Please wait a minute...


    15 October 2020, Volume 6 Issue 5
    Comprehensive Review
    Survey on phishing detection research
    Xi FU,Hui LI,Xingwen ZHAO
    2020, 6(5):  1-10.  doi:10.11959/j.issn.2096-109x.2020062
    Asbtract ( 172 )   HTML ( 54)   PDF (776KB) ( 125 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    With the continuous development of the internet,the threat posed by phishing to people's daily lives is increasing.As a core security technology against phishing attacks,phishing detection technology can help people effectively avoid security threats caused by phishing attacks.Firstly,starting with the basic concepts of phishing,the current application scenarios of phishing identification were summarized.Then,the research status of phishing identification technology in detail were analyzed.Finally,possible future research directions were discussed.

    Blockchain storage:technologies and challenges
    Zhenhua CAI,Jiayun LIN,Fang LIU
    2020, 6(5):  11-20.  doi:10.11959/j.issn.2096-109x.2020019
    Asbtract ( 146 )   HTML ( 33)   PDF (1002KB) ( 103 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    Blockchain′s characteristics of non-temper and decentralization can be utilized to improve the data security and scalability of storage systems,called blockchain storage.These works that combine storage with blockchain technology,are mainly divided into three categories:decentralized storage systems based on blockchain,improve the performance of existing storage systems based on blockchain,and the underlying storage strategies of blockchain.These works were summarized,the current blockchain storage systems were compared,the main challenges that blockchain and storage being facing were discussed and its future development was forecasted.

    Improvement of the blockchain protocol based on memory-hard function
    Sui CHENG,Xianzheng LIN,Nenghai YU
    2020, 6(5):  21-26.  doi:10.11959/j.issn.2096-109x.2020054
    Asbtract ( 78 )   HTML ( 19)   PDF (697KB) ( 55 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    A new blockchain chain protocol was proposed,which allowed adjusting the loading time of the mining process.This strategy reduced the ASIC and CPU mining rate of the gap,so that the using of ASIC mining is limited.Finally,the safety of this new chain structure was analyzed and compared to the original chain protocol.

    Anonymous vehicle authentication scheme based on blockchain technology in the intersection scenario
    Hao WANG,Tianhao WU,Konglin ZHU,Lin ZHANG
    2020, 6(5):  27-35.  doi:10.11959/j.issn.2096-109x.2020057
    Asbtract ( 75 )   HTML ( 30)   PDF (1139KB) ( 59 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    With the development of intelligent transportation system,the vehicles will no longer be controlled by the traditional traffic light when they enter or leave the intersection.Instead,they will interact with the local server (LS) near the intersection and accept the regulation of LS.The basic of the security vehicle communication at intersections is authentication of network node.Based on this,an anonymous vehicle authentication scheme based on blockchain technology was proposed.The scheme employed a hybrid cryptography based on identity and hash message authentication code,and recorded the authentication results in blockchains.According to simulation testing and result analysis,the scheme ensures the anonymity and privacy-preserving,with less communication overhead compared to other methods.

    Adversarial attacks and defenses in deep learning
    Ximeng LIU,Lehui XIE,Yaopeng WANG,Xuru LI
    2020, 6(5):  36-53.  doi:10.11959/j.issn.2096-109x.2020071
    Asbtract ( 204 )   HTML ( 36)   PDF (2284KB) ( 158 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    The adversarial example is a modified image that is added imperceptible perturbations,which can make deep neural networks decide wrongly.The adversarial examples seriously threaten the availability of the system and bring great security risks to the system.Therefore,the representative adversarial attack methods were analyzed,including white-box attacks and black-box attacks.According to the development status of adversarial attacks and defenses,the relevant domestic and foreign defense strategies in recent years were described,including pre-processing,improving model robustness,malicious detection.Finally,future research directions in the field of adversarial attacks and adversarial defenses were given.

    Quantitative threat situational assessment method for higher secure attribute value device
    Lei HAN,Jiqiang LIU,Jian WANG,Bo SHI,Xudong HE
    2020, 6(5):  54-66.  doi:10.11959/j.issn.2096-109x.2020070
    Asbtract ( 46 )   HTML ( 5)   PDF (1639KB) ( 42 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    Traditional network security situational assessment is mainly for the macro network security situation, not for the specific equipment,especially for the key network device.A conception about the higher secure attribute value device was introduced,based on which a threat situational assessment research framework was presented and assessment indexes were discussed.A quantitative threat situational assessment method for higher secure attribute value device was proposed based on assessment research framework and assessment indexes.The experiment resultsshow that the proposed method can assess device threat situation accurately and effectively.Meanwhile,the method is more general and objective than traditional methods.

