Table of Content

    01 August 2023, Volume 9 Issue 8
    Key Technologies and Research Prospects of Privacy Computing
    2023, 9(8):  714. 
    Asbtract ( )   PDF (1814KB) ( )  
    References | Related Articles | Metrics
    Privacy computing, as an important technical means taking into account both data circulation and privacy protection, can effectively break the “data island” barriers while ensuring data security, it enables open data sharing, and promotes the deep mining and use of data and crossdomain integration. In this paper, the background knowledge, basic concepts and architecture of privacy computing were introduced, the basic concepts of three key technologies of privacy computing, including secure multiparty computation, federated learning and trusted execution environment were elaborated, and studies on the existing privacy security was conducted, a multidimensional comparison and summarization of the differences of the three key technologies were made. On this basis, the future research direction of privacy computing is prospected from the technical integration of privacy computing with blockchain, deep learning and knowledge graph.
    Encrypted Proxy Traffic Identification Method Based on Convolutional Neural Network#br#
    2023, 9(8):  722. 
    Asbtract ( )   PDF (2382KB) ( )  
    References | Related Articles | Metrics
    A method for identifying encrypted proxy traffic based on convolutional neural network is proposed. First, the stream reassembly operation is performed on the selfdeployed and selfcaptured raw encrypted traffic, and then the first L×L bytes of the first N data packets of the restored data stream are extracted to form a grayscale image as the stream feature image of the data stream whose (Height, Width, Channel) is (N×L, L, 1). After that, all the samples are divided into training set, verification set, and test set, which are utilized by the designed convolutional neural network model for training, verification and testing respectively. Finally, by selecting different combinations of the first N data packets and the packet length strategy L to conduct experiments, it is finally measured that when N=4, L=40×40, the highest identification accuracy of the model can reach 99.38%, which has certain advantages in terms of accuracy compared with other related similar methods.
    Research on Network Malicious Traffic Detection Technology Based on  Ensemble Learning Strategy
    2023, 9(8):  730. 
    Asbtract ( )   PDF (2586KB) ( )  
    References | Related Articles | Metrics
    Network traffic is the main carrier of network attacks, and the identification and analysis of malicious traffic is an important means to ensure network security. Machine learning method has been widely used in malicious traffic identification, which can achieve high precision identification. In the existing methods, the fusion model is more accurate than the single statistical model, but the depth of network behavior mining is insufficient. This paper proposes a stacking model that identifies multilevel network features and is MultiStacking for malicious traffic. It employs the network behavior patterns of network traffic in different session granularity and combines the robust fitting capability of the stacking model for multidimensional data to deeply heap malicious network behaviors. By verifying the detection capabilities of multiple fusion models on the CICIDS2017 and CICIDS2018 datasets, various detection methods are comprehensively quantified and compared, and the performance of MultiStacking detection methods in MultiStacking scenarios is deeply analyzed. The experimental results show that the malicious traffic detection method based on multilevel stacking can further improve the detection accuracy.
    Comparison Research on Intrusion Detection Model Based on  Machine Learning
    2023, 9(8):  739. 
    Asbtract ( )   PDF (942KB) ( )  
    References | Related Articles | Metrics
    Nowadays, network threats are constantly evolving and demonstrate increasing invisibility. Studying the performance and characteristics of multiple machine learning models for intrusion detection on modern traffic data is of greater significance to improve the timeliness of intrusion detection systems. This paper explores the use of recent efficient machine learning models, including ensemble learning(Random Forest, XGBoost, LightGBM) and deep learning(CNN, LSTM, GRU, etc) models for intrusion detection tasks on the public dataset UNSWNB15.We elaborate the task flow and experimental configuration, compare and analyze the experimental results of different models, summarize the characteristics of each model in the network intrusion detection task. The experimental results demonstrate that, under a 10% sampled dataset of UNSWNB15, the bestperforming model for the binary classification task among the experimental models is LightGBM, with an F1 score of 0.897, an accuracy of 89.86%, a training time of 1.98s, and a prediction time of 0.11s. In the case of multiclassification tasks, the most comprehensive prediction model among the experimental models is XGBoost, with an overall F1 score of 0.7907, an accuracy of 75.96%, a training time of 144.79s, and a prediction time of 0.21s.
    A Formatpreserving Encryption Algorithm for Numeric Data
    2023, 9(8):  745. 
    Asbtract ( )   PDF (1134KB) ( )  
    References | Related Articles | Metrics
    We study FPE (formatpreserving encryption) and propose a new numerical formatpreserving encryption algorithm, which significantly improves the performance of the formatpreserving encryption algorithm by not using CycleWalking. The block length is determined by decimal number of plaintext digits, including even and odd lengths. The core is to realize confusion and diffusion by constructing additive groups, finite fields, and Sbox, and use permutation algorithm and skipping algorithm to realize the preservation of the format. The key expansion algorithm outputs the block length of the plaintext flexibly and uses the key generator of the stream cipher to generate subkeys. A specific example is used to verify that the proposed algorithm can correctly implement formatpreserving encryption, and different algebraic group operations and nonlinear transformation of Sbox increase the security of the algorithm. Security analysis illustrates that the algorithm can meet the actual security requirements. Finally, compared with the FPE algorithm standard, FFX, which is proposed by NIST, the result shows that the proposed algorithm is about 30 times faster than FFX for a 128b block (32 decimal digits) of FFX.
