Table of Content

    15 July 2019, Volume 5 Issue 7
    Strengthening the Development of Network and Information Enterprises to Deal with Trade Friction and Promote Implementation of Network Power Strategy
    2019, 5(7):  554-559. 
    Asbtract ( )   PDF (935KB) ( )  
    References | Related Articles | Metrics
    To promote the gradual implementation of the strategy of strengthening the country through network, it is necessary for the state and government as well as the functional departments to provide good policies and market environment through various policies and measures. It is also necessary for the network and information security enterprises to constantly adjust their development strategies according to their own business, in order to improve their technological advantages and optimize their resources through the capital market. International thinking and Internet thinking are also necessary for the network and information security enterprises to enhance their vision of internationalization and explore the path of internationalization development. Especially in the current era of globalization, based on the development of the network and information security industry, those enterprises need to constantly explore new industrial development model and business model, and create and form a sustainable development ecological circle of collaborative innovation.
    Overview of Threat Intelligence Standards
    2019, 5(7):  560-569. 
    Asbtract ( )   PDF (4042KB) ( )  
    References | Related Articles | Metrics
    Cyber threat intelligence (CTI) refers to the knowledge that provide decision-making basis for solving threats or hazards based on some evidence-based knowledge such as scenarios, response suggestions and so on, aiming at existing or potential threats or endangering assets. The cyber-security defense based on CTI can analyze the threat situation in time, assist decision-making and greatly enhance the defense capability. This paper summarizes the relevant standards in the field of CTI and gives a brief overview of them, including a series of standards proposed by MITRE of the United States, some mainstream standards proposed by other agencies, and the national standard of CTI released in October, 2018 in China. Among them, some standards focus on the feature description of intelligence while others focus on the transmission format of intelligence. The use of these standards can standardize the expression and exchange of CTI, helping to improve the validity of sharing data and efficiency of data sharing, thus we can prevent network attacks better.
    The RAND’s Advices on Cybersecurity Defense
    2019, 5(7):  570-575. 
    Asbtract ( )   PDF (2383KB) ( )  
    References | Related Articles | Metrics
    Cybersecurity is currently receiving widespread attention from governments, academia, and enterprises around the world. The US Department of Homeland Security issued the Blueprint for a Secure Cyber Future in 2011, which defines 75 strategies that can strengthen national cybersecurity, 25 of which are key strategies. The Rand Corporation conducted research on the strategies proposed by the report and the effect of these strategies, analyzed the shortcomings of the DHS blueprint, proposed a method for assessing network security defense behaviors and produced a report A Framework for Programming and Budgeting for Cybersecurity. The report uses the sunburst to represent the main goals of cybersecurity, the four strategies that support the goals, and the specific strategies and activities. This paper will give a brief introduction to the research results of RAND.
    The United States Department of Homeland Security’s Guide and Project in Cybersecurity Area
    2019, 5(7):  576-581. 
    Asbtract ( )   PDF (943KB) ( )  
    References | Related Articles | Metrics
    In 2017, the US CYBERCOM was upgraded to the tenth Unified Combatant Commands, and its status was equal to the major combatant commands such as the US CENTCOM. This means that cyberspace has officially became the fifth battlefield of the US military after land, sea, air, and space. Countries such as Britain, France, Germany, Japan and Russia are also active in cyberspace. Cybersecurity has been attaching great importance around the world. Studying the policy direction of countries with leading cybersecurity technologies such as the United States has a good inspiration for researchers in China. In March 2018, the Department of Homeland Security released two new guides, Cyber Security Division Technology Guide 2018 and Cyber Security Division 2018 Portfolio Guide, which outline the range of products researched by the Science and Technology Directorate in the field of cybersecurity and promote the marketization of their products. This paper provides a brief introduction of the research directions and projects mentioned in these two guides.
    American Network Security Architecture
    2019, 5(7):  582-585. 
    Asbtract ( )   PDF (1335KB) ( )  
    References | Related Articles | Metrics
    At present, with the rapid development of information technology and applications, cyberspace security has become a focus area of attention in the world. Many countries have upgraded the cyberspace security strategy to the level of national strategy. As the theoretical support of cyberspace security, the network security system has always been an important part of the research in the field of cyberspace security. The network security architecture is a complex system engineering, which needs to integrate the security organization, security technology and security management to build an integrated overall security barrier. The United States has always been a leader in the research of network security architecture. The US government, academia, and industry have actively cooperated and proposed many classic network security models and architectures. This paper gives a brief introduction to the American classic network security models and architectures PDRR, P2DR, IATF and the Community Gold Standard (CGS).
