Most Read articles

    Published in last 1 year |  In last 2 years |  In last 3 years |  All

    All
    Please wait a minute...
    For Selected: Toggle Thumbnails
    Overview on SM9 Identity Based Cryptographic Algorithm
    Journal of Information Security Research    2016, 2 (11): 1008-1027.  
    Abstract2500)      PDF (13949KB)(5757)       Save
    SM9 identitybased cryptographic algorithm is an identitybased cryptosystem with bilinear pairings. In such a system the user s private key and public key may be extracted from user s identity and key generation centers parameters. The most common cryptographic uses of SM9 are with digital signature, data encryption, key exchange protocol and key encapsulation mechanism etc. The application and management of SM9 will not require digital certificate, certificate base, and key base. The key length of the SM9 cipher algorithm is 256b. SM9 cryptographic algorithm was issued as the cryptography standard in 2015. This paper will summarize the design, algorithm, software and hardware implementation and cryptanalysis of SM9 cryptographic algorithm. We also give some concrete examples in appendix.
    Reference | Related Articles | Metrics
    Survey of Hash Functions
    Wang Xiaoyun1,2 and Yu Hongbo3
    Journal of Information Security Research    2015, 1 (1): 19-30.  
    Abstract1285)      PDF (11279KB)(3686)       Save
    One of the fundamental primitives in modern cryptography is the cryptographic hash functions, often informally called hash functions. They are used to compress messages of arbitrary length to fixed length hash values which are also called hash codes, message digests or digital fingerprints. A primary motivation for cryptographic hash functions is that they serve as compact representative images of input messages, which they can uniquely identify. Changing a single letter will change most of the digits in the hash code. The most common cryptographic uses of hash functions are with digital signature and for data integrity. Hash functions are frequently used in digital signature schemes to compress large messages for processing by public-key cryptosystems such as RSA. They are also used to design message authentication codes (MACs) and many secure cryptographic protocols. Hash functions occur as components in various cryptographic applications (e.g. protection of pass-phrases, protocols for payment, broadcast authentication etc.), where usually their property as a computational one-way function is used. So the study of the hash functions is of great significance in the cryptanalysis field.
    Related Articles | Metrics
    Overview of Data Security Governance at Home and Abroad
    Journal of Information Security Reserach    2021, 7 (10): 922-.  
    Abstract1273)      PDF (3579KB)(791)       Save
    With the rapid development of digital economy, privacy infringement, data leakage, platform monopoly, misinformation and other issues emerge one after another, increasingly becoming an important issue that threatens individual rights, industrial development and national security. This article, on the national policy and law level, sorts out four categories of data governance, that is, personal data protection, cross-border data flow regulation, data market governance, and data content management. Countries and regions like United States, European Union and China are the centers of global digital economy. This article summarizes their practices and experience in above-mentioned four categories, and on this basis, puts forward some suggestions on strengthening China's data security governance system and capacity building, that is, further improving the legal system to compete for the leadership of the digital economy, deeply participating in global data governance to enhance the international voice of rule-making, and strengthening support and oversight of new technologies and applications to seize new heights in digital economy governance.
    Reference | Related Articles | Metrics
    Overview on Public Key Crytographic Algorithm SM2 Based on Elliptic Curves
    Journal of Information Security Research    2016, 2 (11): 972-982.  
    Abstract997)      PDF (7813KB)(680)       Save
    Public key cryptographic algorithm SM2 based on elliptic curves (SM2 algorithm for abbreviation) was firstly issued in December 2010, had become the Chinese commercial cryptographic standard (GMT 0003—2012) in 2012, and had become the Chinese national cryptographic standard (GBT 32918—2016) in 2016. This paper briefly describe the development background of SM2 algorithm,describe SM2 algorithm in details,introduce the researches on its security, and evaluate its implementation efficiencies. All the researches on SM2 algorithm so far indicate that the provable securities of SM2 algorithm reach the supreme levels of public key cryptographic algorithms securities, and its implementation efficiencies are equivalent to or slightly superior to those similar elliptic curve cryptographic algorithms in some international standards.
    Reference | Related Articles | Metrics
    An Overview of Application and Technology of Artificial Intelligence in Cybersecurity
    Journal of Information Security Reserach    2022, 8 (2): 110-.  
