Most Download articles

    Published in last 1 year | In last 2 years| In last 3 years| All| Most Downloaded in Recent Month | Most Downloaded in Recent Year|

    All
    Please wait a minute...
    For Selected: Toggle Thumbnails
    Overview on SM9 Identity Based Cryptographic Algorithm
    Journal of Information Security Research    2016, 2 (11): 1008-1027.  
    Abstract1690)      PDF (13949KB)(5442)       Save
    SM9 identitybased cryptographic algorithm is an identitybased cryptosystem with bilinear pairings. In such a system the user s private key and public key may be extracted from user s identity and key generation centers parameters. The most common cryptographic uses of SM9 are with digital signature, data encryption, key exchange protocol and key encapsulation mechanism etc. The application and management of SM9 will not require digital certificate, certificate base, and key base. The key length of the SM9 cipher algorithm is 256b. SM9 cryptographic algorithm was issued as the cryptography standard in 2015. This paper will summarize the design, algorithm, software and hardware implementation and cryptanalysis of SM9 cryptographic algorithm. We also give some concrete examples in appendix.
    Reference | Related Articles | Metrics
    Survey of Hash Functions
    Wang Xiaoyun1,2 and Yu Hongbo3
    Journal of Information Security Research    2015, 1 (1): 19-30.  
    Abstract1083)      PDF (11279KB)(3584)       Save
    One of the fundamental primitives in modern cryptography is the cryptographic hash functions, often informally called hash functions. They are used to compress messages of arbitrary length to fixed length hash values which are also called hash codes, message digests or digital fingerprints. A primary motivation for cryptographic hash functions is that they serve as compact representative images of input messages, which they can uniquely identify. Changing a single letter will change most of the digits in the hash code. The most common cryptographic uses of hash functions are with digital signature and for data integrity. Hash functions are frequently used in digital signature schemes to compress large messages for processing by public-key cryptosystems such as RSA. They are also used to design message authentication codes (MACs) and many secure cryptographic protocols. Hash functions occur as components in various cryptographic applications (e.g. protection of pass-phrases, protocols for payment, broadcast authentication etc.), where usually their property as a computational one-way function is used. So the study of the hash functions is of great significance in the cryptanalysis field.
    Related Articles | Metrics
    Analysis and Enlightenment of American Cyber Deterrence Policy
    Journal of Information Security Research    2016, 2 (5): 471-476.  
    Abstract338)      PDF (1086KB)(1555)       Save
    Related Articles | Metrics
    A Study on the Academic Influence of the Cyber Security Research in Mainland China
    Journal of Information Security Research    2020, 6 (9): 0-0.  
    Abstract235)      PDF (3366KB)(1364)       Save
    Since the 18th CPC National Congress, the CPC Central Committee and the State Council have attached great importance to cryptography and information security, which has greatly promoted the research work on cryptography and information security. In order to compare the gap of the academic level on information security between China and the world, and to sum up the achievements China has made in the field of basic research on information network security in recent years, this article analyzed the high-quality articles published in the top international academic conferences on information security, and showed the contributions of China's Information Network Security research. This article illustrated the contributions of China's information network security academic research through statistically analyzing the articles published in the top academic conferences with the Chinese institutions set as the first author's main affiliation. We analyzed the top-three academic conferences on cryptography, i.e., CRYPTO, EUROCRYPT, ASIACRYPT, and the top-four academic conferences on information network security, i.e., USENIX SECURITY, CCS, S&P and NDSS. The statistical results showed that , China has made significant progress and won bigger voice in the academic research on information network security since the 18th CPC National Congress. Tsinghua University and Shanghai Jiaotong University, etc. are still the pioneers in China's information network security research. According to the statistic results, the distribution of China's research areas around information network security is balanced, but the gap with the international level is still obvious.
    Related Articles | Metrics
    Building Cyber Security Defense by Trusted Computing 3.0
    Journal of Information Security Research    2017, 3 (4): 290-298.  
    Abstract211)      PDF (1075KB)(1162)       Save
    Related Articles | Metrics
    Design and Implementation of Dark Net Data Crawler Based on Tor
    Journal of Information Security Research    2019, 5 (9): 798-804.  
