Loading...
Netinfo Security

Table of Content

    10 March 2024, Volume 24 Issue 3 Previous Issue    Next Issue
    For Selected: Toggle Thumbnails
    Security Overview of Cryptocurrency Trading Media and Processes
    LIU Feng, JIANG Jiaqi, HUANG Hao
    2024, 24 (3):  330-351.  doi: 10.3969/j.issn.1671-1122.2024.03.001
    Abstract ( 179 )   HTML ( 55 )   PDF (26113KB) ( 208 )  

    The decentralized cryptocurrency, formed by blockchain technology and cryptography, has been facing an increasing number of security attacks. Research on ensuring the security of cryptocurrency transactions has become a hot topic. The cryptocurrency as a medium of exchange and the encrypted wallets used for custody have become the focus of security research. Various key management and detection technologies have been developed to ensure the confidentiality, integrity, and availability of the encrypted wallets. At the same time, researchers have also proposed corresponding detection and prevention strategies for security vulnerabilities and attack methods in centralized and decentralized exchanges. Additionally, potential attack types, detection techniques, and defense measures in cryptocurrency transactions have been comprehensively reviewed. Finally, a summary of the security of cryptocurrency transactions is provided, along with a forward-looking discussion on future development directions.

    Figures and Tables | References | Related Articles | Metrics
    Recent Research of Feature Selection Algorithms Based on Sparse Matrix Structure
    ZHONG Jing, FANG Bing, ZHU Jiang
    2024, 24 (3):  352-362.  doi: 10.3969/j.issn.1671-1122.2024.03.002
    Abstract ( 175 )   HTML ( 20 )   PDF (14011KB) ( 169 )  

    In the information age, data acquisition methods are simple and fast, resulting in an exponential growth in data volume. However, these data are often multi-source and high-dimensional, which increases the complexity of the model and can easily lead to overfitting of the model, and the redundant features in the data can reduce the classification accuracy of the model. The feature selection algorithm aims to reduce dimensionality by removing irrelevant, redundant, or noisy features and selecting a small subset of the most effective features from the original ones. At present, there are various types of feature selection algorithms, among which the feature selection algorithm based on sparse matrix structure is widely studied by scholars due to its simple and easy to understand model and easy to solve characteristics. This article summarized the classification of feature selection algorithms based on sparse matrix structures, with a focus on robust feature selection models and multi view feature selection models. Firstly, the basic framework of feature selection algorithm based on sparse matrix structure was introduced; Secondly, the general model based on sparse matrix structure, robust feature selection model, and multi view feature selection model were introduced respectively, and their advantages and disadvantages in solving the current research difficulties of feature selection algorithms were compared. Finally, a summary of feature selection algorithms based on sparse matrix structures was provided. The article elucidates the problems and difficulties in theoretical research, exploring the development ideas of feature selection algorithms based on sparse matrix structures.

    Figures and Tables | References | Related Articles | Metrics
    Robustness of Variational Quantum Convolutional Neural Networks Based on Random Quantum Layers
    QI Han, WANG Jingtong, ABDULLAH Gani, GONG Changqing
    2024, 24 (3):  363-373.  doi: 10.3969/j.issn.1671-1122.2024.03.003
    Abstract ( 142 )   HTML ( 18 )   PDF (15390KB) ( 152 )  

    In recent years, quantum machine learning has been shown to be susceptible to small disturbances, leading to a significant decline in recognition accuracy. Currently, increasing the adversarial robustness of models mainly involves model optimization, data optimization, and adversarial training. This article proposed a new method from the perspective of model optimization, aiming to enhance the adversarial robustness of the model by connecting random quantum layers with variational quantum neural networks to form a new quantum fully connected layer, and combining it with quantum convolutional layers and quantum pooling layers to form a variational quantum convolutional neural network (Variational Quantum Convolutional Neural Networks, VQCNN). The quantum classifier based on VQCNN is validated on the KDD Cup 99 dataset. The results show that under the attacks of Fast Gradient Sign Method (Fast Gradient Sign Method, FGSM), Zeroth-Order Optimization Method (Zeroth-Order Optimization, ZOO), and genetic algorithm-based adversarial sample generation, the proposed VQCNN model has the smallest accuracy drop compared with other four models, which are 11.18%, 15.21%, and 33.64% respectively. This demonstrates that the model has higher stability under adversarial attacks and its adversarial robustness is better. At the same time, the accuracy drop is lower when facing gradient-based attack methods (FGSM and ZOO), indicating that the proposed random quantum layer is more effective in facing such attacks.

