Announcement
Editors Recommend
15 December 2021, Volume 7 Issue 6
Comprehensive Review
Survey on image non-additive steganography
Yaofei WANG, Weiming ZHANG, Kejiang CHEN, Wenbo ZHOU, Nenghai YU
2021, 7(6):  1-10.  doi:10.11959/j.issn.2096-109x.2021102
Asbtract ( 13 )   HTML ( 1)   PDF (1145KB) ( 11 )   Knowledge map   
Figures and Tables | References | Related Articles | Metrics

Image non-additive steganography not only can better maintain the distribution of image elements, but also has high detection resistance.Firstly, the image non-additive image steganography methods were sorted out and divided into two major categories: non-additive distortion design and non-additive steganography coding design.The non-additive distortion was designed into three categories: theoretical models based, modification principles based and adversarial detection based, and compared these methods.Finally, the difficult problems faced by non-additive steganography and the future development ideas were analyzed.

TopicⅠ: Novel Network Technology and Security
Survey of control and management mechanisms for time-sensitive network
Shuo WANG, Shuwen YIN, Hua LU, Jidong ZHANG
2021, 7(6):  11-20.  doi:10.11959/j.issn.2096-109x.2021105
Asbtract ( 16 )   HTML ( 0)   PDF (1737KB) ( 8 )   Knowledge map   
Figures and Tables | References | Related Articles | Metrics

Time-sensitive network can provide deterministic transmission services with bounded low latency for applications.Besides, it brings a unified architecture and standards to heterogeneous real-time Ethernet in the industry.However, the implementation and deployment of time-sensitive network based on IEEE Std 802.1Qcc face many challenges in various application scenarios.The research on the control and management mechanisms in time-sensitive network was summarized.Then the problems to be solved were analyzed and summarized from transmission performance, scalability and technology fusion.The latest research progress of control and management mechanisms was shown.The open issues and future research directions were discussed.

Aeronautical Ad Hoc network node failure analysis method
Lixia XIE, Liping YAN, Hongyu YANG
2021, 7(6):  21-30.  doi:10.11959/j.issn.2096-109x.2021084
Asbtract ( 15 )   HTML ( 0)   PDF (1590KB) ( 4 )   Knowledge map   
Figures and Tables | References | Related Articles | Metrics

To analyze the stability changes of aeronautical ad hoc network (AANET) caused by node failure affecting reaction effectively, an AANET node failure analysis method was proposed.Firstly, the model of business-entity asymmetric dependent network was established based on the characteristics of AANET.Secondly, an improved failure traffic redistribution algorithm was designed to obtain the affected node set.Finally, the AANET affecting impact value was calculated according to the node weight, then the affecting impact degree was determined.The experimental results show that the proposed method has better accuracy in the failure affecting impact analysis of AANET.

Key path analysis method for large-scale industrial control network
Yaofang ZHANG, Zheyu ZHANG, Haikuo QU, Ge ZHANG, Zibo WANG, Bailing WANG
2021, 7(6):  31-43.  doi:10.11959/j.issn.2096-109x.2021069
Asbtract ( 18 )   HTML ( 1)   PDF (2035KB) ( 5 )   Knowledge map   
Figures and Tables | References | Related Articles | Metrics

In order to solve the problem of high time-consuming and resource-consuming quantitative calculation of large-scale industrial control network attack graphs, a key path analysis method for large-scale industrial control networks was proposed.Firstly, the idea of cut set was used to calculate the key nodes set of Bayesian attack graph by combining the atomic attack income in industrial control network, which solved the problem that the current cut set algorithm only considers the key nodes in graph structure.Secondly, a dynamic updating strategy of Bayesian attack graph which only updated the attack probability of key nodes was proposed to efficiently calculate the attack probability of the whole graph and analyze the key path of attack graph.The experimental results show that the proposed method can not only ensure the reliability of the calculation results of large-scale industrial control attack graphs, but also can significantly reduce the time consumption and have a significant improvement in the calculation efficiency.