    Abstract983)      PDF (1142KB)(744)       Save
    Compared with the developed countries, the basic research and technology application in the field of artificial intelligence in China started later, especially the application of artificial intelligence in the important field of network security. Domestic and abroad disparity is still very obvious, which seriously affects the improvement of China's cybersecurity capability. This paper elaborates the relationship between artificial intelligence, network attack and network defense, and widely investigates the application status of artificial intelligence in major information security companies at home and abroad. It points out that APT detection, 0day vulnerability mining and cloud security are three core areas that affect the level of cybersecurity capability, This paper deeply analyzes the key technologies of artificial intelligence technology applied in these three fields, and puts forward the safety risks of artificial intelligence technology, and points out that artificial intelligence technology is not a panacea for all diseases, This Paper provides a scientific reference for the further research and application of artificial intelligence technology in China's information security industry.
    Reference | Related Articles | Metrics
    The ZUC Stream Cipher Algorithm
    Journal of Information Security Research    2016, 2 (11): 1028-1041.  
    Abstract973)      PDF (7769KB)(545)       Save
    祖冲之算法,简称ZUC,是一个面向字设计的序列密码算法,其在128b种子密钥和128b初始向量控制下输出32b的密钥字流.祖冲之算法于2011年9月被3GPP LTE采纳为国际加密标准(标准号为TS 35.221),即第4代移动通信加密标准,2012年3月被发布为国家密码行业标准(标准号为GMT 0001—2012),2016年10月被发布为国家标准(标准号为GBT 33133—2016).简单介绍了祖冲之算法,并总结了其设计思想和国内外对该算法安全性分析的主要进展.
    Reference | Related Articles | Metrics
    Differential Privacy and Applications
    Journal of Information Security Research    2015, 1 (3): 224-229.  
    Abstract946)      PDF (5750KB)(1078)       Save
    As the emergence and development of application requirements such as data analysis and data publication, a challenge to those applications is to protect private data and prevent sensitive information from disclosure. With the highspeed development of information and network, big data has become a hot topic in both the academic and industrial research, which is regarded as a new revolution in the field of information technology. However, it brings about not only significant economic and social benefits, but also great risks and challenges to individuals` privacy protection and data security. People on the Internet leave many data footprint with cumulatively and relevance. Personal privacy information can be found by gathering data footprint in together.Malicious people use this information for fraud. It brings many trouble or economic loss to personal life.Privacy preserving, especially in data release and data mining, is a hot topic in the information security field. Differential privacy has grown rapidly recently due to its rigid and provable privacy guarantee. We analyze the advantage of differential privacy model relative to the traditional ones, and review other applications of differential privacy in various fields and discuss the future research directions. Following the comprehensive comparison and analysis of existing works, future research directions are put forward.
    Reference | Related Articles | Metrics
    Overview on SM4 Algorithm
    Journal of Information Security Research    2016, 2 (11): 995-1007.  
    Abstract941)      PDF (8653KB)(809)       Save
    SM4 Algorithm, short for SM4 Block Cipher Algorithm, was published in 2006 to promote the application of WAPI. It became a cryptography industrial standard (GMT 0002—2012) in March 2012 and a national standard (GBT 32907—2016) in August 2016. This paper describes SM4s calculating process, structural features and cryptographic properties. Furthermore, we introduce some latest researches on SM4s security and compare SM4s security with several international block cipher standards such as AES, HIGHT and MISTY1.
    Reference | Related Articles | Metrics
    Time Machine Forensic
    Journal of Information Security Research    2016, 2 (4): 307-316.  
    Abstract910)      PDF (5953KB)(685)       Save
    Time Machine is an automatic data backup tool in Mac OS. Mac users can backup their important programs and data continuously with different kinds of removable disk, such as USB removable hard disk, Firewire hard disk, Thunderbolt hard disk, Time Capsule. Especially in investigations and cases, it is important for investigators to find out if there are any backup storages in a WiFi network. A single Time Machine storage can save multiple users backup data, or even several Mac computers backup data. The normal deleted data in a Mac can even be foundrecovered from Time Machine backup. The important breakthrough may be from a Time Capsule, and the analytical result of Time Machine backup. This article will discuss Time Machine, backup storage, folder structure, and how to make forensics analysis manually and automatically.
    Reference | Related Articles | Metrics
    Research on Data Classification and Grading Method Based on Data Security Law
    Journal of Information Security Reserach    2021, 7 (10): 933-.  
    Abstract894)      PDF (2157KB)(783)       Save
    The Data Security Law of the People's Republic of China (hereinafter referred to as the Data Security Law) has been formally promulgated, which clearly stipulates that the state establishes data classification and grading protection system, and implements classified and graded protection for data. However, at present, the relevant standards and specifications of data classification and grading in China are relatively lacking, and the practical experiences that can be used for reference in various industries are relatively insufficient. How to effectively implement the data classification and grading protection is still a thorny problem. Based on Article 21 of the Data Security Law, this paper analyzes the factors such as the influence object, influence breadth and influence depth after the data is damaged, puts forward the principles and methods of data classification and data grading, and gives an implementation path of data classification and grading according to the application scenarios and industry characteristics of the data, which provide a certain reference for data classification and grading protection of various industries.