    Figures and Tables | References | Related Articles | Metrics
    Array Processing Loop Compression Method for Program Reachability Verification
    XU Liangchen, MENG Zhaoyi, HUANG Wenchao, XIONG Yan
    2024, 24 (3):  374-384.  doi: 10.3969/j.issn.1671-1122.2024.03.004
    Abstract ( 96 )   HTML ( 20 )   PDF (11299KB) ( 40 )  

    The security and robustness of computer software have gradually become a very important issue in today’s society, and automatic software formal verification is a highly reliable method to verify the security and robustness of software programs. However, in automatic software formal verification, large-scale arrays and complex loops lead to state explosion, making the verifier unable to complete verification within the specified time. Therefore, how to compress the array size while ensuring the correctness of verification is a subject worth to study. The article proposed the definition of complex loop equivalence classes and some propositions, and proposed an array processing loop compression method for program reachability verification. It first used control flow automata and system dependency graphs to perform static analysis to divide equivalence classes, and then divided equivalence classes according to loop dependencies compress equivalence classes and replaced the verification results of the original program with the verification results of the compressed program. Experiments show that the method proposed in this article can compress the size of the program and improve the verification efficiency while ensuring the correctness of verification.

    Figures and Tables | References | Related Articles | Metrics
    Lightweight Stream Cipher Based on Time-Varying Mutual Coupling Double Chaotic System
    YANG Jiechao, HU Hanping, SHUAI Yan, DENG Yuxin
    2024, 24 (3):  385-397.  doi: 10.3969/j.issn.1671-1122.2024.03.005
    Abstract ( 84 )   HTML ( 7 )   PDF (14303KB) ( 81 )  

    Aiming at the problem of data encryption transmission in the resource-limited Internet of Things environment, this paper designed a lightweight stream cipher based on time-varying mutual coupling double chaotic system. Based on the chaotic maps of Tent and Arnold, a time-varying double chaotic system for updating the internal state of stream cipher is constructed by introducing accumulators and coupling terms. Based on bit operation, the output part of key stream is designed. This paper designed the basic operation, parameters, accuracy, implementation mode and strategy of the algorithm and implemented it on FPGA. The consumption of hardware resources is 2370 GE, and the output rate of key stream is 1.68bit/clk. The analysis shows that this cipher has good security and anti-attack ability. Compared with the lightweight stream ciphers of ISO/IEC standard, it has obvious advantages in security, resource consumption and throughput.

    Figures and Tables | References | Related Articles | Metrics
    Research on Network Local Security Situation Fusion Method Based on Self-Attention Mechanism
    YANG Zhipeng, LIU Daidong, YUAN Junyi, WEI Songjie
    2024, 24 (3):  398-410.  doi: 10.3969/j.issn.1671-1122.2024.03.006
    Abstract ( 161 )   HTML ( 10 )   PDF (15441KB) ( 106 )  

    Addressing the issue of traditional network security situation awareness methods being inefficient at integrating multi-node data to obtain a global network security situation, this article proposed a network local security situation fusion method named SA-RBF-CNN, based on self-attention mechanism, radial basis function (RBF) neural network, and convolutional neural network (CNN). Through the self-attention mechanism, the model effectively identifies and emphasizes key nodes, enhancing the understanding of the global security situation. Meanwhile, the improved RBF structure combined with CNN further refines features, boosting the model’s ability to capture complex data patterns. Experimental results show that SA-RBF-CNN outperforms other similar methods in key indicators of network security situation prediction. Compared to traditional situation awareness methods, it increases computational speed and reduces communication overhead, proving that the model has certain practical application value.