    Abstract488)      PDF (3976KB)(1031)       Save
    tWith the development of anonymous communication technology, more and more users begin to use anonymous communication to protect personal privacy. Tor, as the most popular application of anonymous communication system, can effectively prevent behavior such as traffic sniffing, eavesdropping and other behaviors. While protecting the privacy of users from being stolen, “dark net” is also used by many criminals. Thus, this has brought great challenges to the supervision of public security. How to strengthen the regulation and crackdown on illegal information of dark network websites is an urgent problem to be solved. Therefore, the data of crawling anonymous websites is an important basis for supervising those websites effectively. The most mainstream dark network anonymous communication system Tor was introduced briefly, its technical principles were analyzed, and a dark network data crawler program was designed, which mainly use Selenium to enter the Tor network, bulk crawl the dark Web pages and save the data to the local. It will help the public security department to further monitor and analyze the relevant content in the dark network, and also propose a feasible technical means for the police department to supervise the dark network.
    Reference | Related Articles | Metrics
    Differential Privacy and Applications
    Journal of Information Security Research    2015, 1 (3): 224-229.  
    Abstract791)      PDF (5750KB)(972)       Save
    As the emergence and development of application requirements such as data analysis and data publication, a challenge to those applications is to protect private data and prevent sensitive information from disclosure. With the highspeed development of information and network, big data has become a hot topic in both the academic and industrial research, which is regarded as a new revolution in the field of information technology. However, it brings about not only significant economic and social benefits, but also great risks and challenges to individuals` privacy protection and data security. People on the Internet leave many data footprint with cumulatively and relevance. Personal privacy information can be found by gathering data footprint in together.Malicious people use this information for fraud. It brings many trouble or economic loss to personal life.Privacy preserving, especially in data release and data mining, is a hot topic in the information security field. Differential privacy has grown rapidly recently due to its rigid and provable privacy guarantee. We analyze the advantage of differential privacy model relative to the traditional ones, and review other applications of differential privacy in various fields and discuss the future research directions. Following the comprehensive comparison and analysis of existing works, future research directions are put forward.
    Reference | Related Articles | Metrics
    Research of Threat Intelligence Sharing and Using for Cyber Attack Attribution
    Yang Zeming, Li Qiang, Liu Junrong, and Liu Baoxu
    Journal of Information Security Research    2015, 1 (1): 31-36.  
    Abstract624)      PDF (5527KB)(964)       Save
    With the increasingly complexity of cyberspace security, the attack attribution has become an important challenge for the security protection system. The emergence of threat intelligence provided plentiful data source support for the attack attribution, which makes large-scale attack attribution became possible. To realize effective attack attribution, based on the structure expression of the threat information, a light weight framework of threat intelligence sharing and utilization was proposed. It included threat intelligence expression, exchange and utilization, which can achieve the attack attribution result. Take the case of C2 relevant information, we described the expression of threat intelligence sharing and utilization, and verified the framework. Results show that the framework is practical, and can provide new technical means for attack attribution. In addition, based on the understanding of threat intelligence, several thinking about the construction of sharing and utilization mechanisms were promoted in the end.
    Related Articles | Metrics
    A Survey of Zero Trust Research
    Journal of Information Security Research    2020, 6 (7): 608-614.  
    Abstract514)      PDF (2068KB)(958)       Save
    With the popularization of cloud computing, mobile office and other technologies, the enterprise network structure becomes complex. The traditional network security model is based on the idea of boundary protection, which can not meet the current needs. Zero trust is a new network security model, where no distinction is made between internal and external networks and all entities need authentication and authorization before accessing resources, which can be used to protect the network whose perimeter is increasingly fuzzy. This paper gives the definition of zero trust, introduces the architecture of zero trust, analyzes the core technology of zero trust, compares and analyses several representative zero trust schemes, summarizes the development status, points out the research direction needing attention in this field, which can provide reference for the research and application of zero trust.
    Reference | Related Articles | Metrics
    Research on Reference Architecture for Government Big Data Security
    Journal of Information Security Research    2019, 5 (5): 370-376.  
    Abstract83)      PDF (2263KB)(919)       Save
    Government informatization has gradually moved from electronic and computerized information, to networked government information, and government big data (GBD) is a new stage in government informatization development. This stage features openness, sharing, dynamic, real-time and intelligence. In view of these features and the current situation of government big data development, this paper analyzes the technical and managemental challenges and basic security principles of the GBD platform development. Based on analysis, this paper proposes a new kind of reference architecture for GBD security based on an appropriate management organization structure. The paper also reviews related security regulatory mechanisms and security measures of this architecture. Compared to the US government's national institute of standards and technology (NIST) big data reference architecture, the proposed architecture is simpler, has a higher security level, clearer functional requirements, and is easier to implement. The proposed architecture can meet the actual current needs of big data security management, and has practical value in guiding the future government cloud platform, and security design and regulation of the GBD system.
    Reference | Related Articles | Metrics
    The Development Status and Tendency of Internet Trusted Identity Management
    Journal of Information Security Research    2016, 2 (7): 666-668.  
    Abstract266)      PDF (1518KB)(897)       Save
    Related Articles | Metrics
    Webshell Detection Method Research Based on Web Log
    Journal of Information Security Research    2016, 2 (1): 66-73.  
    Abstract519)      PDF (5409KB)(886)       Save
    In this paper, a new method of Webshell detection based on Web log is proposed, which is based on the analysis of the server log text file, and the Webshell is detected from three angles: text feature, statistical feature and correlation feature. In the text feature, it is mainly to match the file access path and the parameters that are submitted. The experimental results show that the normal Web documents and Webshell files have obvious differences in the characteristics of the file access path and the parameters. In the statistical characteristics, the first is the comparison of the frequency of access to the file, and the experiment proved that the frequency of the Web page file access, combined with the depth of the Web page file directory, the starting time and the number of individual visitors, can accurately identify abnormal file. Page correlation is found by calculating the access of Web documents, the experiment shows that the Webshell is usually a solitary file, and the normal Web documents are clearly distinguished.
    Reference | Related Articles | Metrics
    Progress and Challenges of Intelligent Surveillance Industry Security
    Journal of Information Security Research    2017, 3 (3): 277-280.  
    Abstract95)      PDF (936KB)(885)       Save
    Related Articles | Metrics
    Promote the “Internet+” Action: The Information Network Security of Corporation Beijing VRV
    Journal of Information Security Research    2016, 2 (3): 192-200.  
    Abstract239)      PDF (2392KB)(877)       Save
    Related Articles | Metrics
    “Internet Plus” Mobile Power: Analysis the Network Security of ZTE
    Journal of Information Security Research    2016, 2 (4): 288-298.  
    Abstract772)      PDF (1637KB)(871)       Save
    Related Articles | Metrics
    DDoS Detection Framework based on Hadoop
    Journal of Information Security Research    2015, 1 (3): 261-266.  
    Abstract464)      PDF (5465KB)(863)       Save
    Distributed Denial of Service (DDoS) attack is one of the most powerful attacks and it is very difficult to prevent and mitigate. This paper expounds a DDoS detection framework based on Hadoop. The framework utilizes the MapReduce and HDFS to deal with the analysis of DDoS attacks. This framework is composed of two main servers. One is used for capture traffic; another is used as detection server analyzing traffic and generating the results. Detection server manages a Hadoop cluster, it starts MapReduce-based DDoS detection jobs on the cluster nodes. The proposed framework implements Counter-Based algorithm to detect major DDoS flooding attacks. Ultimately, we perform experiments to evaluate the detection performance of the framework, and our proposed method shows its promising performances.
    Reference | Related Articles | Metrics
    Research on The Technology Architecture of Big Data Security and Privacy System
    Lv Xin
    Journal of Information Security Research    2016, 2 (3): 244-250.  
    Abstract569)      PDF (6172KB)(859)       Save
    In the era of Big Data, data security and privacy face a lot of technical challenges in the aspects of security architecture, data privacy, data management, integrity and proactive security protection. Based on the analysis of technical challenges of big data security and privacy protection, this paper proposes a reference model of the technology architecture of big data security and privacy system, and researches on the key technology and the latest progress of big data security and privacy, focusing on data layer security, application layer security, interface layer security and system layer security. It provides an effective technical reference for establishing big data security and privacy system.
    Reference | Related Articles | Metrics
    A High Code Coverage Static and Dyamic Combined Fuzzing Method
    Journal of Information Security Research    2016, 2 (8): 699-705.  
    Abstract269)      PDF (6669KB)(852)       Save
    AbstractFuzzing testing is the mainstream automation solution to browser software vulnerabilities discovery, but those methods usually dont pay attention to the code coverage, which may lead to the same execution path covered by many test cases without being noticed, and make the overall code coverage low and ineffective. To achieve high code coverage, this paper discussed a code coverage directed fuzzing test method, which makes advantage of both static and dynamic test cases generation. First, a basic sample collection is constructed for static mutation, and then the results of static mutation are inserted into the dynamic random engine. Second, the dynamic engine loads and executes the test cases, and code path coverage is collected though the monitoring engine, which is fed back to the static mutation engine to aid its test cases producing more effectively. Finally potential vulnerabilities are detected by dynamic monitoring engine. The experiment result of prototype system called DASFuzzer shows that the method proposed can effectively improve the code coverage of the testing process, and can accurately detect the unknown vulnerabilities.
