by at least 35.62%.

    Figures and Tables | References | Related Articles | Metrics
    A Privacy Preserving and Verifiable Federated Learning Scheme Based on Homomorphic Encryption
    LAI Chengzhe, ZHAO Yining, ZHENG Dong
    2024, 24 (1):  93-105.  doi: 10.3969/j.issn.1671-1122.2024.01.009
    Abstract ( 277 )   HTML ( 16 )   PDF (14284KB) ( 123 )  

    Cross-silo federated learning enables clients to collaboratively train a machine learning model by aggregating local model updates without sharing raw data. However, studies have shown that intermediate parameters transmitted during training can also leak the privacy of raw data. A curious central server may falsify or tamper with aggregation results for its own benefit. To address these issues, an anti-collusion privacy preserving and verifiable cross-silo federated learning scheme was proposed. Specifically, the intermediate parameters of each client were encrypted to protect data privacy, and key management and collaborative decryption were achieved by combining secret sharing schemes to enhance system security. Furthermore, data integrity and authentication were achieved through aggregate signatures, and the verifiability of central server aggregation gradients was ensured using polynomial commitments. Security analysis shows that the proposed scheme not only protects the privacy of intermediate parameters and verifies data integrity, but also ensures the correctness of aggregation gradients. Performance analysis shows that compared to the existing schemes, the proposed scheme can significantly reduce the communication overhead.

    Figures and Tables | References | Related Articles | Metrics
    Key Recovery Attacks on Block Cipher EM-Like Structures Based on Quantum Simon’s Algorithm
    ZHANG Xinglan, GUO Yankun, CHEN Fei, ZHANG Feng
    2024, 24 (1):  106-112.  doi: 10.3969/j.issn.1671-1122.2024.01.010
    Abstract ( 147 )   HTML ( 10 )   PDF (7542KB) ( 105 )  

    This paper studied the quantum process of Quantum Simon’s algorithm (one of classical quantum cycle finding algorithms) as well as its applications, and conducts cryptanalysis based on quantum Simon algorithm on EM-like structures, takes the encryption algorithm of EM-like structures as the object of research, applies quantum Simon algorithm, constructs the function applicable to Simon algorithm, and performs the key recovery attack on the 5-round encryption process of the encrypted structure of EM-like structures. The results show that the fifth round of encryption key can be successfully recovered in polynomial time of the key length, and other keys can be analyzed based on this key. The key recovery indicates that the quantum version of the structure is insecure, i.e., one of the keys can be found at polynomial time of the key length. It provides some basis for future research and development of symmetric cryptosystems.

    Figures and Tables | References | Related Articles | Metrics
    Research on Endogenous Security Mechanism of Cloud Network Driven by IPv6 Address
    ZHANG Bowen, LI Dong, ZHAO Yizhu, YU Junqing
    2024, 24 (1):  113-120.  doi: 10.3969/j.issn.1671-1122.2024.01.011
    Abstract ( 133 )   HTML ( 9 )   PDF (9638KB) ( 75 )  

    Cloud networking can rapidly deploy and configure virtual network resource on cloud platform according to different business scenarios, which is an important guarantee for performance and security in modern data center. However, traditional cloud network cannot make transparent end-to-end transmission due to the limitation of IPv4. The multi-tenant feature makes it difficult for cloud manager to constrain traffic on tenant subnets, and external security solutions lack of traceability of traffic from different tenants, making it impossible to restrict attack at the source. IPv6 has large address space, strong addressing ability, and high security. Guided by the endogenous security concept and centered on IPv6 address driven, this article proposed an IPv6 address driven cloud network endogenous security hierarchy architecture, including address generation layer, address verification layer, and address utilization layer.At the address generation layer, the tenant identity was embedded into the last 64 bits of IPv6 address using symmetric encryption algorithm, and the DHCPv6 address allocation strategy was modified. The implementation was based on Openstack Neutron. At the address verification layer, a dynamic source address verification method was designed and implemented for cloud networks. Specific transition methods and security policies were designed for different port status sets. At the address utilization layer, based on the characteristics of real IPv6 address, a packet tracing mechanism and an access control policy based on IPv6 addresses were implemented.

    Figures and Tables | References | Related Articles | Metrics
    AFLNeTrans: Fuzzing of Protocols with State Relationship Awareness
    HONG Xuanquan, JIA Peng, LIU Jiayong
    2024, 24 (1):  121-132.  doi: 10.3969/j.issn.1671-1122.2024.01.012
    Abstract ( 256 )   HTML ( 28 )   PDF (14259KB) ( 248 )  

    Network protocols are essential components of modern communication systems, and the security testing of their implementation programs is of great importance. Fuzzing has become the mainstream method for modern vulnerability discovery, and has achieved great success in the field of software security. Traditional fuzzing still has some problems in testing network protocol implementation programs. First, since different states in network protocol implementation programs correspond to different codes, the code coverage used in traditional gray-box fuzzing cannot accurately represent the internal state of network protocol implementation programs. Second, the state guidance mechanism in existing gray-box network protocol fuzzers depends on code coverage, which cannot effectively mine the state relationships in those programs. To address the above problems, this paper proposed AFLNeTrans, a fuzzer that guides the fuzzing process by both protocol state relationships and program code coverage to improve the fuzzing effect. AFLNeTrans used state relationships as the main guidance mechanism to guide fuzzing to quickly explore more state space of network protocol implementation programs. AFLNeTrans was evaluated on a benchmark of well-known protocol fuzzers. Experimental results show that AFLNeTrans has a significant increase in the number of state transitions found, and also has an improvement in code coverage and unique_crash number compared to existing tools.

