Loading...

Table of Content

    17 September 2023, Volume 9 Issue 9
    Previous Issue   
    Security and Privacy Protection in 6G Network: A Survey
    2023, 9(9):  822. 
    Asbtract ( )   PDF (1096KB) ( )  
    References | Related Articles | Metrics
    The scale of 5G network deployments continues to grow. While there are obvious advantages over 4G network, the limitations of 5G network are emerging, which leads to research on 6G network technologies. The complexity of 6G network and the diversity of 6G’s applications make the security issues of 6G more prominent. Coupled with the fact that 6G frameworks and related technologies are largely in a conceptual state, the security and privacy issues of 6G network are still in the exploratory stage. In this paper we analyzed the current state of 6G security and privacy research at first, and than pointed out the security challenges in 6G network, discussed potential security solutions for 6G network from the aspects of physical layer security, artificial intelligence (AI), distributed ledger technology (DLT), and edge computing, and finally we provided an outlook on future research trends of security and privacy protection in 6G network.
    Optimization Design of SM4 Pipeline Based on SIMD Idea
    2023, 9(9):  832. 
    Asbtract ( )   PDF (1765KB) ( )  
    References | Related Articles | Metrics
    SM4 algorithm is a Chinese commercial cryptography standard and is widely used in the field of information security. Since SM4 implementation requires multiple iterations and loops, so SM4 algorithm is suitable for hardware implementation, this paper proposes a ROMbased parallel Sbox design, for SM4 ECB mode round key update pipeline structure, and the pipeline structure is further optimized based on SIMD(single instruction multidata) ideas, reducing the task overhead of round key generation, realizing simultaneous operation of singleround key generation with multiencryption and decryption data flow. Compared with the LUT pipeline structure and BRAM pipeline structure, the ROM pipeline structure proposed in this paper can reduce the use of hardware resources, and the throughput (input and output) can be increased by 1.33 times and 1.46 times, respectively; compared with the BRAM+ register pipeline structure, a lot of register resources are saved, but the throughput is not significantly reduced. When the 4 road encryption and decryption structure is generated for the 1 round key, the resource consumption is only 2.5 times of the ROM pipeline structure, but the efficiency is increased by 4 times.
    Face Recognition Privacy Protection Method Based on Homomorphic Encryption#br#
    2023, 9(9):  843. 
    Asbtract ( )   PDF (1144KB) ( )  
    References | Related Articles | Metrics
    With the development and application of big data, biometric recognition technology has developed rapidly and has been widely used in new authentication technology. Because the traditional biometricbased identity authentication is mostly carried out in plaintext, and the user’s privacy cannot be adequately guaranteed, this paper proposes and designs a face recognition privacy protection method based on homomorphic encryption technology based on the above defects. This method firstly uses the current popular authentication model FaceNet to extract the user’s biometric information, and then encrypts the extracted feature information with the help of RLWE based homomorphic encryption technology to ensure that when the biometric information is outsourced to the server for distance calculation, the user’s private data will not be disclosed and the server will not snoop on the user’s behavior. At the same time, in the process of identity authentication, the concept of random number is introduced to prevent illegal users from replaying attacks on the server.Experiments show that the method can still ensure high accuracy and feasibility in the state of ciphertext.
    Research on Commercial Cryptography Application to Industrial Internet
    2023, 9(9):  851. 
    Asbtract ( )   PDF (2591KB) ( )  
    References | Related Articles | Metrics
    As a pivotal foundation of the fourth industrial revolution, the Industrial Internet is attributed as an essential integrated information infrastructure and application paradigm which empowers and facilitates the industrial economy with the latest generation of information and communication technology. The complexity of Industrial Internet devices, private protocols, massive data, and strict industrial characteristics bring inevitable and complex security risks to all aspects of the Industrial Internet. Therefore, how to draw on commercial cryptography technology to implant secure immune genes into the Industrial Internet has become a current research hotspot. This paper starts from the security risks of the Industrial Internet, analyzes the commercial cryptography application requirements of the Industrial Internet, thereby studies the commercial cryptography scheme of typical application scenarios in the Industrial Internet, and finally proposes some proposals for the application and promotion of the commercial cryptography in the Industrial Internet. The research results provide a theoretical guidance and reference for the application practice of commercial cryptography in Industrial Internet scenarios, and are expected to solve the key problems of the Industrial Internet security.
    Design and Implementation of Massive Encryption Key Management Scheme for Cloud Storage
    2023, 9(9):  859. 
