Table of Content

    10 March 2020, Volume 6 Issue 3
    Ditigal Technology Fighting Epidemic: China’s Big Data Security Is in Action
    2020, 6(3):  194-201. 
    Asbtract ( )   PDF (2647KB) ( )  
    Related Articles | Metrics
    Security Problem and Countermeasure Research of SDN
    2020, 6(3):  202-211. 
    Asbtract ( )   PDF (1584KB) ( )  
    References | Related Articles | Metrics
    In recent years, softwaredefined networking (SDN) has been the focus of research. SDN may replace traditional networks and become the nextgeneration network architecture, because its programmability and scalability bring new opportunities for network management. We have comprehensively analyzed the hidden dangers of softwaredefined network (SDN), thoroughly analyzed its own security problems in softwaredefined network, and proposed corresponding countermeasures and suggestions. We discussed the characteristics and standards of SDN, and based on the three levels of the SDN paradigm, namely the data forwarding layer, the control layer, and the application layer, analyzed the security threats and countermeasures at each level in detail and introduced Countermeasure techniques that can be used to prevent, mitigate or resolve such attacks.
    Malware Detection Based on Application Programming Interface Sequence and Convolutional Neural Network
    2020, 6(3):  212-219. 
    Asbtract ( )   PDF (1245KB) ( )  
    References | Related Articles | Metrics
    Convolutional neural network (CNN) has been widely used in many fields. Windows Application Programming Interface(API) sequences are structurally dependent on each other. Only using convolutional neural networks to detect malware will ignore the context semantics of words. Therefore, this paper uses the word embedding model to pretrain the API sequences to from word vectors. Then, five convolution kernels of different sizes are fused to make up for the shortcomings of traditional convolutional networks in losing sequence timing information and ignoring word context semantics and grammatical information. This paper runs a sample in the Cuckoo sandbox, extracts dynamic API sequences and performs deduplication processing. The word vectors are pretrained using the word embedding method, and input to a multicore fusion CNN network to train a malware detection model. Finally, this paper uses the testset to test the validity of the model. The accuracy value of the testset reaches 98.1%. The results show that the method proposed in this paper can effectively detect malware.
    Text Sentiment Analysis Based on BERT
    2020, 6(3):  220-227. 
    Asbtract ( )   PDF (1110KB) ( )  
    References | Related Articles | Metrics
    Most of the existing models adopt Word2Vec, GloVe(global vectors) and other methods to obtain the word vector representation of the text, ignoring the context relationship of the word. Aiming at this problem, a neural network model based on Bidirectional Encoder Representations from Transformers (BERT) pretraining language model with bidirectional long shortterm memory network (BLSTM) and attention mechanism was proposed for text sentiment analysis. Firstly, the word vector containing contextual semantic information is obtained through BERT pretraining language model. Secondly, BLSTM is used to extract contextual features for deep learning. Finally, attention mechanism is introduced to assign corresponding weights to the extracted deep information of the text to highlight the key information for text sentiment classifications. The accuracy rate can be 88.91% on the SST(stanford sentiment treebank) dataset. The experimental results show that the model performs better than other methods.
    Malware Family Classification Based on Attributed Dataflow Graph
    2020, 6(3):  226-234. 
    Asbtract ( )   PDF (976KB) ( )  
    References | Related Articles | Metrics
    New types of malware pose a serious threat to cybersecurity, and most of them are modified on the basis of existing malwares. Therefore, family classification of malwares is helpful for analyzing the evolution of malware families and tracing cybercrime groups. We propose a malware family classification method based on attributed dataflow graphs and graph convolutional networks. First, run malware in the sandbox to obtain the API call sequence; then abstract the API call sequence into dataflow events and build a dataflow graph with attributes; then, use the improved graph convolutional network to learn the attributed dataflow graph; Finally, use the trained network to classify malware into families. The experimental results show that the method proposed in this paper can achieve a classification accuracy of 96.79%, which is better than the method based on API call graph.
    Research on Security Situation Awareness Model Based on Payment Scenario of Financial Industry
    2020, 6(3):  235-243. 
    Asbtract ( )   PDF (1997KB) ( )  
    References | Related Articles | Metrics
    Payment is the most widely used scenario in the financial industry. Driven by the interests, there are more and more network attacks against payment business scenarios. How to accurately and effectively perceive the security risk of payment scenarios is one of the current research issues, This paper focuses on the current situation awareness system and payment business security monitoring system, and analyzes the shortcomings of these two traditional systems in payment business scenario risk perception. Introduces the functional architecture and technical framework of payment scenario situation awareness platform, and the analysis method of multichannel monitoring security events based on network, host and business application.Taking two typical payment business scenarios of violent account cracking and malicious account opening as examples, using autoregressive integrated moving average model and Gaussian algorithm, a situation awareness model based on financial industry payment business scenario is designed, which successfully realizes the future prediction and periodic prediction of security situation of payment scenario risk.