Research progress on dynamic hopping technology for network layer
Weizhen HE, Fucai CHEN, Jie NIU, Jinglei TAN, Shumin HUO, Guozhen CHENG
2021, 7(6):  44-55.  doi:10.11959/j.issn.2096-109x.2021104
Asbtract ( 15 )   HTML ( 0)   PDF (2085KB) ( 5 )   Knowledge map   
Figures and Tables | References | Related Articles | Metrics

Firstly, the basic concept of network layer hopping technology was introduced and the security threats it faced were given.Then, two type of models and communication methods of network layer hopping technology based on traditional networks and software-defined networks were given.And the network layer hopping technology was classified from three aspects of hopping attributes, the method of hopping realization and the method of hopping trigger, two evaluation models of network layer hopping were given.Finally, the problems that still exist in the network layer hopping technology and the corresponding development direction were summarized.

Research of public infrastructure system and security policy in cyberspace
Jie QIU, Rui HAN, Zhifeng WEI, Zhiyang WANG
2021, 7(6):  56-67.  doi:10.11959/j.issn.2096-109x.2021106
Asbtract ( 14 )   HTML ( 0)   PDF (1734KB) ( 8 )   Knowledge map   
Figures and Tables | References | Related Articles | Metrics

Considering the key elements, such as object, resources, activities, and other equipment, as same as system, data, environmental and other aspects of demand, the public infrastructure system and security policy between physical space and cyberspace were taken as a basic point.A scientific system of public infrastructure in cyberspace was constructed.From the perspective of dual authentication of management authentication and application authentication, some corresponding safety policies and implementation suggestions were given from the aspects of user/device management and identity authentication.

TopicⅡ: Blockchain Technology
Research progress of access control based on blockchain
Zhensheng GAO, Lifeng CAO, Xuehui DU
2021, 7(6):  68-87.  doi:10.11959/j.issn.2096-109x.2021044
Asbtract ( 17 )   HTML ( 2)   PDF (2179KB) ( 14 )   Knowledge map   
Figures and Tables | References | Related Articles | Metrics

Blockchain technology has the features of decentralization, high credibility, non-tampering and traceability, which can address the trust problem in traditional access control technology.Based on the implementation with blockchain, the unique advantages of applying blockchain to access control are analyzed from two aspects: based on transaction and based on smart contract.Based on the key issues in blockchain application, the current research progress is summarized from three key technologies: dynamic access control, blockchain space optimization, and privacy data protection.Based on the challenges faced by the current blockchain-based access control mechanism, five research prospects are proposed.

Credible distributed identity authentication system of microgrid based on blockchain
Guanqun YANG, Yin LIU, Hao XU, Hongwei XING, Jianhui ZHANG, Entang LI
2021, 7(6):  88-98.  doi:10.11959/j.issn.2096-109x.2021054
Asbtract ( 13 )   HTML ( 1)   PDF (1952KB) ( 13 )   Knowledge map   
Figures and Tables | References | Related Articles | Metrics

Most of the blockchain-based identity authentication systems are based on public blockchain, which are still essentially traditional centralized identity management and verification methods, making it difficult to meet the needs of trusted access and fine-grained access control in microgrids.Therefore, based on the FISCO BCOS consortium blockchain technology, a distributed identity authentication system supporting multi-center was designed.A DID-based identity management protocol to achieve autonomous control of user identity in a practical scenarios was designed.Distributed trusted access technology for end nodes in microgrids was studied, and privacy-protecting credentials based on zero-knowledge proof were designed.This scheme meets the requirements of trustworthy and verifiable user identity in different privacy security scenarios, and achieves autonomous control of entity identity, fine-grained access control and trusted data exchange.The usability and effectiveness of the proposed algorithm are demonstrated through system experiments and performance analysis.

Federated learning scheme for mobile network based on reputation evaluation mechanism and blockchain
Ming YANG, Xuexian HU, Qihui ZHANG, Jianghong WEI, Wenfen LIU
2021, 7(6):  99-112.  doi:10.11959/j.issn.2096-109x.2021083
Asbtract ( 16 )   HTML ( 0)   PDF (2425KB) ( 11 )   Knowledge map   
Figures and Tables | References | Related Articles | Metrics

Federated learning is a new distributed machine learning technology, where training tasks are deployed on user side and training model parameters are sent to the server side.In the whole process, participants do not need to share their own data directly, which greatly avoids privacy issues.However, the trust relationship between mobile users in the learning model has not been established in advance, there is hidden safety when users perform cooperative train with each other.In view of the above problems, a federated learning scheme for mobile network based on reputation evaluation mechanism and blockchain was proposed.The scheme allowed the server side to use subjective logic models to evaluate the reputation of participating mobile users and provided them with credible reputation opinions sharing environment and dynamic access strategy interface based on the technique of smart contract of blockchain.Theoretical and experimental analys is results show that the scheme can enable the server side to select reliable users for training.And it can achieve more fair and effective reputation calculations, which improves the accuracy of federated learning.

Multi-party efficient audit mechanism for data integrity based on blockchain
Jiashun ZHOU, Na WANG, Xuehui DU
2021, 7(6):  113-125.  doi:10.11959/j.issn.2096-109x.2021107
Asbtract ( 19 )   HTML ( 2)   PDF (2266KB) ( 11 )   Knowledge map   
Figures and Tables | References | Related Articles | Metrics

A blockchain-based data integrity multi-party high-efficiency audit mechanism (MBE-ADI) for the big data environment was proposed.A hybrid Merkle DAG structure based on data domain was built to organize data, and realized the simultaneous verification of a large number of unstructured data in the big data environment.In order to deal with the problem of large amount of data in the big data environment, a multi copy deterministic verification method based on BLS signature was designed to realize the efficient verification of data integrity supporting multiple copies.A dual verification audit architecture based on consortium blockchain was designed to realize decentralized automatic audit and audit history credible traceability.At the same time, data integrity verification services were provided for data owners and data users to realize reliable acquisition of data.The test proves the feasibility of the system and the efficiency of data integrity audit.

Papers
Application progress of SGX in trusted computing area
Bo ZHAO, Anqi YUAN, Yang AN
2021, 7(6):  126-142.  doi:10.11959/j.issn.2096-109x.2021066
Asbtract ( 12 )   HTML ( 1)   PDF (1862KB) ( 8 )   Knowledge map   
Figures and Tables | References | Related Articles | Metrics

The trusted computing technology SGX protects the confidentiality and integrity of key codes and data by isolating a trusted execution environment, which can help prevent all kinds of attacks.Firstly, the research background and working principle of SGX were introduced, the research status of SGX in the field of trusted computing were analyzed.Then, sorted out the current application difficulties and solutions of SGX were sorted out and compared with other trusted computing technologies.Finally, SGX technology development direction in the field of trusted computing was discussed.

Webshell malicious traffic detection method based on multi-feature fusion
Yuan LI, Yunpeng WANG, Tao LI, Baoqiang MA
2021, 7(6):  143-154.  doi:10.11959/j.issn.2096-109x.2021103
Asbtract ( 16 )   HTML ( 0)   PDF (2100KB) ( 9 )   Knowledge map   
Figures and Tables | References | Related Articles | Metrics

Webshell is the most common malicious backdoor program for persistent control of Web application systems, which poses a huge threat to the safe operation of Web servers.For most Webshell detection method based on the request packet data for training, the method for web-based Webshell recognition effect is poorer, and the model of training efficiency is low.In response to the above problems, a Webshell malicious traffic detection method based on multi-feature fusion was proposed.The method was characterized by the three dimensions of Webshell packet meta information, packet payload content and traffic access behavior.Combining domain knowledge, feature extraction of request and response packets in the data stream.Transformed into feature extraction information for information fusion, forming a discriminant model that could detect different types of attacks.Compared with the previous research method, the accuracy rate of the method here in the two classification of normal and malicious traffic has been improved to 99.25%.The training efficiency and detection efficiency have also been significantly improved, and the training time and detection time have been reduced by 95.73% and 86.14%.

Graph clustering method based on structure entropy constraints
Zhiying ZHANG, Youliang TIAN
2021, 7(6):  155-166.  doi:10.11959/j.issn.2096-109x.2021098
Asbtract ( 14 )   HTML ( 0)   PDF (1525KB) ( 7 )   Knowledge map   
Figures and Tables | References | Related Articles | Metrics

Aiming at the problem of how to decode the true structure of the network from the network embedded in the large-scale noise structure at the open information sharing platform centered on big data, and furthermore accurate mining results can be obtained in the mining related information process, the method of clustering based on structure entropy was proposed to realize divide the correlation degree of nodes in the graph.A solution algorithm for calculating two-dimensional structural information and a module division algorithm based on the principle of entropy reduction were proposed to divide the nodes in the graph structure to obtain corresponding modules.The K-dimensional structural information algorithm was used to further divide the divided modules to realize the clustering of nodes in the graph structure.An example analysis shows that the proposed graph clustering method can not only reflect the true structure of the graph structure, but also effectively mine the degree of association between nodes in the graph structure.At the same time, the other three clustering schemes are compared, and the experiment shows that this scheme has higher efficiency in execution time and guarantees the reliability of the clustering results.

Preventing man-in-the-middle attacks in DNS through certificate less signature
Yang HU, Zengjie HAN, Guohua YE, Zhiqiang YAO
2021, 7(6):  167-177.  doi:10.11959/j.issn.2096-109x.2021093
Asbtract ( 10 )   HTML ( 0)   PDF (1263KB) ( 9 )   Knowledge map   
Figures and Tables | References | Related Articles | Metrics

Aiming at resisting the man-in-the-middle attacks in the domain name system protocol, a lightweight solution was proposed.The scheme introduced certificate less signature algorithm, removed the difficult-to-deploy trust chain to improve the efficiency and security of authentication.By using symmetric encryption technology, the proposed solution ensured the confidentiality of the message and increase the attack difficulty.The theoretical analysis proved the proposed scheme can resist common man-in-the-middle attacks.Experimental comparison results show the scheme has better performance than similar schemes.

