����Ŀ¼

15 October 2021, Volume 7 Issue 5

Previous Issue    Next Issue

Comprehensive Review

Survey on research progress for compute first networking

Qingmin JIA, Rui DING, Hui LIU, Chen ZHANG, Renchao XIE

2021, 7(5):  1-12.  doi:10.11959/j.issn.2096-109x.2021034

Asbtract ( 1498 )   HTML ( 255)   PDF (571KB) ( 1311 )   Knowledge map   

Figures and Tables | References | Related Articles | Metrics

With the development of 5G and mobile Internet technology, cloud computing, edge computing and intelligent terminal devices have been developed rapidly.Computing resources indicate a trend of ubiquitous deployment.How to use ubiquitous computing resources efficiently and collaboratively has become a hot topic at present in network field.In this context, the concept of compute first networking (CFN) has been proposed and attracted wide attention.Its basic idea is to enhance utilization of computing resources and improve user experience of network services, by converging computing and network deeply as well as coordinating distributed computing resources.Firstly the background and research status of CFN were analyzed, and then basic structure, workflow, and key technologies about CFN were explicated.Finally, future research directions and challenges about CFN were summarized.

TopicⅠ: Voice Image and Audio-Video Processing

Research progress of digital image forensic techniques based on deep learning

Tong QIAO, Hongwei YAO, Binmin PAN, Ming XU, Yanli CHEN

2021, 7(5):  13-28.  doi:10.11959/j.issn.2096-109x.2021047

Asbtract ( 1106 )   HTML ( 170)   PDF (4381KB) ( 1209 )   Knowledge map   

Figures and Tables | References | Related Articles | Metrics

In the new era of rapid development of internet, where massive forgery images with updated tampering techniques flood into, traditional algorithms are no longer able to deal with the latest multimedia tampering techniques, especially those caused by Deepfake and deep learning techniques.Thus, a universal framework for image forensics including image pre-processing module, feature extraction module and post-processing module designed for specific classification were proposed creatively.Accordingly, the state-of-the-art algorithms were reviewed，and meanwhile the main strength and limitations of current algorithms were generalized.More importantly, the future studies were also listed for advancing the development of digital image forensics.

Efficient and secure multi-user outsourced image retrieval scheme with access control

Fuyuan SONG, Zheng QIN, Jixin ZHANG, Yu LIU

2021, 7(5):  29-39.  doi:10.11959/j.issn.2096-109x.2021076

Asbtract ( 300 )   HTML ( 43)   PDF (575KB) ( 271 )   Knowledge map   

Figures and Tables | References | Related Articles | Metrics

In the cloud-based image retrieval services, the cloud server may not be fully trusted in which may arise privacy concerns.Some privacy-preserving image retrieval schemes have been proposed to protect image privacy.However, the traditional privacy-preserving image retrieval schemes have some weaknesses, such as inefficient and single-user setting.Therefore, an efficient and secure multi-user outsourced image retrieval (EMIR) scheme with access control was proposed.EMIR utilized matrix decomposition and proxy re-encryption to achieve multi-user outsourced image retrieval.By leveraging the techniques of one-time pad and matrix transformation, EMIR supported efficient and secure image retrieval based on Euclidean distance similarity in a privacy-preserving manner.In addition, EMIR applied locality sensitive hashing (LSH) to build searchable indexes in a privacy-preserving manner, which could improve the image retrieval performance.Specifically, a lightweight access control strategy by using role-based polynomial function was designed to authorize the legality of the query user.Security analysis shows that EMIR can protect the confidentiality of the images and the queries.The extensive experiments demonstrate that EMIR achieves efficient image retrieval.

RSA-based image recognizable adversarial attack method

Yu ZHANG, Hailiang LI

2021, 7(5):  40-48.  doi:10.11959/j.issn.2096-109x.2021065

Asbtract ( 292 )   HTML ( 53)   PDF (2937KB) ( 250 )   Knowledge map   

Figures and Tables | References | Related Articles | Metrics

Adversarial attack is an important part of deep learning security research.Relying on the RSA signature schemes and RSA encryption schemes in cryptography, an adversarial attack method that adversarial examples can be recognized by a specific classifier is proposed.Through the idea of one pixel attack, the normal image can have the ability to make other classifier misclassify while embedding additional information.It can be used in classifier authorization management, online image anti-counterfeiting, etc.The experiment show that the adversarial examples can be recognized under the specific classifier, and the disturbance noise is difficult to detect by the human eye.

