Please wait a minute...

����Ŀ¼

    15 April 2021, Volume 7 Issue 2
    Previous Issue    Next Issue
    Perspective
    Research on the cultivation of cyber security talents under the perspective of double tops based on Jiangsu province
    Fu XIAO, Haiping HUANG, Sujun HU, Lijuan SUN
    2021, 7(2):  1-9.  doi:10.11959/j.issn.2096-109x.2021031
    Asbtract ( 275 )   HTML ( 72)   PDF (979KB) ( 231 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    Facing the opportunities and challenges in developing the cultivation of cyber security talents in the new security situation, a questionnaire survey on the undergraduate colleges of Jiangsu province, offering network security related majors, is conducted first.Next, multidimensional analysis and comparative study involve eight aspects, such as the distribution scale, the cultivation level, and the curriculum system.Finally, explorations on four aspects, including guarantees of politics, the teaching staff, society, and funds, lead to effective paths on the cultivation of cyber security talents for Jiangsu province under the environment of double tops.

    Comprehensive Reviews
    Survey of community privacy in social network
    Zhongyuan JIANG, Xianyu CHEN, Jianfeng MA
    2021, 7(2):  10-21.  doi:10.11959/j.issn.2096-109x.2021021
    Asbtract ( 451 )   HTML ( 79)   PDF (1419KB) ( 493 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    Community is an important feature of social network and the development of community detection technology brings the danger of privacy disclosure to network users.How to protect sensitive community information from being leaked and ensure the security of users and communities has become a research hotspot in the field of network security.In recent years, community privacy protection technology has made initial progress, but there is a few survey on the research of community privacy or community security in social networks, and it may limit the potential and long-term development of this research topic.The research on the privacy of community structure was mainly reviewed and the related works on community security were classified, summarized, compared.The hot issues of community security in the future were proposed.

    Survey on open source edge computing platforms
    Dier GU, Hua LU, Renchao XIE, Tao HUANG
    2021, 7(2):  22-34.  doi:10.11959/j.issn.2096-109x.2021020
    Asbtract ( 656 )   HTML ( 91)   PDF (6383KB) ( 1146 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    Firstly, the basic concept of edge computing (EC) and its current state of research were introduced.Moreover, the design requirements of edge computing platforms from multiple perspectives were discussed.Then, four typical open source platforms were presented in detail, and their similarities and differences in terms of application areas, deployment methods were analyzed.Later, with regard to two typical use cases, their installations and advantages were summarized and analyzed.Finally, key challenges such as the cooperation among edge computing platforms, security and standardization were discussed.

    Topic: Integrated Circuit Hardware Security
    Design and detection of hardware Trojan based on satisfiability don't cares
    Lingjuan WU, Jiacheng ZHU, Shibo TANG, Jing TAN, Wei HU
    2021, 7(2):  35-42.  doi:10.11959/j.issn.2096-109x.2021025
    Asbtract ( 276 )   HTML ( 47)   PDF (1393KB) ( 206 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    Hardware Trojans are intended malicious design modifications to integrated circuits, which can be used to launch powerful low-level attacks after being activated.A new security threat of lightweight stealthy hardware Trojans leveraging discrete satisfiability don't care signals was demonstrated.These don't care could not be satisfied under normal operation and thus the circuit design with Trojan is functionally equivalent to the Trojan-free baseline.The attacker could activate the Trojan through simple yet effective fault injection.Experimental results on a 1024-bit RSA cryptographic core show that the proposed hardware Trojan can escape from logic synthesis optimization, and that the RSA private key can be retrieved by simply over-clocking the design.A defense technique that can effectively detect such stealthy Trojan design was provided.

    Research on electromagnetic radiation based side-channel analysis method for hardware Trojan detection
    Yongkang TANG, Xing HU, Ting SU, Shaoqing LI
    2021, 7(2):  43-56.  doi:10.11959/j.issn.2096-109x.2021030
    Asbtract ( 215 )   HTML ( 30)   PDF (5505KB) ( 181 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    With the globalization of the integrated circuit industry, hardware Trojan is becoming the main threat to integrated circuits.At present, the side-channel analysis which can make a good trade-off between detection ability and cost, has attracted more attention from the academia.The side-channel analysis method based on electromagnetic radiation is one of the hotspots in hardware security field.The ability evaluation of electromagnetic radiation analysis method to detect hardware Trojan was focused, and the factor that limited their detection performance was explored.The experimental results on FPGA show that the electromagnetic radiation analysis method can effectively detect hardware Trojan whose electromagnetic radiation distribution is significantly different from surrounding circuits, but it cannot be applied to hardware Trojan with complex frequency distribution of electromagnetic radiation.

