Table of Content

09 January 2022, Volume 8 Issue 1

Previous Issue   

GAN Based Data Watermarking For Text Generative

2022, 8(1):  2. 

Asbtract ( )   PDF (2880KB) ( )  

References | Related Articles | Metrics

Coverless steganography realizes covert writing by establishing mapping relationship between digital watermarking information and image characteristic information, to realize data integrity protection and content traceability tracking of image data transmission in the Internet environment. However, the existing image steganography requires many natural images to be prepared in advance to form the image data set, and the natural image selection bias will lead to incomplete or incorrect information transmission. To solve the above problems, this paper proposes an image watermarking steganography method without carrier based on generating countermeasure network. The method uses the generator of the generated adversarial network to generate the forged image like the original image from random noise, image label and digital watermark information, and the discriminator of the generated adversarial network is responsible for determining the true and false of the input image, and extracting the label and digital watermark information at the same time. After several rounds of confrontation training, the generator finally outputs image data like the original image and containing digital watermark, while the naked eye cannot distinguish the difference between the original image and the generated image. The experimental analysis shows that SCRMQ1 is used for feature extraction, and the error detection rate of integrated classifier is 48.5%. Embedding capacity up to 1 BPP; The accuracy of digital watermark extraction is up to 99.5%.

A Credit Ranking Method of Notary Mechanism Based on Improved PageRank Algorithm

2022, 8(1):  9. 

Asbtract ( )   PDF (2260KB) ( )  

References | Related Articles | Metrics

Blockchain cross-chain interaction is a research hotspot in the field of blockchain. In order to avoid the phenomenon of "data island", scholars put forward cross-chain technologies such as hash locking, side chain/relay technology and notary mechanism. Based on improved PageRank algorithm and deposit pool, this paper introduces time factor in damping factor, and evaluates credit value from perspective of node’s trading performance on a single chain and as a notary to make an appropriate emphasis on the evaluation of new and old notary nodes, which can avoid the witch attacks and better attach great importance on credit supervision of nodes. Experimental results show that the proposed algorithm has a better evaluation effect than the traditional credit ranking methods, which not only improves the fairness of node credit evaluation, but also can effectively eliminate the number of malicious nodes.

Research of Identification Method for LoRa devices Based on Physical Layer

2022, 8(1):  19. 

Asbtract ( )   PDF (1767KB) ( )  

References | Related Articles | Metrics

With the development of communication technology, a large number of wireless communication devices are connected to the network. However, due to the openness of wireless networks, malicious users can pretend to be legitimate users to access the network by disguising their identities, which seriously threatens the security of wireless communication networks. Because of the stability and uniqueness of the characteristics of the physical layer of the transmitter, extracting the characteristics of the physical layer of the transmitter as the terminal's identity to identify the device has become a research focus in recent years. This paper analyzes the research progress of device identification based on the physical layer characteristics of the device in recent years. Aiming at the risks of existing fingerprint identification methods, this paper proposes a LoRa device identification model based on device fingerprints, using OneClassSVM single classification algorithm, the identification of illegal equipment is transformed into an abnormal detection problem, the authentication of the legality of the equipment under test is realized, and a higher recognition rate is obtained. A false alarm elimination algorithm is designed to reduce the false alarm rate and verify the randomness. And use random forest, support vector machine (SVM), KNN as classifiers to verify its performance in device identification.

Active Safety Network Architecture and Baseline for Classified Protection of Cybersecurity

2022, 8(1):  28. 

Asbtract ( )   PDF (1137KB) ( )  

References | Related Articles | Metrics

This is the sixth article in a series of articles on active safety network architecture. Classified Protection of Cybersecurity 2.0 proposes a "one center, triple protection" in-depth security protection system of security management center, secure communication network, secure area boundary, and secure computing environment, and proposes a new dimension of network security, further highlighting the importance of boundary management and centralized management and control.. The active safety network architecture can support the technical, management and expansion requirements of Classified Protection of Cybersecurity 2.0,, and highlights the realization of innovative technologies in new dimensions such as the safety management center and the boundary of the safe area,  enabling technical support for the implementation. The active security network architecture not only meets the requirements for security protection, but also enables the inherent security capabilities of the network to be actively and dynamically defended, which changes the thinking and mode of network security protection, and can significantly improve the efficiency and effectiveness of network security protection.

Research on Source Code Vulnerability Detection Based on Abstract Syntax Tree Compression Coding

2022, 8(1):  35. 

