Table of Content

01 May 2023, Volume 9 Issue 5

Previous Issue   

K-anonymity Mechanism Based on Iterative Binary Clustering

2023, 9(5):  402. 

Asbtract ( )   PDF (2822KB) ( )  

References | Related Articles | Metrics

With the deepening of data sharing in various fields, the protection of individual privacy contained in data has become increasingly prominent. At the same time, Kanonymity, as an advanced theory of privacy protection, is also widely used in data sharing and distribution. However, Kanonymity, as a way to achieve privacy protection by generalizing data, will inevitably cause a certain loss of information. Therefore, how to ensure data availability and reduce the information loss as much as possible under the premise of satisfying Kanonymity is a question worthy of study. For this problem, for numerical data, a Kanonymity algorithm KABIBC (Kanonymous algorithm based on iterative binary clustering) based on iterative binary clustering is proposed to achieve Kanonymity. First, the sum of the distances within the group is defined, i.e., WGSD(withingroup sum of distance), and treat all tuples in the data table as a cluster, and then use an iterative strategy to perform binary clustering on it, and recursively process the obtained subclusters in the same way,  and reasonably adjust the tuple assignment of the two subclusters based on the principle of minimizing the information loss in the bisection, until the minimum subcluster that satisfies the Kanonymity requirement is obtained, so as to ensure that the amount of information loss tends to be optimal. Theoretical and experimental analysis are given, and it is shown that this mechanism can effectively reduce the information loss, and at the same time has a high operating efficiency.





A Survey of SQL Injection Attack Detection and Defense Technology

2023, 9(5):  412. 

Asbtract ( )   PDF (2612KB) ( )  

References | Related Articles | Metrics

In the era of “Internet+”, data is the most valuable resource of the Internet. Attackers often use SQL injection attacks to destroy the database in order to obtain important data information in the database. The threat to database security is becoming more and more serious. At present, the research on SQL injection attacks mostly focuses on traditional SQL injection attacks, but lacks the cognition of new advanced SQL injection technology with stronger concealment and higher risk, and the research on related detection and defense technology. In response to this phenomenon, this paper analyzes and evaluates traditional and advanced SQL injection attack technologies and their technical characteristics based on the classification of SQL injection technologies; summarizes existing detection and defense technologies, and evaluates the advantages and disadvantages of these methods for defense effectiveness; finally The problems existing in the current research field are sorted out, and suggestions for future research directions are put forward.





Research on Active Defense Method of Network Security Under APT Organization Attack Behavior

2023, 9(5):  423. 

Asbtract ( )   PDF (2792KB) ( )  

References | Related Articles | Metrics

At present, the international situation is complex and changeable, new social conflicts and contradictions are constantly arising in the transition period of the domestic society, and hostile forces are trying in vain to destroy the Critical Information Infrastructures (CII) of our country,  resulting in adverse social impacts. The existing defense measures based on the existing network attack detection and defense are not flexible and require high comprehensiveness of the defense system. Therefore, this thesis proposes an active defense method for electric power industry network security based on attack behaviors. By analyzing the attack behavior of attackers, combines ATT&CK attack framework model to carry out intermittent attack attempts against Advanced Persistent Threat (APT) organizations through layer upon layer forwarding of a large number of springboard nodes. Until the breakthrough and springboard node are found, the attack behavior and problems that may occur before or during the attack. The springboard, organization or personal information of the attacker at all levels is discovered in advance, and the attack behavior is discovered and blocked in advance in the stage of the attacker’s reconnaissance, so as to realize the active defense against the attack behavior.

Research on Security Risk Response for Internet of Body Applications

2023, 9(5):  433. 

Asbtract ( )   PDF (1437KB) ( )  

References | Related Articles | Metrics

The Internet of body (IoB) is defined as a network of intelligent objects placed inside, above and around the human body. It allows communication between the body and external activities, and is changing people’s production and life. This paper introduces the classification, application scenarios, and key technologies of IoB devices, and focuses on the security risks of IoB devices, including data security and privacy leakage, network security, device operation accuracy, discrimination, and device radiation. In view of the security risks and existing problems, we put forward suggestions, reminding us to strengthen supervision, maintain the network and data security of the IoB system, prevent the leakage and abuse of users’ personal information and data, and promote the healthy development and application of IoB equipment and solutions.

