Table of Content

    06 November 2023, Volume 9 Issue 11
    Research on False Public Opinion Detection in Social Network
    2023, 9(11):  1034. 
    Asbtract ( )   PDF (1706KB) ( )  
    References | Related Articles | Metrics
    The spread of false public opinion has hardly affected the orderly and healthy development of cyberspace, and the widespread use of social networks has exacerbated the malicious injection and spread of false public opinion. False public opinion is a social science concept that lacks specific extension in the research field of natural science. This paper specified the manifestation of false public opinion and expanded misleading information, false news, rumors, sarcasm, bullying, and malicious language into the extension of false public opinion to facilitate the analysis of the injection and dissemination of false public opinion from the perspective of natural science. The concept of the public opinion transmission cycle was integrated into false public opinion detection to more clearly and effectively depict early detection. The differences and emphasis of false public opinion detection research at various stages were analyzed. This paper summarized the outstanding research on false public opinion detection in recent years using a systematic literature review method, introduced feature engineering, technical route, available data sets, and evaluation indicators, and discussed the research and challenges faced by false public opinion detection technology.
    Intrusion Detection Method Based on Multiscale Spatialtemporal  Residual Network
    2023, 9(11):  1045. 
    Asbtract ( )   PDF (1474KB) ( )  
    References | Related Articles | Metrics
    In view of the problems of the existing intrusion detection methods, such as poor feature extraction, low classification accuracy, and weak generalization ability, this paper proposes an intrusion detection model named MultiScale SpatialTemporal Residual Network(MSSTRNet)that integrates multiscale convolutional network (CNN), long shortterm memory network (LSTM), and residual network. Log1p smoothing is first applied to transform the data with large skewness, and this paper proves its effectiveness by comparing the correlation with the label before and after transformation and visualizing the data distribution. Then, the spatial and temporal features of the data are extracted by a multiscale onedimensional convolution module and a long shortterm memory module respectively. Finally, based on the idea of residual network, identity mapping is added to avoid gradient disappearance, gradient explosion and network degradation. The experimental results on the UNSW_NB15 dataset show that the proposed method can effectively enhance the representation ability and generalization ability of the model, and the performance of evaluation metrics has been significantly improved.
    Analysis of Attack Methods of Ransomware Organizations Based on ATT&CK#br#
    2023, 9(11):  1054. 
    Asbtract ( )   PDF (1005KB) ( )  
    References | Related Articles | Metrics
    Since the outbreak of WannaCry Ransomware virus in 2017, The number of ransomware attacks targeting government agencies, large enterprises, medical institutions to increase globally. Ransomware attack presents the characteristics of a high ransom rate, an increasingly complete industry chain for ransomware attacks, and a more largescale and professional commercial operation. Therefore, it is urgent to conduct research on ransomware organizations. Traditional attack detection technology based on big data analysis cannot effectively describe the attack chain of ransomware organizations. Attack methods described in the cyber kill chain model exists high abstraction and lack of a unified description mechanism problems. This leads to differences in the descriptions of the same ransomware organizations by different security researchers. In order to unify the description mechanism, describes the attack chain completely. This paper proposed adopted ATT&CK (Adversarial Tactics, Techniques, and Common Knowledge) model, analyzes the common methods of 9 recently active ransomware organizations like Conti. And analyze the attack techniques commonly used by ransomware organizations. This paper shared a ransomware attack case of Conti organization depicted using the ATT&CK model in the end.
    Research on Data Sharing Management Based on Attributebased Encryption#br#
    2023, 9(11):  1061. 
    Asbtract ( )   PDF (1496KB) ( )  
    References | Related Articles | Metrics
    Data sharing and applications are faced with malicious attacks, supply chain vulnerabilities, security product defects, technical personnel theft and other security threats. It can improve security by deploying a security authentication gateway and cryptographic server to authenticate user identity and protect data confidentiality and integrity. However, there are also internal threats. For example, the administrator being bought or the internal terminal is controlled by hackers, which will bypass these security protection mechanisms. In view of these threats, this paper proposes an attributebased encryption strategy to encapsulate the key based on SM9, so as to avoid the plaintext data in data sharing applications and effectively deal with internal threats such as theft by system administrators.
    A Unified Model for Information Extraction in the Field of  Network Security for Small Samples
    2023, 9(11):  1067. 
    Asbtract ( )   PDF (1538KB) ( )  
    References | Related Articles | Metrics
    Threat intelligence in the Internet is growing day by day, and major network security platforms tend to use automated means to extract important information from it. However, many studies in the past separately modeled tasks such as entity recognition, relationship extraction and event extraction, which resulted in high cost of multi model management, large demand for data and poor knowledge sharing ability. To this end, this paper applies the unified extraction to the field of network security, and proposes an information extraction model in the field of network securityMRCUIE. In addtion, the article also designs the entity construction, prompt template design and model optimization in the field of network security. Finally, MRCUIE is tested on multiple network security data sets. The results show that MRCUIE has improved on 83% of the data sets, and its F1 value is 1%~3% better than the single extraction model, and 9%~14% better than the unified extraction model. Later, MRCUIE was tested on small samples, and it was found that the model only needed 10 samples to get good results, which verified the small sample capacity of MRCUIE.
    An Anonymous Whistleblowing Scheme Based on Metadatahiding
    2023, 9(11):  1076. 
