Table of Content

    05 January 2021, Volume 7 Issue 1
    Adhere To The Self-reliance And Self-improvement Of IT Innovation System Technology, Build A Powerful Network Country And Digital China
    2021, 7(1):  2-03. 
    Asbtract ( )   PDF (497KB) ( )  
    Related Articles | Metrics
    Design and Implementation of Access Control Hybrid Model Based on Feature Analysis
    2021, 7(1):  4-14. 
    Asbtract ( )   PDF (3153KB) ( )  
    References | Related Articles | Metrics
    In order to solve the problem that there is no reliable source of access control list in network space,A hybrid access control model based on IP feature analysis is proposed. The model inclues two layers. In the first layer, by analyzing a large number of stream-based time characteristics, spatial characteristics and speed characteristics, statistics and codomain compression methods are used to dig out the correlation information differences between malicious IP streams and benign IP streams, to form a feature space based on IP characteristics. The second layer adopts the characteristics extracted from the first layer and combines unsupervised learning and supervised learning to form a access control hybrid model. Then, the access control list was generated by the access control hybrid model . This method has been tested and verified on the unsw-15 public dataset, CICIDS2017 public dataset and the data set manually collected by the author's laboratory. Experimental results show that the accuracy of this method is 100%, and the number of IP available for access control list is larger than other algorithms.
    Extraterritorial Experience of Algorithmic Governance and China's Approach
    2021, 7(1):  15-26. 
    Asbtract ( )   PDF (1944KB) ( )  
    References | Related Articles | Metrics
    As the driving engine of the development of the digital age, algorithms and their computing power are changing and reshaping human social life. While the algorithm is embedded in social life and provides many conveniences, many social risks, legal risks and even political risks are also born. In order to further promote the development of digital economy and effectively deal with the potential risks caused by algorithms, algorithm governance has been gradually pushed to the forefront of governance in various countries. Based on different cultural backgrounds and institutional systems, the United States has built an external control mode based on "algorithmic accountability", while the EU takes "gaining user rights" as the core and promotes the algorithmic governance mode of internal control under its data governance framework. In the future, China's algorithmic governance should focus on four aspects: system, structure, mode and process. By building a multi-party balanced algorithmic governance system, perfecting the institutional basis of algorithmic governance, setting up a mechanism to limit the expansion of algorithmic technical power, and increasing the publicity of algorithmic governance, we can realize the legalization of algorithmic governance and promote the modernization of network social governance system and governance capacity.
    Design and Implementation of Threat Level Decision Rules for Android Applications
    2021, 7(1):  27-36. 
    Asbtract ( )   PDF (1678KB) ( )  
    References | Related Articles | Metrics
    Aiming at the problem of the increasing proliferation of malware on Android platform, this paper proposes a threat level assessment technology for Android applications, which includes two parts: feature construction and threat level evaluation rule design. In this paper, firstly, we use static analysis and dynamic analysis technology to extract the permission, behavior and vulnerability characteristics of Android application APK file, and then use information gain algorithm to filter and build a feature library. Then, we design functions based on Naive Bayesian model. By defining monotonous, typical and intuitive functions, we can finally score the permissions and behavior characteristics of APK files The assessment is to divide the threat level according to the grading guidelines, and then extract the source code by decompiling the APK file, then read the code line by line to search for the matching vulnerabilities, and then evaluate the threat level of the APK file according to the corresponding threat level of the vulnerability. The experimental results show that this paper can divide the application threat level according to the calculated score, which is more intuitive and clear, and can evaluate the Android application threat level more effectively.
    Darknet Market Named Entity Recognition Based on Deep Learning
    2021, 7(1):  37-43. 
    Asbtract ( )   PDF (1439KB) ( )  
    References | Related Articles | Metrics
    Researches on the darknet markets (DNMs) plays a vital role for cybersecurity practitioners. At the same time, named entity recognition (NER) on DNM is a challenging task because of its inherent characteristics. In this paper, we proposed DNER, a named entity recognition system on the darknet markets, using the convolutional neural network (CNN) to learn morphological features of words from character embeddings, and combining with word embeddings, which makes it benefits from both word-level and character-level features to train the dataset. Meanwhile, we combine the bidirectional long short-term memory (BiLSTM) with conditional random fields (CRF) architecture to the NER task on darknet markets. The BiLSTM network considers both the forward information of the sentence and the backward information. Moreover, we compared the performances of the CNN-BiLSTM-CRF model with other baseline models on darknet market corpus, the experimental results showed that the DNER system has achieved at 98.59% of Precision, 93.82% of Recall, and 96.15% of F1 Score on the DNM corpus.
