Please wait a minute...


    15 February 2016, Volume 2 Issue 2
    Discussions on the talent cultivation of cyber security
    Jian WENG,Chang-she MA,Liang GU
    2016, 2(2):  1-7.  doi:10.11959/j.issn.2096-109x.2016.00031
    Asbtract ( 62 )   HTML ( 5)   PDF (243KB) ( 37 )   Knowledge map   
    References | Related Articles | Metrics

    Cyber security has been formally approved to be the first level discipline in June 2015.How to train the cyber security talents that meet the needs of our country has become an urgent problem to be solved in the discipline construction.Synthetical analysis of the current situation of training related talents at domestic and foreign,as well as the actual demand for the cyber security talents was presented.According to the characteristics of the talent culti-vation in cyber security,some suggestions on training the cyber security talents were given.

    Analysis on the development trend of EU data protection legislation reform
    Min ZHANG,Min-hu MA
    2016, 2(2):  8-15.  doi:doi:10.11959/j.issn.2096-109x.2016.00030
    Asbtract ( 30 )   HTML ( 0)   PDF (458KB) ( 14 )   Knowledge map   
    References | Related Articles | Metrics

    EU data protection legislation reforming has become the attention by countries in the world.That EU data protection legislation reforming concentrated on promoting the unity of legislation and the consistency and effi-ciency of law enforcement and reinforcing the protection of personal data rights,enhancing EU-US bilateral coop-eration in the protection of personal data,rebuilding the trust mechanism of data flow was stated.That China should focus on the profound influence power by the development trend of EU data protection legislation reform was pro-posed.

    Comprehensive Reviews
    Overview of the technologies of threat intelligence sensing,sharing and analysis in cyber space
    Jian-hua LI
    2016, 2(2):  16-29.  doi:10.11959/j.issn.2096-109x.2016.00028
    Asbtract ( 131 )   HTML ( 18)   PDF (602KB) ( 134 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    With a rapid development of information technologies including big data,cloud computing,Internet of things,etc.,the threats in cyber space also become more ubiquitous and complex.Moreover,more and more persis-tence and hidden features present in all kinds of network attacks.Threat intelligence based network defense can analyze the undergoing attacks and predict the threat situation in the future.Furthermore,based on the potential risk,users can define efficient security policy,thus the defense capabilities of the cyber space could be enhanced system-atically.Threat intelligence is a very wide research area.The research works and developments of the sensing,shar-ing and analysis for threat intelligence were studied and reviewed deeply.

    Survey of trustworthy pervasive social networking
    Zheng YAN,Chen-zi WU,Wei FENG,Zi-long WANG
    2016, 2(2):  30-40.  doi:10.11959/j.issn.2096-109x.2016.00024
    Asbtract ( 48 )   HTML ( 0)   PDF (415KB) ( 34 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    Trust plays an important role in pervasive social networking (PSN) for reciprocal activities among strang-ers.It helps people overcome perceptions of uncertainty and risk and engages in trust-related social behaviors.The current literature on trust management in PSN was reviewed.The advantages and disadvantages of existing solutions were analyzed.Furthermore,key research issues were presented.A research model was also proposed to achieve trustworthy pervasive social networking comprehensively.

    Security issues and system structure of internet of vehicles
    Liang-min WANG,Ting-ting LI,Long CHEN
    2016, 2(2):  41-54.  doi:10.11959/j.issn.2096-109x.2016.00029
    Asbtract ( 49 )   HTML ( 4)   PDF (1698KB) ( 40 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    Instead of focusing on concrete security requirements of each IOV applying scenario,the architecture characteristics of the IOV networking systems were summarized,and the main security problems were extracted by analyzing the connotation and network architecture of IOV in different development stages.Then an identity authen-tication based three-tier security architecture over the clearly analyzed concept and structure was proposed,and the related IOV security research with the view of the presented three-tier security architecture were surveyed.Finally,some new developments and progresses over security of IOV were presented.

    Optimal structural similarity constraint for reversible data hiding
    Jia-jia XU,Wei-ming ZHANG,Rui-qi JIANG,Neng-hai YU,Xiao-cheng HU
    2016, 2(2):  55-61.  doi:10.11959/j.issn.2096-109x.2016.00032
    Asbtract ( 36 )   HTML ( 0)   PDF (766KB) ( 25 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    Most reversible data hiding (RDH) techniques have been evaluated by PSNR,which is based on MSE.Unfortunately,MSE turns out to be an extremely poor measure when the purpose is to predict perceived signal fidel-ity or quality.The structural similarity index has gained widespread popularity as an alternative motivating principle for the design of image quality measures.How to utilize the characterize of SSIM to design RDH algorithm is very critical.An optimal RDH algorithm under structural similarity constraint was proposed.Firstly,the metric of the structural similarity constraint was deduced.Secondly,the rate-distortion function of optimal structural similarity constraint was constructed,which was equivalent to minimize the average distortion for a given embedding rate.Fi-nally,the optimal transition probability matrix under the structural similarity constraint was obtained.Experiments show that the proposed method can be used to improve the performance of previous RDH schemes evaluated by SSIM.

    Multi-authority attribute-based encryption with efficient user revocation in cloud computing
    Liang-xuan ZHANG,Hui LI
    2016, 2(2):  62-74.  doi:10.11959/j.issn.2096-109x.2016.00023
    Asbtract ( 41 )   HTML ( 12)   PDF (439KB) ( 27 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    An efficient user revocable multi-authority ABE scheme was proposed,a “hybrid decryption key” for each user isused to achieve efficient user revocation.Comparing with the existing schemes,this scheme is more effective in user revocation.In addition,the scheme can also achieve user dynamic privileges management,partial data outsource encryption and ciphertext partially decrypted in the cloud server and shared data self-destruction after expiration.

    Research and implementation of fuzzing testing based on HTTP proxy
    Xin SUN,Yi-yang YAO,Xin-dai LU,Xue-jiao LIU,Yong-han WU
    2016, 2(2):  75-86.  doi:10.11959/j.issn.2096-109x.2016.00022
    Asbtract ( 53 )   HTML ( 8)   PDF (829KB) ( 32 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    Most of the security testing tools lack of optimization of testing,configured strategy and intelligent analysis of testing results.These problems lead to the status that these tools can’t be used in Web application testing well.A fuzzing testing method towards Web application security based on HTTP proxy was proposed.The high-performance communication between HTTP proxy server and browser through the mechanism of asynchronous monitoring was realized.Configured strategy of testing cases based on pseudo code could help to do flexible and automatic tests.By using multi-dimensional ways to parse the packet,intelligent analysis of testing results was achieved.Experiments show that the tool supports mainstream Web application vulnerabilities detection and configured strategy of testing.It can detect the vulnerabilities such as directory traversal,SQL injection,cross-site scripting.

Copyright Information
Bimonthly, started in 2015
Authorized by:Ministry of Industry and Information Technology of the People's Republic of China
Sponsored by:Posts and Telecommunications Press
Co-sponsored by:Xidian University, Beihang University, Huazhong University of Science and Technology, Zhejiang University
Edited by:Editorial Board of Chinese Journal of Network and Information Security
Editor-in-Chief:FANG Bin-xing
Executive Editor-in-Chief:LI Feng-hua
Director:YI Dong-shan
Address:F8,You Dian Publisher Building,No.11,Chengshousi Road,Fengtai District,Beijing 100078,PR China
Tel:+8610-81055479, 81055456
ISSN 2096-109X
CN 10-1366/TP
Total visitors:
Visitors of today:
Now online: