Journal of Information Security Reserach

Select

Research on Domain Adaptive Intrusion Detection Method Based on Dynamic Feature Fusion

Journal of Information Security Reserach 2026, 12 (4): 294-.

Abstract （49）

PDF （1452KB）（47）

Save

Aiming at the problems of incomplete feature extraction and limited model generalization ability in intrusion detection research, a domain adaptive intrusion detection method with dynamic feature fusion is proposed. Firstly, a convolutional neural network is used to extract spatial features, while a bidirectional long shortterm memory network is utilized for temporal feature extraction. This approach enables comprehensive extraction of multidimensional feature information from network traffic data. Secondly, the uncertainty is measured by calculating the information entropy of the two features, and different weights are assigned according to the entropy value, and the extracted features are weighted and fused according to the weights. Finally, during the training process, the proposed adaptive domain weight loss algorithm is used to dynamically adjust the contribution of the source domain and target domain data to improve the generalization ability of the model on the target domain data. Experiments are carried out using the NSLKDD and UNSWNB15 datasets. Compared with the existing mainstream methods, this method has higher detection accuracy, which is 0.8563 and 0.916 respectively.

Reference | Related Articles | Metrics

Select

Blockchain Technology and Application

Journal of Information Security Research 2018, 4 (6): 559-569.

Abstract （194）

PDF （1884KB）（529）

Save

A rush of digital cryptocurrency is being set off by bitcoin since it was introduced in 2008. As its underlying core technology, blockchain and blockchain technology have received extensive attention from many aspects. Blockchain technology is a combination of many technologies for data exchange, processing and storage based on cryptography, peer-to-peer communications, distributed coherency protocols and smart contracts. Blockchain is a decentralized, distributed public database based on the blockchain technology. The implementation of the blockchain's classification, five-tier architecture, smart contracts, scalability and security are introduced in detail in this article. We introduced the application of blockchain in current fields and related development of domestic blockchain. Finally, the advantages and disadvantages of the blockchain are outlined, which lays the foundation for futther research and application.

Reference | Related Articles | Metrics

Select

A Stateaware Fuzzing Method for Trusted Execution Environment Kernel

Journal of Information Security Reserach 2026, 12 (3): 198-.

Abstract （89）

PDF （2080KB）（80）

Save

Trusted execution environment (TEE) is widely used, and its kernel security has become a significant area of focus. Fuzzing, a powerful technique for detecting vulnerabilities in operating system, has increasingly been applied to the security analysis of TEE. However, conventional fuzzing tools cannot be directly used for TEE kernels due to their isolation. Coverageguided fuzzers often discard test cases that trigger new states but cover the same code, which limits their effectiveness in discovering vulnerabilities. To address these challenges, a stateaware fuzzing method tailored for TEE kernels is proposed. Initially, a modeling and tracing approach is developed to represent the program state through statevariable values and retaining the test cases that trigger new states, overcoming the limitations of coverageguided fuzzers. Subsequently, we introduce an innovative communication scheme to tackle issues arising from TEE isolation. New seed retention and selection algorithms are proposed to better guide the fuzzer in exploring vulnerabilities. Finally, the NGram model is employed to enhance test case generation and optimize the framework’s performance. A prototype, named TrustyStatefuzz, has been implemented and evaluated on fuchsia, the selfdeveloped microkernel operating system Nebula, and OPTEE. The evaluation results show that TrustyStatefuzz is effective at detecting both new code and vulnerabilities. TrustyStatefuzz discovers 9 unknown vulnerabilities and 23 known vulnerabilities. Additionally, it achieves 13% higher code coverage and 27% higher state coverage than the stateoftheart fuzzer Syzkaller.

Reference | Related Articles | Metrics

Select

Research on Log Anomaly Detection Method Integrating Semantic Features

Journal of Information Security Reserach 2026, 12 (4): 383-.

