Please wait a minute...

Current Issue

    25 March 2009, Volume 30 Issue 3
    Previous Issue    Next Issue
    Academic paper
    Method to generate attack graphs for assessing the overall security of networks
    Da-peng MAN,Yuan ZHOU,Wu YANG,Yong-tian YANG
    2009, 30(3):  1-5.  doi:1000-436X(2009)03-0001-05
    Asbtract ( 0 )   HTML ( 0)   PDF (671KB) ( 433 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    In order to evaluate the overall security of networks,a new method for generating attack graphs was proposed.The method used breadth-first algorithm to search the dependence of network vulnerabilities.To solve the state explosion problem,the strategies that limited the number of attack steps and the reachability of state nodes were adopted in generating attack graphs.The experimental results show that the generated attack graphs can help security administrators to evaluate the overall security of networks,and the adopted optimization strategies are effective to remove redundant edges and nodes in attack graphs and decrease the system overhead during generating attack graphs.

    Non-interference trusted model based on processes
    Xing ZHANG,You-lei CHEN,Chang-xiang SHEN
    2009, 30(3):  6-11.  doi:1000-436X(2009)03-0006-06
    Asbtract ( 0 )   HTML ( 1)   PDF (660KB) ( 635 )   Knowledge map   
    References | Related Articles | Metrics

    A novel abstract model for the design of trusted computing platform system was proposed.By using the basic idea of non-interference theory as reference and introduces the reasoning method of process algebra,thus abstracting the system as processes,actions,states and outputs,and giving the formal definition of the trusted of process running.Process isolation trusted theorem was verified formally.Furthermore,by associating process with system state,the definition and the theorem of system running trusted was proposed.The model was established by logic reasoning and independent of special security mechanism and enforcement.The trust of the running system can be realized by any method which satisfies the conditions of the model.

    Model of coorperation defense DDoS attack based on client reputation
    Jun-feng TIAN,Hong-tao ZHU,Dong-dong SUN,Zhi-ming BI,Qian LIU
    2009, 30(3):  12-20.  doi:1000-436X(2009)03-0012-09
    Asbtract ( 0 )   HTML ( 0)   PDF (1653KB) ( 551 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    The CDDACR (cooperation defense DDoS attack based on client reputation) model was presented to detect and defend the DDoS attack.Two detection agents made up of the CDDACR model logically:the RDA which set up on the router and the SDA which set up on the server.RDA coarse-grained detected the traffic to filter out the obvious unauthorized clients’ traffic; SDA fine-grained detected the client’s traffic to identity the cunning attack and low-flow attack from the communication.Therefore,RDA and SDA together detected the client’s network status in realtime.The experimental results show the CDDACR model can detect and defend the DDoS attack in realtime,and reduce the probability of server be attacked when the network is on the abnormity.

    Hybrid-structured onion scheme against replay attack of MIX
    Jin-qiao SHI,Bin-xing FANG,Li GUO,Li-hong WANG
    2009, 30(3):  21-26.  doi:1000-436X(2009)03-0021-06
    Asbtract ( 0 )   HTML ( 0)   PDF (676KB) ( 616 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    Replay attack against MIX was studied and a hybrid-structured onion scheme of MIX against replay attack was proposed.In hybrid scheme,probabilistic encryption and semantic security of universal re-encryption were utilized to protect MIX against replay attack,and the authentication property of layered encryption was utilized to protect integrity of messages.Meanwhile,symmetric encryption was imported to improve efficiency.Analysis shows that the hybrid-structured onion scheme can resist replay attack with guarantee of security and efficiency.

    ID-based threshold decryption with non-reconstruction of the private key
    Bao-shan QIN,Yuan ZHOU
    2009, 30(3):  27-33.  doi:1000-436X(2009)03-0027-07
    Asbtract ( 0 )   HTML ( 0)   PDF (1309KB) ( 365 )   Knowledge map   
    References | Related Articles | Metrics

    An efficient ID-based encryption scheme called EPAwas constructed and proved in the sense of plaintext awareness.Then EPAwas modified to be a threshold ID-based threshold decryption scheme named ThEPA,which was featured by a property called non-reconstruction of the private key with it,a robust key escrow scheme based on ThEPAwas proposed.In ThEPA,the decryption key is distributed among n decryption servers,but a single private key could not be obtained even if securities of all these distributed servers are compromised.

