Most Download articles

    Published in last 1 year | In last 2 years| In last 3 years| All| Most Downloaded in Recent Month | Most Downloaded in Recent Year|

    All
    Please wait a minute...
    For Selected: Toggle Thumbnails
    Overview on SM9 Identity Based Cryptographic Algorithm
    Journal of Information Security Research    2016, 2 (11): 1008-1027.  
    Abstract2989)      PDF (13949KB)(5990)       Save
    SM9 identitybased cryptographic algorithm is an identitybased cryptosystem with bilinear pairings. In such a system the user s private key and public key may be extracted from user s identity and key generation centers parameters. The most common cryptographic uses of SM9 are with digital signature, data encryption, key exchange protocol and key encapsulation mechanism etc. The application and management of SM9 will not require digital certificate, certificate base, and key base. The key length of the SM9 cipher algorithm is 256b. SM9 cryptographic algorithm was issued as the cryptography standard in 2015. This paper will summarize the design, algorithm, software and hardware implementation and cryptanalysis of SM9 cryptographic algorithm. We also give some concrete examples in appendix.
    Reference | Related Articles | Metrics
    Survey of Hash Functions
    Wang Xiaoyun1,2 and Yu Hongbo3
    Journal of Information Security Research    2015, 1 (1): 19-30.  
    Abstract1393)      PDF (11279KB)(3749)       Save
    One of the fundamental primitives in modern cryptography is the cryptographic hash functions, often informally called hash functions. They are used to compress messages of arbitrary length to fixed length hash values which are also called hash codes, message digests or digital fingerprints. A primary motivation for cryptographic hash functions is that they serve as compact representative images of input messages, which they can uniquely identify. Changing a single letter will change most of the digits in the hash code. The most common cryptographic uses of hash functions are with digital signature and for data integrity. Hash functions are frequently used in digital signature schemes to compress large messages for processing by public-key cryptosystems such as RSA. They are also used to design message authentication codes (MACs) and many secure cryptographic protocols. Hash functions occur as components in various cryptographic applications (e.g. protection of pass-phrases, protocols for payment, broadcast authentication etc.), where usually their property as a computational one-way function is used. So the study of the hash functions is of great significance in the cryptanalysis field.
    Related Articles | Metrics
    Analysis and Enlightenment of American Cyber Deterrence Policy
    Journal of Information Security Research    2016, 2 (5): 471-476.  
    Abstract431)      PDF (1086KB)(1667)       Save
    Related Articles | Metrics
    Building Cyber Security Defense by Trusted Computing 3.0
    Journal of Information Security Research    2017, 3 (4): 290-298.  
    Abstract306)      PDF (1075KB)(1556)       Save
    Related Articles | Metrics
    A Study on the Academic Influence of the Cyber Security Research in Mainland China
    Journal of Information Security Research    2020, 6 (9): 0-0.  
    Abstract312)      PDF (3366KB)(1448)       Save
    Since the 18th CPC National Congress, the CPC Central Committee and the State Council have attached great importance to cryptography and information security, which has greatly promoted the research work on cryptography and information security. In order to compare the gap of the academic level on information security between China and the world, and to sum up the achievements China has made in the field of basic research on information network security in recent years, this article analyzed the high-quality articles published in the top international academic conferences on information security, and showed the contributions of China's Information Network Security research. This article illustrated the contributions of China's information network security academic research through statistically analyzing the articles published in the top academic conferences with the Chinese institutions set as the first author's main affiliation. We analyzed the top-three academic conferences on cryptography, i.e., CRYPTO, EUROCRYPT, ASIACRYPT, and the top-four academic conferences on information network security, i.e., USENIX SECURITY, CCS, S&P and NDSS. The statistical results showed that , China has made significant progress and won bigger voice in the academic research on information network security since the 18th CPC National Congress. Tsinghua University and Shanghai Jiaotong University, etc. are still the pioneers in China's information network security research. According to the statistic results, the distribution of China's research areas around information network security is balanced, but the gap with the international level is still obvious.
    Related Articles | Metrics
    A Survey of Zero Trust Research
    Journal of Information Security Research    2020, 6 (7): 608-614.  
