Loading...
Toggle navigation
Home
About
About Journal
Editorial Board
Author Center
Current Issue
Just Accepted
Archive
Most Read Articles
Most Download Articles
Most Cited Articles
E-mail Alert
RSS
Reader Center
Online Submission
Manuscript Tracking
Instruction
Download
Review Center
Peer Review
Office Work
Editor-in-Chief
Subscription
Contact Us
中文
Table of Content
10 March 2020, Volume 6 Issue 3
Previous Issue
Next Issue
Ditigal Technology Fighting Epidemic: China’s Big Data Security Is in Action
2020, 6(3): 194-201.
Asbtract
(
)
PDF
(2647KB) (
)
Related Articles
|
Metrics
Security Problem and Countermeasure Research of SDN
2020, 6(3): 202-211.
Asbtract
(
)
PDF
(1584KB) (
)
References
|
Related Articles
|
Metrics
In recent years, softwaredefined networking (SDN) has been the focus of research. SDN may replace traditional networks and become the nextgeneration network architecture, because its programmability and scalability bring new opportunities for network management. We have comprehensively analyzed the hidden dangers of softwaredefined network (SDN), thoroughly analyzed its own security problems in softwaredefined network, and proposed corresponding countermeasures and suggestions. We discussed the characteristics and standards of SDN, and based on the three levels of the SDN paradigm, namely the data forwarding layer, the control layer, and the application layer, analyzed the security threats and countermeasures at each level in detail and introduced Countermeasure techniques that can be used to prevent, mitigate or resolve such attacks.
Malware Detection Based on Application Programming Interface Sequence and Convolutional Neural Network
2020, 6(3): 212-219.
Asbtract
(
)
PDF
(1245KB) (
)
References
|
Related Articles
|
Metrics
Convolutional neural network (CNN) has been widely used in many fields. Windows Application Programming Interface(API) sequences are structurally dependent on each other. Only using convolutional neural networks to detect malware will ignore the context semantics of words. Therefore, this paper uses the word embedding model to pretrain the API sequences to from word vectors. Then, five convolution kernels of different sizes are fused to make up for the shortcomings of traditional convolutional networks in losing sequence timing information and ignoring word context semantics and grammatical information. This paper runs a sample in the Cuckoo sandbox, extracts dynamic API sequences and performs deduplication processing. The word vectors are pretrained using the word embedding method, and input to a multicore fusion CNN network to train a malware detection model. Finally, this paper uses the testset to test the validity of the model. The accuracy value of the testset reaches 98.1%. The results show that the method proposed in this paper can effectively detect malware.
Text Sentiment Analysis Based on BERT
2020, 6(3): 220-227.
Asbtract
(
)
PDF
(1110KB) (
)
References
|
Related Articles
|
Metrics
Most of the existing models adopt Word2Vec, GloVe(global vectors) and other methods to obtain the word vector representation of the text, ignoring the context relationship of the word. Aiming at this problem, a neural network model based on Bidirectional Encoder Representations from Transformers (BERT) pretraining language model with bidirectional long shortterm memory network (BLSTM) and attention mechanism was proposed for text sentiment analysis. Firstly, the word vector containing contextual semantic information is obtained through BERT pretraining language model. Secondly, BLSTM is used to extract contextual features for deep learning. Finally, attention mechanism is introduced to assign corresponding weights to the extracted deep information of the text to highlight the key information for text sentiment classifications. The accuracy rate can be 88.91% on the SST(stanford sentiment treebank) dataset. The experimental results show that the model performs better than other methods.
Malware Family Classification Based on Attributed Dataflow Graph
2020, 6(3): 226-234.
Asbtract
(
)
PDF
(976KB) (
)
References
|
Related Articles
|
Metrics
New types of malware pose a serious threat to cybersecurity, and most of them are modified on the basis of existing malwares. Therefore, family classification of malwares is helpful for analyzing the evolution of malware families and tracing cybercrime groups. We propose a malware family classification method based on attributed dataflow graphs and graph convolutional networks. First, run malware in the sandbox to obtain the API call sequence; then abstract the API call sequence into dataflow events and build a dataflow graph with attributes; then, use the improved graph convolutional network to learn the attributed dataflow graph; Finally, use the trained network to classify malware into families. The experimental results show that the method proposed in this paper can achieve a classification accuracy of 96.79%, which is better than the method based on API call graph.
Research on Security Situation Awareness Model Based on Payment Scenario of Financial Industry
2020, 6(3): 235-243.