    Android malware detection method based on deep neural network
    Fan CHAO,Zhi YANG,Xuehui DU,Yan SUN
    2020, 6(5):  67-79.  doi:10.11959/j.issn.2096-109x.2020060
    Asbtract ( 76 )   HTML ( 16)   PDF (718KB) ( 65 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    Android is increasingly facing the threat of malware attacks.It is difficult to effectively detect large-sample and multi-class malware for traditional machine learning methods such as support vector machine,method for Android malware detection and family classification based on deep neural network was proposed.Based on the comprehensive extraction of application components,Intent Filter,permissions,and data flow,the method performed an effective feature selection to reduce dimensions,and conducted a large-sample detection and multi-class classification for malware based on deep neural network.The experimental results show that the method can conduct an effective detection and classification.The accuracy of binary classification between benign and malicious Apps is 97.73%,and the accuracy of family multi-class classification can reach 93.54%,which is higher than other machine learning algorithms.

    AntiGPS spoofing method for UAV based on LSTM-KF model
    Yang SUN,Chunjie CAO,Junxiao LAI,Tianjiao YU
    2020, 6(5):  80-88.  doi:10.11959/j.issn.2096-109x.2020069
    Asbtract ( 50 )   HTML ( 5)   PDF (4544KB) ( 36 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    A detection method of anti GPS deception of UAV was proposed for the problem that GPS signal of UAV was easy to be interfered and deceived,which combined deep learning and Kalman filter.The dynamic model of UAV flight was predicted from the flight state of UAV by using long short-term memory network,and the dynamic adjustment of Kalman filter and dynamic model was used to identify GPS deception.In order to resist the interference of GPS deception signal,this method did not need to increase the hardware overhead of the receiver,and was easy to realize.The experimental results show that the method has higher accuracy and lower false alarm rate for the recognition of GPS signals,and can effectively enhance the UAV's ability to resist GPS deception interference.

    Link prediction methods based on generalized common neighbor in directed network
    Xuelei ZHAO,Xinsheng JI,Shuxin LIU,Yu ZHAO
    2020, 6(5):  89-100.  doi:10.11959/j.issn.2096-109x.2020059
    Asbtract ( 34 )   HTML ( 8)   PDF (1241KB) ( 39 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    Link prediction aims to predict missing or future links through currently observed information of network.Existing mainstream methods are mostly applied to undirected network,and some methods designed for directed network ignored the diverse heterogeneous features of common neighbor.For this problem,a generalized common neighbor algorithm was proposed.Firstly,a generalized common neighbor was defined for the directed network.Then the degree of contribution of different structures was measured by the joint edge probability of the directed neighbor isomers,and the existing undirected local similarity index is improved by the new definition,redefining eight kinds of directed similarity indicators based on generalized common neighbor.Experiments on 12 datasets show that proposed method generally improves the performance of existing predictive indicators under two metrics.

    Research and implementation of reconfigurable SM4 cryptographic algorithm based on HRCA
    Xiao ZHANG,Qinglei ZHOU,Bin LI
    2020, 6(5):  101-109.  doi:10.11959/j.issn.2096-109x.2020064
    Asbtract ( 38 )   HTML ( 4)   PDF (769KB) ( 37 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    For the application scenarios that require high throughput and high security at the same time,based on HRCA,a high-performance scalable SM4 implementation scheme was proposed.Firstly,SM4 was formed to different calculation units of different granularity,and a general coarse-grained reconfigurable calculation unit was designed.Then,various mapping strategies were given for the purpose of satisfying different encryption modes,and the algorithm was mapped to the reconstructed computing unit according to different strategies.Finally,the SM4 overall architecture was optimized by dividing the control plane and the data plane.The experimental results show that using the proposed method,the SM4 algorithm has a significant improvement in throughput under lower resource consumption.

    Improved RLCE public key encryption scheme based on Polar codes
    Zhe LI,Yiliang HAN,Yu LI
    2020, 6(5):  110-118.  doi:10.11959/j.issn.2096-109x.2020068
    Asbtract ( 33 )   HTML ( 3)   PDF (771KB) ( 27 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    For PolarRLCE has no semantic security and be vulnerable to adaptively chosen ciphertext attacks.Based onrandom linear code encryptionscheme,the structure of the RLCE scheme and Polar code polarization propertieswere used to make the Polar code as underlying encoding scheme,and through the method of RLCEspad message padding,a kind of improved public key encryption scheme which considers semantic security and can resistant toadaptively chosen ciphertext attacks was proposed.The improved scheme transformed the public key matrix into a system matrix and reduces the storage space of the public key.Some pre-computation for private key are estimated to reduce the storage space of private key.Through analysis,this scheme does not change the structure of PolarRLCE scheme,which can resist structural attacks against hamming quasi-cyclic codes.At the 128 bit security level,compared with HermitianRLCE scheme,GRSRLCE scheme and GoppaMcEliece scheme,the public key size of this scheme decreased by 4%,46.5% and 47.9% respectively.