    Research on Mimic Defense System of Internet of Vehicles
    2020, 6(3):  244-251. 
    Asbtract ( )   PDF (1203KB) ( )  
    References | Related Articles | Metrics
    In the era of the Internet of things, everything is interconnected. As one of its products, the Internet of Vehicles provides consumers with a convenient way to travel. But at the same time, the safety problems of automobile driving brought by intelligence and network also face various risks, which seriously threaten peoples lives and property safety. Therefore, this article adopts a mimic defense method to design and implement a mimic defense system of Internet of vehicles. Through the collection of vehicle-side threat data and the identification of vehicle serverside threat data, a mimic defense analysis engine is established to effectively protect against various known threats. At the same time, the analysis engine is used to predict the unknown vulnerabilities and threats, thereby forming an active defense behavior. Finally, experiments show that the method can effectively guarantee the safety of the Internet of Vehicles, and provide a strong security support for the security of the Internet of Vehicles business.
    Study on the Governance Model of Network Speech Under the Ternary Structure
    2020, 6(3):  252-258. 
    Asbtract ( )   PDF (1037KB) ( )  
    References | Related Articles | Metrics
    The emergence of network platforms has transformed the traditional governance model of “governmentindividual” into a ternary structure of “governmentplatformindividual”. Therefore, speech governance presents a greater particularity compared with the era of traditional media. On the one hand, the introduction of enterprises and technologies has resulted in the change of power allocation in the network society, so that the government functions need to be transformed and platform positioning needs to be clarified. On the other hand, speech communication has changed from a physical society to a network society, showing great changes in the speed and consequences of propagation so that the traditional governance model is no longer suitable for the current situation. Therefore, this paper puts forward the solution path of constructing the multicenter governance mode through the specific configuration of government, platform and individual power and responsibility.
    Electronic Payment Information Protection Scheme and Application Based on Payment Tokenization Technology
    2020, 6(3):  259-265. 
    Asbtract ( )   PDF (1371KB) ( )  
    References | Related Articles | Metrics
    Personal information protection is an important proposition in the information era. The security of bank card account information is of vital interest to banks, payment institutions, merchants and cardholders. The protection methods for payment information security commonly used in the past reduce the occurrence of information leakage and transaction fraud to a certain extent. In order to cope with the increasingly severe cyberspace security situation, the payment information protection scheme based on payment tokenization technology fundamentally solves the problem of payment information leakage, and provides convenient and safe payment experience for cardholders, issuers, acquirers and other payment industry parties.
    Research on Cloud Computing Cyber Security Matrix Control Based on Risk Control and Compliance
    2020, 6(3):  266-271. 
    Asbtract ( )   PDF (1192KB) ( )  
    References | Related Articles | Metrics
    Cloud computing is a widely used computing model, which is characterized by wide access, easy expansion, rapid elasticity and scalability through the Internet. With the rapid development and application of cloud computing, a large number of information systems run on the cloud, a large number of data storage or run on the cloud, cloud computing security highlights the importance. In order to ensure the security of information system on the cloud, prevent the loss and leakage of cloud data, illegal access and other security incidents, based on risk control and compliance, using matrix management ideas, following the PDCA management process, the paper put forward the cloud computing responsibility matrix, assert matrix, risk matrix, compliance matrix, control matrix, and check matrix to improve the comprehensive management of cloud computing cyber security control.
    Research on the Safety Grade Protection Evaluation for Industrial Control Systems
    2020, 6(3):  272-278. 
    Asbtract ( )   PDF (2026KB) ( )  
    References | Related Articles | Metrics
    Grade protection is the basic system of national cyber security. Industrial control system is widely used in many industries, such as power, oil and gas, water conservancy, railway, tobacco, iron and steel, nonferrous metal and so on. Industrial control system is an important kind of protection objects in grade protection. This paper explains the concept, development history, classification and application fields of industrial control systems, introduces the selection criteria, evaluation index and evaluation processes of industrial control system evaluation objects according to different standards and different angles, and gives how to determine the assessment targets from the guidelines of evaluation process. This paper introduces how to determine the evaluation object and index of industrial control system according to multiple grade protection standards step by step from complexity to simplicity, from whole to concrete, which has typical guiding significance for carrying out the evaluation of industrial control system.