����Ŀ¼

15 August 2022, Volume 8 Issue 4

Previous Issue    Next Issue

Topic: Blockchain System, Smart Contract and Application Security

Blockchain-based high transparent PKI authentication protocol

Liquan CHEN, Xiao LI, Zheyi YANG, Sijie QIAN

2022, 8(4):  1-11.  doi:10.11959/j.issn.2096-109x.2022052

Asbtract ( 385 )   HTML ( 83)   PDF (1158KB) ( 269 )   Knowledge map   

Figures and Tables | References | Related Articles | Metrics

The public key infrastructure (PKI), as an significant component of the current Internet security infrastructure, guarantees the information transmission with the necessary authenticity, integrity, confidentiality and non-repudiation.However, the existing PKI also has shortcomings of excessive power of certification authority and difficulties in revoking and querying.Blockchain can be used to solve those problems by leveraging its advantages, such as decentralization, high transparency and flat structure.Furthermore, the ability and efficiency of the entire Internet to establish trust relationships may be improved.The transparent public key infrastructure (PKI) certification protocol based on the blockchain was proposed.The TS-PBFT algorithm was designed in the proposed protocol by adopting the threshold signature technology to the Practical Byzantine fault tolerance (PBFT) algorithm.The TS-PBFT algorithm reduced the communication overhead via reducing the communication complexity, strengthened the supervision via introducing external monitoring mechanism in the master node election of the view change protocol, and also improved the performance of the consensus mechanism via adding a batch processing mechanism.Moreover, a transparent blockchain-based PKI certification protocol was designed.The proposed protocol increased the security of certificate revocation and query, it also improved the efficiency of the certificate query by the introduction of counting bloom filters.Besides, the proposed protocol added audit function into the certificate lifecycle management.Accordingly, it can supervise the behavior of the certificate authority (CA), prompt it to improve security standards, and then achieve the purpose of limiting its authority.According to the security analysis and efficiency experiments, the proposed protocol was equipped with security properties, such as the resistance to spoofing certificate application attacks, and it achieved the best performance on TLS/SSL handshake time compared with existing PKI protocols.

State-of-the-art survey of smart contract verification based on formal methods

Wenbo ZHANG, Simin CHEN, Lifei WEI, Wei SONG, Dongmei HUANG

2022, 8(4):  12-28.  doi:10.11959/j.issn.2096-109x.2022041

Asbtract ( 534 )   HTML ( 119)   PDF (1223KB) ( 514 )   Knowledge map   

Figures and Tables | References | Related Articles | Metrics

Smart contract represents an essential application scenario of blockchain technology.Smart contract technology improves programmability and scalability of blockchain, and has broad development prospects.However, a series of security incidents caused a great number of economic losses and weakened users’ confidence in the Ethereum platform.The security of smart contract has become a critical problem that restricts the further development of smart contract.Defects in smart contract code may cause serious consequences and cannot be modified once deployed, it is especially important to verify the correctness of smart contract in advance.In recent years, researchers have obtained many achievements in verification of smart contract, but there is a lack of systematic summary of these research results.Therefore, some basic principles of Ethereum were introduced, including the transaction, gas mechanism, storage and programming language.Eight common types of vulnerabilities in smart contract were summarized and their causes were explained.Some real security events were reviewed and some examples of vulnerability codes were presented.Then, the research work on automatic verification of smart contract based on symbolic execution, model checking and theorem proving was classified and summarized.Three open-source automated tools were selected, including Mythril, Slither and Oyente.And experiments were implemented to evaluate and compare the three tools from the aspects of efficiency, accuracy and the types of vulnerability can be detected.Furthermore, related review articles were surveyed, and the advantages of this paper compared with these works were summarized.The critical problems in the vulnerability detection technology of smart contract were also summarized and the direction of future research was proposed at last.