Research on Automatic Recognition Technology of Gambling Website

2023, 9(5):  440. 

Asbtract ( )   PDF (1585KB) ( )  

Related Articles | Metrics

Online gambling has serious information security risks, and effective discovery and recognition of gambling websites is of great significance to maintaining national financial stability. Aiming at the difficulty of discovering gambling websites, the paper proposes a solution that obtains the IP network segment owned by the cloud platform based on the AS information, traverses the IP to reverse resolve the domain name, and distributes crawling to obtain website screenshots. Aiming at the problem that gambling websites are difficult to recognize, such as some gambling sites are just a picture with a link to download a gambling APP, the solution uses the dHash algorithm to clean the positive samples, and trains a convolutional neural network (CNN) for binary classification of websites. The experimental results show that the solution has a strong generalization ability and less human participation, and can solve the problems in the discovery and recognition of gambling websites.

Legal Analysis of Network Platform Showing IP Territory#br#

2023, 9(5):  446. 

Asbtract ( )   PDF (1003KB) ( )  

References | Related Articles | Metrics

Since the beginning of this year, major Internet social platforms such as Sina Weibo and Toutiao have launched new features to show the IP territory of speakers, sparking heated debate. Under the background of the formal implementation of the Regulations on the Management of Internet User Account Name Information, this paper will deeply analyze the relationship between IP territory and personal information, sensitive personal information, and the logic behind the controversial focus such as the “consent to inform” principle, the least necessary principle and the consent exception clause. In view of the implementation of the network platform to display IP territory, this paper puts forward suggestions from three levels: government, Internet social platforms and individual citizens.

Research on the Domestic Product Evaluation System for Operators

2023, 9(5):  452. 

Asbtract ( )   PDF (2273KB) ( )  

References | Related Articles | Metrics

Xinchuang industry has been promoted allround and has become a phenomenonlevel outlet. However, Xinchuang products involve a wide range of technical routes, a wide variety of products, and the application examples are not rich enough. In the process of promoting the work of Xinchuang, telecom operators are facing the problem of Xinchuang product selection difficulties. Therefore, it is necessary and urgent to build the system framework and evaluation system of telecom operators’ Xinchuang products. It can not only see the ecological panorama of Xinchuang products that are fully applicable to operators, quickly grasp the overview of key products in each technology stack and horizontal evaluation results of similar products, but also form a list of best practices and recommendations for major business scenarios, avoid repeated work, and realize the agile and efficient introduction of Xinchuang products.

One-time Encryption Algorithm Based on Finite Field Key Exchange

2023, 9(5):  457. 

Asbtract ( )   PDF (516KB) ( )  

References | Related Articles | Metrics

This paper presents a feasible solution to the worldwide problem of implementing onetime encryption. The scheme uses a finite field key exchange algorithm (i.e., public key cryptography algorithm) with the order of Mersenne prime proposed by me. The sender and the receiver do not need to preallocate, transmit and store symmetric keys, but only require the sender and the receiver to disclose their public keys and keep their private keys secret. The private keys and related public keys are changed every time they communicate, which fully realizes the perfect confidentiality of one key at a time. The finite field public key cryptography algorithm with the order of Mersenne prime is based on modulo2 operation, which is convenient for software and hardware implementation. Theoretical analysis and computational simulation have proved its effectiveness, and it has a wide range of theoretical and practical application value.

Design and Implementation of Cryptography Intensive Platform for  Government Information System

2023, 9(5):  461. 

Asbtract ( )   PDF (2467KB) ( )  

References | Related Articles | Metrics

Aiming at the problems of inconvenient, nonstandard, non universal and waste of resources for cipher application in the field of egovernment, this paper puts forward a systematic, intensive and standardized technical scheme. The scheme combines the SM2, SM3, SM4 and SM9 algorithms to form an intensive system framework, pool the cryptographic facilities, reduce the burden of applying cipher in the information system, provide a unified interface for cryptographic applications, and realize compliant, effective and convenient cryptographic applications. The pilot application practice of cryptographyintensive platform construction of egovernment extranet shows that this scheme can improve the utilization rate of cipher resources and save investment, and has reference value for the security protection of cipher application of scale government information system.Key wordscommercial cryptography; intensification; government informatization; identitybased cryptograph; egovernment
Aiming at the problems of inconvenient, nonstandard, non universal and waste of resources for cipher application in the field of egovernment, this paper puts forward a systematic, intensive and standardized technical scheme. The scheme combines the SM2, SM3, SM4 and SM9 algorithms to form an intensive system framework, pool the cryptographic facilities, reduce the burden of applying cipher in the information system, provide a unified interface for cryptographic applications, and realize compliant, effective and convenient cryptographic applications. The pilot application practice of cryptographyintensive platform construction of egovernment extranet shows that this scheme can improve the utilization rate of cipher resources and save investment, and has reference value for the security protection of cipher application of scale government information system.


