Table of Content

    05 February 2021, Volume 7 Issue 2
    2020 China Cyber Security Report
    2021, 7(2):  102-109. 
    Asbtract ( )   PDF (2639KB) ( )  
    Related Articles | Metrics
    Governance of Data Security in Artificial Intelligence and Overview of Technology Development
    2021, 7(2):  110-119. 
    Asbtract ( )   PDF (1282KB) ( )  
    References | Related Articles | Metrics
    At present, with the substantial increase in computing power and the surge in the scale of data, artificial intelligence has developed rapidly and has become a leading technology with a "head goose" effect that is highly valued and developed by countries around the world. At the same time, as an important resource for the development of artificial intelligence, data has further highlighted its important value, but this has also triggered a series of concerns about data security and privacy protection. Data security has become an important bottleneck restricting the overall development of artificial intelligence and key challenges that urgently need to be overcome. At present, countries around the world attach great importance to the issue of data security in artificial intelligence, which is reflected in multiple aspects such as national strategies, laws and regulations, standards and guides, and technological development. This article comprehensively sorts out and compares the current situation of data security governance in artificial intelligence in various countries around the world, and summarizes the breakthrough progress in the current technical field to solve this issue, in order to provide a reference for data security governance in artificial intelligence in our country.
    Exploring the Path Framework of the American Government's Digital Transformation -- Analysis based on a New America report
    2021, 7(2):  120-125. 
    Asbtract ( )   PDF (900KB) ( )  
    References | Related Articles | Metrics
    The American think tank NEW AMERICA published the report "The Digital Government Mapping Project" on September 16. The report analyzes and studies the construction of digital government, and puts forward the conceptual framework of "digital government stack" for the digital transformation of government in the post-Covid-19 era. At the same time, it integrates successful cases of digital government construction and serves the government and related interests. The author put forward suggestions on how to accelerate the government's digital transformation. It is hoped that the analysis of this report will provide some reference and reference for the construction of China's digital government.
    Obfuscated Android Malware Detection Based on Random Forest
    2021, 7(2):  126-135. 
    Asbtract ( )   PDF (3266KB) ( )  
    References | Related Articles | Metrics
    The rapid growth of Android malware has caused great security risks. Many behavioral characteristics are easily affected by code obfuscation techniques, resulting in malicious behaviors that cannot be effectively detected. This paper proposes an Android malware detection model based on Random Forest. The model uses features such as dangerous permissions, sensitive API calls, Service, Activity, Intent, and SMS sending frequency, among which dangerous permissions and Android components such as service are not affected during the code obfuscation process. Random Forest, Decision Tree, SVM and 1-NN were used. These machine learning methods were trained using the ten-fold cross-validation method. Experiments have shown that this method can achieve a classification accuracy of 95.77% for the normal data sets; for the obfuscated data set, it can achieve a classification accuracy of 91.01%.
    Research on Dual-blockchain Model for Medical Privacy Protection
    2021, 7(2):  136-144. 
    Asbtract ( )   PDF (2353KB) ( )  
    References | Related Articles | Metrics
    Faced with the difficulties of data sharing in current medical records and the leakage of patient data privacy, current related researches have limitations in solving the above problems, which restrict the rapid development of medical institutions. In response to the above problems, this article proposes a new dual-blockchain model, which reconstructs the existing dual-blockchain model. On the one hand, user information and transaction records are completely separated, and the user chain stores user information. The transaction chain stores transaction records, which solves the problem of patient privacy leakage and improves patient data security; on the other hand, the transaction chain data is processed separately to improve the sharing of medical data and solve the problem of difficult sharing of medical data. Through this model, this paper finally realizes that while protecting the privacy of medical data, it improves the efficiency of data access.
    Finite-Time Control of Markov Jump Systems Under Cyber-Attacks
    2021, 7(2):  145-154. 
    Asbtract ( )   PDF (1736KB) ( )  
    References | Related Articles | Metrics
    The characteristics of diversity, distributed and high frequency of cyber-attacks bring great threat to national economy and social development. In the field of industrial control, the research of networked control systems security becomes more and more important. The problem of Markov jump systems based on hybrid-drive mechanism and both channel quantizations is investigated in this paper, and the finite-time stability and H_∞ performance of the system under cyber-attacks are considered. Firstly, an output feedback Markov jump system model is formulated and the corresponding output feedback controller is designed. For the purpose of releasing the sharing network bandwidth burden and reducing the invalid signal transmission rate, hybrid-driven mechanism and both channel logarithmic quantizers are introduced on the basis of traditional event-triggered mechanism to balance the system performance and communication data transmission rate. Then, the model of cyber-attacks is established to enhance the resistance of Markov jump system to external attack. By constructing Lyapunov-Krasovskii functions, the system finite-time stability criteria and H_∞ performance index are given with linear matrix inequations. Finally, two simulations are shown to illustrate the effectiveness of the deduced theorem.
    "Believe in authority or not"? A Study on Social Media and Public Opinion Response in COVID-19 Pandemic
    2021, 7(2):  155-165. 