    Research on Malicious Location Attack Detection of VANET Based on  Federated Learning
    2023, 9(8):  754. 
    Asbtract ( )   PDF (2613KB) ( )  
    References | Related Articles | Metrics
    Malicious behavior detection is an important part of the security needs of the Internet of vehicles. In the Internet of vehicles, malicious vehicles can achieve malicious location attack by forging false basic security information (BSM) information. At present, the traditional solution to the malicious location attack on the Internet of vehicles is to detect the malicious behavior of vehicles through machine learning or deep learning. These methods require data collecting, causing privacy problems. In order to solve this problems, this paper proposed a detection scheme of malicious location attacks on the Internet of vehicles based on Federated learning. The scheme does not need to collect user data, and the detection model uses local data and simulated data for local training, which ensures the privacy of vehicle users, reduces data transmission and saves bandwidth. The malicious location attack detection model based on Federated learning was trained and tested using the public VeReMi data set, and the performance of the data centric malicious location attack detection scheme was compared. Through comparison, the performance of malicious location attack detection based on Federated learning is similar to that of traditional data centric malicious location attack detection scheme, but the malicious location attack detection scheme based on Federated learning is better in data transmission and privacy protection.
    Analysis on the Homology of Malware Families Based on  Openset Recognition
    2023, 9(8):  762. 
    Asbtract ( )   PDF (2218KB) ( )  
    References | Related Articles | Metrics
    At present, analysis on the homology of malware families mostly focuses on the closedset problem, that is, it is assumed that the samples to be tested must belong to a certain known class.However, there are many malware families in an open world, and the unknown classes usually account for the majority. The closedset recognition cannot accurately identify the malware families in an open world. Aiming at the above problems, this paper proposes a homology analysis method for malware families based on openset recognition. The malware executable files are converted into grayscale images through NGram sliding window and Doc2vec sentence embedding method, the features of the grayscale images are obtained based on the convolutional neural network model MobileNet, and the Open Longtailed Recognition model is used to realize openset recognition of malware families. Identifying 9 known classes and 9 unknown classes of malware families, the experimental results show that the proposed method can identify the malware family of the unknown classes while maintaining high accuracy on both known and unknown families.
    Research on Performance of MAVSec Security Protocol Based on  Different Cryptographic Algorithms
    2023, 9(8):  771. 
    Asbtract ( )   PDF (2065KB) ( )  
    References | Related Articles | Metrics
    As a lightweight communication protocol between the UAV and the ground control center, MAVLink has the advantages of convenient configuration and easy invocation. A twoway channel is established between the UAV and the ground control center through MAVLink to transmit control information and status position data. However, MAVLink does not support encrypted communication and authentication and authorization mechanisms, which has potential risks of being attacked. The MAVSec protocol is an encrypted version of MAVLink proposed by Allouch A et al. In this paper, the performance of Chinese commercial cryptographic algorithms and foreign cryptographic algorithms in terms of encrypted transmission delay, memory usage and CPU consumption for MAVSec protocols using were evaluated different encryption algorithms. The experimental results show that, compared with other encryption algorithms, the ZUC algorithm in China’s commercial cryptographic algorithms has better performance and efficiency when transmitting command data, and occupies less CPU and memory resources. The application of ZUC algorithm in MAVLink improved the security of communication without affecting the performance, and saved the computing resources and battery consumption of the drone to the greatest extent.
    Restatement of the Theoretical System of “Rights to Personal Information” —Guided by Hohfeld’s Theory of Rights
    2023, 9(8):  777. 
    Asbtract ( )   PDF (957KB) ( )  
    References | Related Articles | Metrics
    As the cornerstone of digital economy, “rights to personal information” has not been confirmed by Chinese law. The academic research on “rights to personal information” is still in the initial stage. Hohfeld’s theory of rights is influential in the field of rights analysis. Therefore, under the guidance of Hohfeld’s theory of rights, this paper restates the theoretical system of “rights to personal information” in combination with the relevant provisions of the Civil Code of the People’s Republic of China and the Personal Information Protection Law of the People’s Republic of China. In this system, the right subject of personal information should belong to natural person; the object of right is personal information; the content of personal information right is a rights collocation composed of the right to domination over information, the right to be informed about information, the right to withdraw consent, the right to information rectification, the right to carry information, the right to restriction of processing and the right to erasure of information. When the subject of personal information enjoys right, privilege, power and immunity, the personal information processor bears the corresponding duty, noright, disability and liability.