Abstract （21）

PDF （5672KB）（30）

Save

With the continuous expansion of system functionalities, the volume of system logs has grown exponentially, presenting substantial challenges to conventional anomaly detection approaches. Deep learningbased log anomaly detection techniques have gradually become a research hotspot due to their powerful feature extraction capabilities. This study proposes a semisupervised log anomaly detection model LogSem, which integrates semantic features. By introducing log content vectors that contain semantic information of the main log content and incorporating masked log key prediction tasks and hypersphere volume minimization tasks for semisupervised learning, the model deeply explores the semantic features of logs. Experiments conducted on three mainstream datasets show that the proposed method outperforms the LogBERT baseline model in terms of the F1 score. Furthermore, this study explores and verifies the feasibility of addressing the outofvocabulary problem through semisupervised learning.

Reference | Related Articles | Metrics

Select

A Method of Active Defense for Intelligent Manufacturing Device Swarms Based on Remote Attestation

Journal of Information Security Reserach 2023, 9 (6): 580-.

Abstract （282）

PDF （1988KB）（218）

Save

With the development of artificial intelligence technology, intelligent manufacturing has become an inevitable choice for enterprise production. However, a compromised device not only causes issues such as confidentiality leaks and production chain errors, but also serves as a springboard for attackers and thus affects the security of the entire swarm. In this paper, we propose a proactive defense solution for intelligent manufacturing swarms based on remote attestation (SecRA). SecRA generates independent challenges for each device, enabling pointtopoint communication between gateways and devices. By extending the functionality of gateways, SecRA utilizes asynchronous communication to adapt to the existing network structure. In addition, based on the challengequery attestation protocol, communication and computation costs are transferred to resourcerich gateways, greatly reducing the burden of devices. Finally, the efficiency and feasibility of the SecRA are experimentally verified.

Reference | Related Articles | Metrics

Select

Security Protection Solution of Industrial Control System Centralized Control Center

Journal of Information Security Research 2019, 5 (8): 756-760.

Abstract （201）

PDF （5459KB）（508）

Save

The security threats of the early industrial control system are not obvious. The unified information security system lacks systematic considerations in the planning stages of the centralized control center, and there are structural innate security defects. With the development of industrial Internet technology, more and more industrial control systems have access to traditional Internet networks, and at the same time, which lead into the security risks for industrial control networks. Under this security threat, the centralized control center of the industrial control system has an urgent need for improving the security protection capability. Based on a comprehensive analysis of the characteristics and the existing security risks of industrial control systems, especially SCADA system of centralized control centers, the paper proposes a series of measures, including security protection of server clusters, network security detection, system host security protection, system operation and maintenance audit, and establishment of the safety management platform of industrial control, to form an overall security control plan for the centralized control center, to help improve the security protection capabilities of the centralized control center under the industrial control system, effectively resist network threats, and reduce damage to important infrastructure.

Reference | Related Articles | Metrics

Select

A Support Multiuser Revocable Attributebased Lightweight Ciphertext Retrieval Scheme

Journal of Information Security Reserach 2026, 12 (4): 330-.

Abstract （14）

PDF （1851KB）（26）

Save

With the rapid development of cloud computing, the demand for ciphertext retrieval on the cloud has been increasing. However, traditional ciphertext retrieval schemes struggle to efficiently implement finegrained access control in multiuser environments and face challenges such as high computational overhead and inflexible management of user attribute permissions. Therefore, this paper proposes a multiuser revocable attributebased lightweight ciphertext retrieval scheme. Firstly, to reduce the computational burden on users, intensive computations are outsourced to a proxy server, enabling lightweight local operations. Secondly, the scheme integrates attributebased encryption and searchable encryption to achieve efficient finegrained access control in multiuser environments. Lastly, the scheme incorporates blockchain technology to ensure a transparent and immutable revocation process, enabling flexible and trustworthy user attribute management. Security analysis demonstrates that both user privacy and cloudstored data are effectively safeguarded. Performance analysis indicates that the proposed ciphertext retrieval scheme is efficient and feasible for practical applications.