    Reference | Related Articles | Metrics
    Current Situation, Analysis and Prospect of Cross Border Data Flow
    Wang Na, Gu Mianxue, Wu Gaofei, Zhang Yuqing, Cao Chunjie
    Journal of Information Security Reserach    2021, 7 (6): 488-495.  
    Abstract881)      PDF (1439KB)(486)       Save
    With the advent of the era of big data, the process of globalization is accelerated, the economic and political exchanges between countries become more frequent, the competition for data becomes more and more fierce, and the cross-border flow of data is inevitable. Although the European Union, the United States and other major international economies give priority to the deployment of cross-border data, which provides effective reference for different countries, with the increasingly urgent demand for cross-border data flow, the related issues of national security and personal data protection are gradually highlighted. First, by combing existing research works on cross-border data flow, starting from the concept of data cross-border, we summarize their advantages and disadvantages; then, starting from the core data security technology and regulatory mechanism, we systematically analyze and compare cross-border data current situation of the flow of multiple countries ; finally, based on the collation and summary of existing works, we discuss the shortcomings and challenges of China's existing data cross-border management system, put forward targeted suggestions and solutions, and look forward to the research and development trends in this field. 
    Reference | Related Articles | Metrics
    A Survey of Zero Trust Research
    Journal of Information Security Research    2020, 6 (7): 608-614.  
    Abstract878)      PDF (2068KB)(1267)       Save
    With the popularization of cloud computing, mobile office and other technologies, the enterprise network structure becomes complex. The traditional network security model is based on the idea of boundary protection, which can not meet the current needs. Zero trust is a new network security model, where no distinction is made between internal and external networks and all entities need authentication and authorization before accessing resources, which can be used to protect the network whose perimeter is increasingly fuzzy. This paper gives the definition of zero trust, introduces the architecture of zero trust, analyzes the core technology of zero trust, compares and analyses several representative zero trust schemes, summarizes the development status, points out the research direction needing attention in this field, which can provide reference for the research and application of zero trust.
    Reference | Related Articles | Metrics
    “Internet Plus” Mobile Power: Analysis the Network Security of ZTE
    Journal of Information Security Research    2016, 2 (4): 288-298.  
    Abstract835)      PDF (1637KB)(940)       Save
    Related Articles | Metrics
    A Survey of Research on Network Attack Model
    Journal of Information Security Research    2020, 6 (12): 1058-1067.  
    Abstract822)      PDF (1774KB)(901)       Save
    With the rapid development of information technology, network attacks have gradually presented multi-stage, distributed and intelligent characteristics. Single firewalls, intrusion detection systems and other traditional network defense measures cannot well protect the network system security in an open environment. As a kind of attack scene representation from the attacker's perspective, the network attack model can comprehensively describe the network attack behavior in a complex and changeable environment, and is one of the commonly used network attack analysis and response tools. This paper first introduces the current main network attack models, including traditional trees, graphs, nets structure models and modern attack chains, ATT&CK, diamond models, etc. Then the analysis and application of network attack model will be explained. The analysis process for the purpose of solving the attack index mainly includes the probability framework, the assignment method and the solution method, and the application of the attack model based on the life cycle includes the application of the attackers and the defenders' perspective; Finally, the current challenges and future directions of the network attack model and its analysis and application are summarized.
    Reference | Related Articles | Metrics
    Discipline Construction and Talents Training of Cyberspace Security
    Li Jianhua Qiu Weidong Meng Kui Wu Jun
    Journal of Information Security Research    2015, 1 (2): 149-154.  
    Abstract783)      PDF (5250KB)(854)       Save
    In June 2015, “Cyberspace Security” was promoted as a national Firstlevel Discipline, while before that, Information Security was founded as a specialty in 2001. This promotion is not only beneficial to the talents training of Information Security, but also set higher demands for the discipline construction. It is time to analyze and discuss the issues related to cyberspace security discipline construction and talent training. Although proposed as a new conception, cyberspace security has drawn great attention these years worldwide, no matter in Unite State, or in China. There are broad requirements of cyberspace security talents, spanning from national defense security, national key infrastructure security, national important information system security, national public security management service and domestic information security industry. According to the statistics, it is shown that there is a huge gap between the cyberspace security talent supply and demand these years. Since the Information Security specialty was founded more than one decade ago, some valuable experiences are summarized. Based upon all these analysis, some suggestions about discipline construction and talent training mode of cyberspace security are proposed, which include clearing the training goals of different talent levels, constructing hierarchical and practical training environment, and building finegrained professional teaching quality evaluation system.
