Current Issue

15 October 2016, Volume 32 Issue 10

Previous Issue    Next Issue

Topic: terminal security based on Android system

Research status and outlook of Android security

Sihan QING

2016, 32(10):  2-14.  doi:10.11959/j.issn.1000-0801.2016256

Asbtract ( 613 )   HTML ( 27)   PDF (2645KB) ( 1386 )   Knowledge map   

Figures and Tables | References | Related Articles | Metrics

Currently, Android is the most popular operating system for smartphones. At the same time, its security situation is becoming increasingly serious. The following topics: the development course of Android version updates, the features of Android system, Android security mechanism, analysis of Android security risks, Android malware and attack, and the analysis and defense measures were covered. Finally, the current research status and progress, and the future research directions regarding Android security were addressed.

Android malware detection method based on combined algorithm

Hao CHEN,Sihan QING

2016, 32(10):  15-21.  doi:10.11959/j.issn.1000-0801.2016253

Asbtract ( 238 )   HTML ( 1)   PDF (2059KB) ( 497 )   Knowledge map   

Figures and Tables | References | Related Articles | Metrics

In order to solve the problems in applicability and usability of today's static malware detection method, a detection system was implemented by using the optimal classifier selected by a combined algorithm as the core. Firstly, the reverse engineering was used to extract the software feature, then the preliminary results of the classifier was got by multi-stage screening. A classifier evaluation was presented based on minimum risk Bayes. Using the new one as the core, the optimal classifier results was got by assignment. Finally, an Android malware detection system prototype was realized using the optimal results as the core. Experimental results show that the analysis accuracy of the proposed detection system was 86.4%, and does not depend on characteristics of the malicious code.

An obfuscate implementation for Android resources index table

Yang LIU,Weiping WEN

2016, 32(10):  22-26.  doi:10.11959/j.issn.1000-0801.2016252

Asbtract ( 272 )   HTML ( 1)   PDF (1794KB) ( 1105 )   Knowledge map   

Figures and Tables | References | Related Articles | Metrics

Android application has risks of reverse, rewrite and repackage. Obfuscate Android resources index table will increase the difficulty of reverse analysis attack. Resources index table records the strings information in Android App. Through analyzing the structure of resources index table, a new obfuscate method was proposed to achieve obfuscate resources index table and increase the difficulty of reverse Android application.

Research on Android security of broadcasting mechanism

Sihan QING

2016, 32(10):  27-35.  doi:10.11959/j.issn.1000-0801.2016255

Asbtract ( 275 )   HTML ( 5)   PDF (2036KB) ( 1347 )   Knowledge map   

Figures and Tables | References | Related Articles | Metrics

In recent years, there has been increased interest in the research of Android component security. Broadcast receiver is one of the 4 components in Android, strangely enough, few papers have been published regarding to its security. Android broadcasting mechanism, and its security framework and features based on this were analyzed. According to the security challenges of Android broadcasting mechanism, the corresponding countermeasures and solutions were proposed. Finally, a summary of the results and the future research directions were given.

Research and realization of the Trojan detection engine based on Android

Bin XIA,Feng QIU

2016, 32(10):  36-41.  doi:10.11959/j.issn.1000-0801.2016257

Asbtract ( 361 )   HTML ( 11)   PDF (2828KB) ( 480 )   Knowledge map   

Figures and Tables | References | Related Articles | Metrics

During recent years, Trojan viruses on Android systems have greatly evolved, and the frequent security breach of Android systems is rapidly becoming a great concern of contemporary cyber security. The study of Trojan virus detection on Android engine and the application of its outcome has become increasingly significant. A feature code detection algorithm called FCPA got the sourceDir of the known malicious APK files through calling system API. It uses hash algorithm to process these files in order to get the feature information of the files so that the eigenvalue could got which could identify Trojan uniquely. The feature code library was composed of these eigenvalues. The Trojan detection engine called TDE, with the assistance of this feature code library, would be able to take out a quick scan among the files in the cell phone and detect malicious programs in mobile applications. Finally, the designed Trojan detection engine provided a secure environment for the user of the phone.