    Abstract1040)      PDF (2068KB)(1424)       Save
    With the popularization of cloud computing, mobile office and other technologies, the enterprise network structure becomes complex. The traditional network security model is based on the idea of boundary protection, which can not meet the current needs. Zero trust is a new network security model, where no distinction is made between internal and external networks and all entities need authentication and authorization before accessing resources, which can be used to protect the network whose perimeter is increasingly fuzzy. This paper gives the definition of zero trust, introduces the architecture of zero trust, analyzes the core technology of zero trust, compares and analyses several representative zero trust schemes, summarizes the development status, points out the research direction needing attention in this field, which can provide reference for the research and application of zero trust.
    Reference | Related Articles | Metrics
    Security-Development Road of National E-Gov Network in the “Internet +” Era
    Zhou Min
    Journal of Information Security Research    2015, 1 (2): 98-104.  
    Abstract335)      PDF (2278KB)(1394)       Save
    Related Articles | Metrics
    Design and Implementation of Dark Net Data Crawler Based on Tor
    Journal of Information Security Research    2019, 5 (9): 798-804.  
    Abstract921)      PDF (3976KB)(1286)       Save
    tWith the development of anonymous communication technology, more and more users begin to use anonymous communication to protect personal privacy. Tor, as the most popular application of anonymous communication system, can effectively prevent behavior such as traffic sniffing, eavesdropping and other behaviors. While protecting the privacy of users from being stolen, “dark net” is also used by many criminals. Thus, this has brought great challenges to the supervision of public security. How to strengthen the regulation and crackdown on illegal information of dark network websites is an urgent problem to be solved. Therefore, the data of crawling anonymous websites is an important basis for supervising those websites effectively. The most mainstream dark network anonymous communication system Tor was introduced briefly, its technical principles were analyzed, and a dark network data crawler program was designed, which mainly use Selenium to enter the Tor network, bulk crawl the dark Web pages and save the data to the local. It will help the public security department to further monitor and analyze the relevant content in the dark network, and also propose a feasible technical means for the police department to supervise the dark network.
    Reference | Related Articles | Metrics
    Research of Threat Intelligence Sharing and Using for Cyber Attack Attribution
    Yang Zeming, Li Qiang, Liu Junrong, and Liu Baoxu
    Journal of Information Security Research    2015, 1 (1): 31-36.  
    Abstract885)      PDF (5527KB)(1202)       Save
    With the increasingly complexity of cyberspace security, the attack attribution has become an important challenge for the security protection system. The emergence of threat intelligence provided plentiful data source support for the attack attribution, which makes large-scale attack attribution became possible. To realize effective attack attribution, based on the structure expression of the threat information, a light weight framework of threat intelligence sharing and utilization was proposed. It included threat intelligence expression, exchange and utilization, which can achieve the attack attribution result. Take the case of C2 relevant information, we described the expression of threat intelligence sharing and utilization, and verified the framework. Results show that the framework is practical, and can provide new technical means for attack attribution. In addition, based on the understanding of threat intelligence, several thinking about the construction of sharing and utilization mechanisms were promoted in the end.
    Related Articles | Metrics
    Differential Privacy and Applications
    Journal of Information Security Research    2015, 1 (3): 224-229.  
    Abstract1018)      PDF (5750KB)(1136)       Save
    As the emergence and development of application requirements such as data analysis and data publication, a challenge to those applications is to protect private data and prevent sensitive information from disclosure. With the highspeed development of information and network, big data has become a hot topic in both the academic and industrial research, which is regarded as a new revolution in the field of information technology. However, it brings about not only significant economic and social benefits, but also great risks and challenges to individuals` privacy protection and data security. People on the Internet leave many data footprint with cumulatively and relevance. Personal privacy information can be found by gathering data footprint in together.Malicious people use this information for fraud. It brings many trouble or economic loss to personal life.Privacy preserving, especially in data release and data mining, is a hot topic in the information security field. Differential privacy has grown rapidly recently due to its rigid and provable privacy guarantee. We analyze the advantage of differential privacy model relative to the traditional ones, and review other applications of differential privacy in various fields and discuss the future research directions. Following the comprehensive comparison and analysis of existing works, future research directions are put forward.
    Reference | Related Articles | Metrics
    An Overview of Application and Technology of Artificial Intelligence in Cybersecurity
    Journal of Information Security Reserach    2022, 8 (2): 110-.  
