����Ŀ¼

15 February 2016, Volume 2 Issue 2

Previous Issue    Next Issue

Perspectives

Discussions on the talent cultivation of cyber security

Jian WENG,Chang-she MA,Liang GU

2016, 2(2):  1-7.  doi:10.11959/j.issn.2096-109x.2016.00031

Asbtract ( 221 )   HTML ( 18)   PDF (243KB) ( 323 )   Knowledge map   

References | Related Articles | Metrics

Cyber security has been formally approved to be the first level discipline in June 2015.How to train the cyber security talents that meet the needs of our country has become an urgent problem to be solved in the discipline construction.Synthetical analysis of the current situation of training related talents at domestic and foreign,as well as the actual demand for the cyber security talents was presented.According to the characteristics of the talent culti-vation in cyber security,some suggestions on training the cyber security talents were given.

Analysis on the development trend of EU data protection legislation reform

Min ZHANG,Min-hu MA

2016, 2(2):  8-15.  doi:doi:10.11959/j.issn.2096-109x.2016.00030

Asbtract ( 111 )   HTML ( 5)   PDF (458KB) ( 176 )   Knowledge map   

References | Related Articles | Metrics

EU data protection legislation reforming has become the attention by countries in the world.That EU data protection legislation reforming concentrated on promoting the unity of legislation and the consistency and effi-ciency of law enforcement and reinforcing the protection of personal data rights,enhancing EU-US bilateral coop-eration in the protection of personal data,rebuilding the trust mechanism of data flow was stated.That China should focus on the profound influence power by the development trend of EU data protection legislation reform was pro-posed.

Comprehensive Reviews

Overview of the technologies of threat intelligence sensing,sharing and analysis in cyber space

Jian-hua LI

2016, 2(2):  16-29.  doi:10.11959/j.issn.2096-109x.2016.00028

Asbtract ( 840 )   HTML ( 162)   PDF (602KB) ( 1213 )   Knowledge map   

Figures and Tables | References | Related Articles | Metrics

With a rapid development of information technologies including big data,cloud computing,Internet of things,etc.,the threats in cyber space also become more ubiquitous and complex.Moreover,more and more persis-tence and hidden features present in all kinds of network attacks.Threat intelligence based network defense can analyze the undergoing attacks and predict the threat situation in the future.Furthermore,based on the potential risk,users can define efficient security policy,thus the defense capabilities of the cyber space could be enhanced system-atically.Threat intelligence is a very wide research area.The research works and developments of the sensing,shar-ing and analysis for threat intelligence were studied and reviewed deeply.

Survey of trustworthy pervasive social networking

Zheng YAN,Chen-zi WU,Wei FENG,Zi-long WANG

2016, 2(2):  30-40.  doi:10.11959/j.issn.2096-109x.2016.00024

Asbtract ( 199 )   HTML ( 2)   PDF (415KB) ( 519 )   Knowledge map   

Figures and Tables | References | Related Articles | Metrics

Trust plays an important role in pervasive social networking (PSN) for reciprocal activities among strang-ers.It helps people overcome perceptions of uncertainty and risk and engages in trust-related social behaviors.The current literature on trust management in PSN was reviewed.The advantages and disadvantages of existing solutions were analyzed.Furthermore,key research issues were presented.A research model was also proposed to achieve trustworthy pervasive social networking comprehensively.

Security issues and system structure of internet of vehicles

Liang-min WANG,Ting-ting LI,Long CHEN

2016, 2(2):  41-54.  doi:10.11959/j.issn.2096-109x.2016.00029

Asbtract ( 308 )   HTML ( 34)   PDF (1698KB) ( 733 )   Knowledge map   

Figures and Tables | References | Related Articles | Metrics

Instead of focusing on concrete security requirements of each IOV applying scenario,the architecture characteristics of the IOV networking systems were summarized,and the main security problems were extracted by analyzing the connotation and network architecture of IOV in different development stages.Then an identity authen-tication based three-tier security architecture over the clearly analyzed concept and structure was proposed,and the related IOV security research with the view of the presented three-tier security architecture were surveyed.Finally,some new developments and progresses over security of IOV were presented.

Papers

Optimal structural similarity constraint for reversible data hiding

Jia-jia XU,Wei-ming ZHANG,Rui-qi JIANG,Neng-hai YU,Xiao-cheng HU

2016, 2(2):  55-61.  doi:10.11959/j.issn.2096-109x.2016.00032

Asbtract ( 155 )   HTML ( 6)   PDF (766KB) ( 186 )   Knowledge map   

Figures and Tables | References | Related Articles | Metrics

Most reversible data hiding (RDH) techniques have been evaluated by PSNR,which is based on MSE.Unfortunately,MSE turns out to be an extremely poor measure when the purpose is to predict perceived signal fidel-ity or quality.The structural similarity index has gained widespread popularity as an alternative motivating principle for the design of image quality measures.How to utilize the characterize of SSIM to design RDH algorithm is very critical.An optimal RDH algorithm under structural similarity constraint was proposed.Firstly,the metric of the structural similarity constraint was deduced.Secondly,the rate-distortion function of optimal structural similarity constraint was constructed,which was equivalent to minimize the average distortion for a given embedding rate.Fi-nally,the optimal transition probability matrix under the structural similarity constraint was obtained.Experiments show that the proposed method can be used to improve the performance of previous RDH schemes evaluated by SSIM.

Multi-authority attribute-based encryption with efficient user revocation in cloud computing

Liang-xuan ZHANG,Hui LI

2016, 2(2):  62-74.  doi:10.11959/j.issn.2096-109x.2016.00023

Asbtract ( 165 )   HTML ( 21)   PDF (439KB) ( 108 )   Knowledge map   

Figures and Tables | References | Related Articles | Metrics

An efficient user revocable multi-authority ABE scheme was proposed,a “hybrid decryption key” for each user isused to achieve efficient user revocation.Comparing with the existing schemes,this scheme is more effective in user revocation.In addition,the scheme can also achieve user dynamic privileges management,partial data outsource encryption and ciphertext partially decrypted in the cloud server and shared data self-destruction after expiration.

Research and implementation of fuzzing testing based on HTTP proxy

Xin SUN,Yi-yang YAO,Xin-dai LU,Xue-jiao LIU,Yong-han WU

2016, 2(2):  75-86.  doi:10.11959/j.issn.2096-109x.2016.00022

Asbtract ( 264 )   HTML ( 19)   PDF (829KB) ( 444 )   Knowledge map   

Figures and Tables | References | Related Articles | Metrics

Most of the security testing tools lack of optimization of testing,configured strategy and intelligent analysis of testing results.These problems lead to the status that these tools can’t be used in Web application testing well.A fuzzing testing method towards Web application security based on HTTP proxy was proposed.The high-performance communication between HTTP proxy server and browser through the mechanism of asynchronous monitoring was realized.Configured strategy of testing cases based on pseudo code could help to do flexible and automatic tests.By using multi-dimensional ways to parse the packet,intelligent analysis of testing results was achieved.Experiments show that the tool supports mainstream Web application vulnerabilities detection and configured strategy of testing.It can detect the vulnerabilities such as directory traversal,SQL injection,cross-site scripting.