Binary image steganography method based on layered embedding

Yuxiang CHENG, Weiming ZHANG, Weixiang LI, Nenghai YU

2021, 7(5):  49-56.  doi:10.11959/j.issn.2096-109x.2021074

Asbtract ( 156 )   HTML ( 20)   PDF (570KB) ( 423 )   Knowledge map   

Figures and Tables | References | Related Articles | Metrics

A non-additive distortion binary image steganography method was proposed which divided the cover image into two sub cover images, updated the distortion through delivering influence factor, and used the minimizing distortion codes to achieve message embedding.Compared with the previous additive distortion steganography methods with fixed distortion, the proposed method combined the characteristics of binary images with only black and white pixels.Hence, it facilitated the correlation capture of pixel points and dynamic modification of distortion, improving the visual quality and steganography security of the binary image steganography.

TopicⅡ: Machine Learning and Security Application

Survey on intelligent game of computer poker

Weilin YUAN, Zhiyong LIAO, Wei GAO, Tingting WEI, Junren LUO, Wanpeng ZAHNG, Jing CHEN

2021, 7(5):  57-76.  doi:10.11959/j.issn.2096-109x.2021087

Asbtract ( 648 )   HTML ( 46)   PDF (780KB) ( 957 )   Knowledge map   

Figures and Tables | References | Related Articles | Metrics

Computer game is the drosophila in the field of artificial intelligence, which has attracted the attention of researchers in artificial intelligence, and has become an advantageous testbed for the research of cognitive intelligence.Poker game can be modeled as dynamic games with imperfect information, definite boundaries and fixed rules.Computer poker AI needs such abilities as dynamic decision-making with incomplete information, identification of misleading and fraudulent behaviors by opponents, and multi-round chips and risk management.Firstly , the development of computer poker game was introduced, which represented by Texas Hold’em poker.Then, typical intelligence game model algorithm, key techniques and existing main problems of computer poker were reviewed analysis.Finally, the future development trends and application prospect of computer intelligent poker game were discussed for cognitive intelligence.

Survey of federated learning research

Chuanxin ZHOU, Yi SUN, Degang WANG, Huawei GE

2021, 7(5):  77-92.  doi:10.11959/j.issn.2096-109x.2021056

Asbtract ( 5606 )   HTML ( 883)   PDF (787KB) ( 6852 )   Knowledge map   

Figures and Tables | References | Related Articles | Metrics

Federated learning has rapidly become a research hotspot in the field of security machine learning in recent years because it can train the global optimal model collaboratively without the need for multiple data source aggregation.Firstly, the federated learning framework, algorithm principle and classification were summarized.Then, the main threats and challenges it faced, were analysed indepth the comparative analysis of typical research programs in the three directions of communication efficiency, privacy and security, trust and incentive mechanism was focused on, and their advantages and disadvantages were pointed out.Finally, Combined with application of edge computing, blockchain, 5G and other emerging technologies to federated learning, its future development prospects and research hotspots was prospected.

Security protocol code analysis method combining model learning and symbolic execution

Xieli ZHANG, Yuefei ZHU, Chunxiang GU, Xi CHEN

2021, 7(5):  93-104.  doi:10.11959/j.issn.2096-109x.2021067

Asbtract ( 294 )   HTML ( 20)   PDF (591KB) ( 419 )   Knowledge map   

Figures and Tables | References | Related Articles | Metrics

Symbolic execution can comprehensively analyze program execution space in theory, but it is not feasible in practice for large programs like security protocols, due to the explosion of path space and the limitation of difficulty in solving path constraints.According to the characteristics of security protocol program, a method to guide the symbolic execution of security protocol code by using protocol state machine information obtained from model learning was proposed.At the same time, by separating cryptographic logic from protocol interaction logic, the problem that path constraints cannot be solved caused by the complexity of cryptographic logic is avoided.The feasibility of the method is demonstrated by the practice on the SSH open source project Dropbear.Compared with Dropbear's test suite, the proposed method has advantages in code coverage and error point discovery.

