Table of Content

20 December 2023, Volume 9 Issue 12

Previous Issue   

Android Malware Multiclassification Model Based on Transformer

2023, 9(12):  1138. 

Asbtract ( )   PDF (2073KB) ( )  

References | Related Articles | Metrics

Due to the open source and openness, the Android system has become a popular target for malware attacks, and there are currently a large number of research on Android malware detection, among which machine learning algorithms are widely used. In this paper, the Transformer algorithm is used to classify and detect the grayscale images converted by Android software classes.dex files, and the accuracy rate reaches 86%, which is higher than that of CNN, MLP and other models.

Research on Text Classification Model Based on Federated Learning  and Differential Privacy

2023, 9(12):  1145. 

Asbtract ( )   PDF (2101KB) ( )  

Related Articles | Metrics

As a distributed machine learning framework, federated learning can complete model training without disclosing user data. However, recent attacks have shown that only keeping the locality of data in the training process can not provide sufficient privacy protection. Therefore, in order to address the privacy protection issues during federated learning training, this paper proposes a text classification model based on BERT. This model combines differential privacy (DP) and federated learning (FL) to ensure that the federated model training process is protected from inference attacks during the transfer of federated learning parameters. The final experiment shows that the proposed method can maintain high model accuracy while protecting privacy.

Research on Malicious Behavior Detection and Identification Model  Based on Deep Learning

2023, 9(12):  1152. 

Asbtract ( )   PDF (1897KB) ( )  

References | Related Articles | Metrics

In order to identify and prevent abnormal behavior and malicious intrusion in networks, a detection model based on Convolutional Neural Network (CNN) and Bidirectional Long ShortTerm Memory (BiLSTM) networks was constructed and applied to various types of Intrusion Detection Systems (IDS). Distinguished from traditional detection models, which suffer from reduced performance due to data redundancy, this model initially feeds the features into a CNN to generate feature mappings, effectively reducing the parameters of the recognition network and automatically eliminating redundant and sparse features. Subsequently, the processed features are used as inputs to the BiLSTM network to detect and recognize malicious behavior within the network. Finally, test results on the NSLKDD and KDD CUP99 datasets demonstrate that the proposed model surpasses existing models in terms of both time efficiency and accuracy, confirming its effectiveness in detecting malicious behavior and accurately classifying network anomalies.

Optimal Path Generation Method for Industrial Control System  Penetration Testing Based on Reinforcement Learning

2023, 9(12):  1159. 

Asbtract ( )   PDF (1677KB) ( )  

Related Articles | Metrics

Aiming at the deficiencies of existing penetration testing methods, this paper proposes an optimal penetration testing path generation method that combines the characteristics of industrial control systems and reinforcement learning models. Firstly, the typical structure and security threats of the industrial control system and the basic process of the penetration test are analyzed; then the target system and the attacker are modeled based on the reinforcement learning model, and an optimal path generation method for the penetration test based on QLearning is proposed. Finally, the experimental verification is carried out with the petroleum catalytic refining system as the object. The results show that the method can comprehensively consider the differences in testers’ professional skills and target equipment, and generate the optimal path for penetration testing from multiple efficient paths, providing solutions for penetration testing of largescale industrial control systems.

Research Status of Smart Contract Security Vulnerabilities#br#

#br#

2023, 9(12):  1166. 

Asbtract ( )   PDF (954KB) ( )  

References | Related Articles | Metrics

With its unique characteristics of decentralization, nontampering, and traceability, blockchain technology provides a new solution to issues such as trust, certificate storage, and data governance in social development. As the core supporting technology of blockchain, smart contract expands the application scope of blockchain from the single digital currency field to other panfinance fields by writing decentralized applications. However, with the continuous development of the application of smart contract in blockchain, its security problems are becoming increasingly prominent. Therefore, it is particularly important to study the security vulnerabilities of smart contract. This paper firstly introduces 11 kinds of smart contract security vulnerabilities such as integer overflow vulnerability, reentrancy attack vulnerability and their prevention strategies, then discusses 4 vulnerability detection methods and corresponding detection tools such as formal verification, symbolic execution, fuzzing testing and taint analysis, and finally looks forward to the future research directions based on summarizing the shortcomings of existing vulnerability detection work.

A Scalable Realtime Multistep Attack Scene Reconstruction Method#br#

#br#

2023, 9(12):  1173. 

Asbtract ( )   PDF (1495KB) ( )  

References | Related Articles | Metrics

As an active security protection technology, Intrusion Detection System (IDS) can find abnormal situations and send out alarm information in time or take active protection measures, becoming an important part of the network security system. But in recent years, with the increasing scale of network attacks, IDS has become powerless in realtime analysis of complex multistep attacks. This paper designed an extensible attack matching template based on expert prior knowledge to restore and reconstruct multistep attack scene, which is used to restore attack events from the perspective of attackers and help security personnel locate security threats. The method takes realtime alarm information as input, and through mining semantic knowledge and prebuilt attack matching template, it uses matching association algorithm to aggregate and correlate alerts, restore attack scene, and display attack context. The experimental results show that, the method can achieve realtime alert processing and correlation for IDS, and the formed attack events and attack scene will also provide great help for security personnel to repair the system and prevent the next attack. At the same time, the attack matching template has scalability and the ability to deal with more future attacks.

A Survey of Buffer Overflow Detection Techniques#br#

#br#

2023, 9(12):  1180. 

