Table of Content

    15 September 2018, Volume 4 Issue 9
    TOPSEC, Leading Brand of Independent Innovation, Supporting Cyberspace Power Strategy
    2018, 4(9):  774-782. 
    Asbtract ( )   PDF (1579KB) ( )  
    Related Articles | Metrics
    Research Progress in Single-Pixel Imaging Based on Compressive Sensing
    2018, 4(9):  783-791. 
    Asbtract ( )   PDF (2112KB) ( )  
    References | Related Articles | Metrics
    Compressive sensing as a data acquisition method breaks through the limitations of the traditional Nyquist sampling law, greatly reducing the data redundancy. It has been applied in many fields so far. This paper introduces a single-pixel imaging system based on compressive sensing theory. From the basic theory of compressed sensing, the basic principle and implementation method of single-pixel imaging technology are described in detail, and the problems faced in different aspects are analyzed. Finally, the domestic and foreign issues are analyzed. In the research status and development trend of single-pixel imaging technology, the inadequacies of the existing research of this technology are proposed and future research directions are given.
    A Taxonomy of Android Application Vulnerabilities Based on Layered Structure of Application
    2018, 4(9):  792-798. 
    Asbtract ( )   PDF (1530KB) ( )  
    References | Related Articles | Metrics
    Security evaluation of Android applications is to detect security vulnerabilities of Android Apps comprehensively, and then provide a safety grade or score. It is quite important to classify Android application vulnerabilities before evaluation. Therefore, we proposed a taxonomy based on layered structure of application named LSA. There are 3 layers of LSA, Java code layer, source file layer and logistic vulnerability layer. Android vulnerabilities are divided into 4 categories on those 3 layers. LSA is more systematic and performs better than other existing taxonomies in security evaluation. Finally, this paper gives a formal description of LSA by using Z schema, and then the scientificalness of this taxonomy is demonstrated.?
    Research On Denial Of Service Attack Detection Based On Hadoop And Flume
    2018, 4(9):  799-805. 
    Asbtract ( )   PDF (1532KB) ( )  
    References | Related Articles | Metrics
    Aiming at the bottleneck problem of denial of service attack detection algorithm and processing speed, using denial of service attack log feature and improved variance algorithm in the paper,building a denial of service attack detection system on Hadoop and Flume,and use the distributed web log collection system of flume collect logs to HDFS,through research the distribution of abnormal behavior from statistical analysis of connection data and find characteristic of it, a Hadoop based statistical analysis model for denial of service attack detection is established, this paper puts forward the idea of improved variance to detect denial of service attack, making full use of distributed parallel computing ability of Hadoop, and it effectively improves the speed of detection and reduces the computation time.
    Linux Binary Exploit -The Key Technology of Breaking Through the System Defense
    2018, 4(9):  806-818. 
    Asbtract ( )   PDF (2242KB) ( )  
    References | Related Articles | Metrics
    With the increasing influence of open source software in the world, the market share of the Linux operating system has maintained a rapid growth rate and is widely used in many fields, such as servers, industrial control systems, embedded devices, cloud computing, etc. Therefore, the research on the security of Linux system is extremely important. The attack and defense against in-memory vulnerabilities is a research hotspot in the field of information security. Along with various binary vulnerability mitigation mechanisms have been proposed in decades, the exploit technology has also evolved. The challenges remain severe. This paper organized and summarizes the key technologies of Linux binary attack and defense in recent years. Firstly, it reviews the traditional utilization methods of Linux binary vulnerabilities and the corresponding mitigation mechanisms, also introduces the new utilization methods and their principles. Then, it combs and summarizes the methods of exploiting the vulnerability. Finally, it explores the future development trend of Linux binary attack and defense games, as well as some risks that may exist in widely used Linux systems, and part of security vulnerabilities that have been exposed.
    Lightweight Key Management Scheme for Internet of Things
    2018, 4(9):  819-824. 