    Abstract1386)      PDF (1142KB)(1093)       Save
    Compared with the developed countries, the basic research and technology application in the field of artificial intelligence in China started later, especially the application of artificial intelligence in the important field of network security. Domestic and abroad disparity is still very obvious, which seriously affects the improvement of China's cybersecurity capability. This paper elaborates the relationship between artificial intelligence, network attack and network defense, and widely investigates the application status of artificial intelligence in major information security companies at home and abroad. It points out that APT detection, 0day vulnerability mining and cloud security are three core areas that affect the level of cybersecurity capability, This paper deeply analyzes the key technologies of artificial intelligence technology applied in these three fields, and puts forward the safety risks of artificial intelligence technology, and points out that artificial intelligence technology is not a panacea for all diseases, This Paper provides a scientific reference for the further research and application of artificial intelligence technology in China's information security industry.
    Reference | Related Articles | Metrics
    Journal of Information Security Research    2016, 2 (11): 969-971.  
    Abstract364)      PDF (726KB)(1084)       Save
    Related Articles | Metrics
    AI and Data Privacy Protection: The Way to Federated Learning
    Journal of Information Security Research    2019, 5 (11): 961-965.  
    Abstract818)      PDF (1395KB)(1072)       Save
    With the tremendous advance in computing, algorithms and data volume, artificial intelligence ushered in the third development climax, and began to gain a foot hold in exploring various industries. However, as the emergence of “big data”, more “small data” or “poorquality data”, and “data silos” exist in industry applications. For example, in the information security realm, it is difficult for enterprises who provide security services such as content security auditing and intrusion detection based on artificial intelligence technology to exchange raw data due to the consideration of user privacy and trade secrets protection. The services between enterprises are independent, and the overall development of cooperation and technology is difficult to make a breakthrough in a short period of time. How to promote greater cooperation on the premise of protecting the privacy of organizations? Will there be any chance for technical means to solve the data privacy protection problems? Federated Learning is an effective way to solve this problem and achieve acrossenterprise collaborative governance.
    Reference | Related Articles | Metrics
    Research on Reference Architecture for Government Big Data Security
    Journal of Information Security Research    2019, 5 (5): 370-376.  
    Abstract189)      PDF (2263KB)(1051)       Save
    Government informatization has gradually moved from electronic and computerized information, to networked government information, and government big data (GBD) is a new stage in government informatization development. This stage features openness, sharing, dynamic, real-time and intelligence. In view of these features and the current situation of government big data development, this paper analyzes the technical and managemental challenges and basic security principles of the GBD platform development. Based on analysis, this paper proposes a new kind of reference architecture for GBD security based on an appropriate management organization structure. The paper also reviews related security regulatory mechanisms and security measures of this architecture. Compared to the US government's national institute of standards and technology (NIST) big data reference architecture, the proposed architecture is simpler, has a higher security level, clearer functional requirements, and is easier to implement. The proposed architecture can meet the actual current needs of big data security management, and has practical value in guiding the future government cloud platform, and security design and regulation of the GBD system.
    Reference | Related Articles | Metrics
    The Development Status and Tendency of Internet Trusted Identity Management
    Journal of Information Security Research    2016, 2 (7): 666-668.  
    Abstract331)      PDF (1518KB)(1037)       Save
    Related Articles | Metrics
    Progress and Challenges of Intelligent Surveillance Industry Security
    Journal of Information Security Research    2017, 3 (3): 277-280.  
    Abstract136)      PDF (936KB)(1027)       Save
    Related Articles | Metrics
    A Survey of Research on Network Attack Model
    Journal of Information Security Research    2020, 6 (12): 1058-1067.  
    Abstract971)      PDF (1774KB)(1021)       Save
    With the rapid development of information technology, network attacks have gradually presented multi-stage, distributed and intelligent characteristics. Single firewalls, intrusion detection systems and other traditional network defense measures cannot well protect the network system security in an open environment. As a kind of attack scene representation from the attacker's perspective, the network attack model can comprehensively describe the network attack behavior in a complex and changeable environment, and is one of the commonly used network attack analysis and response tools. This paper first introduces the current main network attack models, including traditional trees, graphs, nets structure models and modern attack chains, ATT&CK, diamond models, etc. Then the analysis and application of network attack model will be explained. The analysis process for the purpose of solving the attack index mainly includes the probability framework, the assignment method and the solution method, and the application of the attack model based on the life cycle includes the application of the attackers and the defenders' perspective; Finally, the current challenges and future directions of the network attack model and its analysis and application are summarized.