    Survey on model checking based hardware Trojan detection technology
    Qizhi ZHANG, Yiqiang ZHAO, Ya GAO, Haocheng MA
    2021, 7(2):  57-63.  doi:10.11959/j.issn.2096-109x.2021029
    Asbtract ( 315 )   HTML ( 40)   PDF (1330KB) ( 247 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    Hardware Trojan is malicious tampering to the original circuit, which has become the most important security threat of integrated circuit.In order to ensure the safety and reliability of ICs, many hardware Trojan detection methods are proposed.As one of the formal verification methods, model checking can effectively detect the hardware Trojan in the design phase.Firstly, the working principle and process of model checking were described.Secondly, the research progress of hardware Trojan detection technology based on model checking was introduced.Finally, the bottlenecks faced by the current technology were pointed out and the potential research direction was discussed.

    Compact software/hardware co-design and implementation method of Aigis-sig digital signature scheme
    Zhen ZHOU, Debiao HE, Min LUO, Li LI
    2021, 7(2):  64-76.  doi:10.11959/j.issn.2096-109x.2021026
    Asbtract ( 454 )   HTML ( 57)   PDF (1414KB) ( 451 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    Digital signature scheme Aigis-sig, constructed on ideal lattice, takes the advantages of high efficiency, short signature length and resistant to quantum attack, etc.An optimized modular multiplication arithmetic component was constructed and a compact hardware architecture for polynomial operation over a ring based on number theory transformation (NTT) algorithm for Aigis-sig was designed.Besides, based on this architecture, software/hardware co-design and implementation for Aigis-sig scheme on FPGA platform in cryptography was proposed.Experimental results show that the speed of signature phase and verification phase are increased by about 26% and 17% respectively, compared with the pure software implementation on Xilinx Zynq-7000 SoC platform when CPU clock frequency and hardware clock frequency are set as 666.66MHz and 150 MHz respectively.

    Key generation method based on reconfigurable intelligent surface in quasi-static scene
    Yinuo HAO, Liang JIN, Kaizhi HUANG, Shuaifang XIAO
    2021, 7(2):  77-85.  doi:10.11959/j.issn.2096-109x.2021027
    Asbtract ( 283 )   HTML ( 35)   PDF (1411KB) ( 212 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    Aiming at the problems of slow channel changes and low key generation rate in IoT quasi-static scenarios, a key generation method based on reconfigurable intelligent surface (RIS) was proposed.First, the agility characteristics of RIS was used to construct a fast-changing channel.Then, the base station and legitimate users extracted a consistent key from the channel information through channel estimation, conversion, and information negotiation.Finally, optimal time allocation for data transmission and key generation in the coherent time to achieve the maximum transmission rate of one-time pad.The simulation results show that the key generation rate of proposed method is higher than that of the existing relay-assisted method, random signal flow method and random number method, and as the number of RIS reflection units and frequency of channel estimation in the coherence time increase, the key generation rate will be further improve.

    Novel level shifter based physical unclonable function circuit design
    Lijuan HAN, Lei QIAN, Enyi YAO, Xin LOU, Yuan CAO, Yanhua LIU
    2021, 7(2):  86-93.  doi:10.11959/j.issn.2096-109x.2021024
    Asbtract ( 269 )   HTML ( 24)   PDF (1322KB) ( 229 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    Level shifters are widely used in low-power, multi-threshold integrated circuit chips.A novel physical unclonable function (PUF) design based on cross-coupled level shifter was proposed.In this work, a single switching transistor was inserted in the level shifter, which was the only overhead per response bit to change the operation mode of the cross-coupled level shifter from differential to common.The signature of the PUF was extracted while in common mode, by exploiting the uncertainty of the output voltage due to the difference of the switching time of the two PMOS in the cross-coupled network.Simulated with a standard 65 nm CMOS process, the results show the proposed PUF can produce a uniqueness of 49.11% and a reliability of 96.09% with the power supply voltage ranged from 1.0 V to 1.5 V and 95.31% with the temperature ranged from -20 ℃ to 100 ℃.The energy per bit is only 0.72 pJ at a high throughput of 20 Mbit/s (1.2 V, 27 ℃).