Reference | Related Articles | Metrics

Select

An Overview of Application and Technology of Artificial Intelligence in Cybersecurity

Journal of Information Security Reserach 2022, 8 (2): 110-.

Abstract （2113）

PDF （1142KB）（1453）

Save

Compared with the developed countries, the basic research and technology application in the field of artificial intelligence in China started later, especially the application of artificial intelligence in the important field of network security. Domestic and abroad disparity is still very obvious, which seriously affects the improvement of China's cybersecurity capability. This paper elaborates the relationship between artificial intelligence, network attack and network defense, and widely investigates the application status of artificial intelligence in major information security companies at home and abroad. It points out that APT detection, 0day vulnerability mining and cloud security are three core areas that affect the level of cybersecurity capability, This paper deeply analyzes the key technologies of artificial intelligence technology applied in these three fields, and puts forward the safety risks of artificial intelligence technology, and points out that artificial intelligence technology is not a panacea for all diseases, This Paper provides a scientific reference for the further research and application of artificial intelligence technology in China's information security industry.

Reference | Related Articles | Metrics

Select

Singapore’s Data Security Governance Model and Its Implications

Journal of Information Security Reserach 2026, 12 (3): 284-.

Abstract （52）

PDF （1712KB）（46）

Save

As one of the countries with a relatively high level of digitalization in Asia, studying the successful experience of Singapore’s data security governance model is of great significance for improving China’s data security governance system. By using the methods of literature review and comparative research, this paper sorts out Singapore’s data security governance model from the aspects of institutional system, development process and collaborative mechanism, and finds the following characteristics: Singapore leads data security governance with the national innovation strategy, promotes data security governance with personal data rights, and builds an open crossborder data transmission rule system, forming a “rightspromoting” data security governance model. In light of China’s current circumstances, this paper proposes the optimization path of the data security governance model, including coordinating data security governance with an overall strategy, continuously deepening the personal data rights protection system, strengthening the multiparty collaborative governance system, and building a safe and effective crossborder data flow system.

Reference | Related Articles | Metrics

Select

Current Situation, Analysis and Prospect of Cross Border Data Flow

Wang Na, Gu Mianxue, Wu Gaofei, Zhang Yuqing, Cao Chunjie

Journal of Information Security Reserach 2021, 7 (6): 488-495.

Abstract （1357）

PDF （1439KB）（683）

Save

With the advent of the era of big data, the process of globalization is accelerated, the economic and political exchanges between countries become more frequent, the competition for data becomes more and more fierce, and the cross-border flow of data is inevitable. Although the European Union, the United States and other major international economies give priority to the deployment of cross-border data, which provides effective reference for different countries, with the increasingly urgent demand for cross-border data flow, the related issues of national security and personal data protection are gradually highlighted. First, by combing existing research works on cross-border data flow, starting from the concept of data cross-border, we summarize their advantages and disadvantages; then, starting from the core data security technology and regulatory mechanism, we systematically analyze and compare cross-border data current situation of the flow of multiple countries ; finally, based on the collation and summary of existing works, we discuss the shortcomings and challenges of China's existing data cross-border management system, put forward targeted suggestions and solutions, and look forward to the research and development trends in this field.

Reference | Related Articles | Metrics

Select

Towards a Privacy-preserving Research for AI and Blockchain Integration

Journal of Information Security Reserach 2023, 9 (6): 557-.

Abstract （1158）

PDF （1307KB）（436）

Save

With the widespread attention and application of artificial intelligence (AI) and blockchain technologies, privacy protection techniques arising from their integration are of notable significance. In addition to protecting the privacy of individuals, these techniques also guarantee the security and dependability of data. This paper initially presents an overview of AI and blockchain, summarizing their combination along with derived privacy protection technologies. It then explores specific application scenarios in data encryption, deidentification, multitier distributed ledgers, and kanonymity methods. Moreover, the paper evaluates five critical aspects of AIblockchainintegration privacy protection systems, including authorization management, access control, data protection, network security, and scalability. Furthermore, it analyzes the deficiencies and their actual cause, offering corresponding suggestions. This research also classifies and summarizes privacy protection techniques based on AIblockchain application scenarios and technical schemes. In conclusion, this paper outlines the future directions of privacy protection technologies emerging from AI and blockchain integration, including enhancing efficiency and security to achieve more comprehensive privacy protection of AI privacy.

