#### ����Ŀ¼

15 October 2017, Volume 3 Issue 10
Comprehensive Reviews
Research on Windows memory protection mechanism
Ting-ting LU,Jun-feng WANG
2017, 3(10):  1-15.  doi:10.11959/j.issn.2096-109x.2017.00208
Asbtract ( 1370 )   HTML ( 2)   PDF (790KB) ( 3607 )
Figures and Tables | References | Related Articles | Metrics

Over the past three decades,attacks exploiting Windows memory holes have emerged in an endless stream,and the usual means is to attack control-data to hijack the execution flow of the program.To this end,Microsoft has added layers of protection mechanisms to Windows to prevent such attacks.But at this stage,the defensive mechanisms deployed on Windows cannot prevent attacks against non-control-data.In view of the published articles lacking comprehensive study of Windows memory protection mechanism,a detailed introduction to Windows memory protection mechanism and its breakthrough techniques,and non-control-data protection research status was conducted.On this basis,the challenges of Windows memory protection were analyzed and the future of memory protection was discussed.

Survey of DDoS defense:challenges and directions
Fei CHEN,Xiao-hong BI,Jing-jing WANG,Yuan LIU
2017, 3(10):  16-24.  doi:10.11959/j.issn.2096-109x.2017.00202
Asbtract ( 2226 )   HTML ( 26)   PDF (555KB) ( 7601 )
Figures and Tables | References | Related Articles | Metrics

The distributed denial of server (DDoS) attack is a major threat to the Internet.Numerous works have been proposed to deal with this problem through attack detection and defense mechanism design.A survey was presented to introduce the DDoS defense technologies,from the traditional strategies,through Cloud-based systems,toward SDN-based mechanisms.According to the characteristics of DDoS attack,the features and drawbacks of these systems were discussed,which could provide new insights for the development of the new generation of network security framework in the future.

Papers
Research of the small Qubit quantum computing attack to the RSA public key cryptography
Bao-nan WANG,Yu-hang CHEN,Bao YIN,Feng HU,Huan-guo ZHANG,Chao WANG
2017, 3(10):  25-34.  doi:10.11959/j.issn.2096-109x.2017.00206
Asbtract ( 825 )   HTML ( 0)   PDF (621KB) ( 1514 )
Figures and Tables | References | Related Articles | Metrics

The small Qubit quantum algorithm attack to RSA was proposed,the need Qubit of the first quantum register from 2L to L1,it can be reduced to 2 Qubit,the overall space complexity denoted (L1,L),where 2L1≥r,r is the period of decomposed.Because of the reduce of the first quantum register,it reduces the algorithm’s complexity and success rates,and use the binary look-up table method to compute the modular exponentiation,it enhances the computing speed.The improved algorithm’s quantum circuit complexity is T=O(2L2).It have a significant improvement on the time complexity and space complexity.Although the success rate is reduced,the overall success solution time is still lower than the Shor algorithm and the current major improvements Shor algorithm.Completed a simulation experiment.Respectively use the 11、10、9 Qubit decomposing the quantum circuit 119.The new algorithm explore the reality of using a universal quantum computer device to decipher the public key cryptography.

Secure deployment strategy of virtual machines based on operating system diversity
Miao ZHANG,Xin-sheng JI,Jian-jian AI,Wen-yan LIU,Hong-chao HU,Shu-min HUO
2017, 3(10):  35-43.  doi:10.11959/j.issn.2096-109x.2017.00201
Asbtract ( 1161 )   HTML ( 1)   PDF (572KB) ( 1436 )
Figures and Tables | References | Related Articles | Metrics

The resource-sharing model for cloud computing raises many security issues,such as co-resident of virtual machines,while greatly improving resource utilization.In particular,when a user adopts a single operating system,an attacker can steal privacy and data by compromising the user's entire virtual machine at a smaller cost.In view of this security threat,a strategy for the security deployment of virtual machine based on operating system diversity was presented.This method firstly recommended an operating system configuration options for users applying for virtual machines with the highest degree in diversity,and then through the secure deployment strategy,maximized the effect of diversity,thus making the attacker pay more cost.The experimental results show that compared with the method of single operating system,this method can reduce the attack efficiency by 33.46% at least.

Approach on runtime monitoring based on the embedded trusted platforms
Zhao-chang SUN,Jian-feng MA,Cong SUN,Di LU
2017, 3(10):  44-51.  doi:10.11959/j.issn.2096-109x.2017.00209
Asbtract ( 949 )   HTML ( 2)   PDF (1570KB) ( 1113 )
Figures and Tables | References | Related Articles | Metrics

The state-of-art trusted computing platforms fall short of monitoring its own runtime security properties.In order to mitigate these problems,an approach on runtime monitoring for the embedded trusted platforms was proposed.With the automated code instrumentation and the runtime monitoring,that the runtime security functionalities were consistent with the design specifications of trusted computing platforms could be made sure.The system performance and states meet specific constraints could also be ensured.The runtime exceptions on the specific properties were handled in real-time.The experimental results show that with the increase on the number of monitoring nodes,the precision and real-time performance of proposed runtime monitoring increase.Meanwhile,the costs on the monitoring and the exception handling are moderate.

Implementation architecture of mimic security defense based on SDN
Zhen-peng WANG,Hong-chao HU,Guo-zhen CHENG,Chuan-hao ZHANG
2017, 3(10):  52-61.  doi:10.11959/j.issn.2096-109x.2017.00205
Asbtract ( 2149 )   HTML ( 10)   PDF (849KB) ( 2923 )
Figures and Tables | References | Related Articles | Metrics

To deal with the attacks employing unknown security vulnerabilities or backdoors which are difficult for traditional defense techniques to eliminate,mimic security defense (MSD) that employs “dynamic,heterogeneity,redundancy (DHR)” mechanism can increase the difficulty and cost of attack and uncertainty of system so as to improve network security.Based on the software defined networking (SDN),an implementation architecture of MSD was proposed.First,diverse functional equivalent variants for the protected target were constructed,then leverage the rich programmability and flexibility of SDN to realize the dynamic scheduling and decision-making functions on SDN controller.Simulation and experimental results prove the availability and the intrusion tolerant ability of the architecture.

Design and application of electrocardiograph diagnosis system based on multifractal theory
Chun-kai ZHANG,Ao,ZHANGJing-wang YIN,Pan-bo TIAN,Ying ZHOU,Chang-qing QI
2017, 3(10):  62-71.  doi:10.11959/j.issn.2096-109x.2017.00204
Asbtract ( 962 )   HTML ( 3)   PDF (1700KB) ( 1323 )
Figures and Tables | References | Related Articles | Metrics

An automatic segmentation algorithm for ECG data using differential threshold method was designed,which could identify the various ECG cycles of continuous ECG data.And it could obtain the multifractal features of multiple fractal and generalize hurst index feature of ECG data,these features were used to train artificial neural network in order to classify ECG data,the accuracy of the classifier could reach 97%.An ECG diagnosis system was implemented,which can automatically identify ECG sequences that contain multiple ECG cycles,and can automatically ignore the incomplete ECG cycle data,and could annotate every cycle of ECG data.

Permutations from APN power functions over ${F}_{{2}^{2n}}$
Shi-zhu TIAN
2017, 3(10):  72-76.  doi:10.11959/j.issn.2096-109x.2017.00203
Asbtract ( 447 )   HTML ( 0)   PDF (515KB) ( 957 )
Figures and Tables | References | Related Articles | Metrics

APN functions have the lowest differential uniform over finite fields with characteristic 2 and the APN power functions are the most classical ones.APN power functions are all 3-1 functions over ${F}_{{2}^{2n}}$.By generalizing the idea of changing 2-1 functions to 1-1 functions over finite fields with odd characteristics,methods to change 3-1 functions over finite fields with even characteristics into permutations were obtained and permutations from APN power functions over ${F}_{{2}^{2n}}$ were constructed.According to the construction,the differential properties of permutations obtained by this method were discussed.

Bimonthly, started in 2015
Authorized by:Ministry of Industry and Information Technology of the People's Republic of China
Co-sponsored by:Xidian University, Beihang University, Huazhong University of Science and Technology, Zhejiang University
Edited by:Editorial Board of Chinese Journal of Network and Information Security
Editor-in-Chief:FANG Bin-xing
Executive Editor-in-Chief:LI Feng-hua
Director:YI Dong-shan