    Reference | Related Articles | Metrics
    Flow Anomaly Detection Based on Hierarchical Clustering Method
    Journal of Information Security Research    2020, 6 (6): 0-0.  
    Abstract782)      PDF (1784KB)(486)       Save
    With the advent of the big data era, the attacks in network traffic are rising dramatically. Detecting malicious traffic through abnormal flow detection is vital. Nowadays, the equipment of abnormal flow detection used in industry mainly adopts statistical analysis method or simple machine learning method. However, the amount of flow data and redundant data is large. The precision rate is low and the false alarm rate is high. In order to solve these problems, this paper presents a new method to detect flow anomalies based on hierarchical clustering in data processing. This method first uses the hierarchical clustering algorithm to achieve the purpose of data reduction. Then based on seven different machine learning algorithms, an abnormal traffic model based on hierarchical clustering is constructed. The experimental results show that this method can detect the abnormal behavior on the DARPA dataset with a precision rate of 99% and a recall rate of 99%. At the same time, while maintaining the precision rate of 90%, the data reduction can be up to 47.58%, which greatly improves the detection efficiency.
    Related Articles | Metrics
    Design and Implementation of Dark Net Data Crawler Based on Tor
    Journal of Information Security Research    2019, 5 (9): 798-804.  
    Abstract781)      PDF (3976KB)(1222)       Save
    tWith the development of anonymous communication technology, more and more users begin to use anonymous communication to protect personal privacy. Tor, as the most popular application of anonymous communication system, can effectively prevent behavior such as traffic sniffing, eavesdropping and other behaviors. While protecting the privacy of users from being stolen, “dark net” is also used by many criminals. Thus, this has brought great challenges to the supervision of public security. How to strengthen the regulation and crackdown on illegal information of dark network websites is an urgent problem to be solved. Therefore, the data of crawling anonymous websites is an important basis for supervising those websites effectively. The most mainstream dark network anonymous communication system Tor was introduced briefly, its technical principles were analyzed, and a dark network data crawler program was designed, which mainly use Selenium to enter the Tor network, bulk crawl the dark Web pages and save the data to the local. It will help the public security department to further monitor and analyze the relevant content in the dark network, and also propose a feasible technical means for the police department to supervise the dark network.
    Reference | Related Articles | Metrics
    Research of Threat Intelligence Sharing and Using for Cyber Attack Attribution
    Yang Zeming, Li Qiang, Liu Junrong, and Liu Baoxu
    Journal of Information Security Research    2015, 1 (1): 31-36.  
    Abstract779)      PDF (5527KB)(1098)       Save
    With the increasingly complexity of cyberspace security, the attack attribution has become an important challenge for the security protection system. The emergence of threat intelligence provided plentiful data source support for the attack attribution, which makes large-scale attack attribution became possible. To realize effective attack attribution, based on the structure expression of the threat information, a light weight framework of threat intelligence sharing and utilization was proposed. It included threat intelligence expression, exchange and utilization, which can achieve the attack attribution result. Take the case of C2 relevant information, we described the expression of threat intelligence sharing and utilization, and verified the framework. Results show that the framework is practical, and can provide new technical means for attack attribution. In addition, based on the understanding of threat intelligence, several thinking about the construction of sharing and utilization mechanisms were promoted in the end.
    Related Articles | Metrics
    Security Architecture and Key Technologies of Blockchain
    Yan Zhu
    Journal of Information Security Research    2016, 2 (12): 1090-1097.  
    Abstract779)      PDF (6838KB)(649)       Save
    Blockchain, both the cryptocurrency and the underlying Bitcoin technology, have attracted significant attention around the world. The reason is that blockchain is a decentralization technology with Consensus Trust Mechanism (CTM), which is obviously different from the traditional centralization system with Outer Trust Mechanism (OTM). This has made a great influence on the trust mechanism of people and promoted the usage of security technology in the blockchain. In this paper, we present the security architecture and key technologies of the blockchain, and explain how the blockchain ensure the integrity, non repudiation, privacy, consistency for the stored data through P2P network, distributed ledger, asymmetric encryption, consensus mechanism and smart contracts. Moreover, we analyze some new security threats and measures, for example, the preventing technology of Denial of Service (DoS) attack against the Transaction Storm (TS), the cryptographic access control (CAC) technology to enhance the data privacy, the key management technology against losing and stealing of digital asset, and so on. We also discuss the future security problems and technologies that might be discovered after the blockchain syncretizes new technologies, including, AI, Big Data, IOT, cloud computing, mobile Internet technologies.