    Reference | Related Articles | Metrics
    “Internet Plus” Mobile Power: Analysis the Network Security of ZTE
    Journal of Information Security Research    2016, 2 (4): 288-298.  
    Abstract851)      PDF (1637KB)(996)       Save
    Related Articles | Metrics
    Journal of Information Security Research    2016, 2 (7): 587-588.  
    Abstract329)      PDF (738KB)(978)       Save
    Related Articles | Metrics
    Research on Cyber-Attack Defense System Based on Big Data and Threat Intelligence
    Journal of Information Security Research    2019, 5 (5): 383-387.  
    Abstract257)      PDF (1670KB)(978)       Save
    Cyber-attacks are the use of network vulnerabilities and security flaws to attack the hardware, software and data of a cyber system. The earlier a cyber-attack is identified, the less adverse effect it has. The traditional network intrusion detection system (IDS) has some limitations in detecting cyber-attacks, such as passive protection and limited capability of threat identification. Threat intelligence technology provides a more scientific and effective method for identifying potential or actual cyber-attacks by using big data analysis,and provides a comprehensive and relevant cyber-attack defense model.
    Reference | Related Articles | Metrics
    The Totlal Solution of Cyber Security in Critical Information Infrastructure
    Journal of Information Security Research    2016, 2 (10): 946-951.  
    Abstract195)      PDF (1455KB)(975)       Save
    Related Articles | Metrics
    Research on The Technology Architecture of Big Data Security and Privacy System
    Lv Xin
    Journal of Information Security Research    2016, 2 (3): 244-250.  
    Abstract786)      PDF (6172KB)(973)       Save
    In the era of Big Data, data security and privacy face a lot of technical challenges in the aspects of security architecture, data privacy, data management, integrity and proactive security protection. Based on the analysis of technical challenges of big data security and privacy protection, this paper proposes a reference model of the technology architecture of big data security and privacy system, and researches on the key technology and the latest progress of big data security and privacy, focusing on data layer security, application layer security, interface layer security and system layer security. It provides an effective technical reference for establishing big data security and privacy system.
    Reference | Related Articles | Metrics
    Webshell Detection Method Research Based on Web Log
    Journal of Information Security Research    2016, 2 (1): 66-73.  
    Abstract731)      PDF (5409KB)(962)       Save
    In this paper, a new method of Webshell detection based on Web log is proposed, which is based on the analysis of the server log text file, and the Webshell is detected from three angles: text feature, statistical feature and correlation feature. In the text feature, it is mainly to match the file access path and the parameters that are submitted. The experimental results show that the normal Web documents and Webshell files have obvious differences in the characteristics of the file access path and the parameters. In the statistical characteristics, the first is the comparison of the frequency of access to the file, and the experiment proved that the frequency of the Web page file access, combined with the depth of the Web page file directory, the starting time and the number of individual visitors, can accurately identify abnormal file. Page correlation is found by calculating the access of Web documents, the experiment shows that the Webshell is usually a solitary file, and the normal Web documents are clearly distinguished.
    Reference | Related Articles | Metrics
    Promote the “Internet+” Action: The Information Network Security of Corporation Beijing VRV
    Journal of Information Security Research    2016, 2 (3): 192-200.  
    Abstract276)      PDF (2392KB)(953)       Save
    Related Articles | Metrics
    Overview on SM4 Algorithm
    Journal of Information Security Research    2016, 2 (11): 995-1007.  
    Abstract1196)      PDF (8653KB)(953)       Save
    SM4 Algorithm, short for SM4 Block Cipher Algorithm, was published in 2006 to promote the application of WAPI. It became a cryptography industrial standard (GMT 0002—2012) in March 2012 and a national standard (GBT 32907—2016) in August 2016. This paper describes SM4s calculating process, structural features and cryptographic properties. Furthermore, we introduce some latest researches on SM4s security and compare SM4s security with several international block cipher standards such as AES, HIGHT and MISTY1.
