Table of Content

    15 February 2018, Volume 4 Issue 2
    ANTIY, Using the Actual Combat Mode to Protect the Cyber-Security
    2018, 4(2):  98-103. 
    Asbtract ( )   PDF (3475KB) ( )  
    Related Articles | Metrics
    Customer Privacy Data Lifecycle Security Management System
    2018, 4(2):  104-114. 
    Asbtract ( )   PDF (4240KB) ( )  
    References | Related Articles | Metrics
    Enterprises provide services to the public through web application systems, and they collect personal privacy data at the same time. Associated with enterprises’ production data, such personal privacy data has become higher value-added customer privacy data. Multiple applications and network boundaries are involved during the process of data creation, data transmission, data storage, data usage and data destruction. Customers privacy data is faced with a lot of security threats. In the meantime, due to continuous expansions of application systems and external system data exchange interface, customer privacy data is distributed in various nodes of the network, which makes the data hard to manage under unified management and centralized security. This paper analyzes the life cycle of customer privacy data, clarifies the distribution and security status of customer privacy data in the network, and establishes a customer privacy data lifecycle security management system for security protection. The system employs DPI technology, document encryption and decryption technology, data desensitization technology and abnormal behavior detection technology, and it provides security technical support for both structured data and unstructured data in the whole life cycle process.
    The Design, Implementation and Application of OpenSSL with Chinese Cryptographic Algorithms
    2018, 4(2):  115-132. 
    Asbtract ( )   PDF (2215KB) ( )  
    References | Related Articles | Metrics
    OpenSSL is a basic cryptography library, and full-featured toolkit for the Transport Layer Security (TLS) and Secure Sockets Layer (SSL) protocols. Integration Chinese cryptography algorithms and Chinese Transport Layer Security protocols into OpenSSL is very important. This paper introduce how to implement OpenSSL with Chinses Cryptography,let’s support Chinese Information Security Certification System and Chinese Transport Layer Security protocols.
    Android malicious application detection system based on multidimensional feature
    2018, 4(2):  133-139. 
    Asbtract ( )   PDF (1211KB) ( )  
    References | Related Articles | Metrics
    In order to improve the detection efficiency and reduce the system overhead, a detection mechanism using multiple levels of different classifiers for balancing accuracy and system overhead is proposed. A number of independent data sources, such as operation codes, are used as machine learning training sets. Only when level 1 fails to provide reliable detection, level two is used as the final detection result. While paying attention to the application permissions, we study the association between the runtime permissions, and use n-gram to process the opcode sequences. Finally, experiments show that the proposed method can reduce the overhead and ensure the effectiveness of the method. Therefore, the proposed method can be used effectively for malicious code detection in unknown applications.
    Design and Implementation of Android Malware Detection System Based on Deep Learning
    2018, 4(2):  140-144. 
    Asbtract ( )   PDF (956KB) ( )  
    References | Related Articles | Metrics
    In order to improve the detection efficiency and accuracy of Android malicious application, an Android malware detection system based on deep learning is proposed. Deep learning especially emphasizes on Android Security features, which combines static and dynamic features for classification. In order to improve the accuracy of malware detection, attribute subset selection analysis is used to reduce the dimensionality of fusion features. Then, the Stacked Denoising Autoencoders is used for classification. The SDADLDroid, a static and dynamic analysis system that detects the Android malware, is proposed. In order to recognize different Android malware, different kinds of clustering algorithms can be applied to compare the malware modeling capability. We use a dataset containing more than fifteen thousand real applications, including seven thousands malware applications. Experimental results show that the deep learning technique is especially suitable for Android malware detection than machine learning and can achieve a high level of 95.8% accuracy with real-world Android application sets.
    Research and application of full life cycle monitoring of sensitive data flow based on big data platform
    2018, 4(2):  145-149. 
    Asbtract ( )   PDF (1524KB) ( )  
    References | Related Articles | Metrics
    Faced with the rapid development of the Internet era, information, traditional data management has been unable to meet the security needs of complex circulation scenarios. Therefore, operators urgently need to sort out the data within the organization, and on this basis to establish a complete set of data life process control system. This paper analyzes and sorts out the storage, circulation and access of sensitive data in the organization, and finds out the potential security risks, so as to realize the comprehensive protection of sensitive data security in the organization.
    Network Flow Prediction Based on Time Series Analysis with ARCH Effect
    2018, 4(2):  150-156. 
    Asbtract ( )   PDF (3736KB) ( )  
    References | Related Articles | Metrics
    This paper introduces the method of network traffic anomaly detection, then focus on the autoregressive moving average model (ARMA) and wavelet analysis method is introduced, and the introduction of autoregressive conditional heteroscedasticity model with ARCH effect, and the method of constructing the above model to provide. Then, the wavelet analysis and time series analysis with ARCH effect are used to decompose and reconstruct the network traffic of the UnionPay network, and the low-frequency, high-frequency and surge terms are obtained. According to whether the subsequences have conditional heteroscedasticity, the ARMA model or the ARMA-GARCH model is established for the corresponding subsequence, and all the subsequences are linearly combined to obtain the network traffic model. The network flow model and construction of the original data and does not take into account the time series model of conditional heteroscedasticity are compared, the result shows that the average error of the network traffic model construction rate smaller, qualified rate of prediction is higher, so the result is better, and so as to construct the prediction value of abnormal network traffic detection for the accurate baseline.