    Reference | Related Articles | Metrics
    New Trends of the Main Countries Cybersecurity Strategy in 2015
    Cui Chuanzhen
    Journal of Information Security Research   
    Overview of Voiceprint Recognition Technology and Applications
    Journal of Information Security Research    2016, 2 (1): 44-57.  
    Abstract769)      PDF (12707KB)(414)       Save
    With the rapid development of information technology, how to identify a person to protect hisher personal privacy as well as information security has become a hot issue. Comparing with the traditional identity authentication, the biometric authentication technologies have the features of not being to get lost, to be stolen or forgotten when being used. The use of them is not only fast and convenient, but also accurate and reliable. Being one of the most popular biometric authentication technologies, the voiceprint recognition technology has its unique advantages in the field of remote authentication and other areas, and has attracted more and more attention. In this paper, the voiceprint recognition technology and its applications will be mainly introduced, including the fundamental concept, development history, technology applications and industrial standardizations. Various kinds of problems and corresponding solutions are overviewed, and the prospects are pointed out finally.
    Reference | Related Articles | Metrics
    Research on The Technology Architecture of Big Data Security and Privacy System
    Lv Xin
    Journal of Information Security Research    2016, 2 (3): 244-250.  
    Abstract741)      PDF (6172KB)(921)       Save
    In the era of Big Data, data security and privacy face a lot of technical challenges in the aspects of security architecture, data privacy, data management, integrity and proactive security protection. Based on the analysis of technical challenges of big data security and privacy protection, this paper proposes a reference model of the technology architecture of big data security and privacy system, and researches on the key technology and the latest progress of big data security and privacy, focusing on data layer security, application layer security, interface layer security and system layer security. It provides an effective technical reference for establishing big data security and privacy system.
    Reference | Related Articles | Metrics
    SM3 Cryptographic Hash Algorithm
    Journal of Information Security Research    2016, 2 (11): 983-994.  
    Abstract715)      PDF (8502KB)(706)       Save
    The cryptographic hash functions play an important role in modern cryptography. They are used to compress messages of arbitrary length to fixed length hash values. The most common cryptographic applications of hash functions are with digital signature and for data integrity. SM3 cryptographic hash algorithm is issued as the industry standard in 2012. In 2016, it was published as national standard. It takes a 512bit message as input and outputs a 256bit hash value. This paper summarizes the design, properties, software and hardware implementations and cryptanalysis of SM3 cryptographic hash algorithm. Furthermore, we compare SM3 with other hash standards.
    Reference | Related Articles | Metrics
    Formal Verification Method of Smart Contract
    Journal of Information Security Research    2016, 2 (12): 1080-1089.  
    Abstract707)      PDF (7621KB)(594)       Save
    Smart contract is a code contract and algorithm contract and will become the basis of future agreements in digital society. Smart Contract utilizes protocols and user interfaces to facilitate all steps of the contracting process. This paper summarized the main technical characteristics of smart contract and existing problems such as trustworthiness and security and proposed that formal method is applied to the smart contract modeling, model checking and model verification to support the large-scale generation of smart contract. In this paper, a formal verification framework and verification method for smart contract in the whole life circle of smart contract has been proposed. The paper presented a smart shopping scene, in which Promela language is used for modeling a SSC(smart shopping contract) and SPIN is used to simulate and model checking to verify the effect of formal method on smart contract.
    Reference | Related Articles | Metrics
    Thoughts on Several Issues of Commercial Cryptography Application and Innovation Development
    Journal of Information Security Research    2020, 6 (11): 0-0.  
    Abstract703)      PDF (1311KB)(750)       Save
    Being strictly and scientifically proven, cryptography is the fundamental technology of cyberspace security. A spiral development trend among cryptography, its serving objects and the technological development is presenting. With the rapid development of cyberspace technology and the inherent drive of cryptography attack and defense, the connotation and extension of cryptography have undergone major changes. Cryptography is not only the core technology of cyberspace security, but also the cornerstone of trust in the digital economy security..Faced with the severe situation of cyberspace security and the development trend of the digital economy, cryptography technology shall closely follow the applications to promote its innovation, cryptography industry shall be optimized to strengthen the cryptography supply, and cryptography evaluation shall be standardized to protect the cryptography application security. As a special strategic resource, cryptography cannot be bought from others, and it cannot be fully trusted even bought from others. It is of great significance to rely on independent innovation of our own cryptography. And the issues that discipline level of cryptography is set too deep, and high-end compound cryptography talents are of shortage shall be resolved as soon as possible.
