Loading...
Toggle navigation
Home
About
About Journal
Editorial Board
Author Center
Current Issue
Just Accepted
Archive
Most Read Articles
Most Download Articles
Most Cited Articles
E-mail Alert
RSS
Reader Center
Online Submission
Manuscript Tracking
Instruction
Download
Review Center
Peer Review
Office Work
Editor-in-Chief
Subscription
Contact Us
中文
Table of Content
15 March 2016, Volume 2 Issue 3
Previous Issue
Next Issue
Promote the “Internet+” Action: The Information Network Security of Corporation Beijing VRV
2016, 2(3): 192-200.
Asbtract
(
)
PDF
(2392KB) (
)
Related Articles
|
Metrics
Distributed Code Clone Detection Based on Index
2016, 2(3): 201-210.
Asbtract
(
)
PDF
(7511KB) (
)
Related Articles
|
Metrics
With the extensive application of the twodimensional code, online twodimensional code generation technology has been quite mature. If you know the stored information in the twodimensional code, it is very simple to forge twodimensional code. Digital watermarking technology can solve this problem, because digital signature technology has features such as integrity, non repudiation, which can greatly improve the anticounterfeiting characteristics. This paper designs a QR code watermark authentication system based on digital signature. First of all, we should use digital signature to address the QR code, and then signature information and the QR code watermarking information is embedded into QR code carrier image, so as to ensure the safety of a QR code tag.
Research and Vulnerability Prevention of Information Gathering in Penetration Test
2016, 2(3): 211-219.
Asbtract
(
)
PDF
(7566KB) (
)
References
|
Related Articles
|
Metrics
Penetration test does a thorough security review for network system and gives the advice of vulnerability or inappropriate configuration by simulating real attacks. As the first stage of life cycle of penetration test, the task of information collection is to collect detailed information, which determines the success of a whole penetration test to a large extent. This paper studies the various methods and technology in the information gathering stage, puts the tools provided by Kali Linux into practice, summaries the common vulnerability in this stage and proposes a comprehensive preventive measure in the end.Key wordspenetration test; information gathering; Kali Linux; vulnerability; preventive measure
A Fully Homomorphic Encryption Scheme Based LWE
2016, 2(3): 220-224.
Asbtract
(
)
PDF
(3693KB) (
)
References
|
Related Articles
|
Metrics
Two main problems serve as foundations of current homomorphic encryption schemes: Regevs learning with errors problem (LWE) and HowgraveGrahams approximate greatest common divisor problem (AGCD). Firstly, we introduce a reduction from LWE to AGCD. Secondly, we propose a new AGCDbased additive homomorphic encryption scheme, which outperforms previous proposals: its security does not rely on the presumed hardness of the socalled sparse subset sum problem (SSSP), but on the hardness of LWE. Lastly, correctness analysis and security proof are given.
A Novel Modulus Factorization Algorithm for RSA Cryptosystem
2016, 2(3): 225-229.
Asbtract
(
)
PDF
(3235KB) (
)
References
|
Related Articles
|
Metrics
A new large integer factorization algorithm is presented in this paper to improve the cryptanalysis efficiency of RSA. According to the Coppersmiths theorem, the small integer roots for polynomial equations problem can be solved with LLL algorithm in polynomial time. The lattice reduction algorithmLLL algorithm is applied in the research of the situation in which the polynomial equation meets eix-yiφ(ni)=zi, where e is the encryption index, n is the modulus and xi, yi are the small integer parameters. Compared with those traditional algorithms, the computational complexity of this papers new factorization algorithm is lower. In additions, the factorization of the modulus is provided with the cryptanalysis algorithm.
A New Fault Attack on Grain-128
2016, 2(3): 230-237.
Asbtract
(
)
PDF
(5483KB) (
)
References
|
Related Articles
|
Metrics
By analyzing the weakness in design of the stream cipher Grain128, a fault attack by targeting NFSR is presented. Firstly, by setting a large random number of key and IV, and using the difference of faultfree and faulty output, we obtain the fault location. By using the feedback equation of NFSR and output bit equation, and inducing 56 faults to NFSR, we can get the NFSR bit values. By using the output bit equation, and inducing 256 faults to NFSR, we can get the LFSR bit values. We can recover the key from the known full initial state by inverting internal states. The computational complexity of this attack is about O(221).
Artificial Immune Based Mobile Malcode Detection Model
2016, 2(3): 238-243.
Asbtract
(
)
PDF
(5204KB) (
)
References
|
Related Articles
|
Metrics
The mobile Internet has brought great convenience to us, however, we have to face many threats such as malcode. In face of unknown malcode emerging in large numbers, traditional detection methods show many limitations, such as decline of detection speed, rise of false positive rate and false negative rate, the sharp increase of cost and so on. In recent years, some malcode detection methods based on intelligent algorithm are proposed. Among them, the artificial immune system has become the research hotpot of information security area because of its organization, adaption, memory and distributed advantages. According to the basic theory of nature immune system, a mobile malcode detection model for android platform was proposed. Extract the behavior features of malcode using the android emulator, such as starting service, telephoning, sending message, file read or write operations and accessing the Internet. The behavior features were encoded as one of the source of immature detectors. The immature detectors become mature through negative selection algorithm. Clone and mutate the mature detectors with higher affinity. Experiment results show that the proposed detection model has high detection rate and can also accurately detect the packed malcode samples.
