Table of Content

    15 May 2020, Volume 6 Issue 5
    2020 Q1 Cyber Security Situation Posture Report
    2020, 6(5):  378-387. 
    Asbtract ( )   PDF (5031KB) ( )  
    Related Articles | Metrics
    Fast-flux Botnet Domain Detection Method Base On Network Traffic
    2020, 6(5):  388-395. 
    Asbtract ( )   PDF (1525KB) ( )  
    References | Related Articles | Metrics
    APT attacks harm the existing network security and pose a major threat to the security of enterprise data. Hackers and criminals may use the bot-nets to prepare for their own attacks before APT attacks. Fast-flux is used by hackers and criminals to conceal themselves and improve the chances of bot-net generation. To detect APT attacks, we need to detect fast-flux bot-net domain names. There are many deficiencies in the existing detection methods, so it is urgent to study the detection methods of fast-flux bot-net. We investigated the research status at home and abroad, and found that the existing methods have the problem of false positives and low accuracy for CDN domain names. This paper presents two new features and designs an AdaBoosting-based method using DNS traffic to solve the above problems. After that, the above detection methods are verified by experiments. Experiments show that the characteristics and methods proposed in this paper can effectively reduce the false positives of CDN domain names and greatly improve the overall detection performance in the detection of fast-flux domain names.
    Research on News Topic Detection and Tracking Technology Based on Improved Single-Pass
    2020, 6(5):  396-403. 
    Asbtract ( )   PDF (1473KB) ( )  
    References | Related Articles | Metrics
    In order to solve the problem of how to detect and track the target topic from massive news reports, an auto-increasing clustering Single-Pass algorithm was selected to research. Based on the improvement of the original Single-Pass clustering algorithm, it is expected to get a better solution. The improvement of the original algorithm mainly includes adding weight coefficients to select feature words in news text to express feature word position information, supplemented by temporal features to calculate similarity of news text, and adding sub-segments in the Single-Pass clustering algorithm Topic threshold judgment process. The experiments verify that the improved Single-Pass clustering algorithm can not only obtain the clustering effect of topics with different granularities, but also improve the clustering efficiency. The experimental results show that under the same conditions, the missed detection rate and false detection rate of the improved Single-Pass clustering algorithm are significantly improved.
    Research on Cloud Security System Based on Big Data Security Technology
    2020, 6(5):  404-420. 
    Asbtract ( )   PDF (2881KB) ( )  
    References | Related Articles | Metrics
    Although cloud security has gradually matured in the past years, with the continuous expansion of new business scenarios such as big data and artificial intelligence, cloud security will face more and more challenges. This paper proposes a cloud security technology system based on big data security technology, which can effectively solve the shortcomings of traditional cloud security in data security and security systematization. The new cloud security system starts from the data centric security concept, and constructs a new cloud security technical framework based on big data technology. This paper focuses on the key technologies involved in the new cloud security system, and give the scheme design of the new cloud security system in the specific practice, and finally introduces the practical effect of digital Hami smart government big data platform.
    Side Information Fusion Dual Anonymous Location Privacy Protection Scheme
    2020, 6(5):  421-426. 
    Asbtract ( )   PDF (1586KB) ( )  
    References | Related Articles | Metrics
    With the support of data mining technology, a large number of service data and background knowledge are related to each other, and the generated user query preference, behavior pattern and other side information will drive the attacker to implement more powerful location privacy attack means, which breaks through most existing protection schemes based on k-anonymity. In order to deal with these more powerful privacy threats, this paper proposes a side information fusion dual anonymous location privacy protection scheme SIFDA, that is, it carefully selects other k —1 real users to form k-anonymous set according to diverse query probability and user query preference similarity to resist inference and conspiracy attacks. A novel privacy protection metric is designed to accurately measure the privacy protection effect of anonymous sets. At the same time, the validity of the proposed method is verified by using the real trajectory data set.
    Research and Application of Security Requirements Testing Technology for mobile terminals
    2020, 6(5):  427-432. 
    Asbtract ( )   PDF (1787KB) ( )  
    References | Related Articles | Metrics
    “Technical Requirements for Security Capability of Smart Mobile Terminal” is the industry standard for the mobile terminal security which is promulgated in 2013. IWe analyzed the status and problems of security testing according to “Technical Requirements for Security Capability of Smart Mobile Terminal”. In order to solve these problems, we designed a security testing model based on the PC client and the testing agent, which realized the batch automatic script running and the security testing monitoring, effectively reduced the threshold of the security testing and improved the efficiency and quality of the security testing. This paper designed the cloud management platform, and researched the mechanism such as the testing data analyzing mechanism based on the label, which effectively improved the statistical analysis efficiency of the testing output data.
    Research on the Classification Method of Safety Cases in Internet of Vehicles
    2020, 6(5):  433-440. 
    Asbtract ( )   PDF (979KB) ( )  
    References | Related Articles | Metrics
    At present, the research on the safety of Internet of Vehicles (IOV) is mainly focused on information security, and there has been no research on the safety assessment of user behaviors detected by the system of IOV. The security problem of Internet of vehicles consist of both unsafe user behavior and various information security threats. There is a lack of uniform standards and assessment methods for the safety assessment of the two. In 2011, international organization for standardization launched the ISO - 26262 on car safety, which describes safety classification method about car and car electronics. On the basis of the standard classification algorithm, this paper uses the fuzzy comprehensive evaluation model to conduct quantitative analysis on the safety cases in the Internet of vehicles, and obtained the preliminary research results.