Chinese NER based on improved Transformer encoder

Honghao ZHENG, Hongtao YU, Shaomei LI

2021, 7(5):  105-112.  doi:10.11959/j.issn.2096-109x.2021041

Asbtract ( 370 )   HTML ( 66)   PDF (436KB) ( 322 )   Knowledge map   

Figures and Tables | References | Related Articles | Metrics

In order to improve the effect of chinese named entity recognition, a method based on the XLNETTransformer_P-CRF model was proposed, which used the Transformer_P encoder, improved the shortcomings of the traditional Transformer encoder that couldn’t obtain relative position information.Experiments show that the XLNET-Transformer_P-CRF model achieves 95.11%, 80.54%, 96.70%, and 71.46% F1 values on the four types of data sets: MSRA, OntoNotes4.0, Resume, and Weibo, which are all higher than other mainstream chinese NER model.

Papers

Intelligent vulnerability detection system based on graph structured source code slice

Deqing ZOU, Xiang LI, Minhuan HUANG, Xiang SONG, Hao LI, Weiming LI

2021, 7(5):  113-122.  doi:10.11959/j.issn.2096-109x.2021088

Asbtract ( 653 )   HTML ( 99)   PDF (413KB) ( 571 )   Knowledge map   

Figures and Tables | References | Related Articles | Metrics

For the intelligent vulnerability detection, the system extracts the graph structured source code slices according to the vulnerability characteristics from the program dependency graph of source code, and then presents the graph structured slice information to carry out vulnerability detection by using the graph neural network model.Slice level vulnerability detection was realized and the vulnerability line was located at the code line level.In order to verify the effectiveness of the system, compared with the static vulnerability detection systems, the vulnerability detection system based on serialized text information, and the vulnerability detection system based on graph structured information, the experimental results show that the proposed system has a high accuracy in the vulnerability detection capability and a good performance in the vulnerability code line prediction.

Research on extended access control mechanism in online social network

Rongna XIE, Xiaonan FAN, Lin YUAN, Zichen GUO, Jiayu ZHU, Guozhen SHI

2021, 7(5):  123-131.  doi:10.11959/j.issn.2096-109x.2021075

Asbtract ( 278 )   HTML ( 52)   PDF (470KB) ( 204 )   Knowledge map   

Figures and Tables | References | Related Articles | Metrics

Aiming at the problem of inability to extend control over the data published by users in social networks, an extended access mechanism based on privacy labels was proposed.This mechanism granted users and data different types of labels based on the number of user relationship hops and resource forwarding hops, so as to achieve fine-grained extended access control to the data.The generation algorithm and distribution method of privacy labels were proposed.The constraint rules of privacy label were designed and the possible policy conflicts were analyzed.Finally, the test proves that the mechanism achieves fine-grained extended control in social networks, and proves its security and validity of the mechanism.

Using rule association to generate data collection policies

Pei CHEN, Fenghua LI, Zifu LI, Yunchuan GUO, Lin CHENG

2021, 7(5):  132-148.  doi:10.11959/j.issn.2096-109x.2021085

Asbtract ( 278 )   HTML ( 35)   PDF (548KB) ( 345 )   Knowledge map   

Figures and Tables | References | Related Articles | Metrics

Collecting security-related data of devices effectively is the foundation of analyzing network threats accurately.Existing data collection methods (full data collection, sampling based data collection and adaptive data collection) do not consider the validity of the collected data and their correlation, which will consume too much collection resources, resulting in low collection yield.To address this problem, considering the factors (relationship between node attributes, network topology relationship, threat status, node resource and node similarity) that impact collection costs and benefits, a rule association method to generate collection policies was designed.In the method, two types of association rules (inter-node association rules and inter-event association rules) were adopted to generate candidate data collection items and reduced the scope of data collection.Then, a multi-objective program was designed to maximize collection benefits and minimize collection costs.Further, a genetic algorithm was designed to solve this program.Proposed method was compared with existing data collection methods.The experimental results show that the number of the collected data records of proposed method is 1 000~3 000 less than that of others per 12 hours, and the validity of the collected data of proposed method is about 4%~10% higher than others, which proves the effectiveness of the proposed method.