    Distributed network management system with load balancing
    Yan-tao SUN,Fang-nan YANG,Zhi-qiang SHI
    2009, 30(3):  34-41.  doi:1000-436X(2009)03-0034-08
    Asbtract ( 0 )   HTML ( 0)   PDF (1073KB) ( 517 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    Based on the latest researches on physical topology,a distributed network management system named D-CBNMS with load balancing was proposed.Firstly,the system had very good scalability to extend the management scale by dynamically increase manage nodes.Secondly,it had the ability of fine-granularity load-balancing to adjust the load of management nodes.Thirdly,it had topology-awareness ability that allocates management tasks to the nearest management node,utilizing the detailed physical topology.D-CBNMS had been applied to the management of CBISNS (community broad-band integrated services network system),which was a total solution for CPN (customer premises network).Experiments show that D-CBNMS can reduce effectively the bandwidth occupied by management data.

    HitIct:Chinese corpus for the evaluation of lossless compression algorithms
    Wei-ling CHANG,Xiao-chun YUN,Bin-xing FANG,Shu-peng WANG
    2009, 30(3):  42-47.  doi:1000-436X(2009)03-0042-06
    Asbtract ( 0 )   HTML ( 0)   PDF (496KB) ( 1000 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    HitIct,a Chinese corpus for the evaluation of lossless compression algorithms based on ANSI code,was proposed.In accordance with the principle of application representativeness,Complementary principle and openness principle,a large number of candidate files were obtained from the Internet,and then average compression ratio,average correlation coefficient,compression ratio correlation coefficient and standard deviation were used to select the files that give the most accurate indication of the overall performance of compression algorithms.Experimental results show that this collection has a good representativeness and stability,and can be used as the supplementary test set of the main benchmark for comparing compression methods.

    Adaptive multiple-modalities data compression algorithm using wavelet for wireless sensor networks
    Tie-jun ZHU,Ya-ping LIN,Si-wang ZHOU,Xiao-long XU
    2009, 30(3):  48-53.  doi:1000-436X(2009)03-0048-06
    Asbtract ( 0 )   HTML ( 0)   PDF (1100KB) ( 22 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    Wireless sensor networks usually have limited resources,such as energy,bandwidth and processing and so on.And they can’t match the transmission of a large number of data.So,it is necessary to perform in-network compression of the raw data sampled by sensors.The data sensor node collected normally have multiple-modalities pertinence.Multiple-modalities pertinence refers to the different types of data which the same node sampled have some correlation.A adaptive multiple-modalities data compression algorithm using wavelet was designed.In a given threshold of the correlation,the data can be adaptive classified using this algorithm.the relevant data can be estimated using the least square estimation.The characteristics data are abstracted as a matrix,then can be exploited the spatial and temporal corrections using wavelet transform.Theoretically and experimentally,the proposed algorithm can effectively exploit the correlation of the data,the compression ratio of the algorithm has improved.Effectively,it can provide a significant reduction in energy consumption.

    Multi-channel recovery data flow parallel transmission and control method
    Bing ZHANG,Zheng-tian LU,Tao LI
    2009, 30(3):  54-58.  doi:1000-436X(2009)03-0054-05
    Asbtract ( 0 )   HTML ( 0)   PDF (579KB) ( 202 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    In order to shorten the time for disaster recovery,a multi-channel recovery data flow parallel transmission and control (MRPTC)method was presented.First,the connections between the server to be recovered and the several standby servers were established,the difference comparison between the current damaged data and the original intact data(the backup data) was completed,the differences were obtained.Then the different parts of the differences were dynamically downloaded from the standby servers in the parallel mode,these parts were united locally,the whole data was finally obtained,and the fast disaster recovery of the data was achieved.The theoretical analysis and the experiment results show that the proposed method has the features of multi-point collaborative difference recovery,high recovery speed,full bandwidth utilization,and low network requirement.Therefore,this method is a new good approach of fast disaster recovery.