    Research on Rogue AP Detection Based on Wireless Device Fingerprinting
    2020, 6(5):  441-447. 
    Asbtract ( )   PDF (1206KB) ( )  
    References | Related Articles | Metrics
    With the popularity of mobile Internet, a large number of devices are connected to the Internet through wireless access points. However, wireless security has been one of the hot research topics because of the frequent wireless network attacks. Currently, rogue AP attack is one of the popular methods of wireless network attacks. The current methods for detecting rogue AP have flaws such as features being easily forged and high deployment costs. A new method for detecting rogue AP based on wireless device fingerprinting was proposed. The features used in this method can hardly be forged, and the training data only need the data of legitimate AP for rogue AP detection. CSI data of legitimate AP were collected, and wireless device fingerprints based on CSI phase information were extracted after data preprocessing. Then, sample pairs were generated based on the extracted device fingerprints, the Siamese network was trained by the sample pairs and AP fingerprint database was created. During the detection phase, the AP to be tested was compared with the corresponding fingerprints in the fingerprint database by the Siamese network to detect rogue AP. The experiments compared the accuracy rate of legitimate AP test set classification and rogue AP detection rate of Siamese network based on traditional deep neural network structure and convolutional neural network structure under different time windows. The experimental results showed that the method proposed in this paper has good prospects, and the Siamese network based on convolutional neural network has a higher detection rate.
    Research on The Harm of Data Hegemony to Countries and Individuals and The Countermeasures
    2020, 6(5):  448-453. 
    Asbtract ( )   PDF (861KB) ( )  
    References | Related Articles | Metrics
    Data hegemony is the bullying behavior of big data technology powerhouses in order to draw high economic value against other countries under the background of the era of big data, which violates the data sovereignty of other countries, and its essence is information hegemony. Data hegemony is the continuation of traditional hegemony in the era of big data, and stimulated by huge economic value, it is realized by the development of high-tech information multinational companies. Data hegemony has caused great harm to both the country and individuals: at the national level, it not only undermines national data sovereignty as a whole, but also specifically threatens the security of the country's political, economic, and scientific fields; at the individual level, it violates both individual human rights and individuals Privacy. The state should implement the national data security strategy based on the information security strategy, improve the level of big data technology to promote the development of high-tech multinational information companies, use the experience of the European Union to protect the right of personal data, counter the hegemony of data in other countries, and safeguard national data sovereignty .
    Deepfake Technology Supervision Policy Status, Challenges and Suggestions
    2020, 6(5):  454-457. 
    Asbtract ( )   PDF (667KB) ( )  
    References | Related Articles | Metrics
    Deepfake technology can generate fake images and videos that cannot be distinguished by human eyes. The combination of deep forgery and social network will bring great information security risks to individuals and society. In order to cope with the threats and challenges brought by Deepfake false information, this paper reviews the laws, systems, and regulations of major countries such as the United States, China, and the European Union, and analyzes the difficulties faced by the existing regulatory strategies from the perspective of tracing, law enforcement scope, litigation costs and so on. Finally, in view of the shortcomings of the supervision system and mechanism of network false information in our country, some suggestions are put forward from the aspects of legal construction, industry management, publicity and education.
    Research on Control of Selling Fake Products Through Influencer Marketing on Short Video Platform
    2020, 6(5):  458-462. 
    Asbtract ( )   PDF (977KB) ( )  
    References | Related Articles | Metrics
    As short videos gradually penetrate daily life of the public, many illegal merchants have found new opportunities for crimes. They engage in illegal activities of making and selling fake products on the short video platform, through the marketing model of Influencer Marketing. As a new type of social e-commerce, there is still a lack of an effective e-commerce control system at present. After analyzing the difficulties of discovering fake products ,obtaining evidences and punishing relevant parties encountered in the process of law enforcement to control the chaos of selling fake products through Influencer Marketing on the short video platform, this paper puts forward some control suggestions such as control both online and offline, increasing the illegal cost of all parties, improving the industry autonomy system and encouraging the supervision of whole society.
    2020, 6(5):  463-467. 
    Asbtract ( )   PDF (1505KB) ( )  
    References | Related Articles | Metrics
    With the rapid development of automotive electronics, network and information technology, the information security problem facing the Internet of Vehicles is also becoming more and more serious. Based on the transport layer link hijacking attack principle, a data transmission protection method based on encryption algorithm is analyzed and designed. By analyzing the three encryption algorithms of DES, 3DES and AES, the feasibility analysis is carried out from two aspects of security and implementation. The AES algorithm is selected to encrypt the data of the car network transmission layer. Experiments show that this method can effectively improve the security of car network data transmission.
    Research on the Innovative Application of Blockchain Technology in Government Governance in the Era of Digital Economy
    2020, 6(5):  468-472. 
    Asbtract ( )   PDF (925KB) ( )  
    References | Related Articles | Metrics
    In the era of digital economy, blockchain has become a national strategy, bringing new dynamic capacity to industrial transformation, and also promoting the innovation of government governance mode. This paper analyzes the development status of blockchain technology and typical application scenarios in the innovation mode of government governance. Aiming at the dilemma of blockchain application in government governance, it puts forward countermeasures and suggestions to promote the application of blockchain innovation in government governance, which provides reference for further promoting the development of blockchain technology in China and supporting the innovation of government governance in the development of digital economy in China.