    Related Articles | Metrics
    Review of Multi-Party Secure Computing Research
    Journal of Information Security Reserach    2021, 7 (12): 1161-.  
    Abstract678)      PDF (1190KB)(497)       Save
    With the rapid development of the Internet, data resources have become an important competitiveness of all industries. However, as the owners and users of data cannot beunified, problems such as data security and personal privacy become increasingly serious,resultingin the phenomenon of "data islands". Secure Multi-Party Computation (MPC)promises tosolve these problems by ensuring both privacy of data input and correctness of dataComputation, and by ensuring that data input from participating parties is not compromisedthrough protocols without third parties. Based on the definition and characteristics ofmulti-party secure computing, this paper introduces the research status, component model andapplication scenarios of multi-party secure computing.
    Reference | Related Articles | Metrics
    An Overview of Hadoop Security Framework
    Journal of Information Security Research    2016, 2 (8): 684-698.  
    Abstract676)      PDF (12399KB)(298)       Save
    Hadoop has become the most popular analysis framework which is used to open source of cloud computing and big data , at the same time,its security mechanism has also been treated as a critical item. This paper first gives an overview on Hadoop design principle, architecture, major threat, security mechanism, and design challenge which include the security solutions of enterprise and the security mechanism of Hadoop. The research on security mechanism of Hadoop are active, which present trusted platform, encryption algorithm,mixed encryption algorithm,TDEA and parallel encrypt algorithm and so on. Since Hadoop ecosystem involves many components, and different components have different security mechanisms, the current research focus is to enhance finegrained, highly modular, expandability and other aspects, while taking the performance, cost, usability and other issues into account.
    Reference | Related Articles | Metrics
    Multimedia Information Security: A Review
    Kong Xiangwei1) Wang Bo1) and Li Xiaolong2)
    Journal of Information Security Research    2015, 1 (1): 44-53.  
    Abstract676)      PDF (10660KB)(529)       Save
    In the information and network era, multimedia is confronted with severe information security risks, though it has provided great audio and visual enjoyments to people for last few decades. In view of the typical research areas of multimedia information security, including steganography and steganalysis, digital watermarking, multimedia forensics, perceptual hash and multimedia content privacy, this paper firstly expounds the background of specific problems and explains the typical concept. Based on the analysis of the previous works, the potential problems and challenges in the future are summarized and discussed separately. Finally, this paper draws the conclusion and shows the prospect of multimedia information security.
    Related Articles | Metrics
    Webshell Detection Method Research Based on Web Log
    Journal of Information Security Research    2016, 2 (1): 66-73.  
    Abstract664)      PDF (5409KB)(925)       Save
    In this paper, a new method of Webshell detection based on Web log is proposed, which is based on the analysis of the server log text file, and the Webshell is detected from three angles: text feature, statistical feature and correlation feature. In the text feature, it is mainly to match the file access path and the parameters that are submitted. The experimental results show that the normal Web documents and Webshell files have obvious differences in the characteristics of the file access path and the parameters. In the statistical characteristics, the first is the comparison of the frequency of access to the file, and the experiment proved that the frequency of the Web page file access, combined with the depth of the Web page file directory, the starting time and the number of individual visitors, can accurately identify abnormal file. Page correlation is found by calculating the access of Web documents, the experiment shows that the Webshell is usually a solitary file, and the normal Web documents are clearly distinguished.
    Reference | Related Articles | Metrics
    Text Sentiment Analysis Based on BERT
    Journal of Information Security Research    2020, 6 (3): 220-227.  
    Abstract636)      PDF (1110KB)(496)       Save
    Most of the existing models adopt Word2Vec, GloVe(global vectors) and other methods to obtain the word vector representation of the text, ignoring the context relationship of the word. Aiming at this problem, a neural network model based on Bidirectional Encoder Representations from Transformers (BERT) pretraining language model with bidirectional long shortterm memory network (BLSTM) and attention mechanism was proposed for text sentiment analysis. Firstly, the word vector containing contextual semantic information is obtained through BERT pretraining language model. Secondly, BLSTM is used to extract contextual features for deep learning. Finally, attention mechanism is introduced to assign corresponding weights to the extracted deep information of the text to highlight the key information for text sentiment classifications. The accuracy rate can be 88.91% on the SST(stanford sentiment treebank) dataset. The experimental results show that the model performs better than other methods.