Research on The Technology Architecture of Big Data Security and Privacy System
Lv Xin
2016, 2(3): 244-250.
Asbtract
(
)
PDF
(6172KB) (
)
References
|
Related Articles
|
Metrics
In the era of Big Data, data security and privacy face a lot of technical challenges in the aspects of security architecture, data privacy, data management, integrity and proactive security protection. Based on the analysis of technical challenges of big data security and privacy protection, this paper proposes a reference model of the technology architecture of big data security and privacy system, and researches on the key technology and the latest progress of big data security and privacy, focusing on data layer security, application layer security, interface layer security and system layer security. It provides an effective technical reference for establishing big data security and privacy system.
Search Log Anonymity Publish Based on Differential Privacy and Classification Technique
2016, 2(3): 251-257.
Asbtract
(
)
PDF
(5779KB) (
)
References
|
Related Articles
|
Metrics
The search logs analysis is the important research area of data mining and machine learning, the data privacy preserving of network search logs has been a big challenge at home and abroad, this paper proposed a search log anonymous publish method based on classification anonymous technique and differential privacy. First we combine the kanonymity and classification anonymous into cluster method, classifying the quasiidentifier attribute to cluster. In order to improve the data accuracy, we introduce the search similarity calculate method; Then we add exponent noise to the cluster and make sure it satisfies the differential privacy protection; Finally we release the protection result data set. The experiments shows that it can prevent the loss of sensitive information, protecting the network search logs privacy data and improving the data availability.
A QR Code Watermark Authentication System Based on Digital Signature
2016, 2(3): 258-263.
Asbtract
(
)
PDF
(4993KB) (
)
References
|
Related Articles
|
Metrics
With the extensive application of the twodimensional code, online twodimensional code generation technology has been quite mature. If you know the stored information in the twodimensional code, it is very simple to forge twodimensional code. Digital watermarking technology can solve this problem, because digital signature technology has features such as integrity, non repudiation, which can greatly improve the anticounterfeiting characteristics. This paper designs a QR code watermark authentication system based on digital signature. First of all, we should use digital signature to address the QR code, and then signature information and the QR code watermarking information is embedded into QR code carrier image, so as to ensure the safety of a QR code tag.
A Searchable PHR Cloud Service System Supporting FineGrained Privilege Control
2016, 2(3): 264-271.
Asbtract
(
)
PDF
(6456KB) (
)
Related Articles
|
Metrics
With the rapid development of cloud storage technologies, outsourcing the personal health record (PHR) information to cloud servers has gotten many attentions of people. Outsourcing of PHR not only brings great convenience to the patients, but also realizes the efficient sharing of data among medical institutions. However, because the sensitive personal information is uploaded to cloud servers, security concerns on the leakage of identity information of data owners and users emerged at the same time. Anonymous attributebased encryption techniques can not only ensure the safety of the cloud data, but also can effectively protect the data users personal identification information. Most of the existing works focus on security of data content and the basic access control mechanism, and the finegrained access control of files is not realized. The proposed scheme based on keyword faulttolerant technique not only fulfills the cloud ciphertext search, also realizes finegrained privilege control on files by giving different privileges to the cloud data. It is ensured that only those data users who are given the corresponding privileges can make appropriate operations on the corresponding cloud data. Finally, the security analysis indicates that the scheme is secure.
The Improvement and Instance Analysis of the Formal Verification Tool Scyther
Xu Han
2016, 2(3): 272-279.
Asbtract
(
)
PDF
(6016KB) (
)
Related Articles
|
Metrics
As formal verification tools for security protocols develop rapidly, picking a suitable tool, according to the target protocols and the security models, can improve not only the reliability and accuracy of protocol analysis, but also the efficiency of it. With these considerations, we compare the properties of 9 kinds of the formal verification tools in detail and we find that the Scyther tool can be an optimal choice in terms of interface interactivity, analysis efficiency and security model validity. In an attempt to facilitate using and researching of the tool for analysts in China, we study and analyze the underlying algorithm of Scyther and translate the interface into Chinese; we also update Scyther by adding a timer that can count and output the analysis time. Finally, we use the updated Scyther to make a formal analysis of the network security protocol TLS within the DelovYao model and strong security model. The current study is of theoretical and practical value for it helping researchers to select and use formal analysis tools more accurately and effectively.
Cybersecurity Research for Instant Messaging in Social Network System
2016, 2(3): 280-283.
Asbtract
(
)
PDF
(768KB) (
)
Related Articles
|
Metrics
World Internet Conference: Co-construction of a Safe Cyber Environment
2016, 2(3): 284-286.
Asbtract
(
)
PDF
(831KB) (
)
Related Articles
|
Metrics
Author Center
Online Submission
Instruction
Template
Copyright Agreement
Review Center
Peer Review
Editor Work
Editor-in-Chief
Office Work