Table of Content

    10 January 2024, Volume 10 Issue 1
    The Status and Trends of Confidential Computing
    2024, 10(1):  2. 
    Asbtract ( )   PDF (1466KB) ( )  
    Related Articles | Metrics
    Privacy Measures for Secure Multiparty Computing Applications
    2024, 10(1):  6. 
    Asbtract ( )   PDF (790KB) ( )  
    References | Related Articles | Metrics
    The privacy protection ability of secure multiparty computing application to input information depends on the underlying security mechanism on the one hand, and on the other hand depends on the task functions. At present, the research on secure multiparty computing mainly focuses on the security mechanism to prevent information leakage in the process of computing. However, there are few studies on the measure of task functions’ ability to protect the input information of the participants. The problem that each participant of the task function deduces the input information of other participants through the legitimate input and output cannot be prevented by the security mechanism of secure multiparty computing, so the measurements of the privacy protection power of the task function are related to the concrete implementation and application of secure multiparty computing schemes. In this paper, according to the information entropy model, the concepts of average entropy and specific entropy are defined from the point of view of the attacker, and a method to calculate information benefits is proposed. Then, the privacy protection strength of the specific application scheme of secure multiparty computing schemes is measured by calculating the ideal privacy loss of the objective function and the actual privacy loss of the actual secure multiparty computing application.
    The Design of a Key Agreement Protocol Based on NTRU
    2024, 10(1):  12. 
    Asbtract ( )   PDF (941KB) ( )  
    References | Related Articles | Metrics
    NTRU is the earliest publickey cryptosystem that reduces the difficulty of the cryptosystem to the latticehard problem. The features of NTRU are simple, and the storage space required is small. Therefore, NTRU is more simple and efficient algorithm for establishing a cryptosystem based on latticehard problems. However, there are few relevant references to design NTRUbased key agreement protocols. The existing NTRUbased key agreement protocols do not protect the keys sufficiently, which is easy to leave convenience for adversary attacks. The proof is not sufficient and incomplete. In order to solve this problem, this paper proposes two key agreement protocols based on NTRU lattice, adding temporary secret information, so that the scheme has strong forward security, and proposes a detailed security proof. The proof is based on the unforgeability of the session key under the SVP assumption on the lattice. The security proof is based on the eCK model. Compared with traditional key agreement schemes such as DH and ECDH, this NTRU scheme is based on polynomial rings, and has higher computational efficiency. Its security can be reduced to solving difficult problems on lattices, and it can resist quantum attacks.
    Security Protection and Research of ModbusTCP Protocol Based on  National Secret Algorithm
    2024, 10(1):  20. 
    Asbtract ( )   PDF (1056KB) ( )  
    References | Related Articles | Metrics
    As a simple and efficient Ethernet industrial control protocol, ModbusTCP is widely used in industrial control systems. However, the traditional ModbusTCP protocol did not consider the problem of security, which leads to many criminals to attack ModbusTCP through its vulnerability. To address the lack of identity authentication and integrity verification in the ModbusTCP protocol, a bidirectional identity authentication and data integrity verification algorithm using SM2 signature verification is proposed. In view of the lack of data confidentiality of ModbusTCP protocol, the SM4 symmetric encryption algorithm is proposed to encrypt the plaintext data. In view of the lack of antireplay attack mechanism of ModbusTCP, a random number method is proposed to prevent replay attack. Experiments show that the proposed scheme can effectively increase the security of ModbusTCP protocol.
    Face Spoofing Detection Model with Fusion of Convolutional  Neural Network and Transformer
    2024, 10(1):  25. 
    Asbtract ( )   PDF (2122KB) ( )  
    References | Related Articles | Metrics
    In the field of face antispoofing, the methods based on Convolutional Neural Network (CNN) can learn feature representation with fewer parameters, yet their receptive fields remain local. In contrast, Transformerbased methods offer global perception but entail an impractical volume of parameters and computations, hindering widespread deployment on mobile or edge devices. To address these challenges, this paper proposed a face spoofing detection model that integrates CNN and Transformer, aiming to achieve a balance between the amount of parameters and accuracy while maintaining the ability to extract global and local features. Firstly, local face images are cropped and selected  as input to effectively avoid overfitting. Secondly, the feature extraction module based on coordinate attention is designed. Finally, the fusion of CNN and Transformer modules are designed to extract local and global features of images through localgloballocal information exchange. The experimental results show that the model achieved an accuracy of 99.31% and an average error rate of 0.54% on the CASIASURF (Depth modality) dataset; Moreover zero  error rate is achieved on the CASIAFASD and ReplayAttack datasets, and the model parameters are only 0.59MB, much smaller than the Transformer series models.
    Abnormal Traffic Detection Based on Adaptive Integrated Learning
    2024, 10(1):  34. 