    Figures and Tables | References | Related Articles | Metrics
    Research on Multi-Factor Authenticated Key Agreement Protocol for Smart Home Networks
    ZHANG Min, FENG Yongqiang, XU Chunxiang, ZHANG Jianhua
    2024, 24 (1):  133-142.  doi: 10.3969/j.issn.1671-1122.2024.01.013
    Abstract ( 143 )   HTML ( 15 )   PDF (11047KB) ( 123 )  

    Smart home networks connect smart devices at home through IoT technology, allowing users to remotely view and control their devices. However, information transmission on insecure public networks will face various network threats. Therefore, it is necessary to research and design secure, efficient, and compliant authentication key negotiation protocols for smart home networks. In 2020, WAZID et al. proposed a lightweight authentication key agreement protocol for smart home networks. After security analysis and verification, this paper found that the protocol has the following problems: the scheme overly relies on the gateway node(GWN) of the smart home gateway node, resulting in low system robustness; this scheme stores user and device keys in GWN, but GWN faces privilege attacks and various external network attacks, making it not absolutely secure; this scheme did not consider user access control. This article proposed a new multi-factor authentication key agreement scheme based on Chebyshev chaotic map and Secure Sketch for smart home networks. From the security proof and simulation experiments, although the computational cost of the proposed scheme has increased, the security has been improved and the communication cost has been reduced.

    Figures and Tables | References | Related Articles | Metrics
    Network Traffic Detection Technology for Railway Ticketing System
    HU Jinhua
    2024, 24 (1):  143-149.  doi: 10.3969/j.issn.1671-1122.2024.01.014
    Abstract ( 187 )   HTML ( 24 )   PDF (8119KB) ( 122 )  

    As networks become increasingly complex, the services carried by the network are becoming more and more important. Traditional device-level network management and monitoring are facing increasing challenges. It was difficult to locate problem boundaries and control the business losses caused by faults. More comprehensive monitoring and analytical means control are needed to improve efficiency and capabilities. The traditional network anomaly detection method through static planning and matching is difficult to detect unknown anomalies and attack types in dynamic and complex network environments, and cannot meet the requirements of network security detection. In addition, services in the network, relying on active detection methods, will bring new load pressure to the service server. Especially when the application layer traffic is generated by encryption or private protocols, the inability to decode further increases the difficulty of detection and analysis. Based on the railway ticketing system, this paper proposed a network traffic detection technology for railway ticketing system. It could calculate the information entropy corresponding to the characteristic that affects the traffic, and judge it based on the information entropy value set of historical traffic at multiple checkpoints. Whether it was legal or not, this method comprehensively considers the internal characteristics of traffic and the relationship between traffic, and achieved better business traffic detection results.

    Figures and Tables | References | Related Articles | Metrics
    IoT Terminal Risk Assessment Model Based on Improved CAE
    WANG Junyan, YI Peng, JIA Hongyong, ZHANG Jianhui
    2024, 24 (1):  150-159.  doi: 10.3969/j.issn.1671-1122.2024.01.015
    Abstract ( 121 )   HTML ( 10 )   PDF (12345KB) ( 132 )  

    The number of heterogeneous terminals in the Internet of Things is large, the structure is simple, the security protection ability is weak, and it is easy to become the target of attack. Aiming at the difficulties in establishing the evaluation mechanism and low evaluation efficiency when traditional risk assessment methods deal with a large number of changing risk factors, a risk assessment model of IoT terminal based on improved convolutional autoencoder was proposed(Lightweight Convolutional Autoencoder combined with Fully Connected Layers and Classifier Model,LCAE-FC). A lightweight convolutional encoder was combined with a classifier to build a model, which integrated high-dimensional feature learning with the output evaluation probability of order dimensional reduction. The encoder introduced deep separable convolution, and each channel learned the internal structure of generalized behavioral risk. Each output feature was averaged and pooled to retain risk information to the maximum extent. The risk probability value was output by step-dimensionality reduction after the high-dimensional features were abstracted by the fully connected layer and classifier. The experimental results on the N-BaIoT dataset show that the accuracy and F1 value of the proposed model are higher than 99.3%, which has better performance than the traditional CAE, Bi-LSTM and SAE-SBR models.

    Figures and Tables | References | Related Articles | Metrics