    Asbtract ( )   PDF (3713KB) ( )  
    References | Related Articles | Metrics
    The new communication technology has changed the flow structure of social information, while the polarization of public opinion is closely related to new media. Therefore, the public opinion response and information governance research under social media is important. This paper uses social network analysis to select the public opinion of "Shuanghuanglian Incident", which is representative during the epidemic. We analyze the network structure from three aspects of network density, centrality, and cohesive subgroups, then explore the behavior characteristics and performance of different node actors. According to the rights status of public opinion networks, this paper divides several types of media platforms, and the study finds that different types of media presents a differential order pattern in public opinion events . The influence of traditional media is enormous. First, the central media represented by CCTV in government media has played a leading role in public opinion. Then the overall performance of emerging media is poorly except "Toutiao".At last the role of "opinion leaders" is insignificant. Therefore, this article believes that under the guidance of the government, it should be gradually form a collaborative governance involving traditional media, government media, emerging media, and netizens.
    Phishing Email Analysis of Social Engineering Attacks
    2021, 7(2):  166-170. 
    Asbtract ( )   PDF (822KB) ( )  
    References | Related Articles | Metrics
    Phishing emails, as a common social engineering attack method, are commonly used by hackers. APT attackers combine social engineering with multiple vulnerabilities to implement attacks, which are usually highly stealthy. Phishing emails are one of the key factors for the successful implementation of APT. It is necessary to have a deep understanding of the great harm of phishing emails, to improve the awareness of preventing phishing emails, and to clarify feasible preventive measures.
    Analysis on the technical means of network fraud
    2021, 7(2):  171-177. 
    Asbtract ( )   PDF (2624KB) ( )  
    References | Related Articles | Metrics
    Network fraud has become the main form of crime in the current society, and has formed a complete criminal industry chain. In order to achieve the goal,the criminal suspect constantly uses all kinds of new technology,new equipment and new means of payment,whhich bring great difficulties to the case investigation.The article makes a detailed analysis of the encryption agent Internet technology,,group call technlogy and money laundering methods, and analyzes how they use technology and tools to infringe upon the people and avoid investigation.Meanwhile, it also makes a preliminary exploration on the forensic and investigation of the these new means and equipment,which plays a role in attracting valuable information. Especially for the current main application equipment GOIP of network fraud,the article makes a more detailed analysis from the perspective of network structure,equipment charctteristics and forensic analysis and so on.
    Research on the Application of Mobile Police Data Security Technology in the Implementation of Classified Protection 2.0
    2021, 7(2):  178-183. 
    Asbtract ( )   PDF (1346KB) ( )  
    References | Related Articles | Metrics
    Mobile police is an important deployment of intelligent construction of public security information system. With the advent of classified protection 2.0, data security, especially the protection of sensitive data, has been raised to a very important position. Due to the mobile police usually needs access to the public security network and the diversification of mobile devices, the data security of mobile police is facing more serious threats. Based on the perspective of " Information Security Technology- Baseline for Cybersecurity Classified Protection "(classified protection 2.0), this paper analyzes the data security risks in the construction of mobile police, including the communication security risks between mobile terminal and server, the storage and transmission data security risks of mobile terminal, the remaining data security risks of mobile terminal, and the personal information security risks, etc. Finally, aiming at the risk of data security, combined with data signature, data encryption, identity authentication, data recovery prevention, data anonymity, data backup and other technologies, this paper expounds the protection measures of data security, so as to provide a theoretical basis for data security in mobile police construction under classified protection 2.0.
    A Scheme Based on CPK Role Access Control
    2021, 7(2):  184-189. 
    Asbtract ( )   PDF (974KB) ( )  
    References | Related Articles | Metrics
    For security problems caused by illegal users' unauthorized access to internal data of the company, an improved model of combined public key (CPK) and role access control(RBAC) is proposed. On the basis of preserving the inheritance constraint relationship in RBAC96 model, the complexity of the inheritance relationship in RBAC97 model is removed and the concept of user group is introduced. Introducing user groups and encrypting documents with keys, each of which represents different permissions, the key is also assigned to the corresponding user. Different keys protect different documents, different users assign different keys, legitimate users can only decrypt the corresponding documents according to their key permissions, strengthen the security of access control model. The test results show that the scheme works well in the system and the feasibility of the scheme is verified.
    SWOT-AHP Analysis and Countermeasure Research on Information Security of Public Security Organs
    2021, 7(2):  190-196. 
    Asbtract ( )   PDF (1019KB) ( )  
    References | Related Articles | Metrics
    With the development of the Golden Shield project and intelligent policing, the informatization process of the public security organs has been accelerated and the level has been constantly improved. Meanwhile, the information security problem has become more and more serious. In this context, SWOT method is used to analyze the internal advantages and disadvantages, external opportunities and threats affecting the information security of public security organs, and AHP method is used to build an analytic hierarchy process model, calculate the weight of each influencing factor, and improve the scientific nature, accuracy and objectivity of the analysis. The results show that the public security organs should give full play to the advantages of information construction, introduce advanced information security protection technology, strengthen the construction of hardware and software infrastructure and information security management system, strengthen the training of information security professionals, improve the awareness of information security of public security staff, and guard against external threats of information security.