    Enlightenment from the Serious Cybersecurity Risks of “Trident” Nuclear Submarine
    2019, 5(7):  586-591. 
    Asbtract ( )   PDF (1658KB) ( )  
    References | Related Articles | Metrics
    In the era of global connectivity and network tools to enhance accessibility, cyber warfare has become an important part of conventional warfare, a new military field. In June 2017, the British think tank AngloAmerican Security Information Committee (BASIC) released a survey report “Hacking UK Trident, A Growing Threat”, saying that the British “Trident” nuclear submarine has serious cyber security risks and is vulnerable to catastrophic cyber attacks. According to the report, a successful cyber attack may completely offset the submarine operation instructions, causing casualties and may even cause nuclear warheads to be launched directly or indirectly. This growing threat of cyberattacks against strategic missile nuclear submarines may have a serious impact on strategic stability between countries and the second strike capability of nuclear warfare. This paper analyzes the security risks in the various stages of the Trident nuclear submarine supply chain, proposes countermeasures from the national strategic level, and guides the safety of the Trident system.
    Analysis and Forecast of Future International Science and Technology Development
    2019, 5(7):  592-598. 
    Asbtract ( )   PDF (1086KB) ( )  
    References | Related Articles | Metrics
    This article focuses on what core technologies of computers and networks may affect the countrys strength in the Globalization background in the next 30 years, and hopes to help the country understand emerging technology trends and deal with future uncertainties. As we all know, it is impossible to meticulously predict what will happen in the future. The purpose of this paper is to inform the country possibility of future development direction, and to determine the development strategy to face the future with the best gesture. In the next 30 years, science and technology will be the core power driving the worlds change. This article focuses on key technologies in robotics and autonomous systems, Internet of things, and cyber, and combines the comments of these technologies with domestic and foreign analysts to analyze the potential impact of these technologies.
    Application Analysis of Big Data in Information Security
    2019, 5(7):  599-607. 
    Asbtract ( )   PDF (2935KB) ( )  
    References | Related Articles | Metrics
    With the rapid development of human society, Interconnection communication technology becomes more and more improved and advanced, information exchanges becomes more frequent, information accumulation increases day by day, and the era of Big Data is coming. Nowadays, the concept of big data is widely used in various aspects of society, such as peoples livelihood, medical care, aviation and navigation, environmental protection, law and order, etc. Big data is not a castle in the air, but the real needs of the age. Big Data is generally thought to have originated from Googles “troika”(GFS, MapReduce, and BigTable), which has been in development for more than a decade, and changes continuously. Big Data can be roughly summarized into four parts: transmission of data, processing of data, storage of data, and query of data, each part includes different components to achieve their respective functions, typically Kafka, Message Queue in transmission of data, MapReduce, Spark, etc. in processing of data. These components together realize comprehensive and complex data analysis and constitutes the Hadoop ecosystem of Big Data. For information and network security, Big Data also plays an important role, such as big data privacy, public opinion monitoring, advanced persistent threat (APT) detection, etc. We are more aware of the importance of big data in the field of information security, through the case study of construction of Big Data platform for network traffic monitoring analysis, log analysis and electromagnetic data analysis.
    The Suggestions About the Works of Information Security Grade Protection in Colleges and Universities under the New Situation
    2019, 5(7):  608-615. 
    Asbtract ( )   PDF (2422KB) ( )  
    References | Related Articles | Metrics
    The contents about network security and information establishment are mentioned in 19th CPC National Congress for many times. As the main areas of the universal application of network information, the colleges and universities should not ignore the network security. At present, the network security of colleges and universities appears these characteristics, such as more organizations, large staff, more systems, large statistics, high attention, and extensive influence, so the network security matter is especially outstanding. The authors of this thesis introduce the related policies of information security class protection, the necessity of develop information security grade protection, the status of information network in colleges and universities, and process of establishing information security class protection of their college, and elaborate how the colleges and universities can develop information security grade protect establishments based on information security grade protecting standards.
    Research on Technologies of Kernel Rootkit Detecting and Protecting in KVM Environment
    2019, 5(7):  616-622. 