    Asbtract ( )   PDF (1556KB) ( )  
    References | Related Articles | Metrics
    Abstract The rapid development of IoT affects and changes people's lives and way of working. At the same time, the realistic demand also promotes the rapid development of the technology of IoT. For the characteristics of high capacity, complex network/terminal equipment, low power consumption and limited computing power of terminal devices of IoT, lightweight and miniaturization have become the basic requirements for designing the IoT security system and key management scheme.For the design of the lightweight key management scheme oriented to IoT, the traditional schemes for implementing identity authentication and key agreement based on digital certificates and PKI systems are not suitable under the application scenarios of IoT. Due to the complex interactive process and the authentication mode of digital certificate exchange, a lot of computing and network resources will be consumed. Based on this, under the circumstance of ensuring the security of the system, orienting to lightweight application scenario of IoT and based on the national cryptographic algorithm, a full lifecycle management scheme is implemented. Using symmetric algorithm keys to achieve terminal device authentication, session key agreement, data encryption/decryption services, and using asymmetric algorithm keys for key exchange and import protection. And the performance and function requirements of key management in IoT environment are well-suited to meet.
    Design of security architecture development model for enterprise information planning
    2018, 4(9):  825-835. 
    Asbtract ( )   PDF (2344KB) ( )  
    References | Related Articles | Metrics
    With the advent of the information age, information systems are facing more and more security attacks, and the loss is also increasing, the information security issues accompanied with information island, data sharing and other issues of governance are becoming increasingly prominent. Information security protection has become increasingly difficult,and it is more difficult to solve the above problems systematically with taking stop-gap measures as before.Therefore, it is necessary to analyze and design the security system accompanied with the information planning and the framework design, so as to truly realize the "top-down" enterprise information security architecture planning and design,and guide the information security work. Based on the existing mainstream enterprise informationization planning methods and the related security architecture models, methods or frameworks in informationization planning, this paper proposes a SADM security architecture development model based on EISA and TOGAF ADM frameworks, which provides a reference for enterprise informationization planning and architecture design, and gives an early exploration for the follow-up establishment of the security architecture development method system.
    Research on Security Certification Schemes of VANET Based on Cryptography
    2018, 4(9):  836-842. 
    Asbtract ( )   PDF (1516KB) ( )  
    References | Related Articles | Metrics
    VANET has a good prospect of development, but also it has the serious security risks at the same time. The security certification scheme of VANET is an important way to solve the security problem of VANET. This paper firstly takes the knowledge related to cryptography as the starting point and discusses the factors that influence the design of security certification schemes for VANET. Then based on the cryptography perspective, the paper classifies the security authentication scheme of VANET as two types: security authentication scheme based on group signature and identity signature and security authentication scheme based on non-bilinear pair. Lastly, it compares the characteristics of various schemes by the security characteristics, the geographical scope of the attack and the performance problems solved in order to provide reference for the design and research work of the safety certification scheme of the vehicle network.
    Analysis of Key Technologies of User Data Privacy Protection in Cloud Computing
    2018, 4(9):  843-845. 
    Asbtract ( )   PDF (1054KB) ( )  
    References | Related Articles | Metrics
    In recent years, cloud computing has gradually become a mainstream form of technology for information sharing. However, while providing people with convenient information storage and sharing services, cloud computing is also facing severe user data security issues. Hundreds of information security incidents have threatened global network information security in the years since cloud computing began. Information confidentiality is an essential element of information security, and privacy protection of user data is an important part of information security technology. Cloud computing also faces user data privacy protection issues. In the cloud computing, user data is stored in the cloud, and the computing process is carried out in the cloud, so higher requirements are placed on user data privacy protection. This paper mainly discusses the privacy protection of user data in storage and cloud. It mainly studies key technologies such as access control and ciphertext search for user privacy protection, which can protect user data privacy from being stolen and reduce significantly under small performance loss. Local calculations.
    Train of Thought on Governance of Dark Web
    2018, 4(9):  846-852. 