    Multi-level feedback based time synchronization algorithm for wireless sensor networks
    Wei HUANGFU,Xin-yun ZHOU,Can-feng CHEN
    2009, 30(3):  59-65.  doi:1000-436X(2009)03-0059-07
    Asbtract ( 0 )   HTML ( 0)   PDF (1130KB) ( 238 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    Aiming at the fast and efficient time synchronization protocol for the wireless sensor networks under resource constraints,a novel feedback-based full-scale time synchronization (FTS) algorithm was proposed.The basic idea of FTS is to execute iteratively time synchronization downlink operations on all the nodes of the wireless sensor network and collect the two-way path delay information from only a part of nodes to calculate the average delay adjustment per hop.The stochastically feedback scheme is adopted to reduce the uplink packets.The FTS algorithm also consists of the mechanisms of synchronization error monitoring and clock skew correction.The FTS was implemented on the popular TelosB sensor nodes from UC Berkeley.The experiments show that FTS is a fast,resource-efficient algorithm with rational synchronization precision.

    Measurement and modeling of the peer-to-peer sharing objects popularity
    Zhen-bin GUO,Zheng-ding QIU
    2009, 30(3):  66-74.  doi:1000-436X(2009)03-0066-09
    Asbtract ( 0 )   HTML ( 0)   PDF (1063KB) ( 533 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    A detailed study on the BitTorrent sharing objects popularity was presented.The objects-sharing popularity and objects-downloading popularity of four BitTorrent trackers was measured and modeled by means of actively probing the tracker server,and the model was tested by X2fitting test.The experiment results indicate that the peer-to-peer sharing objects popularity is very unbalanced,that is,there are almost 60% of total share copies for the most 20% popular objects and there are above 60% of total downloads for the most 10% popular objects.Moreover,the experiment results also indicate that the objects-sharing popularity can be well modeled by Zipf distribution and perfectly modeled by Zipf-Mandelbrot distribution,and that the objects-downloading popularity can not be modeled by Zipf distribution and can be perfectly modeled by Zipf-Mandelbrot distribution.

    Research on a stable clustering algorithm based on the optimal connectivity power for wireless sensor networks
    Fang-min LI,Xin-hua LIU,Hai-lan KUANG,Yi-lin FANG
    2009, 30(3):  75-83.  doi:1000-436X(2009)03-0075-09
    Asbtract ( 0 )   HTML ( 1)   PDF (2388KB) ( 21 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    In realistic environment,the actual layout of nodes is easy to make network separated and nodes are always densely deployed in hot spots like the site of an accident or disaster where the competition intense was very high.A stable clustering algorithm based on the optimal connectivity power for wireless sensor networks was proposed.The algorithm makes use of the alterable power control technology to raise the channel utilization ratio and network throughput based on the optimal number of neighbors,and realizes the stable connectivity and clustering of network.The algorithm simplifies the topology of network so that prolong the network lifetime at the best.The simulation results show that the algorithm maintains the connectivity and stability of network effectively,and has good auto-adapted ability to environment and obvious effects in the promotion of whole performance of network.

    Study on performance optimization for Chinese speech retrieval
    Tie-ran ZHENG,Ji-qing HAN,Hai-yang LI
    2009, 30(3):  84-88.  doi:1000-436X(2009)03-0084-05
    Asbtract ( 0 )   HTML ( 0)   PDF (628KB) ( 331 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    A new unit,named word fragment of language model was proposed to take full advantage of the Chinese linguistic information among adjacent syllables,and an algorithm for word fragment selection was studied.The experimental results show,with the language model based on word fragment,syllable accuracy for recognizer is improved and the speech retrieval system gives better performance than the one with only syllable based model.

    Novel decoding of convolutional codes for OCDMA system
    Hai-xian ZHOU,Guo-liang XU,Wei YAO
    2009, 30(3):  89-92.  doi:1000-436X(2009)03-0089-04
    Asbtract ( 0 )   HTML ( 0)   PDF (537KB) ( 151 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    The characteristics of optical code division multiple access (OCDMA) and convolutional codes were introduced.Based on the tunnel model of OCDMA with its multiple access interference (MAI),and according to its characteristics,a novel decoding of convolutional codes was proposed.Compared with the primary decoding,viterbi algorithm,the error robustness and rate of proposed decoding was studied.The analysis shows that this novel decoding can improve the error robustness capability of convolutional codes.It also can reduce the procedures in picking up the trellis when decreasing the decoding complexity and raising the decoding rate.

