Table of Content

    15 February 2017, Volume 3 Issue 2
    Venustech’s Continuous Construction of the Information Security Ecological Chain — Analyze the Information and Cyber Security Strategy of Venustech
    2017, 3(2):  98-115. 
    Asbtract ( )   PDF (3877KB) ( )  
    Related Articles | Metrics
    Analysis of Information Security Vulnerabilities and Penetration Attack Based on Social Engineering
    2017, 3(2):  116-122. 
    Asbtract ( )   PDF (5294KB) ( )  
    References | Related Articles | Metrics
    In recent years, the hackers took disadvantages of people (that is the social engineering methods) to implement network attack, which shows the tendency of rising flood even. According to these security problems, for example, wechat is analyzed by using social engineering method, which can simulate the infiltration attack, explain in detail the fraud process, and realize some core technology including the silent installation and SMS remote control. Experiments simulate and prove the whole process of stealing or cheating the users property by the principle of social engineering. It provides the basis for the research on the prevention and installation of silence. At the same time, it reminds the users to guard against the occurrence of privacy leaks and prevent penetration attacks.
    Research of Identifying Web Vulnerability Scanner Based on Finite State Machine
    2017, 3(2):  123-128. 
    Asbtract ( )   PDF (4048KB) ( )  
    References | Related Articles | Metrics
    The traditional keywordbased method to identify Web vulnerability scanner is easy to be cheated by attackers. Aiming at this problem, a new recognition method based on Finitestate machine is proposed. The scanning data of the attacker is processed and the recognition model could be constructed using the scan behavior of scanners as transition conditions. The model state transition process is abstracted as multidimensional vector, and then the cosine similarity formula is used to calculate the similarity. Combined with the set threshold, the type of scanner can be determined.The experimental results show that the identification method based on finite state machine can identify the scanner more effectively when the attackers intentionally masquerade.
    A Survey of USB HID Attack and Defense Technology
    2017, 3(2):  129-138. 
    Asbtract ( )   PDF (8524KB) ( )  
    References | Related Articles | Metrics
    A novel USB attack technology called USB HID attack is emerging, which is an attack using USB HID protocol vulnerabilities. This technology will hide malicious code in the chip firmware, so that it cannot be detected by existing antivirus software and intrusion detection systems. It has been a serious threat to the security of users privacy due to rapid spread and extreme destruction. This paper analyzes the principle of this attack technology from USB protocol level, and summarizes the development of this technology since its emergence. Moreover, this paper compares the advantages and disadvantages of the existing protection technology. Finally, this paper discusses how the future security system deals with malicious hardware.
    Research on Android Application Permission Monitor
    2017, 3(2):  139-144. 
    Asbtract ( )   PDF (4793KB) ( )  
    References | Related Articles | Metrics
    With the rapid rise of mobile Internet in recent years, smart phones, especially based on Android system, also developed rapidly. The issues of Android system become increasingly prominent. Though Android system provides a relatively complete security mechanism, its “AllOrNone” application authorization mode, as well as the permission management mode in which users cannot change their permissions after the application is installed, exists security risks. Therefore, this paper proposed a method based on the static permission analysis and code injection method, to achieve the target for realtime monitoring of sensitive permission. Experiments show that this method can effectively monitor the use of permissions.
    Semantics Based Webshell Detection Method Research
    2017, 3(2):  145-150. 
    Asbtract ( )   PDF (4585KB) ( )  
    References | Related Articles | Metrics
    A semanticsbased Webshell detection method was proposed. This method obtained the code behavior and related dependencies by syntax analysis of the file, and achieved semantic understanding to complete the Webshell detection by the risk model. A critical abstract syntax subtree extraction method which can reject irrelevant factor and get the malicious behavior occurrence point was proposed. The description of behavior in risk model database was defined with BackusNaur Form, finally a smooth risk value curve could be obtained by graph matching algorithm, which can finish the criticality assessment of the file and can get a better result by adjusting the threshold A webshell detection system based on that detection method was designed and finished, the experimental results have demonstrated that the SemanticsBased method was effective in Webshell detection.
    A Review on Security Ontology: Document Analysis from 2010 to 2016
    2017, 3(2):  151-159. 
    Asbtract ( )   PDF (6880KB) ( )  
    References | Related Articles | Metrics
    The advantages of structured information security ontology, like formal description, semantic network modeling, behavior pattern recognition and matching, made it as a new research method of information security and gained a lot of attention from researchers. To clarify its research status and development trend, we made a bibliometric analysis of 158 articles about information security ontology published in journals and conferences between 2010 and 2016 both in domestic and abroad from the perspectives of publication year, distribution of journals and conferences, research directions, and research levels. Research hotspots, depth, and blanks of information security ontology are analyzed. The results show that the research on security ontology has a rising trend recently, security ontology involves many disciplines, especially computer and information science, and the traditional fields of information security ontology developed rapidly. Meanwhile, there are still some research gaps in the emerging research areas, particularly in the field of application and practice.
    Improvement of AntColony Text Clustering Algorithm Based on “Intelligent Information Center”
    2017, 3(2):  160-165. 
    Asbtract ( )   PDF (4272KB) ( )  
    References | Related Articles | Metrics
    Text clustering analysis is one of the commonly used methods in network information collection. As a selforganization, parallel clustering algorithm, antcolony clustering algorithm is widely used in clustering analysis. Aiming at avoiding the shortcomings of traditional antcolony clustering algorithm, such as lack of purpose, randomness and so on, a new improvement scheme is proposed. The “intelligent information center” mechanism is established, which owns some characters of dynamic global control of antcolony clustering process, enhancing the purpose of ants action, reducing the randomness. As a result, the proposed method can be utilized to improve the efficiency of the algorithm. Further, the purpose of optimizing the clustering algorithm is achieved by optimizing the parameters of the algorithm.
    Research on the Sentiment Analysis Model of Product Reviews Based on Machine Learning
    2017, 3(2):  166-170. 
    Asbtract ( )   PDF (3979KB) ( )  
    References | Related Articles | Metrics
    Online product reviews have become the primary means to enable people to explain their own views on a particular commodity. And, the research on the sentiment analysis model owns values in both business and academic areas. Discussing on several machine learning models for sentiments analysis, using enlarged emotional dictionaries, and describing full machine learning procedures, this paper proposes a set of sentiment analysis model for the sentiment analysis on the catering industry. Then, this paper discusses some classify algorithms, such as Naive Bayes and C45, and gives detailed discussions about effects of different models based on various evaluation methods. The experimental results show that the proposed model gives full play to emotion dictionary efficiency, and is more suited to judge customer emotional tendencies.
    A Network Security Protection Research for Industrial Control System
    2017, 3(2):  171-176. 
    Asbtract ( )   PDF (5018KB) ( )  
    References | Related Articles | Metrics
    Industrial control System (ICS) is the core of all kinds of infrastructure, industrial control systems are composed of automation control components and realtime data acquisition and monitoring process control components together, which can ensure that the Industrial infrastructure to run automatically, process control and monitoring of business process. Applications or system in industrial network failure will result in casualties and serious economic losses, destroying infrastructure, endangering public life and national security, environmental disasters and other serious consequences. Information security protection concept has experienced a series of the development process, meanwhile a new generation of APT attacks represented named Havex make protective measure from the simple isolation by means of terminal security protection and defense in depth of the border security, to the intrinsic safety in industrial control system as the main characteristics of the sustainability of the defense system stage, not only requires covering different defense levels, together using a variety of technology, but also holds the ability to find hidden trouble, manage threats, predict threat, and take the initiative to repair. Focus on the difficulties of the industrial control system security protection, adopt a kind of security model of 4+1, and puts forward a control system for industrial technology related to an entire network system protection.
    Research and Practice on Network Security Assurance of Important Activities
    2017, 3(2):  177-181. 
    Asbtract ( )   PDF (3790KB) ( )  
    References | Related Articles | Metrics
    Network and information system has become the necessary infrastructure and guarantee of important activities, network security directly affects whether the important activities can be held successfully, which is payed high attention by the organizers and related network security departments. The research on the objectives, characteristics and framework of the important activity network security assurance, and proved by practice and improvement in the actual work, has formed the network security assurance method combining products and services, engineering implementation and security maintenance. It provides a reference for the network security protection of the important activities and critical information infrastructures.
    Research on the Legislation of Data Localization
    2017, 3(2):  182-187. 
    Asbtract ( )   PDF (5587KB) ( )  
    References | Related Articles | Metrics
    Under the current international situation, the research on whether the data should be localized legislation and the application of the specific provisions of the legislation has become a hot topic of discussion nowadays. In November 2016, the Cyber Security Law was adopted and it has established a principle to the legislation of data localization which is “the data should be stored locally under normal circumstances, but except the safety assessment if the data must be transmitted across borders”. However, there are many complex challenges to apply the principle. On the basis of fully demonstrating the legitimacy of data localization legislation, this thesis also put forward some ideas on the reasonable definition of the “privacy information”. Simultaneously, when it comes to the safety assessment, the assessment standards should put forward according to changing circumstances and local conditions, and to the data which was easily affected by time, it should be evaluated by the guidelines of “leniency assessment” and “priority assessment” for realizing the trade and the data value timely. At last this thesis put forward some thoughts and references for the implementation of the Cyber Security Law.
    Research on the Structural Security of Private Cloud in Government and Enterprise
    2017, 3(2):  188-192. 
    Asbtract ( )   PDF (1236KB) ( )  
    Related Articles | Metrics