    Novel hybrid strong and weak PUF design based on FPGA
    Jiana LIAN, Pengjun WANG, Gang LI, Xuejiao MA, Guanbao ZHAI
    2021, 7(2):  94-103.  doi:10.11959/j.issn.2096-109x.2021028
    Asbtract ( 401 )   HTML ( 43)   PDF (6206KB) ( 296 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    Physically unclonable function (PUF) can produce intrinsic keys with characteristics of randomness, uniqueness and tamper-proof by exploiting the process deviations which can not be avoided in the chip manufacturing process.A novel hybrid strong and weak PUF (SWPUF) circuit design based on field-programmable gate array(FPGA) was proposed after the investigation of the PUF circuit structures and principles.To address the limitation of designing strong-PUF and weak-PUF discretely, SWPUF could be configured into two topologies conveniently depending on the Hamming Weight (HW) of the challenges.In addition, the statistical characteristics of the responses could be further improved by a XOR-decorrelation technique.The proposed SWPUF was implemented on a Xilinx Artix-7 FPGA (28nm technology), and a self-built test platform was set up by using Matlab and MicroBlaze microcontroller.Experimental results show that the SWPUF has good performances of randomness (96.98%), uniqueness (99.64%) and reliability (96.6%).Logic register analysis also shows that the SWPUF has a better anti-attack capability than the traditional Arbiter-PUF in the case of with small HW, and can be used in the information security, such as key storage (especially to weak PUF) and device authentication (especially to strong PUF).

    Papers
    Differential fault attack on LiCi cipher
    Weijian CHEN, Haoxiang LUO
    2021, 7(2):  104-109.  doi:10.11959/j.issn.2096-109x.2021033
    Asbtract ( 215 )   HTML ( 22)   PDF (1016KB) ( 308 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    LiCi lightweight block cipher is a new algorithm proposed in 2017.With advantages of small structure and low energy consumption, LiCi is more suitable for resource-constrained environments such as the internet of things (IoT).In the design document of LiCi, the ability of LiCi algorithm to resist differential attack and linear attack is analyzed, but the resistance of LiCi algorithm to differential fault attack has not been discussed.According to the permutation law of each round iteration of LiCi algorithm, 32-bit key can be recovered by injecting a single bit fault into the left half of the 31st round iteration combined with its differential property.According to the key choreography scheme of the LiCi algorithm, the same differential fault attack was performed on iterations 30th, 29th, 28th, 27th and 26th round to recover all the original keys.The attack requires a total of 48-bit faults, and the computational complexity is 232, which indicates the LiCi algorithm is difficult to resist differential fault attacks.

    Method for constructing function correspondence between firmware based on candidate function group
    Ruiqing XIAO, Yuefei ZHU, Shengli LIU, Bin LU
    2021, 7(2):  110-125.  doi:10.11959/j.issn.2096-109x.2021018
    Asbtract ( 180 )   HTML ( 21)   PDF (1806KB) ( 151 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    Due to the characteristics of firmware, traditional binary comparison methods are prone to mismatches during the propagation of the matching function.Aiming at the problem that the matching function propagation algorithm is not ideal, a method for constructing function correspondence based on candidate function groups was designed, and the concept of function matching in n layer local network is supplemented.Then, three candidate function group construction strategies and candidate function group matching methods are proposed, and the time overhead were analyzed.Finally, a prototype system was implemented based on the method and compared with Bindiff.Through random sampling and manual check, 86.04% of the matching results of the proposed method are consistent with Bindiff matching results, while 11.3% can correct Bindiff matching errors.

