Table of Content

    05 February 2022, Volume 8 Issue 2
    An Overview of Application and Technology of Artificial Intelligence in Cybersecurity
    2022, 8(2):  110. 
    Asbtract ( )   PDF (1142KB) ( )  
    References | Related Articles | Metrics
    Compared with the developed countries, the basic research and technology application in the field of artificial intelligence in China started later, especially the application of artificial intelligence in the important field of network security. Domestic and abroad disparity is still very obvious, which seriously affects the improvement of China's cybersecurity capability. This paper elaborates the relationship between artificial intelligence, network attack and network defense, and widely investigates the application status of artificial intelligence in major information security companies at home and abroad. It points out that APT detection, 0day vulnerability mining and cloud security are three core areas that affect the level of cybersecurity capability, This paper deeply analyzes the key technologies of artificial intelligence technology applied in these three fields, and puts forward the safety risks of artificial intelligence technology, and points out that artificial intelligence technology is not a panacea for all diseases, This Paper provides a scientific reference for the further research and application of artificial intelligence technology in China's information security industry.
    The Research on Artificial Intelligence Law of European Union in 2021
    2022, 8(2):  117. 
    Asbtract ( )   PDF (860KB) ( )  
    References | Related Articles | Metrics
    At present, the global digital economy is gradually moving towards a new stage of intelligent economy with artificial intelligence (AI) as the core driving force. With the wide application of AI technology in various industries, it not only injects new momentum into economic and social development, but also brings a series of rules and regulatory problems. In April 2021, the European Union issued the proposal of Artificial Intelligence Law, which proposed the unified AI regulatory rules, aiming to limit the potential risks and adverse effects brought by the development of AI technology from the national legal level, so as to further strengthen the technological application innovation of AI technology on the basis of conforming to European values and basic rights and make Europe become a trusted global AI center. The proposal is the first AI control law of the world. The study of its content and innovations has important reference significance for the formulation of AI and other digital technology governance programs of China.
    Data sharing model based on privacy computing
    2022, 8(2):  122. 
    Asbtract ( )   PDF (2404KB) ( )  
    References | Related Articles | Metrics
    At present, there are still many problems to be solved in government data sharing, such as the mismatch between data demand and supply, the weakness of data security and personal privacy protection, and the difficulty of business collaboration.By analyzing the current operation mechanism of government data sharing, combined with the theory of privacy computing technology, this paper proposes a data sharing model.This model adopts the method of "computable but invisible" to carry out data sharing,  gives the data sharing and system security architecture based on privacy computing.This model includes two main application processes: data statistical analysis and anonymous query.This model has theoretical and application value for better supporting data sharing with high security management requirements.
    An approach for detecting malicious domain names generated by dictionary-based DGA 
    2022, 8(2):  129. 
    Asbtract ( )   PDF (772KB) ( )  
    References | Related Articles | Metrics
    A large number of botnets began to use dictionary-based domain generation algorithm(DGA) for command and control, making computer networks face more serious threats. Aiming at the problem that the malicious domain names generated by dictionary-based DGA has feature similar to the normal domain name, which make traditional detection method based on domain name character statistics and 2-gram model gradually invalid, a method to identify the dictionary-based malicious domain name based on the relationship between words that constitute the domain name string is proposed. Experimental results show that the Accuracy of the proposed method is 3.45% higher than that of the method based on domain character statistics and 2.84% higher than that of the 2-gram model for dictionary-based DGA family.
    Design and Implementation of Anomaly Detection System for Programmable Data Plane System
    2022, 8(2):  135. 
    Asbtract ( )   PDF (2430KB) ( )  
    References | Related Articles | Metrics
    Programmable data plane to achieve rapid and accurate decision-making and data-driven control circuit provides exciting opportunities, many researchers have proposed many graphic system to real-time processing network dynamic data (for example, congestion, fault), the core of these systems is a data plane algorithm with packet processing, can be continuous automatic monitoring traffic and response. Despite its benefits, automatic response to network events increases the attack surface by increasing potential input sources. In this paper, an anomaly detection system is designed to detect such attacks at runtime. The system models the reasonable expected behavior and uses the model as a reference to check whether the system is attacked or not. Experiments show that the proposed anomaly detection system is feasible and effective in antagonistic attack and defense.
    Security situation assessment and prediction method for industrial control system
    2022, 8(2):  145. 
    Asbtract ( )   PDF (3137KB) ( )  
    References | Related Articles | Metrics
    Aiming at the problem that the security protection of industrial control system lacks dynamic defense, situation awareness and other means, combined with the characteristics of the fixed business of industrial control system, this paper proposes the framework of security situation assessment and prediction, and constructs a security situation measurement model based on the analytic hierarchy process. Then, this paper studies the construction and extraction of behavior profile features of industrial control system, security attack detection based on deep learning, security event analysis based on big data mining and other technologies, and proposes security situation assessment based on information fusion and security situation prediction based on statistical learning theory. Finally, the validity and accuracy of the security situation assessment method are verified by experiments.