Asbtract ( )   PDF (1805KB) ( )  

References | Related Articles | Metrics

In source code vulnerability detection method based on abstract syntax tree, it is difficult to fully extract the syntax and structure features from the large-scale syntax tree, which lead to the problem of insufficient capability of vulnerability characterization and low detection accuracy. Aiming at above problem, an abstract syntax tree compression coding (abstract syntax tree compressed coding, ASTCC) based method for source code vulnerability detection is proposed. Firstly, the abstract syntax tree is divided into a group of subtrees by code statements, and then the subtrees are encoded by recursive neural network to extract the syntax information of code statements. Then, the subtree of the original syntax tree is replaced with its encoding node to reduce the depth and the number of leaf nodes of the abstract syntax tree while retaining the structural features. Finally, the tree based convolutional neural network with attention mechanism is used to detect source code vulnerabilities. Experimental results on NVD and SARD open datasets show that the proposed method reduced the size of the abstract syntax tree through compression coding, enhanced the model's ability to represent source code vulnerabilities, and effectively improved the accuracy of vulnerability detection.

A Privacy Model for 5G Application Based on Blockchain

2022, 8(1):  43. 

Asbtract ( )   PDF (1476KB) ( )  

References | Related Articles | Metrics

Compared to 3G/4G, 5G networks have under made many innovations and changes, most notably: more general access support, more flexible control and forwarding mechanisms, and a more user-friendly way of sharing data, however, the data sharing process of privacy protection issues are increasingly prominent. In this paper, a digital content security sharing model for 5G application based on blockchain shading technology is proposed. The traceability and tamper-proof characteristics of blockchain are used to ensure the security of data sharing process. The proposed model uses blockchain shading technology and (interplanetary file system，IPFS) storage technology to ensure data access efficiency in low-latency, high-synth 5G networks. And it uses time-based (ciphertext-policy attribute-based encryption，CP-ABE) to achieve fine-grained access control of data and better privacy protection. Finally, the privacy and scalability of the proposed model are proved through the comparative analysis of the schemes.





Research on Real World Data Sharing System Based on Blockchain

2022, 8(1):  49. 

Asbtract ( )   PDF (1212KB) ( )  

References | Related Articles | Metrics

For real-world big data applications, blockchain is used as a trusted infrastructure to build a patient-centric data sharing platform with data traceability and privacy protection functions. The data traceability function uses non-labeled data traceability based on Minhash and LSH Technology, combined with the blockchain, to achieve credible and verifiable data sources; privacy protection technology, a special privacy protection isolation area is designed, and a double-layer isolation protection mechanism for containers and virtual machines is adopted. The program downloads encrypted real-world data to this In the area, Analyze and process after decryption, and immediately destroy the decrypted plaintext after use. At the same time, use blockchain, control flow graph, minimum hash, local sensitive hash and other technologies to register the fingerprint of the analysis program, and verify the identity of the computing program.

Credit Value Model of Internet of Vehicles Based on DAG Distributed Ledger

2022, 8(1):  55. 

Asbtract ( )   PDF (1298KB) ( )  

References | Related Articles | Metrics

Internet of Vehicles (IoV) realizes the interconnection between vehicles and vehicles and between vehicles and roadside units, by which it shares driving and traffic information and offers a convenient and safe driving environment for both drivers and passengers. However, the credibility problem of vehicle information is to be solved urgently for the false information threatens driving safety. To improve the credibility of vehicle information, this paper proposes a credit model of Internet of Vehicles. The model sets a method of calculating vehicles’ credit according to vehicle information, creates a consensus mechanism of vehicles’ credit on the foundation of the DAG-based distributed ledger, then makes the high-credit vehicles get the accounting right easier by dynamically adjusting the difficulty of consensus, and finally ensure the credibility of the information in the Internet of Vehicles. Through analysis, it is found that this mechanism can effectively solve the credibility problem of vehicle information and resists common attacks in the Internet of Vehicles. Compared with traditional blockchain, this consensus mechanism, with its higher consensus efficiency and lower energy consumption, is suitable for the Internet of Vehicles of limited computing and storage resources. 

Research on Construction of Critical Information Infrastructure Protection System and Standardization of Vulnerability Management

2022, 8(1):  62. 

Asbtract ( )   PDF (1250KB) ( )  

References | Related Articles | Metrics

In order to solve the confusion of critical information infrastructure operator in vulnerability management, the implementation of the Cyber Security Law of the People's Republic of China and the Regulations on the Security and Protection of critical information infrastructure (Draft for Comments) should be further promoted, and the protection system of critical information infrastructure in China should be established. By systematically analyzing the development history of critical information infrastructure protection at home and abroad, relevant standards of vulnerability management, and frontier theories of vulnerability management of critical information infrastructure, the necessity of standardization of vulnerability management for operators of critical information infrastructure is demonstrated. The vulnerability control management of key information infrastructure is summarized into 5 elements of vulnerability management, asset management, patch management, personnel management and organizational management, and the management model of 5 stages of preparation, planning, execution, monitoring and change. The 5 elements and 5 stages of vulnerability control management are cross-subdivided into 32 work processes. It is suggested to compile a vulnerability management guide standard for vulnerability operators of critical information infrastructure with Chinese characteristics according to this model.