    Asbtract ( )   PDF (2754KB) ( )  
    References | Related Articles | Metrics
    Virtualization technology has been widely used in cloud computing environment, and its security is becoming more and more important. At present, malicious code attacks are developing in the direction of complexity, concealment, and persistence, which has become one of the important threats to cloud infrastructure in China.Especially in the context of the massive use of Linux and kernelbased virtual machine (KVM) virtualization in cloud data centers, its very important to research on detection and protection technologies of Linux kernel rootkit in KVM virtualization environment. However, the current research in this field mainly focuses on detecting, and lacks in response and protecting stage. To solve this problem, this paper proposes a security architecture that integrates kernellevel Rootkit security detection, response and active protection in KVM virtualization environment, and validates it in KVM virtualization platform. The results show that the security architecture can effectively detect and prevent attacks of kernellevel Rootkit in Guest virtual machine.
    Application of Network Security Situational Awareness in Railway Information Security
    2019, 5(7):  623-630. 
    Asbtract ( )   PDF (3712KB) ( )  
    References | Related Articles | Metrics
    The cyber attacks against infrastructure such as railways have intensified. In order to ensure the network security of the railway system, it is urgent to further optimize it. This paper briefly combs the structure of the railway network system, considering the development of the current network security defense system, and proposes to apply the latest network security situation awareness technology to the construction of the railway network system, by fully applying the computing power of big data analysis, which build the railway network security situation awareness platform architecture based on big data, and providethe solution for the hidden dangers of the current railway network security defense.
    A Data Security Verification Scheme Based on Task Macro
    2019, 5(7):  631-634. 
    Asbtract ( )   PDF (1300KB) ( )  
    References | Related Articles | Metrics
    With the continuous development of computer technology in the field of industrial control and aerospace, the function of the epigynous machine software is increasingly perfect, and the parameter setting is more complicated. Macro configuration of parameters using the mode of the task macro reduces the complexity of the operation and improves reliability of parameter configuration. However, the task macro brings convenience to parameter setting of epigynous machine, but also faces unprecedented challenges. How to protect the security in the task macro become a hot topic of academic research. Based on this,firstly,we introduce an overview of the task macro, give the issues of data security. Moreover, we propose a scheme of task macro for data security based on SM3 and SM4. Lastly, the feasibility of the scheme has been proved by designing simulation system model.
    Abnormal Detection in Modbus TCP Based on Convolutional Neural Network
    2019, 5(7):  635-638. 
    Asbtract ( )   PDF (1302KB) ( )  
    References | Related Articles | Metrics
    Aiming at the frequent vulnerabilities problem in Modbus/TCP protocol in industrial control system, we propose a Modbus/TCP anomaly message detection method based on convolutional neural network. By analyzing and summarizing the types of abnormal packets in Modbus/TCP, we design the convolution core of convolution neural network. Through simulation training of input dimension, convolution layer and convolution weight of neural network, we design the Modbus/TCP anomaly message detection model based on convolutional neural network, and use HOOK in Netfilter to embed the model into industrial firewall to realize the Modbus/TCP abnormal packets detection.
    Research on Network Security Architecture Design for the Node Upgrade of Traffic Private Network
    2019, 5(7):  639-643. 
    Asbtract ( )   PDF (1360KB) ( )  
    References | Related Articles | Metrics
    Traffic private network integrates data transmission and audioandvideo transmission functions, and has become the fundamental communication network for the basic information perception and business information transmission of highway and waterways once traffic private network been attacked, it will seriously affect the operation and the process of emergency disposal of the highway and waterway. Limited by the construction, funds and the technical conditions, there are potential safety hazards for the management office of the traffic private network, in particular, when providing information to the business personnel of the intranet or the public of the extranet, the security requirements cannot be met. In this paper, the network security architecture for the nodes of traffic private network is proposed, which can be updated with lowcost of the existing network to ensure security. The practice results of network security transformation of a node show that the data security and access security of node communication can be satisfied, and the application prospect is broad.
    Prediction of Network Security Situation Based on Depth Automatic Encoder
    2019, 5(7):  644-648. 
    Asbtract ( )   PDF (1437KB) ( )  
    References | Related Articles | Metrics
    With the development and progress of Internet theory and technology, security has become an extremely important factor in the study of cyberspace. Network security situation prediction can integrate different levels of security factors and directly reflect the overall situation of network security. In order to increase the accuracy of the prediction of network security situation, this paper proposes a method to apply the deep self-encoder neural network algorithm to the network security situation prediction technology, and uses the National Internet Emergency Response Center security data set to perform simulation experiments on the matlab platform. The results show that the network security situation prediction model based on depth self-encoder has a fast learning speed and high accuracy ,which can predict the network security situation well.