    Reference | Related Articles | Metrics
    Journal of Information Security Research    2016, 2 (7): 587-588.  
    Abstract267)      PDF (738KB)(845)       Save
    Related Articles | Metrics
    Journal of Information Security Research    2016, 2 (11): 969-971.  
    Abstract284)      PDF (726KB)(829)       Save
    Related Articles | Metrics
    Security-Development Road of National E-Gov Network in the “Internet +” Era
    Zhou Min
    Journal of Information Security Research    2015, 1 (2): 98-104.  
    Abstract263)      PDF (2278KB)(827)       Save
    Related Articles | Metrics
    Cybersecurity Research for Instant Messaging in Social Network System
    Journal of Information Security Research    2016, 2 (3): 280-283.  
    Abstract205)      PDF (768KB)(826)       Save
    Related Articles | Metrics
    New Trends of the Main Countries Cybersecurity Strategy in 2015
    Cui Chuanzhen
    Journal of Information Security Research   
    The Totlal Solution of Cyber Security in Critical Information Infrastructure
    Journal of Information Security Research    2016, 2 (10): 946-951.  
    Abstract139)      PDF (1455KB)(795)       Save
    Related Articles | Metrics
    “Internet +”Power: The Information Security and Strategic Layout of Huawei on the Basis of “Internet +” Background
    Journal of Information Security Research    2016, 2 (6): 478-489.  
    Abstract308)      PDF (930KB)(790)       Save
    Related Articles | Metrics
    Research on Cyber-Attack Defense System Based on Big Data and Threat Intelligence
    Journal of Information Security Research    2019, 5 (5): 383-387.  
    Abstract133)      PDF (1670KB)(767)       Save
    Cyber-attacks are the use of network vulnerabilities and security flaws to attack the hardware, software and data of a cyber system. The earlier a cyber-attack is identified, the less adverse effect it has. The traditional network intrusion detection system (IDS) has some limitations in detecting cyber-attacks, such as passive protection and limited capability of threat identification. Threat intelligence technology provides a more scientific and effective method for identifying potential or actual cyber-attacks by using big data analysis,and provides a comprehensive and relevant cyber-attack defense model.
    Reference | Related Articles | Metrics
    Discipline Construction and Talents Training of Cyberspace Security
    Li Jianhua Qiu Weidong Meng Kui Wu Jun
    Journal of Information Security Research    2015, 1 (2): 149-154.  
    Abstract646)      PDF (5250KB)(764)       Save
    In June 2015, “Cyberspace Security” was promoted as a national Firstlevel Discipline, while before that, Information Security was founded as a specialty in 2001. This promotion is not only beneficial to the talents training of Information Security, but also set higher demands for the discipline construction. It is time to analyze and discuss the issues related to cyberspace security discipline construction and talent training. Although proposed as a new conception, cyberspace security has drawn great attention these years worldwide, no matter in Unite State, or in China. There are broad requirements of cyberspace security talents, spanning from national defense security, national key infrastructure security, national important information system security, national public security management service and domestic information security industry. According to the statistics, it is shown that there is a huge gap between the cyberspace security talent supply and demand these years. Since the Information Security specialty was founded more than one decade ago, some valuable experiences are summarized. Based upon all these analysis, some suggestions about discipline construction and talent training mode of cyberspace security are proposed, which include clearing the training goals of different talent levels, constructing hierarchical and practical training environment, and building finegrained professional teaching quality evaluation system.
    Reference | Related Articles | Metrics
    Artificial Immune Based Mobile Malcode Detection Model
    Journal of Information Security Research    2016, 2 (3): 238-243.  