    Asbtract ( )   PDF (1707KB) ( )  
    References | Related Articles | Metrics
    Internet has become an indispensable impetus to accelerate the development of human society. But what cannot be overlooked is while Internet promotes human development and progress, its unique unboundedness and anonymity have also brought many hidden dangers to global security. Dark Web, the most covert and darkest part of cyberspace, carries the worst cybercrimes. Drug, population and arms trafficking, terrorism, political subversive activities and other crimes are almost filled with the entire dark Web space, which poses a great threat to global security. Effective methods to dark Web governance is extremely urgent. Many Internet powers have taken actions to dark Web governance, but produce very little effect due to the differences in their respective purposes, methods, and even ideologies. Dark Web governance has become a common problem facing all countries. On December 16, 2015, General Secretary Xi Jinping proposed to build “a community of shared future in cyberspace” for the first time at the Second World Internet Conference, emphasizing that “Cyberspace is a common activity space for human, and the future of cyberspace should be shared by all countries in the world. Every country should strengthen communication, expand consensus, and deepen cooperation.” This undoubtedly provides a Chinese idea for dark Web governance. In the context of rapid development of globalization and with the guidance of building “a community of shared future in cyberspace”, we propose several methods and recommendations for dark Web governance.
    Research on China's Cipher law System Architecture
    2018, 4(9):  853-856. 
    Asbtract ( )   PDF (1142KB) ( )  
    References | Related Articles | Metrics
    The exposure draft of the cipher law was released in April 2017, which indicates that the construction of Chinas cipher law system is still in its infancy and is still incomplete. The cipher law is very important in the field of information security, but we still want to discuss the possibility of establishing and improving cipher law system in our country from the views of system, which helps to think about the contents of the cipher law from a more macro perspective. Beginning with the concept of legal system frame, this paper first analyzes from a perspective of being ought to be. Then, on the basis of making clear of existing cipher related laws in China, this paper puts forward a legal regulation system with cipher law as the core, and hopes to provide some ideas for the further cipher legislation.
    Thoughts on the Excessive Collection of Personal Data by Online Payment Bills
    2018, 4(9):  857-862. 
    Asbtract ( )   PDF (1618KB) ( )  
    References | Related Articles | Metrics
    With the development and application of big data technology and artificial intelligence technology, the autonomy of enterprises is constantly increasing, and the degree of acquisition and analysis of their user data is gradually deepening. In this environment, personal data is at risk of being leaked, stolen, and abused at any time. On the basis of expounding the concept of personal data, combined with Alipays annual billing event, the current situation of personal data being overcollected and personal data leakage incidents were extracted, and the Alipay data collection model was analyzed. According to the deficiencies in the collection rules of Alipay data collection model, the data is overdisclosed, the data storage cycle and the storage volume are not clear and so on, from the security technology development of Alipay platform, the security awareness of these developers, and the data security supervision mechanism within the platform, Domestic relevant laws and regulations and personal data security awareness and other aspects of the model to improve the countermeasures and data collection recommendations, so as to improve the security of personal data for users to provide protection.
    Research on the Network Negative and False MilitaryRelated Information
    2018, 4(9):  863-868. 
    Asbtract ( )   PDF (2059KB) ( )  
    References | Related Articles | Metrics
    The Internet has become a gathering place for folk voices due to its characteristics of imperceptibility, convenience, highspeed, and wide spread of information. The social influence of online public opinion is increasing. However, because some people lack rational thinking about network information, and some criminals and hostiles deliberately and even maliciously disseminate various kinds of false statements, internet public opinion is often used by people with ulterior motives to attack and destroy the party, government and army. Strengthening the research on network negative and false militaryrelated information is an important prerequisite for improving the earlywarning and protection capabilities of online militaryrelated public opinion in the era of big data. It is an urgent need to make up for the lack of traditional information security measures. It is also an important measure to effectively respond to the infiltration of hostile forces on Internet media, to resist the hegemony of western public opinion, to purify online political ecology, maintain the army image and national security.