    Asbtract ( )   PDF (1839KB) ( )  
    References | Related Articles | Metrics
    Cloud storage is an emerging technology for its low cost and high efficiency, but the openness, shareability, and the extravagant provided privilege of the cloud platform bring hidden danger to the confidentiality and integrity of users’ data. Hence, cloudbased data storage should be protected by cryptographic techniques, but massive users and finegrained encryption generate massive keys, which puts greater pressure on the storage system. For the cloud storage scenario, this paper studies the method of mass key management. and proposes a key derivation scheme based on matrix and a key distribution scheme based on SM2 threshold algorithm, which effectively reduces the key storage space and improves the security of key distribution.
    Cyberbullying Detection Model Based on ELMoTextCNN
    2023, 9(9):  868. 
    Asbtract ( )   PDF (1237KB) ( )  
    References | Related Articles | Metrics
    Cyberbullying detection is an important research content on cyberspace information content security, and it is also related to youth online security. Aiming at the problems of few training samples, difficulty in processing polysemous words and unsatisfactory classification performance in current cyberbullying detection schemes, an ELMoTextCNN detection model is proposed. The model first adopts the idea of transfer learning and uses pretrained embeddings from language models (ELMo) to generate dynamic word vectors, which not only solves the problem of small cyberbullying sample size, but also because ELMo uses the bidirectional long shortterm memory (BiLSTM) network structure, it will infer the word vector corresponding to each word based on the context, and can understand polysemous words according to context. The model extracts text features through a text convolutional neural network (TextCNN), which is good at processing short text data, and finally outputs the classification results through a fully connected layer. Experimental results prove that the proposed ELMoTextCNN detection method can handle the ambiguity of a word and obtain better classification and detection results.
    Research on Blockchain Abnormal Transaction Detection Technology  Based on LightGBM
    2023, 9(9):  877. 
    Asbtract ( )   PDF (1403KB) ( )  
    References | Related Articles | Metrics
    Because the traditional machine learning model is prone to overfitting when dealing with small sample data sets. To solve such problems and ensure the accuracy of model validation, this paper proposes a blockchain anomaly transaction detection method based on LightGBM(LGBM), using grid search to optimize the model parameters to prevent the model from falling into the overfitting state and improve the adaptability of the model. The optimal AUC value of the LightGBM model is 0.994, and the average accuracy is 0.970. In order to verify the effectiveness of the anomaly detection algorithm proposed in this paper, a comparative experiment with the random forest and XGBoost model shows that the proposed method has higher accuracy and training efficiency.
    Research and Application of Blockchain Based Medical Data Security Sharing Model
    2023, 9(9):  884. 
    Asbtract ( )   PDF (2339KB) ( )  
    References | Related Articles | Metrics
    With the deepening development of the trend of open and shared data, issues such as low matching between data demand and supply, weak protection of data security and personal privacy, and imperfect mutual trust mechanisms between medical institutions are becoming increasingly prominent. In this paper, the “onestop” expense settlement scenario of Medicaid was taken as the application research object, the traceability and audit of medical data were strengthened based on blockchain technology, secure exchange was implemented by extracting shared data definitions, access control of medical data was  implemented based on attribute encryption technology, and personal privacy data protection was strengthened by using privacy computing model, data hierarchical credit and other means, automatic, efficient, and secure data sharing was realized through smart contract management and control of data sharing mechanisms. Based on the security system architecture of blockchain, this paper strengthened the elements of “compliance”, “credit”, “security”, “privacy”, and promotes the global security and compliance of medical data sharing through the integration of business requirements and data security compliance.
    Detection for Linear Deception Attacks in Wireless Network Transmission
    2023, 9(9):  892. 
    Asbtract ( )   PDF (3914KB) ( )  
    Related Articles | Metrics
    In the process of transmitting data in wireless networks, once cyberphysical systems are attacked by linear deception attacks, which will bring huge losses to the society. This paper considers the security detection problem of multisensor systems. It first discusses the limitation of the traditional Chisquare detector. And then, a detection scheme based on similarity measure is proposed to detect whether the system is subject to attacks by comparing the similarities between the estimated values of each pair of sensors and the similarities between each sensor and the estimated value of the whole system. The experiment uses the Chebyshev distance detection method to carry out MATLAB simulation. The results show that based on this detection scheme, the detection value of the system will change before and after being attacked, which verifies the effectiveness of the detection scheme.
    Research and Practice of Government Data Security Governance System
    2023, 9(9):  900. 