Chinese Journal of Network and Information Security. 2017 Vol. 3 (3): 71-77 doi: 10.11959/j.issn.2096-109x.2017.00157
Abstract5812)   HTML58)    PDF (169KB)(61356)    Knowledge map   
Survey of block chain
Xin SHEN,Qing-qi PEI,Xue-feng LIU
Chinese Journal of Network and Information Security. 2016 Vol. 2 (11): 11-20 doi: 10.11959/j.issn.2096-109x.2016.00107
Abstract16584)   HTML1224)    PDF (461KB)(24715)    Knowledge map   
Study on BGP route leak
Jia JIA,Zhi-wei YAN,Guang-gang GENG,Jian JIN
Chinese Journal of Network and Information Security. 2016 Vol. 2 (8): 54-61 doi: 10.11959/j.issn.2096-109x.2016.00074
Abstract2755)   HTML65)    PDF (472KB)(20189)    Knowledge map   
Research on host malcode detection using machine learning
Dong ZHANG,Yao ZHANG,Gang LIU,Gui-xiang SONG
Chinese Journal of Network and Information Security. 2017 Vol. 3 (7): 25-32 doi: 10.11959/j.issn.2096-109x.2017.00179
Abstract2418)   HTML68)    PDF (648KB)(11666)    Knowledge map   
Supply chain dynamic multi-center coordination authentication model based on block chain
Jian-ming ZHU,Yong-gui FU
Chinese Journal of Network and Information Security. 2016 Vol. 2 (1): 27-33 doi: 10.11959/j.issn.2096-109x.2016.00019
Abstract5804)   HTML99)    PDF (1052KB)(10773)    Knowledge map   
Define cyberspace security
Binxing FANG
Chinese Journal of Network and Information Security. 2018 Vol. 4 (1): 1-5 doi: 10.11959/j.issn.2096-109x.2018002
Abstract4041)   HTML134)    PDF (456KB)(9587)    Knowledge map   
Research progress and trend of text summarization
Tuosiyu MING, Hongchang CHEN
Chinese Journal of Network and Information Security. 2018 Vol. 4 (6): 1-10 doi: 10.11959/j.issn.2096-109x.2018048
Abstract5294)   HTML61)    PDF (568KB)(9567)    Knowledge map   
Machine learning security and privacy:a survey
Lei SONG, Chunguang MA, Guanghan DUAN
Chinese Journal of Network and Information Security. 2018 Vol. 4 (8): 1-11 doi: 10.11959/j.issn.2096-109x.2018067
Abstract5370)   HTML150)    PDF (701KB)(8554)    Knowledge map   
Analysis and enlightenment on the cybersecurity strategy of various countries in the world
Yu-xiao LI,Yong-jiang XIE
Chinese Journal of Network and Information Security. 2016 Vol. 2 (1): 1-5 doi: 10.11959/j.issn.2096-109x.2016.00017
Abstract2267)   HTML38)    PDF (374KB)(8447)    Knowledge map   
Review of key technology and its application of blockchain
Feng ZHANG, Boxuan SHI, Wenbao JIANG
Chinese Journal of Network and Information Security. 2018 Vol. 4 (4): 22-29 doi: 10.11959/j.issn.2096-109x.2018028
Abstract4387)   HTML267)    PDF (690KB)(8216)    Knowledge map   
Research of phishing detection technology
Xi ZHANG,Zhi-wei YAN,Hong-tao LI,Guang-gang GENG
Chinese Journal of Network and Information Security. 2017 Vol. 3 (7): 7-24 doi: 10.11959/j.issn.2096-109x.2017.00180
Abstract2100)   HTML32)    PDF (870KB)(8070)    Knowledge map   
Survey of DDoS defense:challenges and directions
Fei CHEN,Xiao-hong BI,Jing-jing WANG,Yuan LIU
Chinese Journal of Network and Information Security. 2017 Vol. 3 (10): 16-24 doi: 10.11959/j.issn.2096-109x.2017.00202
Abstract2342)   HTML45)    PDF (555KB)(7861)    Knowledge map   
Machine learning algorithm for intelligent detection of WebShell
Hua DAI,Jing LI,Xin-dai LU,Xin SUN
Chinese Journal of Network and Information Security. 2017 Vol. 3 (4): 51-57 doi: 10.11959/j.issn.2096-109x.2017.00126
Abstract2590)   HTML39)    PDF (671KB)(7650)    Knowledge map   
Symbolic execution based control flow graph extraction method for Android native codes
Hui-ying YAN,Zhen-ji ZHOU,Li-fa WU,Zheng HONG,He SUN
Chinese Journal of Network and Information Security. 2017 Vol. 3 (7): 33-46 doi: 10.11959/j.issn.2096-109x.2017.00178