Asbtract ( )   PDF (2543KB) ( )  

References | Related Articles | Metrics

In recent years, with the continuous expansion of the scale of software in the information society, the number of buffer overflow vulnerabilities is not decreasing but increasing. It is urgent to sort out the context of the existing buffer overflow vulnerability detection technologies and make a comparative analysis, so as to achieve technical innovation and breakthrough. In view of the above problems, this paper analyzes the buffer overflow vulnerability analysis techniques: the static detection technology is divided into feature classification and software analysis methods. The dynamic testing technology is divided into traditional fuzzy testing, intelligent gray box testing and input variable coverage conversion. The operation protection technology is divided into integrity, confidentiality and availability protection. The automatic utilization technology is divided into causing program crash, hijacking program control flow and hijacking program data flow. Automatic repair technology can be divided into single or multiple repair strategy. On the basis of the analysis, this paper puts forward three possible research directions in the future: 1) optimizing static detection technology. 2) Integrating machine learning technology for analysis; 3) Analysis of multitechnology collaboration and mutual feeding.

Zero Trust IAM Architecture Technology Based on Dynamic Risk #br# Assessment Mechanism#br#

2023, 9(12):  1190. 

Asbtract ( )   PDF (2047KB) ( )  

References | Related Articles | Metrics

In today’s identity authentication and access control technologies, most of them are authorized based on roles, once an attacker obtains the control right of an account corresponding to the role, he can use the role authority of the account to perform malicious operations without further authentication. Based on this defect, this paper proposes a dynamic risk assessment mechanism and algorithm based on the zerotrust architecture. In the user identity authentication stage, the algorithm is used to calculate the authentication factor provided by the user to obtain the user’s data security risk degree value on the Internet, and dynamically control the user’s access according to the data security risk degree value. In the process of access control, blockchain technology and algorithms are used to generate an undeniable and traceable user access label for this access. The experimental results show that the architecture technology can realize dynamic and more secure authentication and access control.

Ethical Problems and Resolution Path of Cyberspace Communication

2023, 9(12):  1197. 

Asbtract ( )   PDF (1018KB) ( )  

References | Related Articles | Metrics

Cyberspace communication comes into being with the network and is the product of the information age. It can make up for some shortcomings of real communication and reflect people’s pursuit of freedom and equality. Cyberspace communication is the expansion of real communication, allowing people to exchange information, energy, goods, technology, etc. through the network. Cyberspace communication is composed of subjects, means, objects, norms and other elements. Although cyberspace communication is convenient and fast, there are ethical problems such as conflict with real life space, information pollution, crime, hegemonism, which need to be standardized and supervised. Cyberspace communication should abide by certain ethical rules, strengthen relevant legislation, strengthen technical monitoring, purify the communication environment, ensure the dominant position of people, and improve the moral quality of Internet users.

Design and Practice of Open Government Data Platform Based on  Privacypreserving Computation

2023, 9(12):  1203. 

Asbtract ( )   PDF (3388KB) ( )  

References | Related Articles | Metrics

As a new type of production factor, the value of data elements can be fully released only in full sharing and circulation. The scale and volume of government data in China are huge, with rich sources of types and huge development potential. Strengthening the aggregation, integration, sharing, and opening of government data is of great significance for promoting the development of the digital economy and accelerating the construction of digital China. At present, governments at all levels attach great importance to the open of government data, and the process of opening is gradually accelerating, but at the same time the problem of data security still exists. This paper attempts to analyze the current situation and problems in the process of opening government data, explores the solution of building an open government data platform based on Privacy Preserving Computation technology, and introduces relevant practical cases.

Research on the Practice of DevSecOps in the Construction of  Digital Government

2023, 9(12):  1210. 

Asbtract ( )   PDF (1906KB) ( )  

References | Related Articles | Metrics

As an important carrier of data, government business systems are often the most important targets of attack, and government security construction pays more attention to compliance requirements, ensuring business operation through security products and services, while application endogenous security is ignored. In order to adapt to the high security requirements of the current digital government and meet the current scenario of intensive digital government construction, it is necessary to shift security to the left and focus on supply chain and application endogenous security. The government’s information project construction model needs to prioritize development work, and security needs to be closely integrated with the research and development process. DevSecOps, as an emerging security development model, has entered the field of digital government application development. The application development security system enabled by DevSecOps can improve the development process, reduce security repair costs, shorten development cycles, and greatly enhance the level of digital government security.





Research and Practice on Product Security Governance

2023, 9(12):  1218. 

Asbtract ( )   PDF (2479KB) ( )  

References | Related Articles | Metrics

This paper studies how to ensure that suppliers deliver secure and trustworthy products and services from the perspective of product security governance. First, this paper introduces the context of product security, gives the definition and objectives of product security, and proposes that product security is a security governance problem. Then this paper establishes the organizational structure of product security governance based on the threeline model, describes the roles and responsibilities of each organizational unit, and solves the problems of separation of duties and conflicts of interest from the organizational structure. Next this paper introduces the concept, framework, system and implementation approaches of product security policies, and establishes the toplevel requirements of product security system construction. Finally, the contribution of this paper is summarized and the research direction for the next step is pointed out. These research results have been applied in ZTE’s product security practices and have achieved good governance effects.

Data Life Cycle Safety Monitoring Method Driven by Big Data

2023, 9(12):  1226. 

Asbtract ( )   PDF (1859KB) ( )  

References | Related Articles | Metrics

Aiming at the problems of small coverage, low monitoring accuracy and low automation of traditional data monitoring methods, a data lifecycle safety monitoring method driven by large data is put forward, which is based on feature analysis recognition model, content segmentation model, realtime data monitoring model, file analysis retrieval model and user abnormal behavior prediction model to monitor data security risk in realtime. It effectively guarantees the safe flow of data assets. After testing, the overall accuracy of sensitive data collection, sensitive page capture, sensitive flow monitoring and sensitive file parsing under this method is higher than 92%, and the accuracy of user’s sensitive behavior prediction is higher than 93%, which effectively improves the monitoring range and accuracy of sensitive data.