Survey on blockchain privacy protection techniques in cryptography

Feng LIU, Jie YANG, Jiayin QI

2022, 8(4):  29-44.  doi:10.11959/j.issn.2096-109x.2022054

Asbtract ( 1126 )   HTML ( 251)   PDF (1355KB) ( 1246 )   Knowledge map   

Figures and Tables | References | Related Articles | Metrics

In recent years, the issue of data privacy has attracted increased attention, and how to achieve effective privacy protection in blockchain is a new research hotspot.In view of the current research status and development trend of blockchain in privacy protection, the privacy protection methods of blockchain in transaction address,prophecy machine and smart contract were explained, and the privacy strategies of blockchain in the protection of basic elements were summarized.Based on high-level literature at home and abroad, two types of blockchain cryptographic protection methods and usage scenarios were analyzed, including special cryptographic primitives and post-quantum cryptography.The advantages and disadvantages of seven cryptographic techniques applicable to current blockchain privacy protection were also reviewed, including attribute-based encryption, special data signature, homomorphic encryption, secure multi-party computation, zero-knowledge proofs, and lattice ciphers.It was concluded that the privacy protection of blockchain applications cannot be achieved without cryptographic technology.Meanwhile, the blockchain privacy protection technologies were analyzed in terms of both basic element protection and cryptographic protection.It was concluded that it was difficult to effectively solve the privacy problem only from the application and contract layers of the blockchain, and various cryptographic technologies should be used to complement each other according to different needs and application scenarios.In addition, according to the current development status of blockchain privacy cryptography, the narrative was developed from blockchain basic element protection and cryptography-based protection.From the perspectives of both endogenous basic element security and exogenous cryptographic privacy security, basic element privacy protection should be studied first, followed by an in-depth analysis of cryptographic protection techniques for blockchain privacy.The strengths and weaknesses and the potential value of the privacy handling aspects of the corresponding safeguards should be measured in terms of the development of technology in conjunction with practical applications, while considering the timeliness of the technology.Finally, an outlook on the future direction of blockchain privacy protection technologies was provided, indicating the issues that need to be addressed in focus.

Application and prospect of blockchain in Metaverse

Xiaoling SONG, Yong LIU, Jingnan DONG, Yongfei HUANG

2022, 8(4):  45-65.  doi:10.11959/j.issn.2096-109x.2022045

Asbtract ( 1208 )   HTML ( 177)   PDF (2107KB) ( 1075 )   Knowledge map   

Figures and Tables | References | Related Articles | Metrics

The metaverse is a new ecology that seamlessly integrates the virtual digital world and the real physical world, and has recently attracted widespread attention from all walks of life.With the maturity of various new IT technologies such as blockchain technology, artificial intelligence technology, VR/AR and sensing technology, mobile communication technology and ubiquitous computing technology, the further development of the Metaverse is possible.At present, research on the Metaverse mainly involves industrial projects, infrastructure, key technologies, privacy and security, etc.Although blockchain technology is covered in these studies, the specific points about the advantages of blockchain applied to the Metaverse are still lacked.Blockchain technology can not only provide an open and free decentralized environment for the Metaverse, but also act as a fair and reasonable digital asset distribution mechanism.The digital identity and digital asset management in the Metaverse empowered by blockchain was studied.The development process and characteristics of the Metaverse were analyzed.And the core technologies and challenges faced by the development of the Metaverse were discussed.Meanwhile, the key technologies of the blockchain were studied, and the feasibility of applying the blockchain to the Metaverse was analyzed from two aspects: the essential characteristics of the blockchain and the advantages of other technology integration.The Metaverse ecosystem architecture was further proposed, and the blockchain-based self-sovereign identity management model, blockchain-NFT workflow and its application in the Metaverse were analyzed in detail.Furthermore, combining the latest research progress of blockchain and the Metaverse, it was pointed out that the application of blockchain to the Metaverse will be from four aspects: infrastructure, communication and computing resource management mechanisms, regulation and privacy protection, and blockchain scalability and interoperability.Then the related challenges ahead and future research directions were presented at last.

Multi-authority attribute hidden for electronic medical record sharing scheme based on blockchain

Lin JIN, Youliang TIAN

2022, 8(4):  66-76.  doi:10.11959/j.issn.2096-109x.2022044

Asbtract ( 276 )   HTML ( 46)   PDF (1319KB) ( 235 )   Knowledge map   

Figures and Tables | References | Related Articles | Metrics

Currently, there is no data exchanging and sharing between different hospitals, and it is easy to form data islands.At the same time, regional medical data contains a large amount of sensitive information of patients.The public acquisition, sharing and circulation of these data will lead to malicious tampering, theft, abuse and loss of ownership, thereby revealing patient privacy.In addition, the size of medical data is enormous and the data is unstructured, then it is more difficult to prevent and hold accountable some highly targeted malicious attacks, such as malicious attacks on medical data theft, tampering, and extortion.In view of the above problems, a blockchain-based on multi-authority attribute hidden electronic medical record sharing scheme was proposed to achieve fine-grained access to shared electronic medical records while ensuring patient privacy.The Multi-Authorization Attribute Encryption (MA-ABE) algorithm was introduced, which used multi-authority organizations to manage decentralized attributes.It also used hash functions to identify different users, in order to effectively resist collusion attacks between users with different authorizations.Besides, the linear secrets sharing scheme (LSSS) was used to realize partial hiding of attributes, and the attributes were divided into two parts:attribute name and attribute value.In addition, combined with the characteristics of blockchain openness, transparency and tamper-proof, the design of access policy can update the algorithm.Based on the access policy update algorithm, the policy block was added.The new access policy was uploaded to the blockchain to form a policy update traceability chain, which can realize distributed and reliable access control management under the condition of hidden policy.It can also support data privacy protection at the same time, and traceability of user behavior.The theoretical proof and experimental analysis have proved that this scheme protect attribute privacy effectively, while reduces computational overhead.

Blockchain covert communication scheme based on the cover of normal transactions

Pengkun JIANG, Wenyin ZHANG, Jiuru WANG, Shanyun HUANG, Wanshui SONG

2022, 8(4):  77-86.  doi:10.11959/j.issn.2096-109x.2022043

Asbtract ( 359 )   HTML ( 52)   PDF (1102KB) ( 414 )   Knowledge map   

Figures and Tables | References | Related Articles | Metrics

With the development of computer technology, the situation of modern network attack and defense is becoming increasingly severe, and the problem of secure transmission of secret information needs to be solved urgently.Covert communication technology embeds secret information into the carrier and transmits the information safely through the covert channel.However, the traditional covert channels face the challenges of data damaging, attack, detection and so on, which cannot meet the higher security requirements.As a public data platform, blockchain can embed secret information under the cover of a large number of transactions.With its tamper proof, anonymity, decentralization and other characteristics, blockchain can well solve the problems of traditional covert channels and achieve secure covert communication.However, the existing blockchain covert communication schemes are limited by low communication efficiency and poor security.How to improve safety and efficiency of covert communication is a research focus of blockchain covert communication.Motivated by this issue, a blockchain covert communication scheme based on the cover of normal transactions was proposed.The hash algorithm was used to build a transmission-free password table to embed secret information without changing any transaction data.Using the elliptic curve feature, transactions with hidden information can be quickly screened out from a large number of transactions, to extract secret information quickly.This scheme improves the security and efficiency of covert communication and has strong portability.Theoretical analysis shows that attackers cannot distinguish between ordinary transactions and special transactions.This scheme has high anti-detection and scalability.Besides, the experimental results of the bitcoin test network show the high efficiency of this scheme.

Papers

Research on network risk assessment based on attack graph of expected benefits-rate