Novel similarity calculation method of multisource ontology based on graph convolution network

Liuqian SUN, Yuliang WEI, Bailing WANG

2021, 7(5):  149-155.  doi:10.11959/j.issn.2096-109x.2021071

Asbtract ( 213 )   HTML ( 31)   PDF (557KB) ( 135 )   Knowledge map   

Figures and Tables | References | Related Articles | Metrics

In the information age, the amount of data is growing exponentially.However, different data sources are heterogeneous, which makes it inconvenient to share and multiplex data.With the rapid development of semantic network, ontology mapping is an effective method to solve this problem.The core of ontology mapping is ontology similarity calculation.Therefore, a calculation method based on graph convolution network was proposed.Firstly, ontologiesare modeled as a heterogeneous graph network, then the graph convolution network was used to learn the text embedding rules, which made ontologies were definedin global unified representation.Lastly, multisource data fusion was completed.The experimental results show that the accuracy of the proposed method is higher than other methods, and the accuracy of multi-source data fusion was effectively improved.

Android complex information flow analysis method based on communicating sequential process

Zhanhui YUAN, Zhi YANG, Hongqi ZHANG, Shuyuan JIN, Xuehui DU

2021, 7(5):  156-168.  doi:10.11959/j.issn.2096-109x.2021086

Asbtract ( 175 )   HTML ( 26)   PDF (584KB) ( 342 )   Knowledge map   

Figures and Tables | References | Related Articles | Metrics

Android privacy leak problem is becoming more and more serious.Information flow analysis is a main method to find privacy leak.Traditional information flow analysis methods mainly focus on single accessibility analysis, which is difficult to analyze complex information flow.An information flow analysis method based on communication sequence process was proposed.The formal model of application behavior was established, which can fully describe the information flow of program.The process trace equivalence analysis method could automatically verify complex information flow problems such as information flow association and information flow constraints.This method could detect whether the application program leaks sensitive information.Experimental results show that the accuracy of the proposed method can reach 90.99%.

Information service identity generation and management scheme for service supervision

Xiang LI, Hao WANG, Qiange LIU, Chao WANG, Jian MAO, Jianwei LIU

2021, 7(5):  169-177.  doi:10.11959/j.issn.2096-109x.2021055

Asbtract ( 155 )   HTML ( 21)   PDF (1300KB) ( 394 )   Knowledge map   

Figures and Tables | References | Related Articles | Metrics

While information services have a significant impact on economic and social development, it also brings a series of security challenges.Realizing fine-grained, continuous, and dynamic supervision of information services has become the top priority of information service management.Traditional static identity authentication and management mechanisms, are difficult to meet the continuous monitoring requirements for information service entities and service quality.An information service identification generation and management scheme for service supervision was proposed.It defined an information service identification format from multiple perspectives such as information service category, service grade, and service quality credibility.It used the analytic hierarchy process to evaluate information services and designed a dynamic management of information service identification.The scheme can meet the needs of issuance and fine-grained dynamic management of information service identification for multi-dimensional business attributes.

Accelerated traffic replay method based on time compression

Shuo WANG, Jun BAI, Bailing WANG, Xu ZHANG, Hongri LIU

2021, 7(5):  178-188.  doi:10.11959/j.issn.2096-109x.2021082

Asbtract ( 180 )   HTML ( 28)   PDF (2645KB) ( 236 )   Knowledge map   

Figures and Tables | References | Related Articles | Metrics

With the proliferation of network traffic, replaying traffic in a virtual environment faces many problems.In order to meet the requirements of traffic integrity and accuracy in the replay process, an accelerated traffic replay method based on time-compressed was proposed to achieve accelerated replay of real network traffic in a virtual environment.The method prioritized the compression of the largest time interval in the set of time intervals, and reduced the compression of the smaller intervals, thus reducing the traffic spike per unit time caused by time compression, and reducing the packet loss rate of traffic.The effect was measured in terms of packet loss rate, time interval error and similarity.The experiments show that this method has a lower packet loss rate and lower time interval error compared with the isometric compression method, although it performs worse in similarity.