A Method and Practice of Internet of Vehicle OTA Based on CA and KMS

2023, 9(5):  469. 

Asbtract ( )   PDF (3101KB) ( )  

References | Related Articles | Metrics

OTA technology has gradually become a standard part of mass production vehicles, and OTA security is a key link of vehicle information security. Based on the analysis of OTA security risks and countermeasures, an OTA method based on CA and KMS is proposed, which provides security protection from the generation, storage, download and security verification of the upgrade package. This method is verified on some preproduction vehicles, effectively improving the authenticity, integrity and confidentiality protection of the vehicle OTA upgrade package in all aspects.

Practical Exploration and Research on Automotive Cyber Security

2023, 9(5):  476. 

Asbtract ( )   PDF (1491KB) ( )  

References | Related Articles | Metrics

This essay first analyzes the current cyber security threats faced by smart connected cars from four dimensions: Telematics cloud service platform, Telematics communication, invehicle terminals, and externally connected terminals. Secondly, in order to fully understand the current cyber security level of smart connected cars, 10 different mainstream car manufacturers’ smart connected cars are selected from the market and penetration tests are conducted based on six attack vectors: TCU, HU, invehicle network, radio, TSP and car control APP, and the test results are sorted and analyzed to assess their cyber security level. Then, the corresponding security protection strategies are proposed from four aspects: the security of the Telematics cloud service platform, the security of Telematics communication, the security of invehicle terminals and the security of externally connected terminals. Finally, based on the constantly diverse and unpredictable characteristics of automotive cyber security attack vectors, an outlook on the cyber security of smart connected vehicles is provided.

Preliminary Study on Data Security Protection Scheme of Civil  Aviation A-CDM System

2023, 9(5):  482. 

Asbtract ( )   PDF (1264KB) ( )  

References | Related Articles | Metrics

This paper selects the ACDM system, a typical business system of civil aviation industry, to explore and analyze the data security protection scheme. Based on the actual business functions and data application status of the ACDM system, this paper comprehensively analyzes the data security risks and protection requirements faced by the system, and forms a comprehensive design scheme for data security protection in line with the idea of data hierarchical management and control, which provide practical guidance for the construction unit of the ACDM system and reference for the data security protection construction of data processing subjects in an airport, air traffic control, aviation division and other civil aviation industries.Key wordsdata security; data sharing; data classification; airport collaborative decision making; data security of civil aviationThis paper selects the ACDM system, a typical business system of civil aviation industry, to explore and analyze the data security protection scheme. Based on the actual business functions and data application status of the ACDM system, this paper comprehensively analyzes the data security risks and protection requirements faced by the system, and forms a comprehensive design scheme for data security protection in line with the idea of data hierarchical management and control, which provide practical guidance for the construction unit of the ACDM system and reference for the data security protection construction of data processing subjects in an airport, air traffic control, aviation division and other civil aviation industries.

Analysis of Potential Security Risks in the Field of Metaverse

2023, 9(5):  490. 

Asbtract ( )   PDF (1635KB) ( )  

References | Related Articles | Metrics

The birth and outbreak of the metaverse is the result of the accelerated global digital transformation. As the final form of the network virtualization process, the metaverse has become an important historical node in the evolution of human civilization. However, the development of the metaverse also brings a series of security risks. Regulatory authorities should pay attention to the nested coupling relationship between the metaverse and the real society in their governance, so as to avoid becoming a completely virtual dream universe. Based on the analysis of the security risks of the metaverse in political, social, cultural and network aspects, some suggestions on network governance are put forward to make the metaverse become a beneficial extension and supplement of the real society.