    Research On Defense Capabilities Of Secure Inter-domain Routing Mechanisms Against Routing Hijackings
    2021, 7(1):  44-52. 
    Asbtract ( )   PDF (2171KB) ( )  
    References | Related Articles | Metrics
    To mitigate the threaten posed by route hijackings to the Internet, various secure inter-domain routing mechanisms have been proposed to prevent hijackings or limit their propagations. This paper introduces the basic concept of routing hijackings, presents a taxonomy of them, and makes a through analysis and comparison on these mechanisms. With Internet scale route simulation, their defense capabilities against the most common routing hijackings are inferred under different deployment scenarios.
    Discussion on Cloud Security Construction under the new situation
    2021, 7(1):  53-58. 
    Asbtract ( )   PDF (2860KB) ( )  
    References | Related Articles | Metrics
    Discussion on Cloud Security Construction under the new situation, in the development process of cloud computing application becoming more and more popular, virtualization, as a key technology, has also developed rapidly, This paper analyzes the current network security status and the main network security problems from the characteristics of cloud computing. According to the characteristics of cloud computing and the personalized needs of tenants, combined with the requirements of equal security 2.0, it discusses the use of security component resource pooling, SDN streaming technology and traffic scheduling technology, designs a set of comprehensive solutions that meet the new environment, new technology and new regulatory requirements, and improves the virtualization environment Its own security defense system can reduce the cost of security construction. Provide the corresponding security service capabilities to the tenants in the cloud, and the use of the security capabilities can achieve safe operation..
    A Data Integrity Protection Scheme Based on Linear Coding
    2021, 7(1):  59-63. 
    Asbtract ( )   PDF (928KB) ( )  
    References | Related Articles | Metrics
    With the development of cloud storage, data security issues in the cloud are becoming increasingly prominent. Aiming at the data security problem in the cloud, a cloud data integrity detection scheme based on linear coding (DISLC) based on linear coding is proposed. The DISLC model combines homomorphic labels and linear network coding. Combined with the characteristics of network coding, a coding method suitable for cloud data protection was designed. This method not only realizes repeated verification of cloud data integrity, but also supports dynamic operation of cloud data. After analysis, this method can not only improve the security and integrity of data in the cloud, but also effectively reduce the computational overhead and communication overhead during cloud storage.
    Design and Implementation of WebSocket Sub-protocol
    2021, 7(1):  64-68. 
    Asbtract ( )   PDF (1814KB) ( )  
    References | Related Articles | Metrics
    In 2011, HTML5 proposed a persistent protocol—WebSocket protocol, which is very popular in real-time communication as a full-duplex communication protocol. However, the agreement is not restricted by the same-origin policy, and there may be a risk of cross-site hijacking. Some criminals take the opportunity to impersonate users and communicate with the server to steal private data. At present, there is very little research on the security issues of the WebSocket protocol. In order to improve the security of WebSocket, this article designs and implements a WebSocket sub-protocol "security-websocket" against the cross-site hijacking vulnerabilities of the WebSocket protocol. Later, the client needs protocol authentication and identity authentication. After the authentication is completed, the server needs to send the key to the client. After each data transmission, the client needs to use the AES symmetric encryption algorithm to encrypt the data and send the authentication information to the server. Communication can only be carried out after verifying the identity information. The experimental results show that although the security-websocket sub-protocol has a little longer transmission time than the WebSocket protocol, within the controllable range, the protocol can prevent cross-site hijacking vulnerabilities to a certain extent, thereby improving the security of WebSocket.
    Security State Estimation and Detection for Denial of Service Attacks
    2021, 7(1):  69-74. 
    Asbtract ( )   PDF (1950KB) ( )  
    References | Related Articles | Metrics
    With the information computing, network communication, and data processing capabilities developing rapidly, human social life has a great changes. However, due to the openness and sharing of wireless network, cyber-physical system is vulnerable to all kinds types of network attacks. As one of the most common attack methods used by malicious attackers in cyber-physical system, denial of service (DoS) attacks have received widespread attention and in-depth research. In this regard, this paper considers a malicious attacker launching a DoS interference attack on the cyber-physical system with inherent random packet loss in the wireless transmission channel between the sensor and the estimator, and proposes an attack detection based on the combination of the optimal state estimation system and the fault detector. Finally, the effectiveness of the proposed detection model is verified by a numerical simulation example of MATLAB.
    A Study of Big Data Platform Architecture to Address Cybersecurity Protection and Defense
    2021, 7(1):  75-80. 