    IC Military-Civil Fusion Strategy of China Under Intensifying US-Sino Trade Friction
    2022, 8(2):  172. 
    Asbtract ( )   PDF (968KB) ( )  
    References | Related Articles | Metrics
    Intensifying US-Sino trade friction exacerbated the vulnerability of Chinese IC industry. China must deepen IC military-civil fusion to enhance industrial competence and national information security guarantee capacity. Based on literature research and case studies, IC military-civil fusion strategy of US was briefly reviewed, US containment tools and the corresponding effects were analyzed. These tools were impeding China to develop IC dual-use technology and crippling its foundation for military-civil fusion, as well as leading the restructuring of global IC supply chain. Then two critical internal bottlenecks of Chinese IC military-civil fusion were discerned, and five institutional improvements were proposed to boost the fusion and enhance indigenous innovation ability.
    Security Analysis and Research on Smart Home Gateway
    2022, 8(2):  178. 
    Asbtract ( )   PDF (985KB) ( )  
    References | Related Articles | Metrics
    With the development of mobile Internet, big data, cloud computing and other technologies, the continuous emergence of home intelligent devices, and the formulation of the national dual gigabit network coordinated development action plan, the development of smart home is beginning to enter the fast lane. The smart home gateway is the heart of home intelligence, which can realize the functions of information collection, information input, information output, centralized control, remote control, and linkage control of the terminal equipments in the home. Smart home gateway security escorts the future smart home security. 
    Vulnerability Detection System of Transformer Substation Host Based on Port Scanning
    2022, 8(2):  182. 
    Asbtract ( )   PDF (1906KB) ( )  
    References | Related Articles | Metrics
    With the deep integration of Internet technology, the automation and intelligent construction of power systems are becoming more perfect. It can not only monitor the entire power network in real time, but also detect faults and make corresponding decisions and treatments. However, it also induced many privacy leaks and malicious attacks. Vulnerability detection of transformer substation hosts has become the top priority of the entire power grid system. This paper designed a vulnerability detection system for transformer substation hosts based on port scanning. It used TCP/UDP connection to detect the open status of the port, and used third-party tools to detect whether there are potential or existing vulnerabilities in the open port service. The main method is to test the response of the port by simulating attack and then compare it with the existing vulnerability database, and finally generate a vulnerability scanning report in HTML format. Experiments have verified the availability and robustness of the system.
    Research and Design of Unified Platform for Vulnerability Management
    2022, 8(2):  190. 
    Asbtract ( )   PDF (1069KB) ( )  
    References | Related Articles | Metrics
    With the development of the network technology, information security has been paid more and more attention. As one of the most frequently used attacking methods, security vulnerability has also been widely concerned. At present, Most of the organizations or enterprises rely on manual methods to manage vulnerabilities, and do not have unified tracking、 disposition、 display and analysis. These methods are not only inefficient, but also error-prone. A unified platform for vulnerability management was proposed, which allowed the automatic closed loop controlling of the life cycle of vulnerabilities. The platform integrated different vulnerability management capabilities into specific functional modules. General development languages and standards-based service interfaces were developed to allow integration of this platform with other infrastructure platform systems or network security tools. Practices show that, this platform can effectively improve the performance of the vulnerability management, and make vulnerability management to be centralized, streamlined and automated.
    Exploration and Practice of Classified Protection 2.0 System Construction Under the New Situation
    2022, 8(2):  196. 
    Asbtract ( )   PDF (695KB) ( )  
    References | Related Articles | Metrics
    Network classified protection system is a basic system for the country to improve the ability and level of information security, maintain national security, social stability and public interests, and ensure and promote the healthy development of information construction in the process of national economy and social informatization. With the emergence of new technologies such as cloud computing and big data, great changes have taken place in the construction of information system. In the construction of network security level protection, the original standard system can no longer meet the needs of level protection under the new situation. This paper focuses on the systematic construction of hierarchical protection 2.0, analyzes the ideas and practice of the construction of network security hierarchical protection 2.0 system, explores the shortcomings and improvements, and makes a systematic analysis, summary and generalization through the methods of comparison, qualitative research, case analysis and expert interview, Extract systematic suggestions for the construction of network security level protection 2.0 system. Finally, it can promote China's information development, accelerate information construction, and improve the practical, comprehensive and systematic emergency response ability of network security, in order to provide theoretical reference for relevant workers.