    Passive biometric electronic lock via UHF RFID
    Xiang ZOU, Jinsong HAN, Yuhang QU, Jian XIAO, Xian XU
    2021, 7(2):  126-140.  doi:10.11959/j.issn.2096-109x.2021022
    Asbtract ( 174 )   HTML ( 21)   PDF (8591KB) ( 97 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    A biometric lock design method was proposed based on the internal features of human body, namely PBLock.It used the backscattered RF signals to collect the impedance characteristics of human fingertips through the contact between human fingers and tags.The advantage of such authentication method is that the human impedance was not easy to be stolen, and it was fully integrated with the hardware characteristics of the device (RFID tags), which greatly increased the difficulty for the attacker to copy and clone.To ensure the availability and efficiency of the system, an optimization authentication mechanism was proposed by cutting tag antenna, which effectively improved the impedance sensitivity.Moreover, the feasibility of passive drive was discussed by using the electromagnetic energy advantage of RFID system.Through a large number of experimental evaluations, the authentication accuracy of PBLock can reach 96%, and the average time cost of a single authentication is 1.4 seconds.Some attack models were presented based on practical environment.The results show that PBLock can effectively prevent counterfeiting attack, impersonation attack and replay attack, which provides an opportunity for the secure application of new biometric electronic locks.

    Improved fast leakage assessment based on online counting
    Zhengguang SHI, Mengce ZHENG, Honggang HU, Nenghai YU
    2021, 7(2):  141-150.  doi:10.11959/j.issn.2096-109x.2021017
    Asbtract ( 167 )   HTML ( 18)   PDF (1266KB) ( 170 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    Fast leakage assessment (FLA) was proposed in 2017, which made use of the idea of "counter" and significantly improves the computing efficiency.The performance of FLA was analyzed, an online-counting based method was proposed to improve the evaluation flow, and the method was also validated via FPGA implementation.According to the comparisons of experimental results, the proposed method could not only decrease the required memory but also lower the runtime of the evaluation flow.Hence it can improve the evaluation efficiency significantly.

    Deepfake swapped face detection based on double attention
    Xiaojuan GONG, Tianqiang HUANG, Bin WENG, Feng YE, Chao XU, Lijun YOU
    2021, 7(2):  151-160.  doi:10.11959/j.issn.2096-109x.2021032
    Asbtract ( 604 )   HTML ( 62)   PDF (6029KB) ( 568 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    In view of the existing Deepfake detection algorithms, such problems as low accuracy and poor interpretability are common.A neural network model combining the double attention was proposed, which used channel attention to capture the abnormal features of false faces and combined the location of spatial attention to focus the abnormal features.To fully learn the contextual semantic information of the abnormal part of the false face, so as to improve the effectiveness and accuracy of face changing detection.In addition, the decision-making area of real and fake faces was shown effectively in the form of thermal diagram, which provided a certain degree of explanation for the face exchange detection model.Experiments on FaceForensics ++ open source data set show that the detection accuracy of proposed method is superior to MesoInception, Capsule-Forensics and XceptionNet.

    Classified risk assessment method of Android application based on multi-factor clustering selection
    Fan CHAO, Zhi YANG, Xuehui DU, Bing HAN
    2021, 7(2):  161-173.  doi:10.11959/j.issn.2096-109x.2021023
    Asbtract ( 222 )   HTML ( 44)   PDF (1633KB) ( 453 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    Most existing risk assessments of Android applications directly assign weights to factors according to experience, and calculate security risks by counting the frequency statistics of few factors.A new method for risk assessment of Android applications is proposed, which can provide both quantitative and qualitative assessment.This method integrates multiple risk factors such as system permissions, API calls, the action properties of Intent Filter, and data flow.The risks of factors are assigned based on their risk classification and addition, and the weights of factor subsets are distributed based on hierarchical clustering.Experiments show that the assessment results can effectively reflect the real security risks of Android applications.

Copyright Information
Bimonthly, started in 2015
Authorized by:Ministry of Industry and Information Technology of the People's Republic of China
Sponsored by:Posts and Telecommunications Press
Co-sponsored by:Xidian University, Beihang University, Huazhong University of Science and Technology, Zhejiang University
Edited by:Editorial Board of Chinese Journal of Network and Information Security
Editor-in-Chief:FANG Bin-xing
Executive Editor-in-Chief:LI Feng-hua
Director:Xing Jianchun
Address:F2, Beiyang Chenguang Building, Shunbatiao No.1 Courtyard, Fengtai District, Beijing, China
Tel:010-53879136/53879138/53879139
Fax:+86-81055464
ISSN 2096-109X
CN 10-1366/TP
Links
More...
visited
Total visitors:
Visitors of today:
Now online:
Copyright of website: Editorial Office of Chinese Journal of Network and Information Security