Security Risk Analysis and Countermeasures of Government APP Zhang Heng and Lu Kai

2022, 8(1):  71. 

Asbtract ( )   PDF (1688KB) ( )  

References | Related Articles | Metrics

With the development of Internet + government service， the traditional government service model has changed. Mobile applications have penetrated into all aspects of government service， bringing efficiency and convenience， but also bringing security risks. This article analyzes the security status of government APPs from the characteristics of government APPs， mobile malicious programs， excessive use of permissions， piracy and counterfeiting，etc.; statistically analyzes the security vulnerabilities of government APPs; and focuses on the analysis of three typical risk scenarios， include sensitive information leakage， content tampering， and third-party related transaction certification. At the end of this article， suggestions for dealing with the security risks of government APP are given from the aspects of security development awareness， security testing specifications， and release channel management. This article has certain reference significance for the healthy development of government mobile applications.

Research on Multi-Dimensional Big Data Analysis Method of Distribution Network Power Supply Reliability

2022, 8(1):  79. 

Asbtract ( )   PDF (1032KB) ( )  

References | Related Articles | Metrics

In the analysis of distribution network power supply reliability, traditional analysis methods have problems of incomplete analysis angle and low analysis effectiveness. Therefore, this paper proposes a multi-dimensional big data analysis method for distribution network power supply reliability. In this method, the reliability indexes of distribution network power supply are designed, and the big data analysis method is used to evaluate the distribution network power supply performance. By using the state transition sampling method, the state change sequence of the distribution network power supply system is obtained. The experimental results show that the proposed method can accurately obtain the average outage time and average outage number of users, and accurately analyze the distribution network power supply reliability, which verifies the overall effectiveness of the proposed method.

Research on Memory Leak Detection Method Based on Internal Data Flow of Smart Grid

2022, 8(1):  85. 

Asbtract ( )   PDF (1302KB) ( )  

References | Related Articles | Metrics

In addition to realizing the functions of the common application system, the security system in smart grid also needs to ensure the security of the resources it manages, including confidentiality, integrity and availability. Compared with other programming languages, C++ is closer to the bottom layer of the operating system, and some underlying algorithms with high performance requirements need to be implemented. At the same time, because C++ can directly control the allocation and use of system resources, it has laid hidden trouble for memory leakage. In this paper, a memory leak detection method based on data flow analysis in power grid operating system is proposed. The main research objective is to extract the data flow of the object code or source program, and use the data flow to analyze it, and realize the memory leak detection. The experimental results show that the proposed method can effectively detect the memory leak caused by the improper use of C++ pointer, and has practical significance in the aspects of automatic test and static program detection. 





Design of Risk Assessment Model Based on GB/T 31509—2015

2022, 8(1):  93. 

Asbtract ( )   PDF (1262KB) ( )  

References | Related Articles | Metrics

Information technology not only brings convenience to people, but also brings many security risks. The accumulation of security risks forces people to improve their security awareness, so they realize that network security is an indispensable part of social security and an important part of national security. Security risk assessment provides an important prediction basis for the degree of network security, the safety risk assessment standard is a strong theoretical support. However, the implementation of safety risk assessment standards needs to be refined, in order to more objectively implement the information security risk assessment implementation guide GB/T 31509—2015(the "guide" for short), the author studied the theoretical knowledge of information security risk assessment, followed the risk assessment process guidance, and designed the information security risk assessment model on the basis of level protection 2.0. By analyzing and assigning information assets, existential vulnerability and potential threat, the calculation of risk value is closer to reality. Practice has proved that the risk assessment model after analytic hierarchy process can assess the risk more effectively, make the assessed risk value more scientific, and provide a basis for subsequent safety protection measures

Construction and Empirical Research on Evaluation Index System of Comprehensive Group Cyber Security Level

2022, 8(1):  101. 

Asbtract ( )   PDF (2716KB) ( )  

References | Related Articles | Metrics

Comprehensive groups often involve many industries, and the cyber security level of each industry is uneven, so it is often difficult to carry out the unified evaluation of the cyber security level. To solve this problem, this article attempts to analyze the significance, difficulties and ideas of establishing a network security level evaluation system from the perspective of a comprehensive group network security manager. Furthermore, on the basis of the existing research literature, a three-tier index system and evaluation system for cross-industry cyber security has been explored and established. Through the pilot application in 5 units, the rationality and feasibility of the index system and evaluation system have been verified. It also puts forward suggestions to improve the cyber security capacity building based on the conditions of the pilot units, and also provides a reference for the evaluation of the cyber security level of comprehensive groups.