    Asbtract ( )   PDF (1701KB) ( )  
    References | Related Articles | Metrics
    We propose an adaptive integratelearningbased anomalous traffic detection method in this paper that uses the discrete Fourier transform to extract the frequency domain features of traffic, resulting in less information loss during the extraction of traffic features. An evaluation metric based on stability and accuracy fluctuations is used to dynamically assess the reliability of the current traffic features, and the feature data blocks that pass the evaluation are used to generate new subclassifiers. Meanwhile, an integrated adaptive classifier is designed, whose parameters and subclassifiers are adjusted in real time according to the current situation. The experimental results show that the method is effective for solving the concept drift problem in anomalous traffic detection and machine learning against attacks.
    Router Vulnerability Detection Method Based on Static Analysis and Fuzzing
    2024, 10(1):  40. 
    Asbtract ( )   PDF (1303KB) ( )  
    References | Related Articles | Metrics
    Network attacks targeting router devices often have serious consequences. Fuzzing testing is an effective method to detect security vulnerabilities in router devices. However, without sufficient analysis of the firmware of the target device, fuzzy testing is often blind and ineffective. In this paper, we propose a method of using static analysis assisted fuzzy testing to detect vulnerabilities in router devices. Specifically, the results generated by static analysis are used to construct more effective test cases to fuzz the web interface of the router device. Our opinion is that there is a lot of useful information hidden in the router firmware. We use static analysis to extract the possible loopholes in the program code to build test cases and improve the efficiency of fuzzing. We implemented a prototype system and tested it on 46 router firmware from 4 mainstream router vendors, and found 16 vulnerabilities, 4 of which were 0day vulnerabilities. The results show that our system can detect vulnerabilities that cannot be detected by existing vulnerability detection tools compared to advanced automated vulnerability mining methods. 
    Visual Analysis of Operation Mode of Black and Grey Production  Based on Graph Mining
    2024, 10(1):  48. 
    Asbtract ( )   PDF (2014KB) ( )  
    References | Related Articles | Metrics
    To analyze the network assets controlled by black and grey production gangs and their associated relationships in the network asset mapping data, this paper proposes a graph miningbased visual analysis method for the black and grey production operation mode. Firstly, it identifies potential gang clues within the network asset mapping data. Secondly, it mines the network asset subgraphs held by the same black and grey production gang using these clues and black and grey production business rules, identifying core assets and key links within these subgraphs. Finally, a visual analysis system is developed based on the marked subgraphs, featuring core assets and key links related to black and grey production. It enables the exploration of network assets held by black and grey production gangs and their associated relationships, assisting analysts in formulating strategies to combat black and grey network assets. Experimental validation demonstrates the effectiveness and intuitiveness of the proposed method in analyzing and discovering black and grey production gangs and their network asset associations, providing essential technical support for monitoring the operations of the black and grey business network.
    Research on Risk Analysis and Countermeasures of Financial Institution ICT Supply Chain Information Security
    2024, 10(1):  55. 
    Asbtract ( )   PDF (1178KB) ( )  
    References | Related Articles | Metrics
    Supply chain is an increasingly complex global network composed of a large and growing number of thirdparty partners. For financial institutions, supply chain information security is particularly important for ensuring the security of user funds and personal information. Therefore, it is necessary to plan and build a secure and controllable supply chain information security system in advance. This paper mainly analyzes the information and communication technology (ICT) supply chain information security risks of financial institutions, and proposes a comprehensive prevention and control system framework for ICT supply chain information security based on the entire lifecycle. Through the closedloop management process and technical measures of this framework, precise prevention and control of ICT supply chain information security in financial institutions can be achieved, thereby ensuring the safe and stable operation and development of financial business.
    Research on the Protection of Personal Information in the Digital Economy Partnership Agreement
    2024, 10(1):  61. 
    Asbtract ( )   PDF (875KB) ( )  
    References | Related Articles | Metrics
    The Civil Code of the People’s Republic of China specifies the protection of personal information, but at present there is no uniform legislation on personal information protection, and there is a lack of effectiveness of legal responsibility, and the informed consent rule is also alienated from its application. At this time, we should discuss the informed consent rule and financial liability of personal information protection from the legal system of its parties based on DEPA, and clarify the content of the “5 elements” notification rule based on the distinction of our informed consent rule and the combination of our laws and the laws of New Zealand, so as to improve the application of the informed consent rule. And in terms of financial liability, the amount of compensation will be increased, and clarify related offenses with criminal penalties as an entry point to protect the security of personal information.
    Distributed Authentication Model Under Power IoT Zero Trust Architecture
    2024, 10(1):  67. 
    Asbtract ( )   PDF (2428KB) ( )  
    References | Related Articles | Metrics
    Addressing the new network security challenges brought to the power system by the changing trend of a large number of distributed heterogeneous terminals such as unlimited public network access, new power interactive services, and new information technology application in the power system. This paper proposes a distributed authentication model based on the zero trust security architecture, giving full play to the advantages of zero trust security concept and technology under the overall security architecture of the power Internet of Things(IoT). The model integrates the trusted root of trust technology provided by the trusted computing module of the power terminal hardware.  It also expands and extends the active security protection capabilities of power intelligent terminals and accesses networks to meet new cybersecurity challenges faced by intelligent grids. The distributed authentication model proposed in this paper sinks the dynamic trust evaluation and southbound terminal authentication module in the zero trust security architecture to the edge intelligent device, and subdivides and expands the trust and access control based on the trusted root provided by the terminal trusted module, and gives full play to the specific advantages of zero trust security concept and technology in terminal security access, security monitoring, and finegrained business protection on the basis of compatibility with the existing power IoT authentication model, so as to improve the overall network security protection capability of the power IoT system.
    Design of a Virtual and Real Integrated Industrial Control Security Training Range Platform
    2024, 10(1):  75. 
    Asbtract ( )   PDF (2741KB) ( )  
    References | Related Articles | Metrics
    In response to the current issue of physical industrial control security training ranges not being able to carry out simultaneous online operation of multiple people in experimental teaching, attack and defense competitions, and red blue confrontation, as well as the inability of virtual industrial control security training ranges to conduct attack demonstrations, vulnerability scanning and mining, and security research based on application layers and physical devices. This article designs a virtual reality integrated industrial control security training range platform, which integrates the capabilities of physical device simulation and virtual application layer simulation to meet the needs of users in conducting experimental teaching, attack and defense competitions, red blue confrontation, vulnerability scanning and mining, attack effect demonstration, and security research. It provides a reference basis for the future construction of industrial control security training ranges in China.
    The Method and Practice of “RPA+ Mobile Storage Devices” to Solve Government Data Cross network Exchange Safely
    2024, 10(1):  81. 
    Asbtract ( )   PDF (2168KB) ( )  
    References | Related Articles | Metrics
    With the refined development of government business, there are more and more crossnetwork and crosssystem business docking. Some crossnetwork data exchange cannot be realized, and a large number of duplicate entries in various business systems. In order to liberate the staff from the tedious data entry affairs and avoid the data security problems that may occur in the process of crossnetwork data exchange, the solution of “RPA+ mobile storage devices” is applied to crossnetwork exchange of government data and realize the automation of data collection and entry. It also guarantees the login security, program security and data security in the process of crossnetwork exchange, which assists government officialsimproving the efficiency of crossnetwork and crosssystem data entry. Besides that, the solution alsomaintains the safety and accuracy of data entry.

    Power Sensitive Data Access Control Method Based on Zero Trust Security Model
    2024, 10(1):  88. 
    Asbtract ( )   PDF (1686KB) ( )  
    References | Related Articles | Metrics
    In order to protect the security of power sensitive data, the access control method of power sensitive data based on zerotrust security model was proposed, aiming at the problem of large amount of leakage of power sensitive data caused by the difficulty of data access control and the increase of data theft in big data environment. Based on the zerotrust security model, this paper collected the trust factors of users’ access behavior, constructed the zerotrust security model, decomposed the trust attributes by using the hierarchical decomposition model, constructed a judgment matrix based on the weight distribution method to calculate the trust value of users’ access behavior, and combined the adaptive mechanism and the time decay algorithm to improve the update and record of the trust value. The hierarchical growth decision tree is used to classify the access of power sensitive data. On the basis of user authentication, signcryption parameters are set, and public and private keys are used to sign the access authentication information. The experimental results showed that this method can effectively suppress the vicious data access behavior, and the data encryption time overhead was low, the average time overhead was less than 1.4s1200, and the access control error rate was less than 5%. The overall control effect reached the ideal standard.
    Research on the EU Policy on Cyber Defence
    2024, 10(1):  94. 
    Asbtract ( )   PDF (569KB) ( )  
    References | Related Articles | Metrics
    The European Union proposed to formulate a cyber defence policy in 2013 and issued a joint communication on the “EU Policy on Cyber Defence” at the end of 2022, continuously to deepen and implement its cyber defence policy. This paper first summarizes the main points of the joint communication from the aspects of the necessity of jointly carrying out cyber defence, the role of situational awareness in cyber defence, and the promotion of cyber defence cooperation at multiple levels. Then, the characteristics of the EU’s network defense policy are analyzed in depth from the aspects of deepening network defense policies, implementing network defense policies, and collaborating to protect key infrastructure security. Finally, three inspirations and suggestions for strengthening the security of our critical infrastructure are given.