    Asbtract ( )   PDF (1279KB) ( )  
    References | Related Articles | Metrics
    The increasingly serious situation of cybersecurity keeps challenging the protection and defense of information systems against vulnerabilities and cyber attacks. The network flows and data with high volume and large variety bring even more issues to the information system protection in terms of cybersecurity situation awareness, crisis handling, etc. Thus, the cybersecurity technology and the information system architecture should have timely and continuous improvement in order to deal with situation changes. By analyzing the cybersecurity abilities of a information system and the big data technologies, this study proposes 3 main features of a big data platform for cybersecurity concerns: cybersecurity situation awareness, decision support for handling cybersecurity crises and cybersecurity system optimization, and therefore provides the technical architecture of the platform that aims at addressing cybersecurity protection and defense. A big data platform based on the proposed architecture can improve the foresight and the accuracy of the situation awareness, ensure the real-time performance and the effectiveness of the crisis handling and guarantee the technological advancement and the versatility of the information system architecture towards cybersecurity considering the timeliness in its optimization.
    Research on the Application of Digital Certificate System Based on Block Chain in E-Government Extranet
    2021, 7(1):  81-85. 
    Asbtract ( )  
    References | Related Articles | Metrics
    With the rapid development of information technology, information office has become the trend of the development of all sectors of society. As an important foundation and carrier of e-government, e-government extranet plays an increasingly important role in improving government management and service capabilities, and its security has also attracted much attention. Through analyzing several common authentication methods in e-government extranet and e-government system, this paper concludes that the digital certificate authentication method based on block chain can effectively solve the problems of low efficiency and single point failure of traditional digital certificate authentication system. The research of this system is not only applicable to the e-government extranet, but also has certain reference significance to the establishment of trust system in the security management of industry private network and other network systems.
    Multi-source network data privacy protection method based on blockchain technology
    2021, 7(1):  86-89. 
    Asbtract ( )   PDF (814KB) ( )  
    References | Related Articles | Metrics
    Aiming at the problem that multi-source network data has a low security factor during transmission and cannot guarantee the security of user information, research on multi-source network data privacy protection is carried out, and a multi-source network data privacy protection method based on blockchain technology is proposed. By detecting whether malicious nodes are generated during the transmission of multi-source network data, the uniqueness of blockchain technology is used to protect data privacy. Experiments show that this method can effectively improve the security factor of data transmission compared with traditional methods, and provide effective guarantee for the trust and privacy of multi-source network nodes.
    Research on Security Application of Internet of Things based on Block Chain
    2021, 7(1):  90-94. 
    Asbtract ( )   PDF (969KB) ( )  
    References | Related Articles | Metrics
    As a large number of mobile terminals are connected to the Internet of Things for information exchange and communication、 identity authentication、data transmission、single point of failure and other security problems are exposed, the security problem of the Internet of Things is a challenge to the Internet of Things technology. Because the traditional security technology is mostly based on the centralization system and the limitation of the topology structure of the Internet of Things, the traditional security technology can only be applied to specific industries. Block chain technology has the characteristics of decentralization, data encryption, smart contract and so on, especially suitable in the complex heterogeneous network. Based on the research of block chain security mechanism and elliptic curve digital signature, the Internet of Things model based on block chain technology is proposed. Based on the security problems faced by the Internet of Things and the block chain technology, this paper studies the characteristics of the application of block chain in the Internet of Things, and proposes the Internet of Things model based on the block chain technology, so as to provide reference for enterprise security.
    Discussion on Protective Measures of Enterprise Active direcorty Domain Service
    2021, 7(1):  95-100. 
    Asbtract ( )   PDF (865KB) ( )  
    References | Related Articles | Metrics
    Nowadays, with the deepening of information technology in the application of enterprise scientific research and production, more and more enterprises adopt the intensive network architecture and unified management and control mode. The advantage of this method is to support the efficient operation of the business, at the same time, it can quickly reduce the cost of enterprise resource investment. From the perspective of network security, the security risks exposed by the original decentralized IT assets will converge and reduce, while the security risks faced by the core IT assets of key nodes will increase exponentially. How to ensure the network security of core assets in enterprises, this paper will take Windows domain environment (Active Directory Domain Service), which is the most widely used architecture mode in enterprises, as an example,from the perspective of attackers, this paper attempts to classify the common attack methods of active directory domain services, analyzes the characteristics of various attack methods in each link, and puts forward an idea that enterprises can carry out the whole life cycle security protection measures such as domain environment reinforcement, traffic monitoring, log analysis and security inspection in turn according to PDCA cycle, so as to achieve the reduction The purpose of active directory domain service security risk.