Wenfu LIU, Jianmin PANG, Xin ZHOU, Nan LI, Feng YUE

2022, 8(4):  87-97.  doi:10.11959/j.issn.2096-109x.2022047

Asbtract ( 198 )   HTML ( 43)   PDF (1442KB) ( 346 )   Knowledge map   

Figures and Tables | References | Related Articles | Metrics

As Internet applications and services become more and more extensive, the endless network attacks lead to great risks and challenges to the security of information systems.As a model-based network security risk analysis technology, attack graph is helpful to find the vulnerability between network nodes and the harm of being attacked.It has been proved to be an effective method to find and prevent network security risks.Attack graph is mainly divided into state-based attack graph and attribute-based attack graph.Due to the problem of state explosion in state-based attack graph, most researchers prefer the attribute-based attack graph for network risk assessment.In view of the existing researches on attribute-based attack graph, they excessively rely on the vulnerability of network nodes and the essential attributes of atomic attack.However, they ignore that rational attackers usually choose specific attack paths by maximizing attack benefits.Then, a network risk assessment framework and a quantification method of attack benefits-rate based on expected benefits-rate attack graph were proposed.The network risk assessment framework took the open vulnerability resource database, the new vulnerabilities found by the vulnerability mining system and the big data related to network attack and defense as the basic data source.The network risk assessment framework also took the open source big data platform as the analysis tool to mine and calculate the elements related to attack cost and attack benefit.Using the concepts of cost, benefit and benefit-rate in economics, the calculation model of expected benefit-rate of atomic attack was constructed.By constructing the attribute-based attack graph of the target network, the expected benefit-rate of atomic attack on the attack path was calculated, and the expected benefit-rate list of all possible attack paths was generated.Furthermore, taking the expected goal as the starting point, the search was carried out according to the specific optimization strategy (backtracking method, greedy algorithm, dynamic programming).And the complete attack path with the maximum benefit-rate was obtained, which provided the basis for network risk assessment.The simulation results show the effectiveness and rationality of the proposed expected benefit-rate attack graph network risk assessment method, which can provide support for discovering and preventing network security problems.

Global randomized consensus algorithm resist collusion attack based on game theory

Bao ZHANG, Youliang TIAN, Sheng GAO

2022, 8(4):  98-109.  doi:10.11959/j.issn.2096-109x.2022048

Asbtract ( 250 )   HTML ( 35)   PDF (1593KB) ( 186 )   Knowledge map   

Figures and Tables | References | Related Articles | Metrics

As the cornerstone of blockchain technology, consensus technology has received more attention with the continuous development of blockchain technology.The development of consensus technology has become more and more rapid, but there are still related problems.Nowadays, fault-tolerant consensus algorithms, as one of the representative blockchain consensus technologies, still have many problems to be studied.The problem of node randomness and node collusion attacks in fault-tolerant consensus algorithms had been studied, and a game-theoretic-based anti-corruption algorithm was proposed.The global randomization consensus algorithm of collusion attack improved the security and throughput of the blockchain network by realizing the randomization of nodes and solving related security problems.In the process of selecting nodes participating in the fault-tolerant consensus algorithm, the global randomization of the initiator and verifier nodes was realized by using the mapping function and the weighted random function, thereby ensuring the identity anonymity of the initiator and verifier nodes and improving the blockchain network security accordingly.The reputation update model was used to realize the dynamic update of the reputation, and the game theory was used to analyze the security problems of the fault-tolerant consensus algorithm.A more correct and efficient algorithm model was constructed to improve the throughput of the algorithm and analyze the problem of collusion attack of more than one third of the nodes in this kind of algorithm, the refined Bayesian game was used to construct a collusion contract and analyze the collusion The Nash equilibrium point between the two nodes was adopted to solve the collusion attack problem of more than one third of the nodes.The security analysis and experiments show that the global randomization consensus algorithm based on the game theory anti-collusion attack is better than PoW、PoS and PBFT.The consensus algorithm is not only effective to improve throughput and reduce computing resource consumption, but also resistant to DDoS, Eclipse attacks and collusion attacks by more than one third of nodes.

Carrier-independent deep optical watermarking algorithm

Hao CHEN, Feng WANG, Weiming ZHANG, Nenghai YU

2022, 8(4):  110-118.  doi:10.11959/j.issn.2096-109x.2022056

Asbtract ( 178 )   HTML ( 23)   PDF (2312KB) ( 410 )   Knowledge map   

Figures and Tables | References | Related Articles | Metrics

With the development of multimedia techniques, the demand for copyright protection of digital products has also gradually risen.Digital watermarking is an effective means to protect the copyright of digital products.It is generally made by adding important identification information (i.e., digital watermark) to a digital carrier (e.g., text, image, etc.), so that the carrier carries the identification information but does not affect the normal use of the carrier.The common digital watermark embedding scheme is to embed the watermark information by modifying the carrier via specific algorithms.In the actual application scenarios, there are many images or objects to be protected (such as art paintings, etc.) that are not allowed to be modified.Based on this background, a new carrier-independent deep optical watermarking algorithm was proposed, which can realize watermark information embedding without modifying the original carrier and achieve the purpose of copyright protection.Specifically, a new watermark template expression scheme at the embedding end was proposed, which expressed the watermark information by visible light modulation.By analyzing the visual system of human eyes, a watermark template pattern based on alternating projection was proposed to embed the watermark information, which made the embedding process neither require modification of the original carrier nor affect the visual senses of human eyes.At the extraction end, a watermark extraction network based on residual connection was designed, and the captured watermarked images were fed into this network after perspective transformation to extract the watermark information.The experiments were conducted under various conditions and comparisons with three baseline algorithms were made.The experimental results show that the proposed algorithm generates watermarked images with less visual distortion and is robust to the ＆quot;projecting-shooting＆quot; process.The watermark extraction network has high accuracy in extracting watermark information at different distances, angles and illumination conditions, and has certain advantages over other general networks.

Encrypted and obfuscation WebShell detection for high-speed network traffic

Yihuai CAO, Wei CHEN, Fan ZHANG, Lifa WU

2022, 8(4):  119-130.  doi:10.11959/j.issn.2096-109x.2022055

Asbtract ( 449 )   HTML ( 48)   PDF (1854KB) ( 569 )   Knowledge map   

Figures and Tables | References | Related Articles | Metrics

With the gradual development of traffic encryption and text obfuscation technologies, it is increasingly difficult to prevent complicated and malicious WebShell attack events in production environment using traditional detection methods based on text content and network flow features, especially for adversarial samples, variant samples and 0Day vulnerability samples.With the established network traffic collection environment, DPDK technology was used to capture network traffic in the high-speed network environment, and a dataset was marked with label.The dataset consisted of more than 24,000 normal traffic and more than 10,000 malicious WebShell traffic under different platforms, different languages, different tools, different encryption and obfuscation methods.Then Asynchronous traffic analysis system framework and lightweight log collection components were used to efficiently parse raw traffic.Expert knowledge was integrated to analyze HTTP data packets during the communication process of several popular WebShell management tools, and the effective feature set for encrypted and obfuscation WebShell was obtained.Support Vector Machine (SVM) algorithm was used to realize offline training and online detection of complicated WebShell malicious traffic based on the effective feature set.Meanwhile, improving the parameter search method with the genetic algorithm promoted the model training efficiency furthermore.The experimental results showed that the detection efficiency can be guaranteed based on the self-built WebShell attack traffic dataset.Besides, the detection model has a precision rate of 97.21% and a recall rate of 98.01%, and it performed well in the comparative experiments of adversarial WebShell attacks.It can be concluded from the results that the proposed method can significantly reduce the risk of WebShell attack, effectively supplement the existing security monitoring system, and be applied in real network environments.

Link prediction method for dynamic networks based on matching degree of nodes

Cong LI, Xinsheng JI, Ushuxin LI, Jinsong LI, Haitao LI

2022, 8(4):  131-143.  doi:10.11959/j.issn.2096-109x.2022053

Asbtract ( 246 )   HTML ( 25)   PDF (7189KB) ( 109 )   Knowledge map   

Figures and Tables | References | Related Articles | Metrics

The research of dynamic evolutionary trends and temporal characteristics in real networks which are important part of the real world is a hot research issue nowadays.As a typical research tool in the field of network science, link prediction technique can be used to predict the network evolution by mining the historical edge information and then predict the future edge.The topological evolution of dynamic real networks was analyzed and it found that the interaction and matching between nodes in the network topology can capture the dynamic characteristics of the network more comprehensively.The proposed method analyzed the attribute characteristics of network nodes, and defined a node importance quantification method based on primary and secondary influences.Besides, a time decay factor was introduced to portray the influence of network topology on the formation of connected edges at different moments.Furthermore, the node importance and time decay factor were combined to define the Temporal Matching Degree of Nodes (TMDN), which was used to measure the possibility of future edge formation between node pairs.The experimental results in five real dynamic network datasets showed that the proposed method achieves better prediction performance under both AUC and Ranking Score, with a maximum improvement of 42%.It also proved the existence of interactive matching priority among nodes, and confirmed the effectiveness of both primary and secondary influence of nodes.As the future work, we will add diversified feature information to further deepen the analysis of dynamic real networks and then predict the evolution law more accurately.

Research on link detection technology based on dynamic browser fingerprint

Fan GAO, Jian WANG, Jiqiang LIU

2022, 8(4):  144-156.  doi:10.11959/j.issn.2096-109x.2022049

Asbtract ( 282 )   HTML ( 40)   PDF (1626KB) ( 467 )   Knowledge map   

Figures and Tables | References | Related Articles | Metrics

With the emergence of user privacy leakage and online fraud, traditional detection mechanisms can no longer stop the intensified attacks and new methods are needed to assist in web security detection.As a bridge between users and network data, browsers are widely used in the interaction between users and various applications.The browser fingerprint contains various characteristic information of the user’s browser and device, and its uniqueness can greatly improve the accuracy of user identification.However, browser fingerprints may change over time, and solutions based on static fingerprints cannot meet the requirements of dynamic fingerprints detection.Motivated by this challenge, it’s necessary to improve the recognition and link detection capabilities of dynamic browser fingerprints.Besides, parameters from multi-dimensional perspective need to be obtained and screened to get fine-grained and high-discrimination features for model detecting, preventing the calculation cost caused by too many unnecessary parameters.Bidirectional Gating Recurrent Unit (BiGRU) was introduced into the fingerprint detection, and a stacked BiGRU detection model based on dynamic browser fingerprints was proposed.It solved the problem of low detection accuracy caused by ignoring the interaction of forward and backward information in the process of fingerprints detection, and it also had a certain improvement in indicators such as accuracy and linking time.Furthermore, in view of the different importance of different feature parameters, the same weight given to parameters will result in detection error.Combined with the attention mechanism to focus more stable fingerprint features, an Att-BiGRU fingerprint detection model based on dynamic browser fingerprints was proposed.It optimized the detection ability compared to BiGRU, further improved the detection accuracy of browser fingerprinting, and showed good linking ability on the comprehensive index under the benchmark model.

Honeypot defense and transmission strategy based on offensive and defensive games in vehicular networks

Jie YI, Tengfei CAO, Shuai GAO, Jianqiang HUANG

2022, 8(4):  157-167.  doi:10.11959/j.issn.2096-109x.2022050

Asbtract ( 305 )   HTML ( 29)   PDF (4653KB) ( 234 )   Knowledge map   

Figures and Tables | References | Related Articles | Metrics

With the rapid development of the Internet of Vehicles, service providers can efficiently provide caching services for vehicle users by deploying 5G base station-type RSUs adjacent to vehicles.However, due to the presence of malicious attackers, the controlled base station is turned to be malicious for the purpose of identity forgery attack.When messages are sent in the name of malicious base stations to interfere with the communication link between vehicles and the trusted base stations, it is easy to cause serious driving safety problems.To solve the above problem, an efficient transmission and honeypot defense strategy was proposed, which was based on the offensive and defensive game in the Internet of Vehicles to reduce the risk of identity forgery attacks and improve the security of data transmission.The interaction between trusted base stations and malicious base stations in the Internet of Vehicles scenario was modeled as an attack-defense game model.On this basis, trusted base stations and honeypot base stations were jointly used as defenders to defend against malicious attacks.Then, the trusted base station and the malicious base station, as the two sides of the offensive and defensive game, chose their respective strategies to construct a model of the benefit function of both sides.Combined with the vehicle delay feedback mechanism, the defender and the malicious base station dynamically adjusted their respective strategies.By adjusting the interaction between the honeypot base station and the vehicle, and also the degree of IP randomization, the overall benefit of the defender was effectively improved.Besides, the optimal solution was obtained by using the mixed strategy Nash equilibrium theory.Simulation experimental results show that the proposed strategy can improve the secure transmission performance of the Internet of Vehicles service in the presence of malicious attackers, and the defender’s expected benefit is improved by 48.9% and the data transmission delay is reduced by 57.1% compared to the no-honeypot defense scheme.

Rumor detection in social media based on eahanced Transformer

Honghao ZHENG, Yinuo HAO, Hongtao YU, Shaomei LI, Yiteng WU

2022, 8(4):  168-174.  doi:10.11959/j.issn.2096-109x.2022042

Asbtract ( 339 )   HTML ( 67)   PDF (816KB) ( 409 )   Knowledge map   

Figures and Tables | References | Related Articles | Metrics

With the rapid development of the Internet, social media is increasingly integrated into all aspects of people’s daily life.Social media has gradually become a tool and even a platform for people to share opinions, insights, experiences and viewpoints.It is the main method for people to obtain and share information as well as express and exchange opinions.Currently, social media mainly includes social networking sites, Weibo, Twitter, blogs, forums, podcasts and so on.Due to the openness of social media, the user scale is large and the sources are complex and numerous, then all kinds of rumors and false information may be generated easily.Rumors on social media influence netizens’ understanding of events and shake the stability of society.Therefore, how to accurately and efficiently detect rumors has become an urgent problem to be solved.Existing Transformer based social media rumor detection models ignored the text location information.To effectively extract text location information and make full use of text potential information, a rumor detection model in social media was proposed and it was based on the enhanced Transformer.This model enhanced the traditional Transformer from two aspects of relative position and absolute position.It captured the direction information and distance information of the text using learnable relative position coding and mapped words from different positions to different feature spaces using absolute position coding.Experimental results show that, compared with the best benchmark model, the accuracy of the proposed model on Twitter15, Twitter16 and Weibo datasets is enhanced by 0.9%, 0.6% and 1.4%, respectively.Experimental results verify the effectiveness of the proposed location coding.And the enhanced Transformer based on location coding can significantly improve the effects of social media rumor detection.

Design and analysis of intelligent service chain system for network security resource pool

Zenan WANG, Jiahao LI, Chaohong TAN, Dechang PI

2022, 8(4):  175-181.  doi:10.11959/j.issn.2096-109x.2022051

Asbtract ( 218 )   HTML ( 33)   PDF (1001KB) ( 213 )   Knowledge map   

Figures and Tables | References | Related Articles | Metrics

The traditional network security architecture ensures network security by directing traffic through hardware based network security function devices.Since the architecture consists of fixed hardware devices, it leads to a single form of network security area deployment and poor scalability.Besides, the architecture cannot be flexibly adjusted when facing network security events, making it difficult to meet the security needs of future networks.The intelligent service chain system for network security resource pool was based on software-defined network and network function virtualization technologies, which can effectively solve the above problems.Network security functions of virtual form were added based on network function virtualization technology, combined with the existing hardware network elements to build a network security resource pool.In addition, the switching equipment connected to the network security elements can be flexibly controlled based on software-defined network technology.Then a dynamically adjustable network security service chain was built.Network security events were detected based on security log detection and a expert library consisting of security rules.This enabled dynamic and intelligent regulation of the service chain by means of centralized control in the face of network security events.The deployment process of the service chain was mathematically modeled and a heuristic algorithm was designed to realize the optimal deployment of the service chain.By building a prototype system and conducting experiments, the results show that the designed system can detect security events in seconds and automatically adjust the security service chain in minutes when facing security events, and the designed heuristic algorithm can reduce the occupation of virtual resources by 65%.The proposed system is expected to be applied to the network security area at the exit of the campus and data center network, simplifying the operation and maintenance of this area and improving the deployment flexibility of this area.

Education and teaching

Preliminary study on the reform of machine learning teaching

Nan WEI, Lihua YIN, Hong NING, Binxing FANG

2022, 8(4):  182-189.  doi:10.11959/j.issn.2096-109x.2022026

Asbtract ( 204 )   HTML ( 26)   PDF (2406KB) ( 280 )   Knowledge map   

Figures and Tables | References | Related Articles | Metrics

The machine learning is different from other courses for its large span of mathematical knowledge, widely application of techniques, and fast updating of models.In traditional machine learning classes, due to the separation between review of mathematical knowledge and model explanation, boring content divorced from the reality, and the obsolete content of exam, undergraduates have difficulty in understanding machine learning models.Then they lack interest in learning and also consciousness of autonomous learning, which makes them difficult to solve practical problems with advanced machine learning technologies.Considering these facts, the teaching reform measures of machine learning course were proposed, in terms of teaching methods, content and exam.The teaching methods combined online learning and offline deduction to increase teacher-student interaction and connect key knowledge points.The teaching content introduced scientific stories and interesting challenges, which enriched the content and cultivates learning interest.The advanced machine learning technique-based practice exam was applied to enhance the capability of independent learning and explore advanced technologies.Consequently, the reform measures have been successfully applied in the machine learning teaching practice of Academician Binxing Fang undergraduate preparatory class of Guangzhou University, improving the teaching performance of machine learning course.