    Reference | Related Articles | Metrics
    A High Code Coverage Static and Dyamic Combined Fuzzing Method
    Journal of Information Security Research    2016, 2 (8): 699-705.  
    Abstract347)      PDF (6669KB)(932)       Save
    AbstractFuzzing testing is the mainstream automation solution to browser software vulnerabilities discovery, but those methods usually dont pay attention to the code coverage, which may lead to the same execution path covered by many test cases without being noticed, and make the overall code coverage low and ineffective. To achieve high code coverage, this paper discussed a code coverage directed fuzzing test method, which makes advantage of both static and dynamic test cases generation. First, a basic sample collection is constructed for static mutation, and then the results of static mutation are inserted into the dynamic random engine. Second, the dynamic engine loads and executes the test cases, and code path coverage is collected though the monitoring engine, which is fed back to the static mutation engine to aid its test cases producing more effectively. Finally potential vulnerabilities are detected by dynamic monitoring engine. The experiment result of prototype system called DASFuzzer shows that the method proposed can effectively improve the code coverage of the testing process, and can accurately detect the unknown vulnerabilities.
    Reference | Related Articles | Metrics
    New Trends of the Main Countries Cybersecurity Strategy in 2015
    Cui Chuanzhen
    Journal of Information Security Research   
    Research on Data Classification and Grading Method Based on Data Security Law
    Journal of Information Security Reserach    2021, 7 (10): 933-.  
    Abstract1098)      PDF (2157KB)(919)       Save
    The Data Security Law of the People's Republic of China (hereinafter referred to as the Data Security Law) has been formally promulgated, which clearly stipulates that the state establishes data classification and grading protection system, and implements classified and graded protection for data. However, at present, the relevant standards and specifications of data classification and grading in China are relatively lacking, and the practical experiences that can be used for reference in various industries are relatively insufficient. How to effectively implement the data classification and grading protection is still a thorny problem. Based on Article 21 of the Data Security Law, this paper analyzes the factors such as the influence object, influence breadth and influence depth after the data is damaged, puts forward the principles and methods of data classification and data grading, and gives an implementation path of data classification and grading according to the application scenarios and industry characteristics of the data, which provide a certain reference for data classification and grading protection of various industries.
    Reference | Related Articles | Metrics
    DDoS Detection Framework based on Hadoop
    Journal of Information Security Research    2015, 1 (3): 261-266.  
    Abstract511)      PDF (5465KB)(913)       Save
    Distributed Denial of Service (DDoS) attack is one of the most powerful attacks and it is very difficult to prevent and mitigate. This paper expounds a DDoS detection framework based on Hadoop. The framework utilizes the MapReduce and HDFS to deal with the analysis of DDoS attacks. This framework is composed of two main servers. One is used for capture traffic; another is used as detection server analyzing traffic and generating the results. Detection server manages a Hadoop cluster, it starts MapReduce-based DDoS detection jobs on the cluster nodes. The proposed framework implements Counter-Based algorithm to detect major DDoS flooding attacks. Ultimately, we perform experiments to evaluate the detection performance of the framework, and our proposed method shows its promising performances.
    Reference | Related Articles | Metrics
    “Internet +”Power: Overview of AsiaInfo Secruity’s Cyber Security
    Journal of Information Security Research    2016, 2 (8): 670-684.  
    Abstract332)      PDF (1873KB)(909)       Save
    Related Articles | Metrics
    Overview of Data Security Governance at Home and Abroad
    Journal of Information Security Reserach    2021, 7 (10): 922-.  
    Abstract1467)      PDF (3579KB)(901)       Save
    With the rapid development of digital economy, privacy infringement, data leakage, platform monopoly, misinformation and other issues emerge one after another, increasingly becoming an important issue that threatens individual rights, industrial development and national security. This article, on the national policy and law level, sorts out four categories of data governance, that is, personal data protection, cross-border data flow regulation, data market governance, and data content management. Countries and regions like United States, European Union and China are the centers of global digital economy. This article summarizes their practices and experience in above-mentioned four categories, and on this basis, puts forward some suggestions on strengthening China's data security governance system and capacity building, that is, further improving the legal system to compete for the leadership of the digital economy, deeply participating in global data governance to enhance the international voice of rule-making, and strengthening support and oversight of new technologies and applications to seize new heights in digital economy governance.