    Reference | Related Articles | Metrics
    Research on the Architecture of Big Data Security Assurance System Improved
    Lv Xin
    Journal of Information Security Research    2015, 1 (3): 211-216.  
    Abstract618)      PDF (7192KB)(626)       Save
    In the outline for action to promote the development of big data, appeal was made by the state council of the Peoples Republic of China that the research in the cyber security issues and the cyber security technology should be strengthened under the big data environment and that big data security assurance system should be improved. Based on the analysis of big data security environment and big data security threats and challenges, this paper proposes a multi dimension space model of big data security and privacy assurance system based on the system engineering theory, constructs the architecture model of big data security and privacy assurance system by using the model abstract method, and designs the technical proposal of big data security and privacy assurance in the perspective of strategic planning, security operation management, and security technology. In addition, this paper studies the process model of big data security and privacy assurance, and provides a technical reference for the sustainable ability establishment of big data security and privacy.
    Reference | Related Articles | Metrics
    AI and Data Privacy Protection: The Way to Federated Learning
    Journal of Information Security Research    2019, 5 (11): 961-965.  
    Abstract606)      PDF (1395KB)(905)       Save
    With the tremendous advance in computing, algorithms and data volume, artificial intelligence ushered in the third development climax, and began to gain a foot hold in exploring various industries. However, as the emergence of “big data”, more “small data” or “poorquality data”, and “data silos” exist in industry applications. For example, in the information security realm, it is difficult for enterprises who provide security services such as content security auditing and intrusion detection based on artificial intelligence technology to exchange raw data due to the consideration of user privacy and trade secrets protection. The services between enterprises are independent, and the overall development of cooperation and technology is difficult to make a breakthrough in a short period of time. How to promote greater cooperation on the premise of protecting the privacy of organizations? Will there be any chance for technical means to solve the data privacy protection problems? Federated Learning is an effective way to solve this problem and achieve acrossenterprise collaborative governance.
    Reference | Related Articles | Metrics
    Digital Currency Money Laundering Model and Tracking Analysis
    Journal of Information Security Reserach    2021, 7 (10): 977-.  
    Abstract603)      PDF (2085KB)(168)       Save
    Money laundering activities have evolved from a traditional model of Underground Bank to the new model such as "Fourth-Party Payment", along with the rising of the emerging digital currency, which has brought huge challenges to crime investigations, and also caused damage to the social financial system. In view of lack of supervision on the application installation of the digital currency system, lack of supervision on the digital currency transactions, as well as the anonymity of digital currency transactions, we put forward the key channels to solve the problems. This article describes the realization of obtaining real-name of digital wallet addresses, identifying digital exchange addresses, and how to establish evidence of digital currency transactions. In order to figure out the data visualization and address tagging display in the process of digital currency trading, provide clear flow tracking graphics of digital currency trading process for staff in case handling, identify the digital currency exchange, determine if it is able to retrieve evidence from that digital currency exchange, which will significantly improve work efficiency on money laundering crime investigation.
    Reference | Related Articles | Metrics
    Computing Force Network Security Architecture and Data Security Governance Technology
    Journal of Information Security Reserach    2022, 8 (4): 340-.  
    Abstract599)      PDF (2657KB)(436)       Save
    As a new information infrastructure which provides deep integration of computing force and network services, computing force network (CFN) provides important support for national cyber power, digital China and smart society. At present, the planning and construction of CFN has entered a critical period, and the work related to CFN security is gradually advancing, but the systematic security architecture has not been formed. This paper summarizes the relevant research progress of CFN, analyzes the security opportunities and challenges faced by CFN, and proposes a security reference architecture based on sorting out the key security technologies, so as to provide a reference for promoting the construction of CFN security system and deploying CFN security mechanism.Key words computing force network; new information infrastructure; security reference architecture; orchestration security; privacy computation; data security; artificial intelligence
    Related Articles | Metrics
    The Research of Discerning XSS Attack Based on FP-growth Optimized SVM Classifier
    Journal of Information Security Research    2020, 6 (9): 0-0.  
    Abstract599)      PDF (2293KB)(309)       Save
    Cross-site scripting (XSS) is a web-based security attack that is one of the most serious threats to Internet security today. Based on the principle of XSS attack detection based on Support Vector Machine (SVM) classifier, paper proposes An association detection algorithm (FP-growth) optimizes the XSS attacker detection method,It is verified by experiments that this method can effectively improve the accuracy of XSS detection compared with the common SVM detection method.