    Abstract249)      PDF (5204KB)(732)       Save
    The mobile Internet has brought great convenience to us, however, we have to face many threats such as malcode. In face of unknown malcode emerging in large numbers, traditional detection methods show many limitations, such as decline of detection speed, rise of false positive rate and false negative rate, the sharp increase of cost and so on. In recent years, some malcode detection methods based on intelligent algorithm are proposed. Among them, the artificial immune system has become the research hotpot of information security area because of its organization, adaption, memory and distributed advantages. According to the basic theory of nature immune system, a mobile malcode detection model for android platform was proposed. Extract the behavior features of malcode using the android emulator, such as starting service, telephoning, sending message, file read or write operations and accessing the Internet. The behavior features were encoded as one of the source of immature detectors. The immature detectors become mature through negative selection algorithm. Clone and mutate the mature detectors with higher affinity. Experiment results show that the proposed detection model has high detection rate and can also accurately detect the packed malcode samples.
    Reference | Related Articles | Metrics
    Artifcial Intelligence Promotes the Paradigm Shift of Information Security —A Case Study of Driverless Car by Baidu
    Journal of Information Security Research    2016, 2 (11): 958-968.  
    Abstract168)      PDF (2086KB)(721)       Save
    Related Articles | Metrics
    Research on Data Reading Technology of Android Smart Phone Based on eMMC
    Journal of Information Security Research    2016, 2 (4): 317-323.  
    Abstract481)      PDF (5047KB)(720)       Save
    Over the systemlevel devices, obtaining a complete image of the phone memory by reading the chip directly, can remedy problems of preventing access to the basic sectors caused by android system permissions particularity. This paper introduces the working principle of the data area of eMMC chip and the definition of operations such as reading, writing and wiping related to data recovery. Moreover, this paper also analyzes the manufacturer's division of eMMC chip data area, the meanings and functions of the districts. Through the chip direct reading method, images can be carried out and then analysis and data recovery can be made.
    Reference | Related Articles | Metrics
    Research on the Construction of the National Cyber?Space Governance Hierarchy
    Journal of Information Security Research    2016, 2 (6): 537-542.  
    Abstract230)      PDF (5059KB)(717)       Save
    Cyber-Space Governance is the activity and process of the use and development of the Cyber-Space, which is implemented by the government, enterprises and other multiple subjects. Unlike “top-down” form of Internet management, Cyber-Space governance participation diversification, process management emphasizes on the interaction, mutual cooperation and mutual agreement, the roles and functions of the government from direct command and monitoring to aggregate and integrate a variety of resources, and to promote cooperation between stakeholders, sharing, coordination and conflict solution. At present, the international community has reached a consensus on the need for governance, governance objectives and scope of cyberspace. In recent years, our government led governance model has achieved initial success, but there are still a lot of urgent needs to crack the problem. To meet the needs of the new situation, the government guidance gives full play to the role of social forces, from the system, mechanism and legal system, building a national network of space governance system without delay. This paper mainly focuses on the necessity of the governance of the network space, the idea and the goal of the national cyberspace governance, and the three levels of the main task of the construction of the national cyberspace governance system.
    Reference | Related Articles | Metrics
    Research on Strategy of Malicious URL MultiLayer Filtering Detection Model
    Journal of Information Security Research    2016, 2 (1): 80-85.  
    Abstract322)      PDF (5042KB)(717)       Save
    Malicious URL detection is always a hot research topic in the field of Web security. This paper proposes a malicious URL multilevel filtering detection model. This model contains 4 layers of filter: black and white list filter, Naive Bayesian filter, CART decision tree filter and Support Vector Machine filter. In this paper several key strategies of multilayer filtering model are discussed, including support vector machine filter layer voting strategy; filter order strategy and filtering threshold tuning strategy. Filter voting strategies are discussed in separate voting, parallel voting and weighted parallel voting three voting methods. The filter order strategy discusses the order of the four filters. Filter threshold strategy discusses the method of determining the threshold of the filter. The validity of the above methods is verified by experiments. According to the experimental results, this paper implements a Web application.
    Reference | Related Articles | Metrics
    The Core Security in Big Data Industrialization
    陈瑞东
    Journal of Information Security Research    2015, 1 (3): 205-210.  
    Abstract336)      PDF (2889KB)(712)       Save
    Development of cloud applications and mass multisource heterogeneous data access technology brought about big data process platforms. Also, many other industrial applications derived from optimized knowledge discovery algorithms, such as the Internet finance, ecommerce recommendation, public opinion analysis and forecasting. Big data has become of both management and decision making tool for financial institutions, energy and even government agencies. Whereas relevant security threats continue to emerge. Research shows that Big Data Industrialization process does not only require traditional network information security, but also take several innate characteristics of data into consideration. The core elements are data property ownership in transaction process, and conflicts between data usage and data leakage in processing. From aspects of big data development, integrated with knowledge and attitudes of big data security. This paper summarizes the development of big data industry in recent years. We also describe typical solutions for a sound start of big data era.