    Research and Application of 5G Private Network Access Security  Management and Control Scheme Based on DNAAA
    2023, 9(8):  784. 
    Asbtract ( )   PDF (1954KB) ( )  
    References | Related Articles | Metrics
    5G security is an important foundation and solid guarantee for the highquality development of 5G, and the 5G converged application security strategy needs to meet the diversified and differentiated needs of services. Operators can open 5G security capabilities to industry customers and give them the means to independently control management, helping to promote the largescale development of 5G industry applications. This paper first introduces the concept and development status of 5G private network, analyzes the current situation of 5G private network access security control requirements and implementation schemes, puts forward a 5G private network access security management and control scheme based on DNAAA, including networking scheme and system capability, and finally introduces the application practice of the scheme in four industry scenarios of campus, finance, power and industry, and verifies the effectiveness and feasibility of the scheme by testing, it provides a useful reference for the construction of access security management and control capabilities of 5G private networks.
    Research on Security Risks and Protection of Container Images
    2023, 9(8):  792. 
    Asbtract ( )   PDF (1788KB) ( )  
    References | Related Articles | Metrics
    As the digital transformation speeds up, more and more enterprises shift to adopt container technology to improve business productivity and scalability in order to deepen the process of industrial digital transformation. As the basis for container operation, container images contain packaged applications and their dependencies, as well as process information for container instantiation. However, container images also have various insecure factors. In order to solve the problem from the source and reduce the various security risks and threats faced by containers after they are instantiated, the fulllifecycle management of container images should be implemented. In this paper, the advantages that container images bring to the application development and deployment were investigatesd, the security risks faced by container images were analyzed. Key technologies for container mirroring security protection from the three stages of construction, distribution, and operation were proposed, and then a container image security scanning tool was developed, which can scan container images for applications and underlying infrastructure that use container technology. It was proved to have good practical effects, which can help enterprises achieve fulllifecycle image security protection.
    Civil Aviation Passenger Privacy Data Protection Method Based on  Multiparty Security Attack and Defense Game
    2023, 9(8):  799. 
    Asbtract ( )   PDF (2285KB) ( )  
    References | Related Articles | Metrics
    The problem of high leakage probability and low protection efficiency of civil aviation passenger privacy data was solved, a model of civil aviation passenger privacy data protection based on multiparty security attack and defense game was proposed. Firstly, according to the multiparty security attack and defense game theory, needs to the two party rational selection strategy of the attack and defense game were explored, a rational security computing protocol for the attack and defense game were designed, the problem of low computing efficiency was resolved. Secondly, the process and model framework of civil aviation passenger privacy data protection based on multiparty security attack and defense game were designed, which depended on the rational multiparty security computing protocol, the process of civil aviation passenger privacy data protection was analyzed. Finally, the network topology of the passenger privacy data attack and defense scenario was constructed, the civil aviation passenger privacy database was randomly attacked with 100, through select 500 attackers and 100 defenders, and the results of 50 repeated attacks were compared with the traditional privacy data protection model and the privacy data protection model based on game theory. The results show that: The number of attack was increased, the leakage probability of the model in this paper is significantly lower than that of the traditional privacy data protection model and the privacy data protection model based on Game theory, and the effectiveness of privacy data protection has a significantly increased.
    Classification and Grading Method of Transportation Government Data
    2023, 9(8):  808. 
    Asbtract ( )   PDF (1008KB) ( )  
    References | Related Articles | Metrics
    In order to promote the open sharing of government data and improve data security, it is urgent to solve the classification and grading of government data resources. This paper summarized the experience of domestic and foreign government data classification and grading, using a hybrid classification method combining surface and line to build transportation government data classification framework. A fivelevel data grading model was formed base on the data grading method of data security risk analysis, and the effect of the method was verified by introducing actual data. Transportation government data classification and grading method can effectively assist the relevant departments to carry out classification and grading of government data, as well as important data protection, and promoting the level of industry data security governance and security technology advancement.
    Exploration of a New Model of Blockchain Technology Credit Investigation for Small and Micro Enterprises
    2023, 9(8):  814. 
    Asbtract ( )   PDF (19190KB) ( )  
    References | Related Articles | Metrics
    Our country’s credit investigation industry is generally faced with difficulties such as difficulty in loaning for small and micro enterprises, difficulty in risk control and management, and difficulty in data market supervision. The effective data sharing and risk control models of some current advanced credit investigation implementation models have enlightening significance for our country’s credit investigation industry. Based on the investigation of our country’s credit investigation and existing credit investigation systems, the characteristics of typical credit investigation models and the difficulties encountered in their promotion were analyzed. Integrate with current model, a new type of blockchain technology “interchain network+smart contract+oracle” is proposed. For the typical credit investigation model, a new model framework of blockchain credit investigation and credit investigation business processes that are suitable for nationwide promotion are designed. On the premise of protecting data privacy, improving data transparency and ensuring penetrating supervision can effectively solve the problem of credit investigation services for small and micro enterprises.