Asbtract
(
)
PDF
(1997KB) (
)
References
|
Related Articles
|
Metrics
Payment is the most widely used scenario in the financial industry. Driven by the interests, there are more and more network attacks against payment business scenarios. How to accurately and effectively perceive the security risk of payment scenarios is one of the current research issues, This paper focuses on the current situation awareness system and payment business security monitoring system, and analyzes the shortcomings of these two traditional systems in payment business scenario risk perception. Introduces the functional architecture and technical framework of payment scenario situation awareness platform, and the analysis method of multichannel monitoring security events based on network, host and business application.Taking two typical payment business scenarios of violent account cracking and malicious account opening as examples, using autoregressive integrated moving average model and Gaussian algorithm, a situation awareness model based on financial industry payment business scenario is designed, which successfully realizes the future prediction and periodic prediction of security situation of payment scenario risk.
Research on Mimic Defense System of Internet of Vehicles
2020, 6(3): 244-251.
Asbtract
(
)
PDF
(1203KB) (
)
References
|
Related Articles
|
Metrics
In the era of the Internet of things, everything is interconnected. As one of its products, the Internet of Vehicles provides consumers with a convenient way to travel. But at the same time, the safety problems of automobile driving brought by intelligence and network also face various risks, which seriously threaten peoples lives and property safety. Therefore, this article adopts a mimic defense method to design and implement a mimic defense system of Internet of vehicles. Through the collection of vehicle-side threat data and the identification of vehicle serverside threat data, a mimic defense analysis engine is established to effectively protect against various known threats. At the same time, the analysis engine is used to predict the unknown vulnerabilities and threats, thereby forming an active defense behavior. Finally, experiments show that the method can effectively guarantee the safety of the Internet of Vehicles, and provide a strong security support for the security of the Internet of Vehicles business.
Study on the Governance Model of Network Speech Under the Ternary Structure
2020, 6(3): 252-258.
Asbtract
(
)
PDF
(1037KB) (
)
References
|
Related Articles
|
Metrics
The emergence of network platforms has transformed the traditional governance model of “governmentindividual” into a ternary structure of “governmentplatformindividual”. Therefore, speech governance presents a greater particularity compared with the era of traditional media. On the one hand, the introduction of enterprises and technologies has resulted in the change of power allocation in the network society, so that the government functions need to be transformed and platform positioning needs to be clarified. On the other hand, speech communication has changed from a physical society to a network society, showing great changes in the speed and consequences of propagation so that the traditional governance model is no longer suitable for the current situation. Therefore, this paper puts forward the solution path of constructing the multicenter governance mode through the specific configuration of government, platform and individual power and responsibility.
Electronic Payment Information Protection Scheme and Application Based on Payment Tokenization Technology
2020, 6(3): 259-265.
Asbtract
(
)
PDF
(1371KB) (
)
References
|
Related Articles
|
Metrics
Personal information protection is an important proposition in the information era. The security of bank card account information is of vital interest to banks, payment institutions, merchants and cardholders. The protection methods for payment information security commonly used in the past reduce the occurrence of information leakage and transaction fraud to a certain extent. In order to cope with the increasingly severe cyberspace security situation, the payment information protection scheme based on payment tokenization technology fundamentally solves the problem of payment information leakage, and provides convenient and safe payment experience for cardholders, issuers, acquirers and other payment industry parties.
Research on Cloud Computing Cyber Security Matrix Control Based on Risk Control and Compliance
2020, 6(3): 266-271.
Asbtract
(
)
PDF
(1192KB) (
)
References
|
Related Articles
|
Metrics
Cloud computing is a widely used computing model, which is characterized by wide access, easy expansion, rapid elasticity and scalability through the Internet. With the rapid development and application of cloud computing, a large number of information systems run on the cloud, a large number of data storage or run on the cloud, cloud computing security highlights the importance. In order to ensure the security of information system on the cloud, prevent the loss and leakage of cloud data, illegal access and other security incidents, based on risk control and compliance, using matrix management ideas, following the PDCA management process, the paper put forward the cloud computing responsibility matrix, assert matrix, risk matrix, compliance matrix, control matrix, and check matrix to improve the comprehensive management of cloud computing cyber security control.
Research on the Safety Grade Protection Evaluation for Industrial Control Systems
2020, 6(3): 272-278.
Asbtract
(
)
PDF
(2026KB) (
)
References
|
Related Articles
|
Metrics
Grade protection is the basic system of national cyber security. Industrial control system is widely used in many industries, such as power, oil and gas, water conservancy, railway, tobacco, iron and steel, nonferrous metal and so on. Industrial control system is an important kind of protection objects in grade protection. This paper explains the concept, development history, classification and application fields of industrial control systems, introduces the selection criteria, evaluation index and evaluation processes of industrial control system evaluation objects according to different standards and different angles, and gives how to determine the assessment targets from the guidelines of evaluation process. This paper introduces how to determine the evaluation object and index of industrial control system according to multiple grade protection standards step by step from complexity to simplicity, from whole to concrete, which has typical guiding significance for carrying out the evaluation of industrial control system.
Author Center
Online Submission
Instruction
Template
Copyright Agreement
Review Center
Peer Review
Editor Work
Editor-in-Chief
Office Work