Reference | Related Articles | Metrics

Select

A Secure Data Sharing Scheme Supporting Finegrained Authorization

Journal of Information Security Reserach 2023, 9 (7): 667-.

Abstract （310）

PDF （1681KB）（278）

Save

Considering the problems such as centralized data storage and difficulty in data sharing in cloud computing environments, based on the combination of multiconditional proxy reencryption and attributebased proxy reencryption, a multiconditional attributebased threshold proxy reencryption scheme which supports multiple authorization conditions is proposed. The scheme supports finegrained access to ciphertext data under multiple keyword authorization conditions, and can limit the authorization conditions and scope of ciphertext sharing. Only when the attribute set meets the access structure in the ciphertext and the keywords are consistent with the keywords set in the ciphertext, users can access the data. This solution achieves finegrained access to ciphertext data under multiple keyword authorization conditions, supports flexible user revocation, prevents unauthorized decryption of ciphertext by conspirators, and protects the sensitive information of data owners. Through the provable security analysis, it is shown that under the general group model, the scheme can resist chosen plaintext attack; compared with other conditional proxy reencryption schemes, the functions it supports are more diverse.

Reference | Related Articles | Metrics

Select

TOPSEC, Leading Brand of Independent Innovation, Supporting Cyberspace Power Strategy

Journal of Information Security Research 2018, 4 (9): 774-782.

Abstract （205）

PDF （1579KB）（937）

Save

Related Articles | Metrics

Select

A Survey of Research on Network Attack Model

Journal of Information Security Research 2020, 6 (12): 1058-1067.

Abstract （1419）

PDF （1774KB）（1165）

Save

With the rapid development of information technology, network attacks have gradually presented multi-stage, distributed and intelligent characteristics. Single firewalls, intrusion detection systems and other traditional network defense measures cannot well protect the network system security in an open environment. As a kind of attack scene representation from the attacker's perspective, the network attack model can comprehensively describe the network attack behavior in a complex and changeable environment, and is one of the commonly used network attack analysis and response tools. This paper first introduces the current main network attack models, including traditional trees, graphs, nets structure models and modern attack chains, ATT&CK, diamond models, etc. Then the analysis and application of network attack model will be explained. The analysis process for the purpose of solving the attack index mainly includes the probability framework, the assignment method and the solution method, and the application of the attack model based on the life cycle includes the application of the attackers and the defenders' perspective; Finally, the current challenges and future directions of the network attack model and its analysis and application are summarized.

Reference | Related Articles | Metrics

Select

One-time Encryption Algorithm Based on Finite Field Key Exchange

Journal of Information Security Reserach 2023, 9 (5): 457-.

Abstract （194）

PDF （516KB）（125）

Save

This paper presents a feasible solution to the worldwide problem of implementing onetime encryption. The scheme uses a finite field key exchange algorithm (i.e., public key cryptography algorithm) with the order of Mersenne prime proposed by me. The sender and the receiver do not need to preallocate, transmit and store symmetric keys, but only require the sender and the receiver to disclose their public keys and keep their private keys secret. The private keys and related public keys are changed every time they communicate, which fully realizes the perfect confidentiality of one key at a time. The finite field public key cryptography algorithm with the order of Mersenne prime is based on modulo2 operation, which is convenient for software and hardware implementation. Theoretical analysis and computational simulation have proved its effectiveness, and it has a wide range of theoretical and practical application value.

Reference | Related Articles | Metrics

Select

Research on the Technology Architecture of Enterprise Trust Service Based On Trusted Identity Authentication

Journal of Information Security Research 2017, 3 (9): 832-840.

Abstract （371）

PDF （7168KB）（184）

Save

With the development of enterprises, the enterprise information system construction develops rapidly, The importance of enterprise information security has become more and more important. In order to deal with the complex network environment, and accessing a variety of service system with external users, independent enterprise security is established respectively, with different complexity of user management system and application login system. These systems vary in safety strength. To solve the problem of corporate identity management, by the way, it takes some problems about the organization of the enterprise confusion, and user information dispersal. Faced with the dilemma of the development of enterprise information, this paper proposes a trusted service management system based on the trusted identity management and authentication framework. Based on the trusted identity of enterprise users, a series of related services such as identity authentication, single sign on, access control, authorization management, authentication service, and so on, are completed. Through a single point of logon enterprise application system, the realization of the enterprise internal users access to business applications, "a certification, the whole network access". And on this basis, the construction of public trust services is completed. As the basis of enterprise information security, the system architecture speeds up the process of enterprise information, helps business development.

Reference | Related Articles | Metrics

Select

Remote Office Solution and Its Application Based on Secure Instant Messaging Technology

Journal of Information Security Research 2020, 6 (4): 301-310.

Abstract （201）

PDF （3086KB）（361）

Save

Remote office is getting more and more favored by users for its characteristics of unconstrained time and space, high-efficiency and convenience, fragmentation time utilization and so on, but it also raised a lot of security problems. This article systematically introduces a security solution for remote office and its innovative applications. Based on the secure instant messaging architecture of interconnection and interworking, it realizes vertical security support and application aggregation, as well as horizontal data sharing and application collaboration through open aggregation interfaces. Therefore an remote office ecosystem is built. The solution has been widely used in sectors such as government, military, finance and energy, providing a security application solution to meet the requirements of relevant national standards for the high-security users’ remote office.

Reference | Related Articles | Metrics

Select

Journal of Information Security Reserach 2024, 10 (E2): 32-.

Abstract （357）

PDF （3674KB）（232）

Save

Reference | Related Articles | Metrics

Select

Anomaly Encrypted Traffic Detection Method Based on Graph Attention Network

Journal of Information Security Reserach 2026, 12 (3): 237-.

Abstract （49）

PDF （3111KB）（34）

Save

In response to the limitations of poor feature extraction, insufficient consideration of topological features, class imbalance, and lack of interpretability in existing anomaly encrypted traffic detection methods, this paper proposes an encrypted traffic detection model EGARNet that integrates a graph attention network (GAT) with edge feature embedding and residual networks. First, traffic data is preprocessed, and the network’s fivetuple information is used to construct graph nodes, with the remaining flow features treated as edge features, transforming encrypted traffic data into graph data. To adapt to the GAT algorithm, a new network traffic graph is constructed where new nodes correspond to edges in the original graph, and shared vertices in the original graph correspond to edges between two nodes, transforming the traffic detection problem into a node classification problem. Next, the attention coefficient for each node is calculated through the GAT algorithm to aggregate and update features. Finally, residual connections of the original nodes are added to the algorithm to improve the performance for minority classes. Experimental results on the CICDarkNet dataset demonstrate that the method effectively addresses the class imbalance issue in anomaly detection of encrypted traffic, with significant improvements in detection metrics for both binary and multiclass scenarios.

Reference | Related Articles | Metrics

Select

Research on the Architecture of Crosschain Transaction System for Data Assets

Journal of Information Security Reserach 2026, 12 (4): 366-.

Abstract （14）

PDF （2367KB）（17）

Save

In the context of the digital era, data has emerged as a critical production factor, and its trading and management are crucial for promoting socioeconomic growth. This paper aims to address the crosschain transaction challenges faced by data assets on different platforms. The article presents an analysis of the transaction market and value conversion paths of data asset, and proposes a crosschain transaction model that encompasses system architecture, network structure and functional processes. The model distinguishes data providers, establishing a data asset transaction chain and a personal data authorization chain for crosschain data transactions. This improves the efficiency of data transactions and the convenience of regulation, and promotes the digital economy development. This article offers theoretical and practical support for the stable development of the data asset trading market, thereby facilitating the further advancement of the digital economy. Building on this framework, the study constructs a secure and reliable crosschain data asset trading platform that ensures the fairness and transparency of transactions while protecting the privacy and data security of participants.

