Please wait a minute...

����Ŀ¼

    15 April 2020, Volume 6 Issue 2
    Comprehensive Reviews
    Research on structure and defense of adversarial example in deep learning
    Guanghan DUAN,Chunguang MA,Lei SONG,Peng WU
    2020, 6(2):  1-11.  doi:10.11959/j.issn.2096-109x.2020016
    Asbtract ( 205 )   HTML ( 56)   PDF (2671KB) ( 277 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    With the further promotion of deep learning technology in the fields of computer vision,network security and natural language processing,which has gradually exposed certain security risks.Existing deep learning algorithms can not effectively describe the essential characteristics of data or its inherent causal relationship.When the algorithm faces malicious input,it often fails to give correct judgment results.Based on the current security threats of deep learning,the adversarial example problem and its characteristics in deep learning applications were introduced,hypotheses on the existence of adversarial examples were summarized,classic adversarial example construction methods were reviewed and recent research status in different scenarios were summarized,several defense techniques in different processes were compared,and finally the development trend of adversarial example research were forecasted.

    Review of path branch obfuscation
    Pu GENG,Yuefei ZHU
    2020, 6(2):  12-18.  doi:10.11959/j.issn.2096-109x.2020027
    Asbtract ( 82 )   HTML ( 24)   PDF (1036KB) ( 61 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    Code obfuscation is a convenient and effective technique of software protection,which can combat MATE attacks based on reverse engineering.With the development of automatic programming analysis technology,a new code obfuscation technique which named path branch obfuscation was proposed to defeat symbolic execution.With the composition of branch information and how does the branch composition effect in execution technique,the branch obfuscation was classified into three types.Then,a detailed research and development situation of each branch obfuscation class was exhaustively described.At last,the prospects of branch obfuscation were discussed.

    Special Column:Blockchain Technology
    Research on cross-domain trustable blockchain based decentralized DNS architecture
    Kai LEI,Fangxing SHU,Lei HUANG,Qichao ZHANG
    2020, 6(2):  19-34.  doi:10.11959/j.issn.2096-109x.2020024
    Asbtract ( 92 )   HTML ( 10)   PDF (2229KB) ( 107 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    The domain name system (DNS) is an important internet infrastructure.However,current DNS utilizes centralized hierarchical structure with severe dependence on root server,which causes defects such as the risk of single-point failure and the abuse of central rights.Designing new decentralized DNS mainly focuses on transforming the domain name system from a single trust domain which relies on the center to multiple trust domains with the top-level domain name as the root parallel to each other,but also faces cross-domain credible challenges.To design a cross-domain trusted architecture,the concept of separating control and analysis was adopted,and a dual-blockchain DNS architecture was proposed.At data layer,a novel cross-domain verification was designed based on a one-way accumulator verification scheme,with the time complexity of the verification process O(N) reducing to O(1) nearly.The CDBFT algorithm was proposed by combining the DPoS mechanism and the BFT algorithm,whose average throughput reaches 736 TPS.The theoretical derivation and experimental results have demonstrated the advantages of this new DNS architecture on security,performance,and scalability.

    ContractGuard:defend Ethereum smart contract with embedded intrusion detection
    Gansen ZHAO,Zhijian XIE,Xinming WANG,Jiahao HE,Chengzhi ZHANG,Chengchuang LIN,ZHOU Ziheng,Bingchuan CHEN,RONG Chunming
    2020, 6(2):  35-55.  doi:10.11959/j.issn.2096-109x.2020025
    Asbtract ( 242 )   HTML ( 37)   PDF (2873KB) ( 181 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    Ethereum smart contracts are programs that can be collectively executed by a network of mutually untrusted nodes.Smart contracts handle and transfer assets of values,offering strong incentives for malicious attacks.Intrusion attacks are a popular type of malicious attacks.ContractGuard,the first intrusion detection system (IDS) was proposed to defend Ethereum smart contracts against such attacks.Like IDSs for conventional programs,ContractGuard detects intrusion attempts as abnormal control flow.However,existing IDS techniques or tools are inapplicable to Ethereum smart contracts due to Ethereum’s decentralized nature and its highly restrictive execution environment.To address these issues,ContractGuard was designed by embedding it in the contracts.At runtime,ContractGuard protects the smart contract by monitoring the context-tagged acyclic path of the smart contract.As ContractGuard involves deployment overhead and deployment overhead.It was optimized under the Ethereum Gas-oriented performance model to reduce the overheads.The experimental results show that this work can effectively detect 83% of vulnerabilities,ContractGuard only adds to 36.14% of the deployment overhead and 28.27% of the runtime overhead.