    Characteristics and Invulnerability Analysis of Control Sectors Complex Network
    2018, 4(2):  157-162. 
    Asbtract ( )   PDF (3342KB) ( )  
    References | Related Articles | Metrics
    One valid way to solve the flight delay problem is improving the efficiency of air traffic control (ATC). With the aspect of control sectors, the basic units of ATC system, using the method of complex networks, an ATC sectors network is established, which considers the sectors within a certain range of airspace as nodes and the relationships between each other of flight as edges. Furthermore, the Area Control Center of North China is given as an example to verify the property of small average path length and small clustering coefficient. The distribution of degree is pretty homogeneous, which is different from strength and betweenness whose distribution conform to some functions. Invulnerability of sectors network is studied, indicating the significant metric, which determines the critical sectors and the potential critical sectors.
    Research of Rogue AP Detection Based on CSI in Smart Home
    2018, 4(2):  163-169. 
    Asbtract ( )   PDF (1682KB) ( )  
    References | Related Articles | Metrics
    Traditional Rogue AP detection methods are based on AP hardware fingerprint and traffic feature, but these two features are easy to be attacked by the attacker. In this paper, Aiming at the position of the terminal and the gateway is stable under the Smart Home environment,We proposed a CSI-based Rogue AP detection method. This method converted the detection of Rogue AP to the detection of the locations of AP.The method is divided into collection stage and detection stage. In the Collection stage, collecting the target AP location information as a fingerprint and build a fingerprint library in the security environment. In the detection stage,detecting the location information of the current connected AP and comparing with the information in the fingerprint library to determine the security of the current AP. Experiments show that this method is feasible and successfully solved the problem that the traditional Rogue AP detection method is easy to be bypassed.
    A Method and System for Video Encoding Dual Network Redundancy
    2018, 4(2):  170-174. 
    Asbtract ( )   PDF (982KB) ( )  
    References | Related Articles | Metrics
    The dual network port redundancy system is a communication control system under the computer network technology. This paper mainly develops a video coding and decoding system with dual network ports based on the requirements of the video security monitoring system. The whole system mainly includes redundant network module, video coding module, video decoding module and corresponding IO transmission module. The redundant network module is the core module of the video codec system. Through the redundant network, the surveillance video can be encoded and transmitted quickly and timely. The redundant network module can respond to the network transmission failure in real time, has the rapid recovery capability and improves the overall system Stability, reliability, safety and real-time. Redundant backup of the network port, when the normal communication network or line failure can automatically switch to the backup network port. This paper describes in detail the design and implementation of a dual network port redundant video encoding and decoding system.
    The Application of CA Authentication in Model of Video Surveillance
    2018, 4(2):  175-179. 
    Asbtract ( )   PDF (1091KB) ( )  
    References | Related Articles | Metrics
    The idea of establishing a safe and reliable video surveillance model is presented, and the user authentication model is based on CA authentication. The system is divided into the client module, the forwarding module, the CA authentication module, the video steam acquisition module and so on. In this paper, we introduced the function and implementation process of each module. The system verifies whether the user’s identity is legal based on CA authentication. If the user cannot pass CA authentication, he cannot capture the video image. A method to improve the existing video surveillance system is given at the same time, which CA authentication can be achieved without changing the existing camera terminal. The security and feasibility of the system are also analyzed in theory. This research not only has our understanding of the theory been improved, but also can be applied to a production environment.
    Study and Application of accrual failure detector algorithm based on OpenStack
    2018, 4(2):  180-184. 
    Asbtract ( )   PDF (1269KB) ( )  
    References | Related Articles | Metrics
    OpenStack is one of the most popular widely used open source cloud computing platforms, and it’s a required skill to achieve high availability in OpenStack. Unfortunately, due to unrealiability in hardware and software, node failure has been a major obstacle to high availability in cloud computing. In OpenStack, the failure detector is implemented by conventional heart-beat message sent by host and a timeout set to detect the failure. However, it’s unreliable because the timeout can be caused by network delay, which will affect the decision whether or not to evacuate the VMs, thus paying an unecessary and enormous price. This paper makes a research for accrual failure detector based on normal distribution of heartbeats, named P-FD. It calculates a continuous time-related value to represent the suspicion level of the monitored process. Moreover, it achieves double-check mechanism by combining pull heartbeat mode and threshold,which lowers the mistake rates. Corresponding to failure detector in OpenStack, it acts better in large-scaled and complicated cloud computing environment. The experiment shows that this failure detector greatly reduces the mistake rates and improves system availability.