    Reference | Related Articles | Metrics
    Cybersecurity Research for Instant Messaging in Social Network System
    Journal of Information Security Research    2016, 2 (3): 280-283.  
    Abstract240)      PDF (768KB)(898)       Save
    Related Articles | Metrics
    “Internet +”Power: Overview of Westone Secruity’s Cyber Secruity
    Journal of Information Security Research    2016, 2 (10): 862-875.  
    Abstract209)      PDF (2788KB)(898)       Save
    Related Articles | Metrics
    Discipline Construction and Talents Training of Cyberspace Security
    Li Jianhua Qiu Weidong Meng Kui Wu Jun
    Journal of Information Security Research    2015, 1 (2): 149-154.  
    Abstract859)      PDF (5250KB)(895)       Save
    In June 2015, “Cyberspace Security” was promoted as a national Firstlevel Discipline, while before that, Information Security was founded as a specialty in 2001. This promotion is not only beneficial to the talents training of Information Security, but also set higher demands for the discipline construction. It is time to analyze and discuss the issues related to cyberspace security discipline construction and talent training. Although proposed as a new conception, cyberspace security has drawn great attention these years worldwide, no matter in Unite State, or in China. There are broad requirements of cyberspace security talents, spanning from national defense security, national key infrastructure security, national important information system security, national public security management service and domestic information security industry. According to the statistics, it is shown that there is a huge gap between the cyberspace security talent supply and demand these years. Since the Information Security specialty was founded more than one decade ago, some valuable experiences are summarized. Based upon all these analysis, some suggestions about discipline construction and talent training mode of cyberspace security are proposed, which include clearing the training goals of different talent levels, constructing hierarchical and practical training environment, and building finegrained professional teaching quality evaluation system.
    Reference | Related Articles | Metrics
    Overview of Electronic Data Forensics Technology
    Journal of Information Security Research    2016, 2 (4): 299-306.  
    Abstract645)      PDF (5966KB)(872)       Save
    Electronic data forensics is a comprehensive subject, involving the related knowledge of computer science, law, criminal investigation, and other fields. Based on the practice of electronic data forensics, the paper briefly describes the general process of electronic data forensics, and proposes the technical system model. Emphatically, this paper sorts out the common techniques and technical standards of electronic data forensics, then describes the development tendency of electronic data forensics.
    Reference | Related Articles | Metrics
    Artifcial Intelligence Promotes the Paradigm Shift of Information Security —A Case Study of Driverless Car by Baidu
    Journal of Information Security Research    2016, 2 (11): 958-968.  
    Abstract220)      PDF (2086KB)(843)       Save
    Related Articles | Metrics
    “Internet +”Power: The Information Security and Strategic Layout of Huawei on the Basis of “Internet +” Background
    Journal of Information Security Research    2016, 2 (6): 478-489.  
    Abstract368)      PDF (930KB)(841)       Save
    Related Articles | Metrics
    Artificial Immune Based Mobile Malcode Detection Model
    Journal of Information Security Research    2016, 2 (3): 238-243.  
    Abstract316)      PDF (5204KB)(821)       Save
    The mobile Internet has brought great convenience to us, however, we have to face many threats such as malcode. In face of unknown malcode emerging in large numbers, traditional detection methods show many limitations, such as decline of detection speed, rise of false positive rate and false negative rate, the sharp increase of cost and so on. In recent years, some malcode detection methods based on intelligent algorithm are proposed. Among them, the artificial immune system has become the research hotpot of information security area because of its organization, adaption, memory and distributed advantages. According to the basic theory of nature immune system, a mobile malcode detection model for android platform was proposed. Extract the behavior features of malcode using the android emulator, such as starting service, telephoning, sending message, file read or write operations and accessing the Internet. The behavior features were encoded as one of the source of immature detectors. The immature detectors become mature through negative selection algorithm. Clone and mutate the mature detectors with higher affinity. Experiment results show that the proposed detection model has high detection rate and can also accurately detect the packed malcode samples.
    Reference | Related Articles | Metrics
    Promoting “Internet+”Action: Explanation to Cyber Security of JD
    Journal of Information Security Research    2016, 2 (1): 2-11.  
    Abstract302)      PDF (1695KB)(819)       Save
    Related Articles | Metrics