Loading...
Toggle navigation
Home
About
About Journal
Editorial Board
Author Center
Current Issue
Just Accepted
Archive
Most Read Articles
Most Download Articles
Most Cited Articles
E-mail Alert
RSS
Reader Center
Online Submission
Manuscript Tracking
Instruction
Download
Review Center
Peer Review
Office Work
Editor-in-Chief
Subscription
Contact Us
中文
Table of Content
15 August 2017, Volume 3 Issue 8
Previous Issue
Next Issue
Three-Dimensional Way of Acorn Network in Industrial Control Cybersecurity
2017, 3(8): 0-0.
Asbtract
(
)
PDF
(3703KB) (
)
Related Articles
|
Metrics
Study on an Artificial Noise-Based Secure Wired Communication Method
2017, 3(8): 0-0.
Asbtract
(
)
PDF
(4564KB) (
)
Related Articles
|
Metrics
This paper presents a secure communication method for point-to-point wired communication systems based on information theory. In the proposed method, the receiver node receives the target signal, and meanwhile transmits an artificial noise, thus leading to signal to interference plus noise ratio (SINR) loss at eavesdropper, and ensuring that the system is absolutely secure. The theoretical work of this paper is carried out in the physical layer security model, and it is assumed that the eavesdropper can perform the best detection. We deduce the of safety capacity and interference cancellation ability, and analyze the relationship between the system secure capacity and the length of the wire, the attenuation characteristics of the wire, the interference cancellation ability and the eavesdropping position, and the effectiveness of the proposed method is illustrated.
A Static Android Repackaged Malicious Application Detection Method
Sun Wei
2017, 3(8): 0-0.
Asbtract
(
)
PDF
(6864KB) (
)
Related Articles
|
Metrics
Android system with its excellent characteristics quickly seize the mobile phone market. However, the open source of Android leads to Android frequent security problems. A large number of malicious applications on the third party market have brought great harm to people's privacy and property security. Among them, repackaged malicious applications accounted for the largest proportion which was 86%. In the repackaging application detection, researchers have done a lot of experimental research and designed the detection engine. But in the past, the detection engine has the disadvantages of high complexity and low accuracy. In this paper, we design an anti-obfuscation method for detecting malware based on centroid processing and hierarchical analysis. This method carries on static analysis to the intermediate code after compilation. The centroid algorithm is used to detect the similarity between applications, locating suspicious code segments by comparison between similar applications. Combining the analytic hierarchy process (AHP) and weighted FP-growth algorithm, the suspicious malicious code segments are judged. The experiment results show that this method has good effect in the detection of Android repackaged malicious applications.
Information Security Engineering Databases Based on ISO/NIEC Standards and Their Applications
2017, 3(8): 0-0.
Asbtract
(
)
PDF
(8115KB) (
)
Related Articles
|
Metrics
The whole security of any information system is only as strong as the weakest security of some component or link in the system. To keep the whole security, we must design, develop, manage and maintain the target system based on a unified standard throughout the whole software lifecycle. Over the years International Organization for Standardization has published a series of international standards on information security, which are rigorous enough to be taken as the unified standard for developing security functions of information systems. But it is complicated to design, develop, use, maintain or evaluate the security functions in accordance with those ISO standards. Moreover, the ISO standards would be revised or updated sooner or later. Adapting the security functions to match new standards is another cumbersome task. Human are hard to do those complicated and cumbersome work that may lead to low efficiency, incorrectness, inaccuracy or inconsistence. These problems can be solved only by adopting automatic and intelligent methods for sharing, managing, searching and using the data. Therefore, we proposed and developed the first group of databases in the world that manage the contents of ISO/NIEC information security standards and published data of certificated IT products. This paper introduces the group of databases and their applications.
Research on Smart City Information Security System
2017, 3(8): 0-0.
Asbtract
(
)
PDF
(6796KB) (
)
Related Articles
|
Metrics
The smart city information security system covers more aspects than a standalone information system. Through analyzing the main information security risks of smart city and summarizing the general security requirements of smart city, the information security framework of smart city can be figured out, and the roles involved in the smart city information security system and their responsibilities can be clarified. The smart city information security system proposed in this paper reflects the common understanding of the domestic and international information security standards and literatures, and the practice of the smart city development in China. The smart city information security requirements should be addressed from the viewpoints of management, technology, construction and operation. Accordingly the smart city security assurance is presented from the perspectives of strategy, management, technology, construction and operation, and infrastructure support. The main roles in the lifetime of the system are decision maker, administrator, implementor, operator, service provider and consumer. These roles shall support each other to ensure the samrt city information security system operating harmoniously. This paper could be used in the planning, development, acceptance and operation of smart city information security system, and could be a reference for further research of smart city information security.
SSL Protocol Interactive Authentication Scheme for System Wide Information Management
Wu Zhijun
2017, 3(8): 0-0.
Asbtract
(
)
PDF
(7370KB) (
)
Related Articles
|
Metrics
System wide information management (SWIM) is a platform which based on SOA (service oriented architecture) to provide information sharing and exchange for different departments and users in civil aviation field. As a large-scale information system access platform, SWIM carries amounts of important data related to the safety operation of civil aviation system. Therefore, network security issues such as data security and privacy protection are particularly important in this system. SSL (security socket layer) protocol interactive authentication scheme for SWIM is such an authentication solution aimed to solve the above problems. Based on the concept, technologies and specific architecture of SWIM, the scheme is proposed after analyzing the specific problems in application of SSL protocol on SWIM combining with some digital certificate technologies. This scheme takes advantage of dual certificate technology which is more suitable for SWIM system. The performances of this scheme, including safety and effectiveness, were analyzed through the experimental simulations under the special experimental configurations. The results show that the improved interactive authentication scheme implemented the identity authentication ensures the security of information transmission on the SWIM system. The scheme also guarantees the safety running of SWIM system in the premise of efficient operation.
Research on Intelligent Manufacturing Information System Security
2017, 3(8): 0-0.
Asbtract
(
)
PDF
(8305KB) (
)
Related Articles
|
Metrics
The cyber-physical system (CPS) security and controllability has become one of the important technical foundation of “Made in China 2025” national strategy. The CPS security is a new research area in the stage of development. There are many problems to be solved in the key technology and the basic theory research. This paper analyzes the challenges of intelligent manufacturing CPS security, puts forward the intelligent manufacturing CPS security framework, and discusses the direction and trend of future research in this field.
Analysis on American Critical Infrastructure Security Management
2017, 3(8): 736-746.
Asbtract
(
)
PDF
(2098KB) (
)
References
|
Related Articles
|
Metrics
In recent years, Different countries are paying more attention to critical infrastructure security and its cyber defense to the level of national security by developing regulations, laws and standards. As general secretary of the CPC Central Committee and president of China, Xi Jinping proposed efforts to promote innovative development, and work hard to build China into a cyberpower. Critical information infrastructure protection is one of the most important parts of the network strategy. We should learn from other countries, especially developed countries, to secure our critical infrastructure while we are still in the early stage. The United States, as the first country devoting attention to protect critical infrastructure cyber security, has developed a set of critical infrastructure information security policies, measures and supporting works. The study will provide suggestions for our critical infrastructure defense by reviewing American critical infrastructure measures from the perspectives of its identification, management system and security requirement.
Rick Management of Troops Information Security Based on Oscillation-Equilibrium
2017, 3(8): 0-0.
Asbtract
(
)
PDF
(3610KB) (
)
Related Articles
|
Metrics
With the progress of science and technology (especially network technology), the information security risk brought by science and technology is also increasing.From the point of view of risk management, the effect of troops information security management is influenced by the combination of risk and control means. The paper analyzes the influencing factors of the information security management risk of the troops, and introduces the qualitative simulation process of the model, and finally analyzes the influencing factors of the information security management risk of the army. In the end, this paper analyzes the application of the model in the evaluation of military information security management.
The Processing Monitoring Framework and the Random Authorization using Blockchain
2017, 3(8): 0-0.
Asbtract
(
)
PDF
(4926KB) (
)
Related Articles
|
Metrics
The application scenarios and the characteristics of the technology system, which is mainly composed of blockchain, peer-to-peer (P2P) framework, recording authorization competition and consensus mechanism, are analyzed in this paper.The three disadvantages of the system, one of which is a huge waste of computing ability and electricity power, are expounds. In order to overcome these shortcomings,a new system framework, a random authorization mechanism and the operating mechanism of the whole system are designed.The strong center framework and the peer-to-peer framework are discussed, of which the advantages and disadvantages and the application scenarios are also discussed. The monitoring framework and the processing monitoring framework are designed,which are used in the scenarios that management nodes can be partly trusted and should be supervised.The SM2 or the ECC algorithm is applied in order to ensure the privacy and security of data transmission. The data flow in the processing monitoring framework is analyzed. The data block structure and blockchain in this system are designed. The double hash authentication and random authorization(RA)technology are proposed. The process of approval and distribution and the signature verification method are designed.The method of obtaining management nodes based on the credit of the real world is discussed.The conclusion that the three shortcomings of the original system can be overcome in this design in the appropriate scenario is given in this paper.
Research on Electronic Authentication Technology to Protect the Legal Effect of Electronic Medical Records
2017, 3(8): 0-0.
Asbtract
(
)
PDF
(3499KB) (
)
Related Articles
|
Metrics
Electronic medical records have become the most important materials because of its medical and legal value with the development of medical information technology. How to make the electronic medical record to carry the legal value effectively is a comprehensive subject involving law, medical and technology issues. According to the latest release of "Application of electronic medical records management standard (Trial)", this paper makes a further study on how to use electronic authentication technology to ensure the authenticity and integrity of electronic medical records. Make the electronic medical records in line with the relevant requirements of electronic evidence, while meeting the requirements of legal effectiveness.
Pay Serious Attention to National Security Issue in Windows 10 ( Government Edition), Develop Creative China-Made OS
2017, 3(8): 0-0.
Asbtract
(
)
PDF
(810KB) (
)
Related Articles
|
Metrics
Cybersecurity Capability Construction: Coordination of Consciousness, Management and Technology —Thoughts Triggered by the “Eternal Blue” Event
2017, 3(8): 0-0.
Asbtract
(
)
PDF
(882KB) (
)
Related Articles
|
Metrics
Author Center
Online Submission
Instruction
Template
Copyright Agreement
Review Center
Peer Review
Editor Work
Editor-in-Chief
Office Work