    Reinforcement learning based group key agreement scheme with reduced latency for VANET
    Tangwei1 XU,Hailu ZHANG,Chuhuan LIU,Liang XIAO,Zhenmin ZHU
    2020, 6(5):  119-125.  doi:10.11959/j.issn.2096-109x.2020055
    Asbtract ( 44 )   HTML ( 3)   PDF (847KB) ( 38 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    Key agreement scheme of vehicle ad hoc networks (VANET) determines the privacy and security against user identity-based attacks,such as spoofing attack.The existing work updates the group shared key at a fixed frequency,which increases the processing latency of the key updates and the encryption and decryption of group communication.A reinforcement learning based dynamic key agreement scheme was proposed to enable the group cluster head to optimize the key update frequency and key length.This scheme optimizes the calculation latency of encryption and decryption based on the number of surrounding vehicles,the previous key update records without the knowledge of the traffic flow model and the access-driven cache attack model.Simulation results show that this scheme reduces the transmission delay of the communication overhead and the computational latency of encryption and decryption,and improves the security of the group key compared with the benchmark scheme.

    Cyber security entity recognition method based on residual dilation convolution neural network
    Bo XIE,Guowei SHEN,Chun GUO,Yan ZHOU,Miao YU
    2020, 6(5):  126-138.  doi:10.11959/j.issn.2096-109x.2020009
    Asbtract ( 63 )   HTML ( 10)   PDF (1171KB) ( 55 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    In recent years,cybersecurity threats have increased,and data-driven security intelligence analysis has become a hot research topic in the field of cybersecurity.In particular,the artificial intelligence technology represented by the knowledge graph can provide support for complex cyberattack detection and unknown cyberattack detection in multi-source heterogeneous threat intelligence data.Cybersecurity entity recognition is the basis for the construction of threat intelligence knowledge graphs.The composition of security entities in open network text data is very complex,which makes traditional deep learning methods difficult to identify accurately.Based on the pre-training language model of BERT (pre-training of deep bidirectional transformers),a cybersecurity entity recognition model BERT-RDCNN-CRF based on residual dilation convolutional neural network and conditional random field was proposed.The BERT model was used to train the character-level feature vector representation.Combining the residual convolution and the dilation neural network model to effectively extract the important features of the security entity,and finally obtain the BIO annotation of each character through CRF.Experiments on the large-scale cybersecurity entity annotation dataset constructed show that the proposed method achieves better results than the LSTM-CRF model,the BiLSTM-CRF model and the traditional entity recognition model.

    Architecture design of multi-protocol controller based on software definition
    Yunfei XIA,Li ZHANG,Kun YANG,Peijie LI,Liming XU
    2020, 6(5):  139-147.  doi:10.11959/j.issn.2096-109x.2020065
    Asbtract ( 40 )   HTML ( 3)   PDF (1968KB) ( 27 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    In order to fulfill the requirement of high-performance computing system for software definition interconnected communication,a kind of multi-protocol controller architecture was designed.The architecture supported a variety of protocol specifications and software-defining heterogeneous architecture.The interconnections of Fiber Channel,Ethernet and SRIO were realized by embedding programmable hardware circuits.The work mode of multi-protocol controllers was managed by software definition,which meet the heterogeneous requirements of system applications.The multi-protocol controller of the thesis has been realized in the 40 nm process,that the measurements show that the performance and function satisfy the standard of the three protocols.

    Research on SDN deployment practice for WAN egress traffic scheduling
    Guochun LI,Rui MA,Jichun MA,Bozhong Li,Huiming LIU,Guiyu ZHANG
    2020, 6(5):  148-157.  doi:10.11959/j.issn.2096-109x.2020067
    Asbtract ( 47 )   HTML ( 12)   PDF (2014KB) ( 28 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    In order to solve the traffic scheduling problem of the WAN exit part,a traffic scheduling optimization method based on SR Policy/EPE was proposed,which simulated and implemented an Internet egress traffic scheduling scheme on the carrier network.The proposed method that can effectively control the flow of business traffic to achieve end-to-end traffic distribution and flexible scheduling of network-wide traffic.Under the premise of ensuring user experience,it effectively improved the utilization of backbone links,optimized the overall network structure,and greatly improved increased network scalability.Apply SR performance measurement function to various performance indicators,and choose the optimal or suboptimal link to solve the WAN exit congestion problem,which proves the feasibility of this solution.

Copyright Information
Bimonthly, started in 2015
Authorized by:Ministry of Industry and Information Technology of the People's Republic of China
Sponsored by:Posts and Telecommunications Press
Co-sponsored by:Xidian University, Beihang University, Huazhong University of Science and Technology, Zhejiang University
Edited by:Editorial Board of Chinese Journal of Network and Information Security
Editor-in-Chief:FANG Bin-xing
Executive Editor-in-Chief:LI Feng-hua
Director:YI Dong-shan
Address:F8,You Dian Publisher Building,No.11,Chengshousi Road,Fengtai District,Beijing 100078,PR China
Tel:+8610-81055479, 81055456
ISSN 2096-109X
CN 10-1366/TP
Total visitors:
Visitors of today:
Now online: