����Ŀ¼

15 March 2018, Volume 4 Issue 3

Previous Issue    Next Issue

Comprehensive Reviews

Research progress in code reuse attacking and defending

Xiangdong QIAO, Rongxiao GUO, Yong ZHAO

2018, 4(3):  1-12.  doi:10.11959/j.issn.2096-109x.2018017

Asbtract ( 2624 )   HTML ( 36)   PDF (697KB) ( 2860 )   Knowledge map   

Figures and Tables | References | Related Articles | Metrics

Code reuse attacks make use of binary code existed in the attacked target to perform attack action,such technique breaks out the traditional assumption that malicious behavior always be introduced from the outside，it is representative sample of the advanced memory corruption techniques and also the focus of attention in the software security research field.The generation background and implementation principle were described firstly,and then the recent progresses of the technique,including improvement and variants,implementation methods under the different architecture platforms,automatic construction and important extension including blind ROP and non-control data attacks based on code reuse attacks,were introduced respectively.Various defense mechanisms and possible counter-defense methods for code reuse attacks were also discussed.Finally a perspective of the future work in this research area was discussed.

Research progress of abnormal user detection technology in social network

Qiang QU, Hongtao YU, Ruiyang HUANG

2018, 4(3):  13-23.  doi:10.11959/j.issn.2096-109x.2018025

Asbtract ( 4982 )   HTML ( 96)   PDF (542KB) ( 3417 )   Knowledge map   

Figures and Tables | References | Related Articles | Metrics

In social networks,the problem of anomalous users detection is one of the key problems in network security research.The anomalous users conduct false comments,cyberbullying or cyberattacks by creating multiple vests,which seriously threaten the information security of normal users and the credit system of social networks ,so a large number of researchers conducted in-depth study of the issue.The research results of the issue in recent years were reviewed and an overall structure was summarized.The data collection layer introduces the data acquisition methods and related data sets,and the feature presentation layer expounds attribute features,content features,network features,activity features and auxiliary features.The algorithm selection layer introduces supervised algorithms,unsupervised algorithms and graph algorithms.The result evaluation layer elaborates the method of data annotation method and index.Finally,the future research direction in this field was looked forward.

Papers

App-DDoS detection method using partial binary tree based SVM algorithm

Bin ZHANG,Zihao LIU,Shuqin DONG,Lixun LI

2018, 4(3):  24-34.  doi:10.11959/j.issn.2096-109x.2018020

Asbtract ( 1732 )   HTML ( 12)   PDF (892KB) ( 1777 )   Knowledge map   

Figures and Tables | References | Related Articles | Metrics

As it ignored the detection of ramp-up and pulsing type of application layer DDoS (App-DDoS) attacks in existing flow-based App-DDoS detection methods,an effective detection method for multi-type App-DDoS was proposed.Firstly,in order to fast count the number of HTTP GET for users and further support the calculation of feature parameters applied in detection method,the indexes of source IP address in multiple time windows were constructed by the approach of Hash function.Then the feature parameters by combining SVM classifiers with the structure of partial binary tree were trained hierarchically,and the App-DDoS detection method was proposed with the idea of traversing binary tree and feedback learning to distinguish non-burst normal flow,burst normal flow and multi-type App-DDoS flows.The experimental results show that compared with the conventional SVM-based and na?ve-Bayes-based detection methods,the proposed method has more excellent detection performance and can distinguish specific App-DDoS types through subdividing attack types and training detection model layer by layer.

Improved packet classification algorithm based on multidimensional space dynamic division and RFC

Xiaoyu CHEN,Yueming LU

2018, 4(3):  35-41.  doi:10.11959/j.issn.2096-109x.2018024

Asbtract ( 1395 )   HTML ( 8)   PDF (844KB) ( 1959 )   Knowledge map   

Figures and Tables | References | Related Articles | Metrics

According to the existing problem that memory usage grows exponentially with the size increase of rule set in RFC (recursive flow classification) algorithm,an improved packet classification algorithm,HRFC (Hybrid-RFC) was put forward.The new algorithm completes the dynamic division of a multidimensional space rule set by a decision tree,accomplishes the mapping of each subset with multiple phase reduction trees,so as to realize fast and efficient packet classification.The simulation results show that the new algorithm can reduce the space usage effectively while guaranteeing the performance of classification speed.

Design of privacy-preserving authentication protocol for service invocation

Linpeng CHAI,Bin ZHANG,Yang LIU,Jiajia SUN

2018, 4(3):  42-50.  doi:10.11959/j.issn.2096-109x.2018027

Asbtract ( 992 )   HTML ( 2)   PDF (1043KB) ( 1289 )   Knowledge map   

Figures and Tables | References | Related Articles | Metrics

Aiming at the requirement of the safe transmission of authentication credentials and the privacy preserving in service orientied multi-domain collaboration environment,a privacy-preserving authentication protocol for service invocation based on the provable secure certificateless aggregate signcryption scheme was proposed.By the path of the service invocation,the authentication information has been signcrypted successively,ensuring that the service providers can dynamically and orderly join in the process of service invocation authentication.The credentials and shared information can be safely transmitted respectively by the aggregate signcryption scheme and Diffie-Hellman algorithm,thus the SOAP message only can be decoded by specified acceptor,which is suitable for controlling the disclosure scope of the privacy information.Simultaneously,the public verifiability of CLASC can ensure that the validity of the aggregate signcryption can be verified by other service providers.The length of the SOAP message is shorter than existed protocols,which improve the transfer efficiency.

New cross-layer reputation mechanism for mobile cloud computing

Mengyang YU,Hui LIN,Youliang TIAN

2018, 4(3):  51-58.  doi:10.11959/j.issn.2096-109x.2018021

Asbtract ( 1301 )   HTML ( 6)   PDF (835KB) ( 1193 )   Knowledge map   

Figures and Tables | References | Related Articles | Metrics

Users are facing increasingly serious security threats such as data leakage and privacy exposure while using various mobile cloud services.Based on the data security and privacy protection for mobile cloud computing research background,combining the cross-layer design and credit mechanism,in the node between the introduction of the MAC layer and network layer in the process of credit evaluation of factors affecting user reputation,to identify and manage internal malicious nodes.The credibility of the simulation results show that the proposed mechanism can effectively resist the internal defamation and multilayer attack,enhance the credibility of mobile terminals,thus improve the mobile cloud service data security and privacy protection.

Multi-biometrics fusion based on dynamic weighting of characteristic signal quality

Wenbing ZHANG,Peishun LIU,Fenghui XUE

2018, 4(3):  59-67.  doi:10.11959/j.issn.2096-109x.2018022

Asbtract ( 1015 )   HTML ( 9)   PDF (1092KB) ( 1209 )   Knowledge map   

Figures and Tables | References | Related Articles | Metrics

Face recognition and speaker recognition were integrated at the decision-making level.In order to cope with the influence of the external environment on the recognition result,image quality and sound quality assessment methods were introduced.By evaluating the quality of information,features with poor information quality were removed.Information quality dynamically adjusted the weight proportion of the module,and rejected individuals with low matching degree of single-mode feature recognition.Then,according to DS theory,each evidence was merged into a new body of evidence to realize user identification.The experimental results show that the fusion method which takes into account the characteristic signal quality can effectively improve the recognition accuracy and security.

Research on key management and authentication protocol of PDA in smart grid

Xiao YU,Li TIAN,Zhe LIU,Jie WANG

2018, 4(3):  68-75.  doi:10.11959/j.issn.2096-109x.2018026

Asbtract ( 2006 )   HTML ( 13)   PDF (850KB) ( 1721 )   Knowledge map   

Figures and Tables | References | Related Articles | Metrics

According to PDA in smart grid,which faced with security issues,key management and authentication protocol for PDA in smart grid based on scrambling PUF were presented.With the construction of mobile trusted platform by trusted hardware module and PDA,a key management mechanism was designed which presented for the indentify of hardware and controlled by user,to guarantee the security of key management and build a safe and effective mechanism of key backup and recovery.Based on trusted hardware module,security access for PDA in smart grid was realized,with the public and private key of key management strategy and improved access authentication protocol based on public key cryptography.