A general attack model based on Android system vulnerability

Xihai DENG,Weimiao FENG,Luping MA,Ying LI

2016, 32(10):  42-49.  doi:10.11959/j.issn.1000-0801.2016254

Asbtract ( 505 )   HTML ( 13)   PDF (3438KB) ( 778 )   Knowledge map   

Figures and Tables | References | Related Articles | Metrics

Various kinds of vulnerabilities in Android system bring great threats to the platform. The vulnerability exploitation technology,the security of mobile operating systems and the security of Android ecosystem have become a research focus in both industry and academia. The exploitation of several typical system vulnerabilities was analyzed, a general model of Android system vulnerability exploitation was proposed, and a novel evaluation framework for the effectiveness of vulnerability exploitation was presented. The experiment result shows that the general model is able to accurately describe the process of hacker attacks using Android system vulnerabilities. Furthermore, the evaluation framework can assess the influence of system vulnerabilities on the security of Android ecosystem.

research and development

Digital and analog hybrid precoding technology combined with V-BLAST in multi-user massive MIMO system

Shuai ZHANG,Jinlong ZHAN,Man WANG,Minjie LI

2016, 32(10):  50-55.  doi:10.11959/j.issn.1000-0801.2016271

Asbtract ( 313 )   HTML ( 0)   PDF (2316KB) ( 562 )   Knowledge map   

Figures and Tables | References | Related Articles | Metrics

In the massive MIMO system, the only full digital baseband precoding（FD-BP）scheme（such as full complexity zero forcing）requires the same number of radio frequency（RF）chains as the number of antenna elements, which leads to extreme high hardware cost, the hybrid precoding can reduce the number of RF chain heavily and approach the performance of the FD-BP, so the hybrid precoding for massive MIMO is necessary and worth studying. The adaptive digital and analog hybrid precoding（AHP）can further reduce the hardware complexity compared with the conventional digital and analog hybrid precoding （conventional hybrid precoding）and which combined with V-BLAST can get the array gain and multiplexing gain simultaneously. Simulation results confirm the proposed scheme can obtain the higher spectral efficiency, the lower hardware complexity and more ideal BER performance.

Evaluation method of satellite navigation signal-in-space user range error

Ershen WANG,Qing ZHANG,Hong LEI,Tao PANG

2016, 32(10):  56-62.  doi:10.11959/j.issn.1000-0801.2016266

Asbtract ( 373 )   HTML ( 2)   PDF (2227KB) ( 1369 )   Knowledge map   

Figures and Tables | References | Related Articles | Metrics

Signal-in-space（SIS）accuracy is one of the basic performance of satellite navigation system, and the user range error（URE）of satellite is often used as the important indicator of SIS accuracy. Based on the orbit error and clock error, the SIS URE evaluation methods of GPS and BDS were discussed. And the SIS performance of GPS and BDS were evaluated by using the measured data. The results show that all the SIS URE of GPS satellites are better than 2.2 m. In addition, except GEO-01 and GEO-04, the SIS URE of other BeiDou satellites are better than 2.5 m. And it conforms the indicators of GPS standard positioning service performance standard （GPS SPS PS, 2008）and BDS open service performance standard（BDS OS PS, 1.0）.

Energy efficiency optimization method for multi-user simultaneous wireless information and power transfer

Chao CHEN,Cheng PENG,Shengli ZHOU,Bo PAN

2016, 32(10):  63-70.  doi:10.11959/j.issn.1000-0801.2016275

Asbtract ( 283 )   HTML ( 3)   PDF (1790KB) ( 646 )   Knowledge map   

Figures and Tables | References | Related Articles | Metrics

Joint transceiver design for achieving energy efficiency maximization was studied in multi-user downlink systems with simultaneous wireless information and power transfer. An improved Dinkelbach method was proposed. Specifically, the problem is converted to a series of subtraction form problems following the basic idea of Dinkelbach method. By introducing a set of auxiliary variables, the subtraction form problem is further equivalently cast as a weighted mean-square-error minimization problem, which is solved by using concave-convex procedure and second-order-cone programming（SOCP）. Simulation results validates the efficiency of the proposed method.