    Figures and Tables | References | Related Articles | Metrics
    Unsupervised Network Intrusion Detection Method Based on Ensemble Learning
    JIANG Rong, LIU Haitian, LIU Cong
    2024, 24 (3):  411-426.  doi: 10.3969/j.issn.1671-1122.2024.03.007
    Abstract ( 173 )   HTML ( 29 )   PDF (18554KB) ( 217 )  

    With the increasing demand for intelligent and autonomous intrusion detection in network counter, deep learning-based methods can distinguish complex attack patterns and behaviors through training and learning. However, supervised learning requires professional expert knowledge and the overhead of a large amount of manually annotated data. In response to the above issues, this paper proposed an unsupervised network intrusion detection method based on ensemble learning, which used deep learning detectors based on three different anomaly detection concepts in parallel to detect, and the results of individual detectors were combined under three different integration logics to provide the final detection decision. This method could comprehensively analyze the different types of anomalies in time series data, reduce the impact of unsupervised anomaly detection models caused by overfitting, and detect potential new attack data streams in an efficient online manner. Experiments are conducted on the KDDCUP 99 and the CSE-CIC-IDS 2018 datasets, and the results show that compared to other single unsupervised anomaly detection models, the integrated method proposed in the article combines the advantages of different unsupervised detectors and is suitable for anomaly detection situations caused by multiple network intrusions.

    Figures and Tables | References | Related Articles | Metrics
    SHDoS Attack Detection Research Based on Attention-GRU
    JIANG Kui, LU Lufan, SU Yaoyang, NIE Wei
    2024, 24 (3):  427-437.  doi: 10.3969/j.issn.1671-1122.2024.03.008
    Abstract ( 115 )   HTML ( 12 )   PDF (11827KB) ( 115 )  

    Aiming at the problem that SHDoS initiates a frequency conversion attack that causes the threshold detection scheme to fail, a deep learning model based on attention-GRU was proposed. The model used the improved Borderline-SMOTE for data balance processing firstly, then introduced the self-attention mechanism to build a two-layer GRU classification network, learned and trained the preprocessed data, and analyzed the SHDoS attack traffic to test finally. Verified by the CICIDS2018 dataset and self-built ShDoS dataset, and the experimental results shows that the accuracy rate of the model is 98.73% and 97.64% respectively, the recall rate is 96.57% and 96.27% respectively. The model with self-attention mechanism shows significant improvement compared to the model without it, compared to other models that use SMOTE or Borderline-SMOTE for data preprocessing, the performance of this model is also the best.

    Figures and Tables | References | Related Articles | Metrics
    Multi-View Representations for Fake News Detection
    ZHANG Xinyou, SUN Feng, FENG Li, XING Huanlai
    2024, 24 (3):  438-448.  doi: 10.3969/j.issn.1671-1122.2024.03.009
    Abstract ( 166 )   HTML ( 9 )   PDF (11996KB) ( 101 )  

    Social networks have become a major channel for people to access and share information in their daily lives, while also providing shortcuts for the spread of fake news. Nowadays, the detection of online fake news has been widely concerned and studied by the academic community, but the current methods lack in-depth exploration based on multiple perspectives of news or ignore the different directions of different information in news. In order to provide a more comprehensive perspective for fake news detection task, this paper proposed a multi-view representations for fake news detection (MVRFD) model based on three perspectives: news content, user information and news propagation. Firstly, the co-attention mechanism was used to represent the multimodal information in news content, and the graph neural network with different directions was used to aggregate user information and views in the process of news transmission. Then the dual-co-attention mechanism was used to realize the information interaction between multiple perspectives. Finally, the features of news content and the news context were integrated. Experiments on the publicly available dataset show that the proposed model achieves 96.7% accuracy and 96.8% F1 score, which are better than the mainstream text processing models and single-view-based detection models.

    Figures and Tables | References | Related Articles | Metrics
    Dynamic Task Allocation for Crowd Sensing Based on Deep Reinforcement Learning and Privacy Protection
    FU Yanming, LU Shenglin, CHEN Jiayuan, QIN Hua
    2024, 24 (3):  449-461.  doi: 10.3969/j.issn.1671-1122.2024.03.010
    Abstract ( 114 )   HTML ( 14 )   PDF (13782KB) ( 129 )  

    In mobile crowd sensing(MCS), the outcome of dynamic task allocation is crucial for enhancing system efficiency and ensuring data quality. Most existing studies simplify dynamic task allocation into a bipartite matching model, which fails to sufficiently consider the impact of task and worker attributes on the matching results and overlooked the protection of worker location privacy. To address these shortcomings, this paper presents a privacy-preserving dynamic task allocation strategy for MCS based on deep reinforcement learning and privacy protection. The strategy first employed differential privacy techniques to add noise to worker locations, protecting their privacy. It then adapted task batch assignments using deep reinforcement learning methods. Finally, it employed a greedy algorithm based on worker task capability thresholds to compute the maximal total utility of the platform under the optimal strategy. Experimental results on real-world datasets demonstrate that the strategy maintains superior performance under various parameter settings while effectively safeguarding worker location privacy.

    Figures and Tables | References | Related Articles | Metrics
    Anomaly Traffic Detection Based on Deep Metric Learning
    ZHANG Qiang, HE Junjiang, LI Wenshan, LI Tao
    2024, 24 (3):  462-472.  doi: 10.3969/j.issn.1671-1122.2024.03.011
    Abstract ( 363 )   HTML ( 49 )   PDF (13232KB) ( 269 )  

    The identification of network anomalous traffic is one of the important tasks of cyber security nowadays. However, traditional traffic classification models are trained based on traffic data, and most of the traffic data are unevenly distributed, leading to fuzzy classification boundaries, which will greatly limits the classification performance of the model. In order to solve the above problems, this paper proposed a deep metric learning based abnormal traffic detection method. Firstly, a new double-proxy mechanism was designed to improve the efficiency of model training by guiding the optimization direction of updateable proxy through the target proxy compared with the traditional deep metric learning algorithm of single proxy for each category, and to enhance the ability of aggregating traffic data of the same category and separating traffic data of different categories to minimize the intra-class distance and maximized the inter-class distance, which in turn maked the classification of data boundaries more clearly, breaking the performance bottleneck of traditional traffic classification models. Secondly, this paper built neural networks based on 1D-CNN and Bi-LSTM, which can efficiently extract traffic features from spatial and temporal perspectives. The experimental results show that the intra-class distance of NSL-KDD traffic data is significantly reduced and the inter-class distance is significantly increased after the model processing. The intra-class distance decreased by 73.5% compared to the original intra-class distance and the inter-class distance increased by 52.7% compared to the original inter-class distance. And the neural network built in this paper is compared to the widely used deep residual network for deep metric learning with shorter training time and better results. Applying the model proposed in this paper to the traffic classification task on the NSL-KDD and CICIDS2017 datasets, the classification effect is also significantly improved compared to the traditional traffic classification algorithms.

    Figures and Tables | References | Related Articles | Metrics
    TAP Rule Processing System Based on Federated Learning and Blockchain Technology
    XUE Mingzhu, HU Liang, WANG Ming, WANG Feng
    2024, 24 (3):  473-485.  doi: 10.3969/j.issn.1671-1122.2024.03.012
    Abstract ( 98 )   HTML ( 9 )   PDF (15092KB) ( 79 )  

    Trigger-action programming (TAP) provides a convenient programming paradigm for users to interact with Internet of Things (IoT) devices. Analyzing user-defined TAP rules using machine learning techniques enables functionalities such as TAP rule recommendation and generation, and can improve user experience. However, TAP rules may contain personal privacy information, raising concerns about data upload and sharing. The paper proposes a TAP rule processing system based on federated learning and blockchain technology. Users can train TAP models locally without uploading private data. In order to solve the problem of centralized server single point failure and prevent malicious model parameter uploading, this article uses blockchain technology to improve the centralized TAP federated learning architecture. Users transmit locally updated model gradients to miners in the blockchain for anomaly detection and cross-validation. The mining committee integrated accumulated gradients from normal users to obtain a global model, connected as a block on the blockchain, available for download and use by normal users. The article uses a lightweight unsupervised non-negative matrix factorization method to verify the effectiveness of the proposed distributed learning architecture based on federated learning and blockchain. Experiments confirm that the architecture can effectively protect the privacy in TAP data, and that miners in the blockchain can well identify malicious model parameters, ensuring model stability.

    Figures and Tables | References | Related Articles | Metrics