Reference | Related Articles | Metrics

Select

Overview on SM9 Identity Based Cryptographic Algorithm

Journal of Information Security Research 2016, 2 (11): 1008-1027.

Abstract （3707）

PDF （13949KB）（6208）

Save

SM9 identitybased cryptographic algorithm is an identitybased cryptosystem with bilinear pairings. In such a system the user s private key and public key may be extracted from user s identity and key generation centers parameters. The most common cryptographic uses of SM9 are with digital signature, data encryption, key exchange protocol and key encapsulation mechanism etc. The application and management of SM9 will not require digital certificate, certificate base, and key base. The key length of the SM9 cipher algorithm is 256b. SM9 cryptographic algorithm was issued as the cryptography standard in 2015. This paper will summarize the design, algorithm, software and hardware implementation and cryptanalysis of SM9 cryptographic algorithm. We also give some concrete examples in appendix.

Reference | Related Articles | Metrics

Select

Research on Data Classification and Grading Method Based on Data Security Law

Journal of Information Security Reserach 2021, 7 (10): 933-.

Abstract （1643）

PDF （2157KB）（1087）

Save

The Data Security Law of the People's Republic of China (hereinafter referred to as the Data Security Law) has been formally promulgated, which clearly stipulates that the state establishes data classification and grading protection system, and implements classified and graded protection for data. However, at present, the relevant standards and specifications of data classification and grading in China are relatively lacking, and the practical experiences that can be used for reference in various industries are relatively insufficient. How to effectively implement the data classification and grading protection is still a thorny problem. Based on Article 21 of the Data Security Law, this paper analyzes the factors such as the influence object, influence breadth and influence depth after the data is damaged, puts forward the principles and methods of data classification and data grading, and gives an implementation path of data classification and grading according to the application scenarios and industry characteristics of the data, which provide a certain reference for data classification and grading protection of various industries.

Reference | Related Articles | Metrics

Select

Review of Multi-Party Secure Computing Research

Journal of Information Security Reserach 2021, 7 (12): 1161-.

Abstract （1288）

PDF （1190KB）（720）

Save

With the rapid development of the Internet, data resources have become an important competitiveness of all industries. However, as the owners and users of data cannot beunified, problems such as data security and personal privacy become increasingly serious,resultingin the phenomenon of "data islands". Secure Multi-Party Computation (MPC)promises tosolve these problems by ensuring both privacy of data input and correctness of dataComputation, and by ensuring that data input from participating parties is not compromisedthrough protocols without third parties. Based on the definition and characteristics ofmulti-party secure computing, this paper introduces the research status, component model andapplication scenarios of multi-party secure computing.

Reference | Related Articles | Metrics

Select

Differential Privacy and Applications

Journal of Information Security Research 2015, 1 (3): 224-229.

Abstract （1245）

PDF （5750KB）（1246）

Save

As the emergence and development of application requirements such as data analysis and data publication, a challenge to those applications is to protect private data and prevent sensitive information from disclosure. With the highspeed development of information and network, big data has become a hot topic in both the academic and industrial research, which is regarded as a new revolution in the field of information technology. However, it brings about not only significant economic and social benefits, but also great risks and challenges to individuals` privacy protection and data security. People on the Internet leave many data footprint with cumulatively and relevance. Personal privacy information can be found by gathering data footprint in together.Malicious people use this information for fraud. It brings many trouble or economic loss to personal life.Privacy preserving, especially in data release and data mining, is a hot topic in the information security field. Differential privacy has grown rapidly recently due to its rigid and provable privacy guarantee. We analyze the advantage of differential privacy model relative to the traditional ones, and review other applications of differential privacy in various fields and discuss the future research directions. Following the comprehensive comparison and analysis of existing works, future research directions are put forward.

