Table of Content

    15 July 2017, Volume 3 Issue 7
    PeopleNet, Independently Developing Core Technology of Cyber Information Security
    2017, 3(7):  578-588. 
    Asbtract ( )   PDF (1448KB) ( )  
    Related Articles | Metrics
    A Survey of Botnet
    2017, 3(7):  589-600. 
    Asbtract ( )   PDF (9509KB) ( )  
    References | Related Articles | Metrics
    In recent years, the botnet has become more and more complex, the scale is also growing. Botnets have become one of the largest Internet security threat, they have been used to launch DDOS attacks, send spam, steal sensitive information, and even launch a cyber-war. According to CNCERT‘s monitoring data, in 2013, there are more than 10900000 hosts that are controlled by more than 29000 overseas servers. In order to reduce the destruction of botnets, security researchers have proposed a variety of security detection mechanisms, Microsoft also cooperated with various security agencies and the federal court to close some botnets. But botnets constantly update to evade and use a more covert command control channel. This paper briefly summarizes the botnet system structure, protocol type, escape technology, detection technology, recently shut down event, and the new development trend.
    Modeling and Verifying Security Properties of Cyber-Physical System Based on Timed Automata
    2017, 3(7):  601-609. 
    Asbtract ( )   PDF (6111KB) ( )  
    References | Related Articles | Metrics
    Cyber-physical system (CPS), as a new research direction, has encountered a lot problems in the research and development. There are some problems about CPS security gradually appeared. In this paper, the design safety of CPS is explored. We mainly make a model on the safe interaction between the various parts of the CPS and discuss the security data attacks and the effectiveness of its defense measures. In this paper, we use the network water level control system as an example, and timed automata as formal modeling language for modeling, validating and analysing. In the process of modeling, we utilize a layered safety architecture. The work of each component of the system is respectively abstracted as a timed automata model. Those models constitute a system which describe the complete work process of CPS. Finally, by using the model-checking tool PAT, we present a verification for the effectiveness of automated recovery mechanism.
    A Dynamic and Verified Rational Secret Sharing over an Asynchronous Channel
    2017, 3(7):  610-616. 
    Asbtract ( )   PDF (5581KB) ( )  
    References | Related Articles | Metrics
    In this paper, we use the break of the regular of the secret sequence as an end signal to construct an m-out-of-n rational secret sharing by using the secret sequence with zigzag structure. Then, to avoid empty threats and make reconstruction more efficient, we can add and delete participants dynamically during the reconstruct phrase based on the Chinese remainder theorem. Besides, we encrypt everyone's shares in the phrase of exchanging them to make them much safer. Someone who is not participant in reconstruction phrase can't get any information about the secret shares. With the theory of the infinite repeated games, we construct a fair and verified rational secret sharing over an asynchronous channel with a sub-game perfect equilibrium.
    A Formal Specification and Verification Method for Security Specification Based on CC
    2017, 3(7):  617-623. 
    Asbtract ( )   PDF (5250KB) ( )  
    References | Related Articles | Metrics
    As information systems become more and more important and indispensable in social lives, the demands of people for the security of information systems are also increasing. For those important information systems that don't allow flaws, its security specification must be described and verified by formal methods. This paper introduces the security specification description and verification method we proposed first in the world based on the international commom standards CC (ISO-NIEC15408). Z notation and temporal logic are used to formalize the information security evaluation standard—the functional elements defined in the international standard CC. On the other hand, UML is used to model the protection profile formally, and after describing the security specification of the target information system by Z notation and temporal logic, theorem proving method and model checking method are used to verify the security specification of the target information system. In order to make the specification and verification easier for people that have poor professional knowledge, a support tool named FORVEST has been developed.
    Research Survey on Industrial Control Systems Security and Intrusion Detection
    2017, 3(7):  624-632. 
    Asbtract ( )   PDF (6946KB) ( )  
    References | Related Articles | Metrics
    Industrial control system (ICS) is the core of the infrastructure. With the development of computer internet and the integration of information and industrialization. industrial control system is gradually merging with internet, breaking the original hermetic. ICS suffers the threaten from virus, Trojans and others. For the above reasons, ICS is facing increasingly serious information security issues now. This paper introduces the progress of industrial control safety research at home and abroad from the aspects of structure. We explain structure, vulnerability, existing threat and anomaly detection of industrial control system. And focus on the analysis of anomaly detection methods. Finally, we combined with the domestic industrial safety, make recommendations on industrial safety, and prospects for development prospects.
    Research on Bayesian Hypothesis Test-Based Detection Method of CPS Control Layer Attacks
    2017, 3(7):  633-637. 
    Asbtract ( )   PDF (3773KB) ( )  
    References | Related Articles | Metrics
    Cyber-physical systems (CPS) are physical processing systems in which the concepts of communication network are introduced. In such systems, physical processes are monitored and controlled by computer-based technology. And these provide solutions for many applications in national defense and industrial production. However, this also makes the original industrial system environment face more security risks. In this paper, we consider the security of CPS control layer. Based on the Bayesian hypothesis test principle, this paper presents a detection method for tamper attacks to measurement data in the control layer. This method makes use of the prior knowledge of parameters so that the model's judgment is still available under small sample size. At the same time, the conclusion computes the probability of attack behaviors exactly, which can explain the possibility of the current state more intuitively. Compared with the traditional hypothesis test method, this method conforms to the background of CPS attacks, so it is practically advantageous.
    A Supporting Environment for IT System Security Evaluation Based on CC and CEM
    2017, 3(7):  638-646. 
    Asbtract ( )   PDF (6146KB) ( )  
    References | Related Articles | Metrics
    The whole security of IT systems can be guaranteed only if it is designed, implemented, used, maintained according to some common standards. Therefore, the standardization of IT system security is always a common issue all over the world. CC and CEM are a pair of ISO-NIEC international standards for information security evaluation and certification. CC and CEM establish a trustworthy relationship with common basis among all stakeholders of the target system that is evaluated and certified, and therefore CC and CEM are widely used all over the world. However, evaluation and certification based on CC and CEM is very complex. Evaluation and certification process involves of tens of documents and tasks. Performing evaluation and certification process by human shall cost lots of time. Besides, it is also difficult to ensure that evaluation and certification is fair and no subjective mistakes. These issues not only may result in consuming a lot of time, but also may affect the correctness, accuracy, and fairness of evaluation and certification results. Thus, it is necessary to provide a supporting environment that supports all tasks related to the evaluation and certification process automatically to improve the quality of evaluation results,at the same time reduce the complexity of all evaluator and certifiers work. However, there is no such environment existing until now. This paper presents a supporting environment we are developing for IT system security evaluation and certification based on CC and CEM that provides comprehensive facilities to support the whole evaluation and certification process. This is the first supporting environment to support the whole security evaluation and certification process.
    Scheme of Encrypted Cloud Data Transmission and Achieve the Data Integrity Valid
    2017, 3(7):  647-651. 
    Asbtract ( )   PDF (6250KB) ( )  
    References | Related Articles | Metrics
    With the advent of cloud storage model, more and more users choose to transfer their data into the cloud, but the data is uploaded to cloud storage in plaintext, which can't ensure that the data stored in the cloud is still intact. How to protect the security in the data delivery and the data integrity in the cloud have become a hot topic of academic research. Based on this, firstly, this paper presents a scheme of cloud data transmission encryption and data cloud storage integrity verification. Secondly, it expounds the creativity of the scheme design and the security of the core algorithm. Lastly, it proves the feasibility of the scheme by design simulation system model.
    The Research of a Method to Detect Information Hiding in the Private Network
    2017, 3(7):  661-667. 
    Asbtract ( )   PDF (908KB) ( )  
    References | Related Articles | Metrics
    The physical isolation network of classified units ensures the security of classified information to a great extent. However, the inevitable output need of information in secret network makes it possible for criminals to output classified information unauthorized through the use of information hiding technology. Considering the hidden dangers for network and information security caused by the redundancy feature that the information hiding technology could utilize the self information of multimedia files, and the insensitivity of human perception of the file details, we propose a detection method for information hiding basing on the text and image information hiding detection technology and combining the secret management requirements of classified units. This method can effectively improve the control ability of the information output process for the classified unit.
    International Internet Governance in New Situation, Calling for a New Pattern of Energy — A Summary of WSIS Forum 2017
    2017, 3(7):  661-667. 
    Asbtract ( )   PDF (901KB) ( )  
    Related Articles | Metrics