    Asbtract ( )   PDF (1491KB) ( )  
    References | Related Articles | Metrics
    The reporting mechanism can play a very important supervisory role in daily life. Now with the development of society, science and technology, anonymous reporting method is looked rather better to protect and respect the privacy and safety of whistleblowers, and online anonymous reporting method provides great convenience. Aiming at the privacy protection and effective incentive of anonymous whistleblower, an anonymous whistleblower method based on distributed point function was proposed. Anonymous informants can hide their reporting information, personal information and location information with the help of distributed point function, and then randomly forward them through the public key algorithm, and finally they are received by the reporting agency. In this process, any forwarding node and malicious attackers can not obtain any information of anonymous informants. In this scheme, no one can obtain the identity information of the anonymous whistleblower in the anonymous reporting process, so as to ensure the anonymity of the whole process, and the random forwarding node can ensure the robustness and stability of the system in the process.
    The Study of Fair Third Party in Typical Scenarios of Privacy Computing#br#
    2023, 9(11):  1086. 
    Asbtract ( )   PDF (1906KB) ( )  
    References | Related Articles | Metrics
    In the industrial scenarios of privacy computing, the mutually untrusted parties can complete the joint computing by constructing secure multiparty computing protocols or applying homomorphic encryption techniques. To protect security of secret information, e. g. cryptological keys, lower the cost of communications between the parties, it is usual to adopt a third party, distributing the key pairs and secret information among parties and transmitting the intermediate ciphers. In this way, the implementation of privacy computing techniques can be accelerated. In addition, adopting such auxiliary third party can not only promote the security systematically, but also make the risks controllable and compatible to the scenarios requiring regulation and auditing process. Up to now, the basic properties of the adoptable trusted third party is not interpretated clear enough. In this paper, existed studies on privacy computing are reviewed from perspective of utility of third party as assistance, and different from the classical concept of trust third party, a concept of Fair Trusted Party (FTP) is proposed.
     Title Burden of Proof of the Signatory and the Relying Party in  Electronic Signature Disputes
    2023, 9(11):  1096. 
    Asbtract ( )   PDF (847KB) ( )  
    References | Related Articles | Metrics
    The different security levels of electronic signature technologies determine the difference of authenticity and reliability of signature evidences. The preconcept and rule of “reliability” should be introduced into the identification of the admissibility and probative force of signature evidences, and the examination should be separated from the authenticity.If the purported signatory wants to deny the signature on a message, he may need to prove that the signature is genuine but not authorized, or there is no intention of being legally bound, or the signature is false, or the digital certificate is invalid; Because of the trust relationship between the relying party and the certification authority, the relying party has the duty of diligence and prudence in the certification process and operation. The reliance of the relying party on a signature or certificate should be reasonable, and he should check and be able to prove that they checked.
    An Authenticated Key Exchange Protocol for Telecare Medical  Information Systems
    2023, 9(11):  1102. 
    Asbtract ( )   PDF (1908KB) ( )  
    References | Related Articles | Metrics
    Telecare Medical Information Systems (TMIS) has greatly improved the patients’ experience and has become a viable solution to meet the needs of diverse medical services. However, when patients’ private information is transmitted over the public networks through TMIS, it is vulnerable to security attacks. To protect patients’ privacy, a large number of authentication key exchange protocols have been designed for TMIS, but most of them are not resistant to offline dictionary attacks, user impersonation attacks and smart card loss attacks. In this paper, an elliptic curvebased authentication key exchange protocol is designed to achieve anonymity and untraceability of users by using identity encryption and randomized message transmission. Finally, the security proof and performance analysis demonstrate the superiority of TMISAKE protocol in terms of security and efficiency, and its ease of deployment in TMIS.
    Research on SOAR Practice Based on Atomization Device and  Asset Management
    2023, 9(11):  1111. 
    Asbtract ( )   PDF (1861KB) ( )  
    References | Related Articles | Metrics
    The means, scale and frequency of network attacks continue to evolve, and the network threats faced by countries and enterprises are becoming increasingly severe. In this context, SOAR (security orchestration automation and response) technology provided a solution for enterprises to balance “security, cost and efficiency” by solidifying automation scenarios. For the dynamic and agile requirements of security device capability access and call, network asset information entry and association in the SOAR practice, the atomization device and asset management strategy based on the concept of standard security orchestration actions and security attribute asset sets was proposed. Through the atomization and instantiation of device capabilities and asset attributes, as well as the integration of standard security orchestration actions and security attribute asset sets based on the knowledge atlas, the agile integration of security equipment and network asset capabilities, efficient resource allocation, and information associated storage to deal with the dynamic changes of network threats and protection requirements can be implemented. At the same time, several SOAR automation scenarios based on this strategy were studied and discussed.
    Design and Implementation of ECDSA Collaborative Signature Scheme#br#
    2023, 9(11):  1120. 
    Asbtract ( )   PDF (1426KB) ( )  
    References | Related Articles | Metrics
    Aiming at the private key protection of the software password module of a mobile intelligent terminal in the open environment, a twoparty cooperative signature scheme CECDSA is designed. Based on the standard ECDSA signature algorithm, the scheme realizes the key pair and cooperative signature of both parties, and gives the correctness proof. Neither party can obtain a complete private key, and thus cannot forge a signature, which fully guarantees the security of ECDSA algorithm in open environments such as intelligent terminals. Based on the zeroknowledge proof of the elliptic curve discrete logarithm problem, a simulation protocol is constructed, and the security analysis of the scheme is given. The implementation and performance evaluation of the scheme is given. Compared with the existing twoparty ECDSA collaboration schemes, the scheme has advantages in computing efficiency and traffic under the semihonest model and the malicious model. This scheme can protect the security of private key storage and operation in the software password module, and is applicable to the privacy protection and identity authentication of sensitive data in Internet fields such as the Internet of vehicles and the Internet of things.
     Research on the Role and Responsibility of Digital Government  Chief Data Security Officer
    2023, 9(11):  1131. 
    Asbtract ( )   PDF (4537KB) ( )  
    References | Related Articles | Metrics