    Reference | Related Articles | Metrics
    Overview of Electronic Data Forensics Technology
    Journal of Information Security Research    2016, 2 (4): 299-306.  
    Abstract529)      PDF (5966KB)(712)       Save
    Electronic data forensics is a comprehensive subject, involving the related knowledge of computer science, law, criminal investigation, and other fields. Based on the practice of electronic data forensics, the paper briefly describes the general process of electronic data forensics, and proposes the technical system model. Emphatically, this paper sorts out the common techniques and technical standards of electronic data forensics, then describes the development tendency of electronic data forensics.
    Reference | Related Articles | Metrics
    The Overview of Authentication Systems
    Journal of Information Security Research    2016, 2 (7): 649-659.  
    Abstract144)      PDF (7485KB)(711)       Save
    The security problems of internet are more and more serious because of its openness and anonymity. The first step of the network security authentication scheme is certification system. It ensures that the information resources transmitted on network can only be accessed by legitimate users, so that the identity authentication technology is the foundation of the whole information security. It also becomes one important aspect of the network security, this paper summarizes the functions and shortages of PKI certificate authentication system and IBC identity authentication system based on the introduction of them. The characteristics of the CFL are introduced preliminarily.
    Reference | Related Articles | Metrics
    Research of Electronic Invoice System Based on Block Chain
    Journal of Information Security Research    2017, 3 (6): 516-522.  
    Abstract187)      PDF (3190KB)(710)       Save
    The largescale application of electronic invoices has promoted the development of economy and society, but there are also some problems, such as repeated reimbursement of electronic invoices and so on. The practical problems can be effectively solved by the application of block chain technology in electronic invoices, then the four characteristicsthat of sharing, of right confirmation, of authenticity, and of trust of electronic invoice data are provided. The application situation of the electronic invoice is introduced, the block chain technology is expounded, and the key technical problems of the application of the block chain in the electronic invoice are described. Finally, the electronic invoice system based on block chain is designed and researched.
    Reference | Related Articles | Metrics
    “Internet +”Power: Overview of AsiaInfo Secruity’s Cyber Security
    Journal of Information Security Research    2016, 2 (8): 670-684.  
    Abstract294)      PDF (1873KB)(705)       Save
    Related Articles | Metrics
    A Survey of Research on Network Attack Model
    Journal of Information Security Research    2020, 6 (12): 1058-1067.  
    Abstract505)      PDF (1774KB)(702)       Save
    With the rapid development of information technology, network attacks have gradually presented multi-stage, distributed and intelligent characteristics. Single firewalls, intrusion detection systems and other traditional network defense measures cannot well protect the network system security in an open environment. As a kind of attack scene representation from the attacker's perspective, the network attack model can comprehensively describe the network attack behavior in a complex and changeable environment, and is one of the commonly used network attack analysis and response tools. This paper first introduces the current main network attack models, including traditional trees, graphs, nets structure models and modern attack chains, ATT&CK, diamond models, etc. Then the analysis and application of network attack model will be explained. The analysis process for the purpose of solving the attack index mainly includes the probability framework, the assignment method and the solution method, and the application of the attack model based on the life cycle includes the application of the attackers and the defenders' perspective; Finally, the current challenges and future directions of the network attack model and its analysis and application are summarized.
    Reference | Related Articles | Metrics
    Technology Architecture of IoT Security
    Journal of Information Security Research    2016, 2 (5): 417-423.  
    Abstract218)      PDF (5847KB)(697)       Save
    With the deepening of the Internet of Things (IoT) technology, the scale of the IoT and its application are becoming more and more extensive, thus the impact of security issues is also growing more and more wide. In this paper, we proposed a reference architecture of IoT security on the basis of the stateofart security and privacy protection technologies. After reviewing of the key technologies and the latest development of IoT security and privacy protection, i.e., the threats of environmental perception security, data transmission security, information privacy disclosure, and other aspects in the IoT, we aim to provide effective technical methods to solve the security and privacy protection of IoT, to provide the safety behavior criterion that should be followed when the relevant manufacturers develop and provide the corresponding products, and to provide baseline for the third party testing organizations.
    Reference | Related Articles | Metrics