    Privacy-preserving access control for public wireless LAN utilizing the bitcoin blockchain
    Yukun NIU,Lingbo WEI,Chi ZHANG,Xia ZHANG,Vejarano Gustavo
    2020, 6(2):  56-66.  doi:10.11959/j.issn.2096-109x.2020022
    Asbtract ( 63 )   HTML ( 17)   PDF (1268KB) ( 75 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    In designing an access control scheme for public wireless LAN (WLAN),user privacy protection and user accountability are two conflict goals.A novel user management and access control scheme was proposed to solve this problem by utilizing the bitcoin blockchain and Intel SGX.It utilized unmodified bitcoin blockchain to manage the ownership of access credentials for users without relying on any trusted third party.It adopted Intel SGX-based mixing technology to enhance anonymity of users’ access credentials.It designed verification path rule to resolve the conflicts between the privacy-preserving and accountability objectives.The effectiveness and feasibility of the proposed scheme are also demonstrated by security analysis and performance evaluation.

    Design of blockchain based zero-knowledge proof of location system
    Wei WU,Erwu LIU,Changxin YANG,Rui WANG
    2020, 6(2):  67-76.  doi:10.11959/j.issn.2096-109x.2020020
    Asbtract ( 124 )   HTML ( 22)   PDF (1704KB) ( 94 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    With the development of precise positioning technology,a growing number of location-based services (LBS) emerge.For example,visit a specific place to get the corresponding reward.This also leads to location fraud by illegal users in order to gain benefits.Thus,it is necessary to verify location certificates provided by users.However,present proof of location systems are deficient in verifying users’ location certificates while protecting users’ privacy.Users do not flexibly control their location certificates either.Based on blockchain,a kind of distributed proof of location system architecture was proposed and based on the proposed system architecture,a kind of proof of location protocol with zero-knowledge proof was proposed further.With the proposed architecture and the protocol,the proposed proof of location system allows users to freely select disclosed certificate parameters and positional accuracy according to their needs so that hierarchical location privacy protection was achieved.

    P2P network identity authentication mechanism based on trusted alliance
    Yingying CHEN,Feng ZHANG,Wenbao JIANG,Xu ZHOU
    2020, 6(2):  77-86.  doi:10.11959/j.issn.2096-109x.2020021
    Asbtract ( 77 )   HTML ( 12)   PDF (1582KB) ( 120 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    In order to effectively solve the problems of CA's cross certification and single point of failure in traditional PKI system,a new identity authentication mechanism was proposed.Firstly,this mechanism built the basic architecture based on blockchain,and built the trusted alliance by dynamically generating trusted nodes.Secondly,the whole network unified unique identity was proposed and used a new data structure,named SRT,to store.Finally,all nodes in the network could mutual authentication through the double layer consensus mechanism.Experiments show that this mechanism can meet the query and management of massive user identity information,and ensure the efficiency and security in the identity authentication process.

    Trusted storage mechanism of distributed electric energy data based on blockchain
    Jin LI,Songqi WU,Senlin ZHANG,Yueming LU
    2020, 6(2):  87-95.  doi:10.11959/j.issn.2096-109x.2020029
    Asbtract ( 87 )   HTML ( 6)   PDF (1428KB) ( 90 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    Facing the problems of central single point failure and malicious tampering in the centralized storage of electric energy data,a trusted storage mechanism including identity authentication,sensor data upload,IPFS storage,blockchain upload and access verification was proposed by building the inter satellite storage consortium blockchain (ISCB) of electric energy data based on the decentralized,tamper proof and highly expandable characteristics of blockchain.In view of the characteristics of electric energy data,such as wide source and large capacity,the blockchain technology was combined with the inter planetary file system (IPFS),and the data hash and query attributes returned by IPFS were saved on the chain,so as to effectively solve the problems of storage expansion and data tampering identification of electric energy data blockchain.

    Papers
    Network slicing deployment method based on isolation level
    Qirun PAN,Kaizhi HUANG,Wei YOU
    2020, 6(2):  96-105.  doi:10.11959/j.issn.2096-109x.2020003
    Asbtract ( 80 )   HTML ( 15)   PDF (2600KB) ( 86 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    In order to balance the performance isolation requirements and security isolation requirements of network slicing,a network slice deployment method based on isolation level was proposed.The method first determined the isolation level of the network slice instance from the aspects of performance isolation and security isolation.When deploying the virtual nodes in the appropriate location,not only ensured that all network slice instances could reach their respective performance levels and security levels,but also isolated them.The gradation difference started to limit the coexistence condition of the virtual node.Then the integer linear programming method was used to model the problem,and the deployment cost was minimized as the objective function.Finally,the particle swarm optimization algorithm based on genetic algorithm was used to find the final deployment result.The simulation results show that the method has lower deployment cost and higher benefit-to-cost ratio,and can guarantee both performance and security.

    Research and design of authenticated encryption algorithm based on AES round function
    Guoqiang GAO,Zichen LI
    2020, 6(2):  106-115.  doi:10.11959/j.issn.2096-109x.2020028
    Asbtract ( 88 )   HTML ( 24)   PDF (930KB) ( 72 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    The authenticated encryption algorithm guarantees the confidentiality and integrity of the information at the same time,and has extensive research and application prospects in the field of information security.With the mixed integer linear programming (MILP) method,the iterative structure with high efficiency and more active S boxes is searched.Based on this new round iterative function and the generalized Feistel structure,an authenticated encryption algorithm with the ability to resist collision attack,differential attack,linear attack and other attacks was designed and implemented,and the efficiency was twice that of AES-GCM.

    Multi-scale Logo detection algorithm based on convolutional neural network
    Yuchao JIANG,Lixin JI,Chao GAO,Shaomei LI
    2020, 6(2):  116-124.  doi:10.11959/j.issn.2096-109x.2020026
    Asbtract ( 65 )   HTML ( 27)   PDF (18402KB) ( 48 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    Aiming at the requirements for multi-scale Logo detection in natural scene images,a multi-scale Logo detection algorithm based on convolutional neural network was proposed.The algorithm was based on the realization of two-stage object detection.By constructing feature pyramids and adopting layer-by-layer prediction,multi-scale region proposals were generated.The multi-layer feature maps in convolutional neural networks were fused to enhance the feature representation.The experimental results on the FlickrLogos-32 dataset show that compared with the baseline,the proposed algorithm can improve the recall rate of region proposals,and can improve the performance of small Logo detection while ensuring the accuracy of large and middle Logo,proving the superiority of the proposed algorithm.

Copyright Information
Bimonthly, started in 2015
Authorized by:Ministry of Industry and Information Technology of the People's Republic of China
Sponsored by:Posts and Telecommunications Press
Co-sponsored by:Xidian University, Beihang University, Huazhong University of Science and Technology, Zhejiang University
Edited by:Editorial Board of Chinese Journal of Network and Information Security
Editor-in-Chief:FANG Bin-xing
Executive Editor-in-Chief:LI Feng-hua
Director:YI Dong-shan
Address:F8,You Dian Publisher Building,No.11,Chengshousi Road,Fengtai District,Beijing 100078,PR China
Tel:+8610-81055479, 81055456
Fax:+86-81055464
ISSN 2096-109X
CN 10-1366/TP
visited
Total visitors:
Visitors of today:
Now online: