Table of Content

    14 July 2024, Volume 10 Issue 7
    A Review of GPU Acceleration Technology for Deep Learning in Plaintext  and Private Computing Environments
    2024, 10(7):  586. 
    Asbtract ( )   PDF (1274KB) ( )  
    References | Related Articles | Metrics
    With the continuous development of deep learning technology, the training time of neural network models is getting longer and longer, and using GPU computing to accelerate neural network training has increasingly become a key technology. In addition, the importance of data privacy has also promoted the development of private computing technology. This article first introduces the concepts of deep learning, GPU computing, and two privacy computing technologies, secure multiparty computing and homomorphic encryption, and then discusses the GPU acceleration technology of deep learning in plaintext environment and private computing environment. In the plaintext environment, the two basic deep learning parallel training modes of data parallelism and model parallelism are introduced, two different memory optimization technologies of recalculation and video memory swapping are analyzed, and gradient compression in the training process of distributed neural network is introduced. technology. This paper introduces two deep learning GPU acceleration techniques: Secure multiparty computation and homomorphic encryption in a privacy computing environment. Finally, the similarities and differences of GPUaccelerated deep learning methods in the two environments are briefly analyzed.
    A Review of Hardware Accelerated Research on Zeroknowledge Proofs
    2024, 10(7):  594. 
    Asbtract ( )   PDF (1311KB) ( )  
    References | Related Articles | Metrics
    ZeroKnowledge Proofs (ZKP) are cryptographic protocols that allow a prover to demonstrate the correctness of a statement to a verifier without revealing any additional information. This article primarily introduces research on the acceleration of zeroknowledge proofs, with a particular focus on ZKPs based on Quadratic Arithmetic Programs (QAP) and Inner Product Proofs (IPA). Studies have shown that the computational efficiency of zeroknowledge proofs can be significantly improved through hardware acceleration technologies, including the use of GPUs, ASICs, and FPGAs. Firstly, the article introduces the definition and classification of zeroknowledge proofs, as well as the difficulties encountered in its current application. Secondly, this article  discusses in detail the acceleration methods of different hardware systems, their implementation principles, and their performance improvements over traditional CPUs. For example, cuZK and GZKP utilize GPUs to perform Multiscalar Multiplication (MSM) and Number Theoretic Transform (NTT), while PipeZK, PipeMSM, and BSTMSM accelerate these computational processes through ASICs and FPGAs. Additionally, the article mentions applications of zeroknowledge proofs in blockchain for concealing transaction details, such as the private transactions in ZCash. Lastly, the article proposes future research directions, including accelerating more types of ZKPs and applying hardware acceleration to practical scenarios to resolve issues of inefficiency and promote the widespread application of zeroknowledge proof technology.
    A DNS Root Zone Management Architecture Based on Consortium Blockchain
    2024, 10(7):  602. 
    Asbtract ( )   PDF (2981KB) ( )  
    References | Related Articles | Metrics
    The centralized root architecture of Domain Name System (DNS) in the current Internet is accompanied by longterm concerns: on one hand, the country code toplevel domain may be out of control due to the destruction of the root authority function; on the other hand, it is worried that decentralized root alternatives will cause the domain name space to split. The root cause of the above concerns lies in the lack of autonomy and transparency in current and alternative root zone management, leading to a lack of trust in the current root authority or alternative solutions. This paper describes a new DNS root zone management architecture, the root consensus chain, to enhance mutual trust and ease the concerns of all parties. Multiple autonomous registries participate in root zone management in the root consensus chain. Each registry has a country code toplevel domain and root server operators to jointly build a consortium blockchainbased root zone management system. While maintaining a unified name space and a unique global root authority, the root consensus chain improves autonomy through the establishment of a root community by the root consensus chain managers; improves transparency by recording and executing the agreements among the parties and the operation of the root zone. The experimental results based on the real network research testbed show that the root consensus chain can effectively cope with the above concerns, and it has good feasibility and practicability.
    Federated Foundation Model Finetuning Based on Differential Privacy#br#
    2024, 10(7):  616. 
    Asbtract ( )   PDF (1752KB) ( )  
    References | Related Articles | Metrics
    As the availability of private data decreases, large model finetuning based on federated learning has become a research area of great concern. Although federated learning itself has a certain degree of privacy protection, privacy security issues such as gradient leakage attacks and embedding inversion attacks on large models still threaten the sensitive information of participants. In the current context of increasing awareness of privacy protection, these potential privacy risks have significantly hindered the promotion of large model finetuning based on federated learning in practical applications. Therefore, this paper proposes a federated large model embedding differential privacy control algorithm, which adds controllable random noise to the embedded model of the large model during efficient parameter finetuning process through a global and local dual privacy control mechanism to enhance the privacy protection ability of federated learning based large model parameter finetuning. In addition, this paper demonstrates the privacy protection effect of this algorithm in large model finetuning through experimental comparisons of different federation settings, and verifies the feasibility of the algorithm through performance comparison experiments between centralization and federation.
    Multiuser Searchable Symmetric Encryption Scheme Based on  Elliptic Curve Encryption
    2024, 10(7):  624. 
    Asbtract ( )   PDF (1306KB) ( )  
    References | Related Articles | Metrics
    Searchable encryption (SE) is one of the key technologies in secure data retrieval. It allows the server to search encrypted data directly without decrypting it. In this paper, we propose a multiuser extension of the existed dynamic searchable symmetric encryption (SSE) scheme for the singleuser to solve the problem of data security sharing in cloud storage environment. The proposed scheme is efficient, secure and requires no storage on the client. The scheme uses elliptic curve encryption system to realize key management and access key distribution among authorized users,effectively avoiding the key sharing problem and bilinear pairing operation in traditional multiuser scheme. It also meets the requirements of query privacy, search unforgeability, and user revocability. At the same time, after multiuser expansion, the scheme still maintains the advantages of the original scheme, such as less information leakage, efficient file search, efficient file deletion and no storage on the client.
    Baseline Evaluation of Financial Data Security Based on  Combined WeightingTOPSIS Method
    2024, 10(7):  634. 
    Asbtract ( )   PDF (1436KB) ( )  
    References | Related Articles | Metrics
    The precise identification and verification of the data security baseline are fundamental prerequisites for the implementation of protective measures for financial data security. This process is a foundational reference for the subsequent systematic development of data security and the judicious utilization of data value. Therefore, this paper introduces a model for identifying and verifying the financial data security baseline based on the Combined WeightingTOPSIS method. Initially, based on national laws and regulations, national and industry technical standards, this paper establishes a data security baseline system by analyzing and identifying the main factors and key indicators that affect financial data security. Subsequently, the Analytic Hierarchy Process (AHP) and the Criteria Importance Though Intercrieria Correlation (CRITIC) are comprehensively used to calculate the subjective and objective comprehensive weights of each indicator. Finally, through the application of the Technique for Order of Preference by Similarity to Ideal Solution (TOPSIS), a comprehensive analysis of the efficacy of the financial data security baseline is conducted, coupled with a judicious verification process. Validation through practical instances attests to the rational construction of the indicator system. Moreover, the financial data security baseline identification and verification model, grounded in the Combined WeightingTOPSIS method and operating within a multidimensional indicator system, demonstrates superior scientific efficacy and adaptability to realworld industry applications. Comparative experiments with alternative models further underscore the accuracy and effectiveness of the proposed indicator system and verification method in this paper.
    Model of Intrusion Detection Based on Federated Learning and Convolutional Neural Network
    2024, 10(7):  642. 
    Asbtract ( )   PDF (1722KB) ( )  
    References | Related Articles | Metrics
    The cyber intrusion detection model needs to identify the malicious data timely and accurately among the largescale cyber traffic data. However, due to the insufficient label data of a single institution and the unwillingness of various institutions to share data, the performance of the trained cyber intrusion detection model has low performance. In view of the above problems, this paper proposed an intrusion detection model FL1DCNN, which combined federated learning and onedimensional convolutional neural network. While ensuring high detection accuracy, it allowed more participants to protect their data privacy and security, which solved the problem of insufficiency of the labeled data. The FL1DCNN model first carried on a series of preprocessing operations on the original data set, then used the onedimensional convolutional neural network as the general model of each participant to extract features under the federated learning mechanism and finally performs binary classification using a sigmoid classifier. The experimental results show that the accuracy of the FL1DCNN model on the CICIDS2017 dataset is 96.5% and the F1score of the FL1DCNN model is 97.9%. In addition, compared to the traditional centralized training model 1DCNN, the FL1DCNN model reduces training time by 32.7%.
    Research on Security Protection and Prediction Models for Consumer Behavior Data Collection Platforms
    2024, 10(7):  649. 
    Asbtract ( )   PDF (2887KB) ( )  
    References | Related Articles | Metrics
    Predicting interests and making reasonable recommendations based on user browsing records and other information has become a common means for many sales platforms to optimize the user experience. Thus, the issue of user information security has naturally become a major challenge for major platforms. This paper proposes an endogenous securitybased consumer behavior data collection and analysis platform, which accurately predicts future sales traffic data by collecting user data and using a prediction model based on long and shortterm memory networks. In terms of data security, the platform uses endogenous securitybased mimetic cloud WAF, providing autonomous and controllable security for the entire data platform through three core technologies: dynamic selection algorithm, heterogeneous executables, and adjudication algorithm, and detects anomalous traffic by utilizing sketchbased network measurement techniques. In addition, the platform incorporates data backup and recovery, encrypted storage, and data transmission encryption technologies, and takes measures such as categorized storage and access control for important data. Extensive experiments demonstrate that the prediction platform used for China Tobacco’s sales traffic has significant improvement in prediction accuracy and data security when compared with existing techniques, and can provide a reasonable and feasible solution for enterprise sales prediction.

    Design of Diversity Data Security Compliance Detection System
    2024, 10(7):  658. 
    Asbtract ( )   PDF (3013KB) ( )  
    References | Related Articles | Metrics
    This paper aims to propose a design of a compliance detection configuration system for diverse data. The system meets the compliance needs of different data types and industries through customizable rules and customized functions. In the system design, corresponding detection rules are designed for each document type to ensure the compliance of documents during storage, transmission, and processing. In addition to document type compliance detection, the system also considers the software and hardware installation in the terminal device and the compliance of policies related to account settings. The system also supports sensitive data identification, multilanguage support, automated processing, visualization and reporting functions. In addition, considering key factors such as privacy protection and security, a relatively comprehensive, efficient, and secure tool is designed for compliance detection and management of diverse data.

    Research Advance and Challenges of Fuzzing Techniques
    2024, 10(7):  668. 
    Asbtract ( )   PDF (1020KB) ( )  
    References | Related Articles | Metrics
    Fuzzing. as an efficient vulnerability discovery technique, has garnered increasing attention from researchers due to its rapid development in recent years. To delve deeper into fuzzing techniques, this paper introduces its definition and analyzes the advantages and disadvantages. It summarizes the research progress of fuzzing techniques from various perspectives, including energy scheduling for seed selection, test case mutation algorithms, fuzzy test execution performance, mixed fuzzy testing. Furthermore, it compares the improvement points and shortcomings of different fuzzing studies, and further proposes suggestions for future development. Additionally, the paper describes the research achievements of fuzzing in vulnerability discovery in the fields of operating system kernel, network protocol, firmware, and deep learning. Finally the paper concludes with a summary and offers insights into the future challenges and research hotspots of fuzzing.
    Research on Science and Technology Management Information Security Guarantee System
    2024, 10(7):  675. 
    Asbtract ( )   PDF (1766KB) ( )  
    References | Related Articles | Metrics
    Technological security is a crucial component of the national security framework, serving as a vital force underpinning national security. To strengthen technological innovation and ensure technological security, it is imperative to establish a comprehensive and efficient national innovation system. The information security aspect of technology management information systems, as a pivotal lever for deepening technological institutional reform, should not be underestimated. This paper begins by introducing the significance of technology management, technological security, and the maintenance of information security in technology management. It also highlights the current risk challenges faced in technology management information security. Then, combined with technology management information security protection needs, it constructs a security assurance framework for technology management information security. Detailed explanations are provided on the security management system, security operations and maintenance system, and security technology system within this architecture, with a particular focus on strategies for safeguarding the security of technology management business data. Finally, an analysis is presented regarding the development trends in technology management information security assurance.
     The Risk and Governance of Health Data in Medical Digital Twin
    2024, 10(7):  682. 
    Asbtract ( )   PDF (7155KB) ( )  
    References | Related Articles | Metrics
    In recent years, digital twins have been rapidly applied in the medical field. Medical digital twins have further released the energy contained in health data, which is expected to meet the needs of patients for precise disease diagnosis and personalized medical services. In response to the new changes in health data, this article first elaborates on how medical digital twins empower the digital evolution of health data, enabling it to gain unprecedented value and functionality. Then, it examines the new risks faced by health data in the context of medical digital twins. Finally, based on the actual situation in China, this article examines the four aspects of legal resource supply, administrative supervision and management, technological development strategies, and diversified governance models, proposing governance strategies for health data to promote the healthy development of medical digital twins.