Reference | Related Articles | Metrics

Select

A Colors Based Algorithm for License Plate Location

Journal of Information Security Research 2016, 2 (1): 58-65.

Abstract （321）

PDF （5707KB）（675）

Save

Nowadays processing methods for license plate usually convert photos to gray scale images at first, and then find the characteristics based on the character of the edge texture for positioning. These methods do not work well on some conditions that there are the disturbance near the license plate, the instability of the light illumination and character edge gradient caused by floating dust. Then if it is in the fog and haze, these methods are more powerless. For that, in this paper a color based location algorithm is proposed, which is to select the candidate region according to the pixel color similarity and color domain in different color spaces and then based on a variety of geometric features to select the license plate region. This algorithm realizes the location of being at different light conditions, the strong interference of complex background and damaged license plates. Even in the fog and haze, this method performs excellent for those extremely blurred image.

Reference | Related Articles | Metrics

Select

Overview on Public Key Crytographic Algorithm SM2 Based on Elliptic Curves

Journal of Information Security Research 2016, 2 (11): 972-982.

Abstract （1738）

PDF （7813KB）（943）

Save

Public key cryptographic algorithm SM2 based on elliptic curves (SM2 algorithm for abbreviation) was firstly issued in December 2010, had become the Chinese commercial cryptographic standard (GMT 0003—2012) in 2012, and had become the Chinese national cryptographic standard (GBT 32918—2016) in 2016. This paper briefly describe the development background of SM2 algorithm，describe SM2 algorithm in details，introduce the researches on its security, and evaluate its implementation efficiencies. All the researches on SM2 algorithm so far indicate that the provable securities of SM2 algorithm reach the supreme levels of public key cryptographic algorithms securities, and its implementation efficiencies are equivalent to or slightly superior to those similar elliptic curve cryptographic algorithms in some international standards.

Reference | Related Articles | Metrics

Select

The ZUC Stream Cipher Algorithm

Journal of Information Security Research 2016, 2 (11): 1028-1041.

Abstract （1597）

PDF （7769KB）（770）

Save

祖冲之算法，简称ZUC，是一个面向字设计的序列密码算法，其在128b种子密钥和128b初始向量控制下输出32b的密钥字流.祖冲之算法于2011年9月被3GPP LTE采纳为国际加密标准(标准号为TS 35.221)，即第4代移动通信加密标准，2012年3月被发布为国家密码行业标准(标准号为GMT 0001—2012)，2016年10月被发布为国家标准(标准号为GBT 33133—2016).简单介绍了祖冲之算法，并总结了其设计思想和国内外对该算法安全性分析的主要进展.

Reference | Related Articles | Metrics

Select

Security Architecture and Key Technologies of Blockchain

Yan Zhu

Journal of Information Security Research 2016, 2 (12): 1090-1097.

Abstract （1202）

PDF （6838KB）（821）

Save

Blockchain, both the cryptocurrency and the underlying Bitcoin technology, have attracted significant attention around the world. The reason is that blockchain is a decentralization technology with Consensus Trust Mechanism (CTM), which is obviously different from the traditional centralization system with Outer Trust Mechanism (OTM). This has made a great influence on the trust mechanism of people and promoted the usage of security technology in the blockchain. In this paper, we present the security architecture and key technologies of the blockchain, and explain how the blockchain ensure the integrity, non repudiation, privacy, consistency for the stored data through P2P network, distributed ledger, asymmetric encryption, consensus mechanism and smart contracts. Moreover, we analyze some new security threats and measures, for example, the preventing technology of Denial of Service (DoS) attack against the Transaction Storm (TS), the cryptographic access control (CAC) technology to enhance the data privacy, the key management technology against losing and stealing of digital asset, and so on. We also discuss the future security problems and technologies that might be discovered after the blockchain syncretizes new technologies, including, AI, Big Data, IOT, cloud computing, mobile Internet technologies.