A robust cyclic-feature detection against noise uncertainty

Qiang CHEN,Ming JIN,Jingwen TONG

2016, 32(10):  71-76.  doi:10.11959/j.issn.1000-0801.2016211

Asbtract ( 201 )   HTML ( 0)   PDF (2102KB) ( 329 )   Knowledge map   

Figures and Tables | References | Related Articles | Metrics

The detection performance of cyclic-feature detection is much better than energy detection. However, noise uncertainty will degrade its performance severely. Aiming at this problem, a cyclic-feature detection method resisting to noise uncertainty was proposed. It was proved that the noise cyclic spectrum components at different cycle frequencies were independent and identically distributed in two-dimensional cyclic spectrum. Based on this, the noise distribution at the cycle peak was estimated using all values except the spectrum peak positions of licensed user signal, and decision threshold was obtained without noise power prior knowledge, so as to avoid the influence of noise uncertainties. Simulation results demonstrate that the performance of the proposed method is close to that of cyclic-feature detection method with known noise power.

Wireless indoor localization technology based on fingerprint algorithm

Mengdan ZHANG,Guangyue LU,Honggang WANG,Jiming LIU

2016, 32(10):  77-86.  doi:10.11959/j.issn.1000-0801.2016267

Asbtract ( 735 )   HTML ( 37)   PDF (3211KB) ( 1466 )   Knowledge map   

Figures and Tables | References | Related Articles | Metrics

As people's demand for location based service（LBS）is increasing, indoor localization has gradually becomes a hot research topic in the field of user location. And the fingerprint orientation is very much popular among most of the researchers, not only because it has high positioning accuracy and strong universality, but also because it doesn't need additional equipment. Firstly, the positioning principle of various kinds of main stream indoor location fingerprint positioning technology was summarized. Then the principle of the existing indoor localization algorithm and its developing condition at present were summarized. Finally, by setting up buildings channel test scenes, all kinds of typical indoor localization algorithm are testified, validated, compared and analyzed. The reference was provided for researchers and people who is researching on indoor location technology.

Cooperative spectrum sensing scheme against SSDF attack based on ESD test in radio network

Lichun XIE,Chunqin ZHANG

2016, 32(10):  87-93.  doi:10.11959/j.issn.1000-0801.2016236

Asbtract ( 252 )   HTML ( 0)   PDF (2145KB) ( 337 )   Knowledge map   

Figures and Tables | References | Related Articles | Metrics

Aiming at the problem that the cooperative spectrum sensing vulnerable to falsify data attacks in cognitive radio network, a cooperative spectrum sensing scheme with against SSDF attack based on test statistic and extreme studentized deviate test was proposed. Firstly, the differential evolution algorithm and weighted gain combining soft decision scheme were combined to form an efficient node decision fusion mechanism. Then, the fault cognitive radio nodes were eliminated by test statistic according to soft statistics data. Finally, the malicious cognitive radio nodes were eliminated by improved ESD test, so as to make a global decision. The simulation results show that the proposed scheme can effectively filter SSDF attack data in cooperative sensing, and it has lower error detection rate.

Distributed real-time localization algorithm based on sparse observation and asynchronous transmission in WSN

Yong MA,Yuchun LIU

2016, 32(10):  94-100.  doi:10.11959/j.issn.1000-0801.2016237

Asbtract ( 222 )   HTML ( 0)   PDF (2044KB) ( 647 )   Knowledge map   

Figures and Tables | References | Related Articles | Metrics

For the issues that the existing centralized multi-dimensional scaling（MDS-MAP）localization algorithms in wireless sensor network （WSN）have localization accuracy and distributed problem, a distributed real-time localization algorithm based on sparse observation and asynchronous transmission in WSN was proposed. Firstly, the sparse observation mechanism was fused into the traditional MDS-MAP algorithm to make it better conform to the actual observation scene. Then an asynchronous transmission sequence was used to enable the nodes can distribute computing distance and obtain the position estimation. Finally, the estimation error was reduced by an elaboration operation, and the precise positioning of the node was realized. The experimental results show that this algorithm has high positioning accuracy.

Counting workflow satisfiability with exclusion constraints based on backtracking tree-decomposition

Zhinian ZHAI,Weixiang WANG,Yahui LU,Mingwei WU,Zhijun ZHENG,Fahong YU

2016, 32(10):  101-109.  doi:10.11959/j.issn.1000-0801.2016260

Asbtract ( 203 )   HTML ( 0)   PDF (2647KB) ( 390 )   Knowledge map   

Figures and Tables | References | Related Articles | Metrics

Workflow satisfiability（WS）concerns the issue of resource allocation under some access control policies. Counting all its solutions is advantaged to verify the robustness of a workflow to resource exceptions. The counting problem of WS with only exclusion constraints was addressed. The classic backtracking tree-decomposition method was employed to solve #WS（≠）via a polynomial-time counting reduction to a counting constraint satisfiability problem. Experiments show that, the proposed optimized algorithm declined in running time, and has well synthetical performance for workflows with low-density constraints compared to the existing #WS（≠）algorithms.