    Block data hiding based on the standard array of linear block codes
    Bao-jian GAO,Wei WANG,Jun WANG
    2009, 30(3):  93-98.  doi:1000-436X(2009)03-0093-06
    Asbtract ( 0 )   HTML ( 0)   PDF (646KB) ( 609 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    A novel method of block data hiding was proposed,in which (n?k) bits data were embedded in the host data of n bits according to the relationship between coset leaders and syndrome of (n,k,d) linear block codes,the parity-check matrix H of the code was used as the key to embed and extract data,and blindly extract the secret data being realized through the computation of syndrome.The results show that any (n,k,d) linear block code can make up a corresponding data-hiding scheme.The best of the schemes is the one based on prime linear block codes and its performance is better than traditional method of data embedding bit by bit.

    Technical Report
    Channel compensation of speaker identification based on maximum a posteriori
    Rong-chun GAO,Ji-qing HAN,Lei ZHANG
    2009, 30(3):  99-103.  doi:1000-436X(2009)03-0099-05
    Asbtract ( 0 )   HTML ( 0)   PDF (580KB) ( 166 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    To solve the effect of channel changes on the performance of speaker identification system,apply the method of maximum a posteriori to specific channel compensation.First,setup a standard channel,then,use the distribution of deviation of other channel and standard channel as experience knowledge,and obtain the deviation of current channel by a few adaptive data,use these deviations to adjust the characteristic to gain the goal of compensation.The results show that adaptive data in 1s,it has a discrimination of 89.1%,above the method of cepstrum average reduction by 4.2%,with the increasing of self-adaptive,the performance of this system can be improved.

    Stability module of path compression for on-demand ad hoc routing
    Jia XU,Zhi LI,Yao ZHOU,Feng-yu LIU
    2009, 30(3):  104-111.  doi:1000-436X(2009)03-0104-08
    Asbtract ( 0 )   HTML ( 0)   PDF (1837KB) ( 155 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    The dynamic,real-time stable compression period probabilistically based on dynamic path compression model was calculated.A stability module of path compression techniques (SMPC) was proposed which could restrain the blindness for path compression efficiently and improve the stability of routes,by using based on GPS and SMPC-MS based on the compression coverage to lessens the ephemeral short-cuts and multiple short-cuts.The simulation results show that the path compression techniques by SMPC achieve low control overhead and end-to-end delay compared with both AODV and PCA.It is a generic and efficient stability module of path compression techniques for on-demand ad hoc routing.

    Novel hybrid OVSF-TH-UWB communication system
    Fan-zi ZENG,Ying-ying TUO,Juan LUO,Ren-fa LI
    2009, 30(3):  112-118.  doi:1000-436X(2009)03-0112-07
    Asbtract ( 0 )   HTML ( 0)   PDF (1691KB) ( 273 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    A hybrid OVSF-TH-UWB based OVSF-code was proposed,and a corresponding correlation mask was designed.Both performance analysis and simulation results prove that OVSF-TH-UWB system can effectively reduce the multi-users-interference and Gaussian noise interference,and its performance is better than those of 2PPM-TH and DS-UWB system.

    Multi-pattern matching algorithm based on heterogeneous implicit storage
    Zhi-dong LI,Wu YANG,Ru-bo ZHANG,Wei WANG
    2009, 30(3):  119-124.  doi:1000-436X(2009)03-0119-06
    Asbtract ( 0 )   HTML ( 0)   PDF (1050KB) ( 289 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    A variation of Aho-Corasick algorithm via compact storage was presented,which replaced homogeneous routine explicit storage with heterogeneous requirement oriented implicit one,first started from two aspects of widthwise fan-out compression and lengthwise path compression,then expanded around the compression of sparse event table,thus reduced memory usage to about 0.69% of original one when alphabet size σ=256,0.004% when σ=64K,and space complexity approximate (lbσ)/σ of origin.According to different degrees of fan-out,four kinds of specific fast event location methods were adopted,plus optimized failure transitions,led to the fact that the dramatic reduction of memory usage isn’t at the cost of obvious loss of speed,which was also proved by experiments.It’s suitable to be applied in the cases that need holding mass set of longer patterns and are sensitive to delay and jitter(for example,online data stream filtering),and presents distinguished superiority in wide-character(such as Asian character of UNICODE type) matching.