    Related Articles | Metrics
    Overview of Electronic Data Forensics Technology
    Journal of Information Security Research    2016, 2 (4): 299-306.  
    Abstract592)      PDF (5966KB)(776)       Save
    Electronic data forensics is a comprehensive subject, involving the related knowledge of computer science, law, criminal investigation, and other fields. Based on the practice of electronic data forensics, the paper briefly describes the general process of electronic data forensics, and proposes the technical system model. Emphatically, this paper sorts out the common techniques and technical standards of electronic data forensics, then describes the development tendency of electronic data forensics.
    Reference | Related Articles | Metrics
    On the Exploration and Prospect of the Development Path of  Cyberspace Trusted Identity in China
    Journal of Information Security Reserach    2022, 8 (12): 1236-.  
    Abstract560)      PDF (1941KB)(99)       Save
    Reference | Related Articles | Metrics
    A Survey of Fingerprint Recognition Technology
    Journal of Information Security Research    2016, 2 (4): 343-355.  
    Abstract546)      PDF (10838KB)(553)       Save
    Human society shows great interest in fingerprint at early times, but modern fingerprint recognition technology originated at the time of Galtons research, and used in criminal investigation at first. Since 1990s, fingerprint recognition begun to find its application in other commercial areas. In recent years, fingerprint recognition appears on mobile phone, and acts as an important method for screen unlocking and online payment. In the future, biometrics method, including fingerprint recognition, may replace current password system. For fingerprint recognition algorithm, classification is studied at first to improve the speed for fingerprint archives searching. Most algorithms today focus on matching the minutiae, including ridge ending and bifurcation. As the popularization of fingerprint recognition on mobile devices, the area of fingerprint sensor becomes smaller and smaller, matching technology based on third level features such as sweat pore and ridge shape gains more attentions. For fingerprint sensing, the first appeared method is pressing by ink. Fingerprint cards with inkpressed fingerprint is then digitized by scanner for computer storage and processing. From 1970s, the appearance and popularization of optical fingerprint sensing boost the quick and onsite image capturing and verification. Applications on mobile devices s the rapid progress of small size fingerprint sensor.
    Reference | Related Articles | Metrics
    Research on the Application of Commercial Cryptography in 5G Network
    Journal of Information Security Reserach    2023, 9 (4): 331-.  
    Abstract530)      PDF (1197KB)(300)       Save
    As a new generation of mobile communication network infrastructure, 5G application scenarios run through all aspects of production and life, such as industrial Internet, energy industry, transportation, medical industry and education. However, unprecedented security risks have been brought to 5G networks, including massive terminal access, largescale network deployment, and massive data aggregation. 5G security has gradually become a worldwide research trend in recent years since it is crucial to social development, economic operation, and even national security. Cryptography is the core technology and basic support to assure network and information security. After more than ten years of development, national commercial cryptographic algorithms ZUC, SM4, SM3, SM2, whose independent intellectual property rights are available, have gradually exerted more indispensable effects in maintaining the security of national cyberspace. Starting from the 5G network architecture and interfaces, this paper analyzes the underlying security risks faced by the 5G networks and proposes a corresponding solution as an example in terms of the commercial cryptography application practices of the 5G network.
    Reference | Related Articles | Metrics
    ChatGPT’s Applications, Status and Trends in the Field of Cyber Security
    Journal of Information Security Reserach    2023, 9 (6): 500-.  
    Abstract528)      PDF (2555KB)(467)       Save
    ChatGPT, as a large language model technology, demonstrates extremely strong language understanding and text generation capabilities. It has not only attracted tremendous attention across various industries but also brought new transformations to the field of cybersecurity. Currently, research on ChatGPT in the cybersecurity field is still in its infancy. To help researchers systematically understand the research status of ChatGPT in cybersecurity, this paper provides the first comprehensive summary of ChatGPT’s applications in the field of cybersecurity and potential accompanying security issues. The article first outlines the development of large language model technologies and briefly introduces the technology and features of ChatGPT. Then, it discusses the enabling effects of ChatGPT in the cybersecurity field from two perspectives: assisting attacks and assisting defense. This includes vulnerability discovery, exploitation and remediation, malicious software detection and identification, phishing email generation and detection, and potential use cases in security operations scenarios. Furthermore, the article delves into the accompanying risks of ChatGPT in the cybersecurity field, including content risks and prompt injection attacks, providing a detailed analysis and discussion of these risks. Finally, the paper looks into the future of ChatGPT in the cybersecurity field from the perspectives of security enablement and accompanying security, pointing out the direction for future research on ChatGPT in the cybersecurity domain.
    Reference | Related Articles | Metrics