A novel improved flooding algorithm for DSR protocol in MANET

Peili CONG,Heng ZHAO

2016, 32(10):  110-116.  doi:10.11959/j.issn.1000-0801.2016262

Asbtract ( 322 )   HTML ( 3)   PDF (1902KB) ( 566 )   Knowledge map   

Figures and Tables | References | Related Articles | Metrics

In mobile Ad Hoc network（MANET）,based on the geographical location of mobile nodes,a novel improved location- based flooding algorithm（ILFA）was proposed, which controlled network traffic effectively by rebroadcast routing packets according to geographical location. In additional, ILFA was also applied in the traditional dynamic source routing（DSR）protocol, which restricted the search range of routing discovery according to define request area and expected area, and then limited the RREQ rebroadcast range by assigning a nominated neighbors to rebroadcast RREQ （NNRR）list, in order to eliminate the number of rebroadcast RREQ of DSR. The simulation results demonstrate that, compared to the traditional flooding algorithm, ILFA can reduce the network overhead and improve the network throughput efficiently.

Web services composition algorithm based on the location of backup service and probabilistic QoS model

Hua WEN

2016, 32(10):  116-125.  doi:10.11959/j.issn.1000-0801.2016249

Asbtract ( 184 )   HTML ( 0)   PDF (2112KB) ( 288 )   Knowledge map   

Figures and Tables | References | Related Articles | Metrics

In the process of increasing the number of work-flow services, as the potential cost of the initial planning is high, and the reliability of many service composition algorithms is not enough. A service composition algorithm based on the location of backup service and probabilistic quality-of-service（QoS）model was proposed. A service cluster based QoS optimization selection for each service was computed which contained a sufficient number of backup services. The location of backup service was considered to be evaluated at failure of a single point. Because the backup service was distributed evenly, the occurrence of the failure of the task was presented. For the service selection problem, an improved multiple objective optimization（MOO）algorithm was adopted to calculate the feasible solution set using clustering and QoS model. JMETAL 3.1 framework was used to assess the returns of the backup service location and the reliability of the algorithms. The results show that compared to other MOO algorithms, the proposed algorithm is more reliable and the gain from the backup service position is higher.

Fuzzy intrusion detection system for MANET packet dropping attack

Tingting LU,Xu HAN

2016, 32(10):  124-129.  doi:10.11959/j.issn.1000-0801.2016263

Asbtract ( 233 )   HTML ( 0)   PDF (1814KB) ( 505 )   Knowledge map   

Figures and Tables | References | Related Articles | Metrics

For further detecting the packet dropping attack action, a fuzzy intrusion abnormity-based detection system（FIADS）was proposed. Based on Sugeno-type fuzzy inference system, FIADS detected the attack actions of each node by a distributed manner, and then moved these malicious nodes out of MANET to improve the frequency spectrum resource of MANET. Finally, fuzzy rules base was made to analyze FIADS, and comparison between FIADS and the traditional IDES was made. The simulation results show that, compared with IDES, FIADS can effectively detect the packet dropping attack action, and owns a higher detection efficiency.

Operating technology wide-angle

Big data exchange based on information chain

Nan LIU,Jinwu WEI,Lu LIU

2016, 32(10):  130-136.  doi:10.11959/j.issn.1000-0801.2016270

Asbtract ( 347 )   HTML ( 9)   PDF (2413KB) ( 1157 )   Knowledge map   

Figures and Tables | References | Related Articles | Metrics

The flow and sharing of data is the foundation of the development of big data industry. However, facing with the specification of data itself and many problems that data trading modes have, the development of data flow and sharing moves slowly. Based on the block chain technology, a new decentralized data exchange platform was designed, which would secure the legal rights of data providers and realize the goal of safe circulation between the only mutual parties of the data exchange, strengthen the regulation and monitoring of flows data.