    Short essay
    Analysis for e-commerce protocols based on ProVerif
    Yun-chuan GUO,Li DING,Yuan ZHOU,Li GUO
    2009, 30(3):  125-129.  doi:1000-436X(2009)03-0125-05
    Asbtract ( 0 )   HTML ( 0)   PDF (580KB) ( 500 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    It was very important to analyze e-commerce protocols by formal methods.A technique for modeling the fair-change e-commerce protocol (FEEP) with automated dispute resolution and for verifying its property was proposed.First,FEEP was modeled in applied pi-calculus and a novel formalization of the fairness was provided in term of a correspondence property.Then,ProVerif,proposed by Juels,Catalano and Jakobsson,was adopted to analyze FEEP automatically.The results show that:it is feasible to formalize the fairness based on a correspondence property; ProVerif can be used to verify the property that before event A happened,event B had happened,but it is not applicable to analyze the property that after event A happened,event B would happen.

    Lite-CA based key pre-distribution scheme in wireless sensor network
    Yun PAN,Li-cheng WANG,Zhen-fu CAO,Jian LI
    2009, 30(3):  130-134.  doi:1000-436X(2009)03-0130-05
    Asbtract ( 0 )   HTML ( 2)   PDF (563KB) ( 639 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    Large-scale sensor nodes were usually deployed in potentially adverse or even hostile environment,so the security in these networks was very important.Due to its constraints on node cost,size and power dissipation,sensor’s energy and capabilities on computation,storage and communication were considerably weak compared with general computers.It leaded to many new challenges for designing of key management protocols in WSN.Therefore,a lite-CA based key pre-distribution scheme was suggested.The traits of CA-based authentication framework and identity-based authentication framework were combined by this scheme.Further,the scheme was efficiently implemented based on quadratic residue theory.

    Rapid video copy detection on compressed domain
    Yong-dong ZHANG,Dong-ming ZHANG,Jun-bo GUO,Sheng TANG
    2009, 30(3):  135-140.  doi:1000-436X(2009)03-0135-06
    Asbtract ( 0 )   HTML ( 0)   PDF (787KB) ( 636 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    To reduce the detection time efficiency under large scale data environment,a rapid algorithm was proposed on compressed domain using a two-level hierarchical detection scheme.The ordinal measures of DCT coefficients were adopted as visual features for similarity-matching in order to reduce the computational load in video decoding.Inverted indexing structure was used to accelerate the first level detection process.The experiment results show,compared with the previous algorithm,the algorithm can improve the detection speed obviously with the similar detection precision.

Copyright Information
Authorized by: China Association for Science and Technology
Sponsored by: China Institute of Communications
Editor-in-Chief: Zhang Ping
Associate Editor-in-Chief:
Zhang Yanchuan, Ma Jianfeng, Yang Zhen, Shen Lianfeng, Tao Xiaofeng, Liu Hualu
Editorial Director: Wu Nada, Zhao Li
Address: F2, Beiyang Chenguang Building, Shunbatiao No.1 Courtyard, Fengtai District, Beijing, China
Post: 100079
Tel: 010-53933889、53878169、
53859522、010-53878236
Email: xuebao@ptpress.com.cn
Email: txxb@bjxintong.com.cn
ISSN 1000-436X
CN 11-2102/TN
Links
More...
Visited
Total visitors:
Visitors of today:
Now online:
Copyright of website © 2021 Journal on Communications
Address: F2, Beiyang Chenguang Building, Shunbatiao No.1 Courtyard, Fengtai District, Beijing, China   Post: 100079
Tel: 010-53933889、53878169、53859522、53878236   Email: xuebao@ptpress.com.cn; txxb@bjxintong.com.cn