    Asbtract ( )   PDF (4365KB) ( )  
    References | Related Articles | Metrics
    Critical data is an important engine that keeps organizations and societies going, which makes it a target for malicious hackers, a target for intense scrutiny by regulators, and a need to prevent employees from inadvertently disclosing secret internal information. As the “guardian” to maintain the order of data opening and ensure data security, government departments should not only protect the security of sensitive data, maintain regulatory compliance, but also quickly deploy and implement data security protection projects without changing the existing business processes, and effectively control costs and reduce complexity and risks. This paper starts from the background of government data security governance, through the analysis of the government data security management status and security management needs, refer to the latest data security governance theory and technology research results at home and abroad, according to the relevant policies, laws and regulations, based on the security needs under the background of information technology application innovation, puts forward the framework of the system which applies to the security governance of government affairs data in our country, introduces the related technologies and project practice case.
    Review and Improvement of Personal Information Protection  Person in Charge System for Internet Platform
    2023, 9(9):  908. 
    Asbtract ( )   PDF (845KB) ( )  
    References | Related Articles | Metrics
    Personal Information Protection Law of the People’s Republic of China clarifies that the personal information processor who meets the corresponding conditions should set up a person in charge of personal information protection. As a personal information processor, the Internet platform has the legitimacy and feasibility of applying this system. However, at present, there are some deficiencies in the standardization and effectiveness of applying the personal information protection personincharge system on the Internet platform, such as the establisted standard of the personal information protection personincharge is not standardized, the post standard is not standardized, the performance standard is not refined, the communication mechanism with the personal information subject and the personal information protection department is unclear, and the responsibility mechanism is not working smoothly. Therefore, in order to improve the effectiveness of applying this system on the Internet platform and promote the efficient development of the digital economy, we should further refine the establishment standards, performance content and responsibility mechanism of the personal information protection personincharge system, and enhance the enthusiasm of the personal information protection personincharge by strengthening the performance guarantee and setting up the reward mechanism.
    Design and Implementation of Privacy Iinformation Protection System  Based on Big Data Analysis
    2023, 9(9):  914. 
    Asbtract ( )   PDF (1796KB) ( )  
    References | Related Articles | Metrics
    In order to ensure the security of private information, realize the humanized encryption of information, and avoid the risk of privacy information leakage, a privacy information protection system based on big data analysis is designed. The cloud infrastructure layer takes Kubernetes cluster technology as the core to provide infrastructure support for system functions. On this basis, the big data processing layer processes information through filtering, deduplication and other operations, and then transmits information to the information protection layer through file transfer protocol. This layer is based on the TBS architecture, introduces MapReduce programming model, stores massive information in parallel. At the same time, privacy information protection model based on attribute classification is used to realize privacy information protection. The test results show that the system can complete the parallel storage of massive information, the information record link results are below 0.22, and the risk of privacy information disclosure is low, ensuring the privacy of information presentation; Moreover, the KL dispersion is within 0.18, and the information availability is good after privacy protection.
    The Innovation and Practice of the Talent Training Mode of Cyber  Security with the Features of ScienceEducation Integration
    2023, 9(9):  921. 
    Asbtract ( )   PDF (1986KB) ( )  
    References | Related Articles | Metrics
    As one of the representatives of the new engineering disciplines, cyberspace security has distinctive attributes of crossdiscipline, engineering technology and cuttingedge innovation, and the importance of its talent cultivation is selfevident. The relevant work of this thesis aims to explore the research and practice of innovative cultivation in the field of cyber security. Since 2012, the Chinese Academy of Sciences (CAS) and the Ministry of Education (MOE) jointly proposed the “Action Plan for Collaborative Education in Science and Education”. In this paper, based on the practice of scienceeducation integration in nurturing cyber security at the University of Chinese Academy of Sciences, the author’s team proposed an innovative practical approach to the integration mode of organic integration of researchengineeringstrategy and the training of talents in the whole chain, and carried out an innovative exploration of the training mechanism of cyber security talents with the core objective of cultivating composite talents in the discipline of cyber security. Meanwhile, the author’s scientific research team carried out the teaching practice of twoway empowerment of science and research, and elaborated the scientific research practice of the talent cultivation mode of scienceeducation integration.
Author Center
Review Center
京ICP备19004174号
Copyright © Journal of Information Security Reserach, All Rights Reserved.
Tel: 010-68558637 E-mail: ris@cei.cn
Powered by Beijing Magtech Co., Ltd.