Reference | Related Articles | Metrics

Select

Evolution Research of Network Security Technology in Big Data Era

Journal of Information Security Research 2019, 5 (5): 406-413.

Abstract （191）

PDF （1284KB）（553）

Save

With the advent of the era of big data, information systems have exhibited some new features, including boundary obfuscation, system virtualization, unstructure and diversification, and the low coupling degree of function and data. These features not only lead to a big difference between big data technology (DT) and information technology (IT), but also promote the upgrading and evolution of network security technology. In response to these changes, in this paper we compare the characteristics between IT era and DT era, and then propose four DT security principles: privacy, integrity, traceability, and controllability, as well as active and dynamic defense strategy based on “propagation prediction, tracking audit, dynamic management and control”. We further discusses the security challenges faced by DT and the corresponding assurance strategies. On this basis, the big data security technologies can be divided into four levels: “elimination, continuation, improvement, and innovation”, and we provide analyzation, combination and explaination for these technologies according to six categories: access control, identification and authentication, data encryption, data privacy, intrusion prevention, security audit and disaster recovery. These results will offer important assistance for the evolution of security technologies in the DT era, the construction of big data platform, the designation of security assurance strategies, and technology suitable for big data.

Reference | Related Articles | Metrics

Select

A Survey of Zero Trust Research

Journal of Information Security Research 2020, 6 (7): 608-614.

Abstract （1428）

PDF （2068KB）（1660）

Save

With the popularization of cloud computing, mobile office and other technologies, the enterprise network structure becomes complex. The traditional network security model is based on the idea of boundary protection, which can not meet the current needs. Zero trust is a new network security model, where no distinction is made between internal and external networks and all entities need authentication and authorization before accessing resources, which can be used to protect the network whose perimeter is increasingly fuzzy. This paper gives the definition of zero trust, introduces the architecture of zero trust, analyzes the core technology of zero trust, compares and analyses several representative zero trust schemes, summarizes the development status, points out the research direction needing attention in this field, which can provide reference for the research and application of zero trust.

Reference | Related Articles | Metrics

Select

Anomaly Traffic Detection Based on Improved Bidirectional TCN Model in Software Defined Network

Journal of Information Security Reserach 2026, 12 (4): 303-.

Abstract （18）

PDF （2198KB）（15）

Save

The centralized control feature of software defined network (SDN) technology enhances the efficiency of network management while also bringing more severe security threats. Accurately detecting abnormal traffic in the SDN network is critical for network security. To address the vulnerabilities of SDN networks to various attacks and the insufficient ability of existing methods in modeling the temporal characteristics of abnormal traffic, this paper proposes an abnormal traffic detection method suitable for the SDN environment. This method takes the fivetuple of the flow (source IP address, destination IP address, source port number, destination port number, transport layer protocol) as the division basis. The length sequence of data packets is extracted as the core temporal features. Based on the improved bidirectional temporal convolutional network (BiTCN), by changing the ELU activation function and adding a residual block in the original TCN structure, and simultaneously integrating the multihead squeeze excitation mechanism (MSE) to enhance the feature modeling ability, the identification of abnormal behaviors is achieved. The experimental results show that the method proposed in this paper achieves good effects on the public SDN dataset, and its accuracy, precision and other indicators are superior to the traditional baseline models.

Reference | Related Articles | Metrics

Select

Research on the Audio Information Hiding Algorithms Based on Mean Quantization

Journal of Information Security Research 2016, 2 (10): 909-912.

Abstract （280）

PDF （3215KB）（440）

Save

We presented a new blind digital audio information hiding algorithms based on DWT and mean quantization. In order to achieve the high imperceptibility, the modification of wavelet coefficients was reduced by piecewise adjustment the quantized area. The ability of resisting attack was also improved by adjustment the boundary value with poor resistance to attack. Experimental results demonstrate that the proposed method has a better Signal Noise Ratio (SNR) than the current mean quantization algorithm, and the Normalized Cross?Correlation (NC) has also a certain amount of improvement.

Most Download articles