Abstract1391)   HTML7)    PDF (619KB)(7560)    Knowledge map   
Data security and protection techniques in big data:a survey
Kai-min WEI,Jian WENG,Kui REN
Chinese Journal of Network and Information Security. 2016 Vol. 2 (4): 1-11 doi: 10.11959/j.issn.2096-109x.2016.00046
Abstract3548)   HTML71)    PDF (1446KB)(7159)    Knowledge map   
Suggestions on cyber security talents cultivation
Hui LI,Ning ZHANG
Chinese Journal of Network and Information Security. 2015 Vol. 1 (1): 18-23 doi: 10.11959/j.issn.2096-109x.2015.00003
Abstract1944)   HTML32)    PDF (357KB)(7059)    Knowledge map   
Malware classification method based on static multiple-feature fusion
Bo-wen SUN,Yan-yi HUANG,Qiao-kun WEN,Bin TIAN,Peng WU,Qi LI
Chinese Journal of Network and Information Security. 2017 Vol. 3 (11): 68-76 doi: 10.11959/j.issn.2096-109x.2017.00217
Abstract1389)   HTML43)    PDF (529KB)(6729)    Knowledge map   
Progress of research on privacy protection for data publication and data mining
Jiao WANG,Ke-feng FAN,Yong WANG
Chinese Journal of Network and Information Security. 2016 Vol. 2 (1): 18-26 doi: 10.11959/j.issn.2096-109x.2016.00021
Abstract1423)   HTML14)    PDF (965KB)(6493)    Knowledge map   
Analysis of cyberspace security based on game theory
Jian-ming ZHU,Qin WANG
Chinese Journal of Network and Information Security. 2015 Vol. 1 (1): 43-49 doi: 10.11959/j.issn.2096-109x.2015.00006
Abstract1888)   HTML27)    PDF (764KB)(6238)    Knowledge map   
Study of Row Hammer attack
Wenwei WANG,Peishun LIU
Chinese Journal of Network and Information Security. 2018 Vol. 4 (1): 69-75 doi: 10.11959/j.issn.2096-109x.2018007
Abstract1009)   HTML13)    PDF (577KB)(5932)    Knowledge map   
Survey of block chain
Xin SHEN,Qing-qi PEI,Xue-feng LIU
Chinese Journal of Network and Information Security. 2016 Vol. 2 (11): 11-20
doi: 10.11959/j.issn.2096-109x.2016.00107
Abstract( 16584 )   HTML PDF (461KB) (24715 Knowledge map   
Relation extraction based on CNN and Bi-LSTM
Xiaobin ZHANG, Fucai CHEN, Ruiyang HUANG
Chinese Journal of Network and Information Security. 2018 Vol. 4 (9): 44-51
doi: 10.11959/j.issn.2096-109x.2018074
Abstract( 8353 )   HTML PDF (618KB) (3561 Knowledge map   
Blockchain-based digital copyright trading system
Li LI,Siqin ZHOU,Qin LIU,Debiao HE
Chinese Journal of Network and Information Security. 2018 Vol. 4 (7): 22-29
doi: 10.11959/j.issn.2096-109x.2018060
Abstract( 8225 )   HTML PDF (771KB) (3449 Knowledge map   
Chinese Journal of Network and Information Security. 2017 Vol. 3 (3): 71-77
doi: 10.11959/j.issn.2096-109x.2017.00157
Abstract( 5812 )   HTML PDF (169KB) (61356 Knowledge map   
Supply chain dynamic multi-center coordination authentication model based on block chain
Jian-ming ZHU,Yong-gui FU
Chinese Journal of Network and Information Security. 2016 Vol. 2 (1): 27-33
doi: 10.11959/j.issn.2096-109x.2016.00019
Abstract( 5804 )   HTML PDF (1052KB) (10773 Knowledge map   
Copyright Information
Bimonthly, started in 2015
Authorized by:Ministry of Industry and Information Technology of the People's Republic of China
Sponsored by:Posts and Telecommunications Press
Co-sponsored by:Xidian University, Beihang University, Huazhong University of Science and Technology, Zhejiang University
Edited by:Editorial Board of Chinese Journal of Network and Information Security
Editor-in-Chief:FANG Bin-xing
Executive Editor-in-Chief:LI Feng-hua
Director:YI Dong-shan
Address:F8,You Dian Publisher Building,No.11,Chengshousi Road,Fengtai District,Beijing 100078,PR China
Tel:+8610-81055479, 81055456
Fax:+86-81055464
ISSN 2096-109X
CN 10-1366/TP
visited
Total visitors:
Visitors of today:
Now online: