����Ŀ¼

15 April 2018, Volume 4 Issue 4

Previous Issue    Next Issue

Comprehensive Reviews

Research on models of network security evaluation and analysis

Wenyan LIU,Shumin HUO,Qing TONG,Miao ZHANG,Chao QI

2018, 4(4):  1-11.  doi:10.11959/j.issn.2096-109x.2018019

Asbtract ( 1509 )   HTML ( 64)   PDF (713KB) ( 3945 )   Knowledge map   

Figures and Tables | References | Related Articles | Metrics

Network security assessment helps to grasp the current and future risks of the network information system clearly,and gives corresponding security suggestions and countermeasures.Model of network security assessment and analysis is an important research direction and content,for which there is no review to give a comprehensive summary or analysis.A review of common network security evaluation and analysis model was given.The model that focus on attack was introduced,such as the attack tree,attack graph and kill chain,then the model that focus on network defense or offensive and defensive interaction was explained,such as attack surface,cyber epidemic model,Petri nets and automation machine,giving introduction to the basic concept,application field,modeling analysis process,advantages and disadvantages of the models.Then,typical examples were given to illustrate the application of the models in network defense technology evaluation and analysis.

Review of side-channel privacy inference of Android mobile devices

Futian SHI,Jian MAO,Jianwei LIU

2018, 4(4):  12-21.  doi:10.11959/j.issn.2096-109x.2018034

Asbtract ( 1186 )   HTML ( 20)   PDF (553KB) ( 1848 )   Knowledge map   

Figures and Tables | References | Related Articles | Metrics

Android side channels may leak users’sensitive information.The existing Android side-channel attacks were analyzed and classified according to the type of the privacy-sensitive information with their inference models.The mainstream privacy inference approaches were analyzed and the deployed scenarios of these attacks were summarized.In addition,the mechanisms were discussed to detect or suppress the side-channel-based attacks and disclosed their limitations.Finally,the potential directions of research on side-channel-based privacy inference in Android systems were proposed.

Review of key technology and its application of blockchain

Feng ZHANG, Boxuan SHI, Wenbao JIANG

2018, 4(4):  22-29.  doi:10.11959/j.issn.2096-109x.2018028

Asbtract ( 5574 )   HTML ( 589)   PDF (690KB) ( 10182 )   Knowledge map   

Figures and Tables | References | Related Articles | Metrics

The rise of blockchain technology is a paradigm shift,which is similar to the rise of the Internet,and it has attracted wide attention.Blockchain has characteristics of decentralization,tamper-resistant,traceability and so on.The achievements of some papers about blockchain at home and abroad have been analysed in recent years,and the core technology principle of blockchain has been parsed.The application scenarios of blockchain were disscussed,such as financial services,credit management,tenure management,public network service and other fields.The existing problems in various application fields were pointed out.Some opinions on the development and application of blockchain were put forward,dedicated to blockchain and hoped to do contribution for the research about blockchain and its applications.

Papers

Analysis of different anti-interference system models based on discrete time Markov chain

Quan REN,Lei HE,Jiangxing WU

2018, 4(4):  30-37.  doi:10.11959/j.issn.2096-109x.2018035

Asbtract ( 2053 )   HTML ( 15)   PDF (697KB) ( 1639 )   Knowledge map   

Figures and Tables | References | Related Articles | Metrics

Block chain,dissimilar redundancy and mimic defense technology have developed rapidly in different security fields of cyberspace.However,there is a lack of effective models to describe and analyze these three kinds of innovative technologies currently.The DTMC (discrete time Markov chain) was used to model and analyze the anti-interference of the three kinds of systems.The results show that mimic defense system which adopts dynamic heterogeneous redundancy architecture and negative feedback control mechanism can ensure the high availability of the system.The block chain system uses high redundancy consensus mechanism to have a higher anti-interference performance than mimic defense system and dissimilar redundancy system in a certain time,but its performance will decrease quickly after that.With the increase of redundancy,the anti-interference performance of the dissimilar redundancy system will tend to the high redundancy block chain rapidly.Compared with block chain,the anti-interference performance falling of dissimilar redundancy system will be relatively slower.

Privacy protection system based on Hook for Android

Xiaoyan ZHU,Hui ZHANG,Jianfeng MA

2018, 4(4):  38-47.  doi:10.11959/j.issn.2096-109x.2018033

Asbtract ( 1300 )   HTML ( 32)   PDF (731KB) ( 2795 )   Knowledge map   

Figures and Tables | References | Related Articles | Metrics

A privacy protection system based on Hook technology was designed and implemented to address the problem of user privacy leakage caused by malicious applications in Android.The system consists of three modules:application classification module,privacy information management module and collusion attack management module.The application classification module constructs classification model by using permission feature vectors and then classifies mobile applications into malicious applications and normal applications.The privacy information management module hooks all privacy-related application programming interfaces (API) based on Hook technology and then intercepts malicious applications by returning false data or empty data.The collusion attack management module hooks all inter-application communication channels and then intercepts corresponding communication contents by using the permission rules of collusion attack.Finally,the proposed privacy protection scheme on Android virtual machine was implemented to prove and its feasibility and effectiveness were proved.In addition,the system can intercept application behaviors of breaching privacy in real time with less memory,which does not need to modify Android system and applications.

Host security threat analysis approach for network dynamic defense

Lixun LI,Bin ZHANG,Shuqin DONG

2018, 4(4):  48-55.  doi:10.11959/j.issn.2096-109x.2018031

Asbtract ( 1052 )   HTML ( 22)   PDF (621KB) ( 1736 )   Knowledge map   

Figures and Tables | References | Related Articles | Metrics

Calculating the host security threat in network dynamic defense (NDD) situation has to consider the vulnerabilities’ uncertainty because of dynamic mutation.Firstly,the vulnerabilities’ uncertainty caused by the mutation space and the mutation period was calculated by random sampling model,and combined with the CVSS,the attack success probability formula of single vulnerability was derived.Secondly,to avoid self-loop during the path searching process in multiple vulnerabilities situation,an improved recursive depth first algorithm which combined with node visited queue was proposed.Then,the host security threat was calculated based on attack success probability in the situation of multiple vulnerabilities and paths.Finally,approach’s availability and effectiveness were verified by an experiment conducted in a typical NDD situation.

Simple Matrix encryption scheme with variable ciphertext length

Zhong WANG,Yiliang HAN

2018, 4(4):  56-62.  doi:10.11959/j.issn.2096-109x.2018032

Asbtract ( 1128 )   HTML ( 6)   PDF (581KB) ( 1258 )   Knowledge map   

Figures and Tables | References | Related Articles | Metrics

Multivariable public key cryptography is one of the reliable candidates for anti-quantum cryptography.The Simple Matrix scheme is constructed using the operations between three matrices.An improved version of the Simple Matrix scheme was proposed.It is constructed by using two flat matrices with random quadratic polynomials,so that the rank attacks is infeasible for the new scheme,and the algebraic attacks breaks the system is at least as hard as solving a set of random quadratic equations.The new scheme will improve the proportion of ciphertext and plaintext to 2 times or more,break the fixed proportion of ciphertext and plaintext,so that it has a flexible proportion to adapt to different needs.

Design and application of blockchain pattern for credit information industry

Shuohang GUO, Ziqi SONG

2018, 4(4):  63-71.  doi:10.11959/j.issn.2096-109x.2018029

Asbtract ( 2456 )   HTML ( 34)   PDF (1285KB) ( 6218 )   Knowledge map   

Figures and Tables | References | Related Articles | Metrics

Based on the current status of Chinese credit information system,expounding the problems arising from the traditional credit information system structure,a credit system structure based on blockchain technology and two data transaction pattern and the technical framework of the credit data trading platform was proposed,It has the characteristics of decentralization,safe and credible,collective maintenance,and untampering.And the process of data transaction were expounded.To explore the advantage of application of blockchain in the credit and information industry:promote credit data sharing,improve the quality of supervision of the credit and information industry,ensure the privacy of the information subject,effectively improve the dimension of credit information.

Destruction strategy for disks based on AES encrypted storage

You YU,Yu FU,Xiaoping WU

2018, 4(4):  72-76.  doi:10.11959/j.issn.2096-109x.2018030

Asbtract ( 759 )   HTML ( 9)   PDF (457KB) ( 1562 )   Knowledge map   

Figures and Tables | References | Related Articles | Metrics

For the requirement of destroying sensitive data in the disk in emergency,combined with the AES encryption algorithm,a strategy of fast destruction of disks based on encrypted storage was proposed.The principle,method and basis of the strategy were discussed in detail.Through this strategy,sensitive data in the disk can be destroyed quickly,efficiently and safely.