Deployment and implementation of dynamic network policy in SDN

Ligang DONG,Bohan HE,Tijie XU,Shuocheng FEI,Weiming WANG

2016, 32(10):  137-149.  doi:10.11959/j.issn.1000-0801.2016273

Asbtract ( 314 )   HTML ( 4)   PDF (9340KB) ( 508 )   Knowledge map   

Figures and Tables | References | Related Articles | Metrics

Software defined networking（SDN）provides a new solution for management requirements of the future network. Based on dynamic service function chain as the creation model of service function, advanced network programming language as a service deployment tools, and combined with virtual network mapping theory, a deployment scheme which could take services to policies, and take controllers to network nodes was designed. Based on the three-layer structure of the SDN, a dynamic policy management system was proposed. It can implement self-adaption deployment of network service, which based on the feedback information of the network state. Besides, it can detect network policy conflicts on the network note and choose different ways of combination to avoid policy conflicts. Finally, the complete deployment process of the dynamic policy management system was verified through some experiments.

LTE multi-user downlink throughput performance modeling and analysis

Zhicheng WEN

2016, 32(10):  150-156.  doi:10.11959/j.issn.1000-0801.2016265

Asbtract ( 325 )   HTML ( 7)   PDF (1714KB) ( 1569 )   Knowledge map   

Figures and Tables | References | Related Articles | Metrics

Aiming at LTE multi-user downlink throughput, it was analyzed that from time domain and frequency domain of LTE resources, user location, UE category and downlink MIMO modes, also combined with the characteristics, influencing factors, action processes of time-domain and frequency-domain scheduling algorithms under multi-user conditions. The multi-user downlink throughput analysis and estimation model was then built based on this, and the model was used to analyze a real example. It would be beneficial for LTE performance optimization.

Study on end-to-end QoS parameters of TDD-LTE about the services of mobile internet

Zengyi LIU,Shanshan QU,Hong ZHANG

2016, 32(10):  157-164.  doi:10.11959/j.issn.1000-0801.2016261

Asbtract ( 324 )   HTML ( 3)   PDF (2414KB) ( 606 )   Knowledge map   

Figures and Tables | References | Related Articles | Metrics

Aiming at the high bandwidth and service quality demand of wireless access network because of rapid development of mobile internet, the common mobile internet services were analyzed. According to the service characteristic, the 3GPP network protocol specification and the local TDD-LTE network structure which had been deployed, an end-to-end QoS setup model was proposed and QoS parameter deployment verification was performed on a commercial network. The experimental results show that in the resource-consuming scene, the peak user amount of single TDD-LTE cell are increasing by 253.92%; in the real bandwidth-congesting scene, the peak user amount are increasing by 81.80%. The results of the study have good application and popularization.

Analysis of instructions virtual machine vulnerabilities in anti-virus software

Yijun WANG

2016, 32(10):  165-174.  doi:10.11959/j.issn.1000-0801.2016274

Asbtract ( 293 )   HTML ( 3)   PDF (8801KB) ( 355 )   Knowledge map   

Figures and Tables | References | Related Articles | Metrics

Instructions virtual machine technology is one of the core technologies used in today's anti-virus field, the vast majority of anti-virus software scan engines use virtualization technology to analyze file and to revert the behavior of this program whether will be a threat to system security or not. According to this process behavioral characteristics, it is determined whether it is a virus or Trojan. Aiming at features of the virtual machine in anti-virus software, the difference between virtual environments and real environment were researched.Based on in-depth analysis of the virtual machine technology and the essential characteristics of a computer virus and Trojan, theory and practice of research were combined and the analysis of virtual machine instructions vulnerability in current anti-virus software was given.

Real time database system data security collection scheme

Zhenyang SHANG,Ruixian YANG

2016, 32(10):  175-180.  doi:10.11959/j.issn.1000-0801.2016276

Asbtract ( 211 )   HTML ( 0)   PDF (2036KB) ( 581 )   Knowledge map   

Figures and Tables | References | Related Articles | Metrics

With application status of the China Petroleum Refining and Chemicals run system MES（manufacturing execution system）in subordinate enterprises as well as the data acquisition interface program in real-time database module, the security risks such as virus, attacks and illegal invasions in production unit automatic control system （DCS, PLC）because of the “two-network integration”were analyzed. Finally, referring to some of the existing domestic industrial insulation products, a complete, viable and secure solution, which has a high reference value for the implementation of petrochemical enterprises MES system real-time database module was proposed.