Network vulnerability assessment which intends to safety situation analysis and establishment of defensive measures before attack is a kind of active defense technology, but the traditional quantitative analysis models cannot show the dynamic interactive relationship between entities, and most of them cannot get global results for risk diffusion. With reference to the influence of social network in the process of communication, a new network vulnerability diffusion analysis method based on cumulative effect was proposed. The defined vulnerability diffusion analysis model described subject relation structure in a more detailed level, and the algorithm proposed by using the accumulation characteristics in attack effects described vulnerability diffusion rule more accurately to ensure better influence range. At last, the model and algorithm were verified by a typical example, the horizontal comparison analysis on some aspects such as simplicity of the model description, accuracy of the analysis results, rationality of the safety recommendations were given. The results show that the method has an advantage in visual assessment results and the formulation of the cost minimum security measures.
At present, data obfuscation is usually used for single concrete data structure. In order to apply same obfuscation method to different data structures, the obfuscation was considered as data refinement, and treated as an abstract data type. General equations were established so as to prove the correctness of obfuscation. The meaning of matrix was concealed by splitting the matrix and altering the pattern of elements. Based on the operations of this data type, the obfuscation framework of the standard operations of the matrix was constructed using functional language. That how to use matrix to confuse the scalar and its arithmetic operations was also described. The correctness of the obfuscation operations was proved by mathematical method. The results show that the complexity of obfuscation operations is the same as the original operations, indicating that this kind of obfuscation method increases the difficulty of operations, and is an effective method of data obfuscation.