Cyber security

Select

Protocol identification approach based on semi-supervised subspace clustering

ZHU Yuna, ZHANG Yutao, YAN Shaoge, FAN Yudan, CHEN Hantuo

Journal of Computer Applications 2021, 41 (10): 2900-2904. DOI: 10.11772/j.issn.1001-9081.2020122002

Abstract （261）

PDF （633KB）（232）

Save

The differences between different protocols are not considered when selecting identification features in the existing statistical feature-based identification methods. In order to solve the problem, a Semi-supervised Subspace-clustering Protocol Identification Approach (SSPIA) was proposed by combining semi-supervised learning and Fuzzy Subspace Clustering (FSC) method. Firstly, the prior constraint condition was obtained by transforming the labeled sample flow into pairwise constraints information. Secondly, the Semi-supervised Fuzzy Subspace Clustering (SFSC) algorithm was proposed on this basis and was used to guide the process of subspace clustering by using the constraint condition. Then, the mapping between class clusters and protocol types was established to obtain the weight coefficient of each protocol feature, and an individualized cryptographic protocol feature library was constructed for subsequent protocol identification. Finally, the clustering effect and identification effect experiments of five typical cryptographic protocols were carried out. Experimental results show that, compared with the traditional K-means method and FSC method, the proposed SSPIA has better clustering effect, and the protocol identification classifier constructed by SSPIA is more accurate, has higher protocol identification rate and lower error identification rate. The proposed SSPIA improves the identification effect based on statistical features.

Reference | Related Articles | Metrics

Select

Visual image encryption algorithm based on Hopfield chaotic neural network and compressive sensing

SHEN Ziyi, WANG Weiya, JIANG Donghua, RONG Xianwei

Journal of Computer Applications 2021, 41 (10): 2893-2899. DOI: 10.11772/j.issn.1001-9081.2020121942

Abstract （597）

PDF （4865KB）（395）

Save

At present, most image encryption algorithms directly encrypt the plaintext image into a ciphertext image without visual meaning, which is easy to be found by hackers during the transmission process and therefore subjected to various attacks. In order to solve the problem, combining Hopfield chaotic neural network and compressive sensing technology, a visually meaningful image encryption algorithm was proposed. Firstly, the two-dimensional discrete wavelet transform was used to sparse the plaintext image. Secondly, the sparse matrix after threshold processing was encrypted and measured by compressive sensing. Thirdly, the quantized intermediate ciphertext image was filled with random numbers, and Hilbert scrambling and diffusion operations were performed to the image. Finally, the generated noise-like ciphertext image was embedded into the Alpha channel of the carrier image though the Least Significant Bit (LSB) replacement to obtain the visually meaningful steganographic image. Compared with the existing visual image encryption algorithms, the proposed algorithm demonstrates very good visual security, decryption quality and robustness, showing that it has widely application scenarios.

Reference | Related Articles | Metrics

Select

Secure storage and sharing scheme of internet of vehicles data based on hybrid architecture of blockchain and cloud-edge computing

WU Guangfu, WANG Yingjun

Journal of Computer Applications 2021, 41 (10): 2885-2892. DOI: 10.11772/j.issn.1001-9081.2020121938

Abstract （575）

PDF （897KB）（522）

Save

In order to solve the problems such as high time delay, data leakage and malicious vehicle nodes tampering data of cloud computing in Internet of Vehicles (IoV), a secure storage and sharing scheme of IoV data based on hybrid architecture of blockchain and cloud-edge computing was proposed. Firstly, the dual-chain decentralized storage structure of consortium blockchain-private blockchain was adopted to ensure the security of communication data. Then, the identity-based digital signcryption algorithm and the discrete central binomial distribution-based ring signature scheme were used to solve the security problem in the communication process. Finally, the Dynamic-layering and Reputation-evaluation Practical Byzantine Fault Tolerant mechanism (DRPBFT) was proposed, and the edge computing technology was combined with the cloud computing technology, so as to solve the high time delay problem. Security analysis shows that the proposed scheme can guarantee the security and integrity of data during the information sharing process. Experimental simulation and performance evaluation results show that, DRPBFT has the time delay within 6 s, and effectively improves the throughput of the system. The proposed IoV scheme effectively improves the enthusiasm of vehicle data sharing, leads to more efficient and stable operation of IoV system, and achieves the real-time and efficient purposes of IoV.

Reference | Related Articles | Metrics

Select

Audio encryption algorithm in fractional domain based on cascaded chaotic system

XU Liyun, YAN Tao, QIAN Yuhua

Journal of Computer Applications 2021, 41 (9): 2623-2630. DOI: 10.11772/j.issn.1001-9081.2020122044

Abstract （318）

PDF （2308KB）（251）

Save

In order to ensure the security of audio signals in communication transmission, a fractional domain audio encryption algorithm based on cascaded chaotic system was proposed. Firstly, the audio signal was grouped. Secondly, the chaotic system was used to obtain the orders of fractional Fourier transform, and the order corresponding to each group data changed dynamically. Thirdly, the sampling fractional Fourier discrete transform with less computational complexity was used to obtain the fractional domain spectrum data of each group. Finally, the cascaded chaotic system was used to perform data encryption to the fractional domain of each group in turn, so as to realize the overall encryption of the audio signals. Experimental results show that the proposed algorithm is extremely sensitive to the key, and has the waveform and fractional domain spectrum of obtained encrypted signal more uniformly distributed and less correlated compared with those of the original signal. At the same time, compared with the frequency domain encryption and fixed-order fractional domain encryption methods, the proposed algorithm can effectively increase the key space while reducing the computational complexity. It can be seen that the proposed algorithm can satisfy the real-time and secure transmission requirements of audio signals effectively.

Reference | Related Articles | Metrics

Select

Detection method of domains generated by dictionary-based domain generation algorithm

ZHANG Yongbin, CHANG Wenxin, SUN Lianshan, ZHANG Hang

Journal of Computer Applications 2021, 41 (9): 2609-2614. DOI: 10.11772/j.issn.1001-9081.2020111837

Abstract （388）

PDF （893KB）（294）

Save

The composition of domain names generated by the dictionary-based Domain Generation Algorithm (DGA) is very similar to that of benign domain names and it is difficult to effectively detect them with the existing technology. To solve this problem, a detection model was proposed, namely CL (Convolutional Neural Network (CNN) and Long Short-Term Memory (LSTM) network). The model includes three parts:character embedding layer, feature extraction layer and fully connected layer. Firstly, the characters of the input domain name were encoded by the character embedding layer. Then, the features of the domain name were extracted by connecting CNN and LSTM in serial way through the feature extraction layer. The n-grams features of the domain name were extracted by CNN and the extracted result were sent to LSTM to learn the context features between n-grams. Meanwhile, different combinations of CNNs and LSTMs were used to learn the features of n-grams with different lengths. Finally, the dictionary-based DGA domain names were classified and predicted by the fully connected layer according to the extracted features. Experimental results show that when the CNNs select the convolution kernel sizes of 3 and 4, the proposed model achives the best performance. In the four dictionary-based DGA family experiments, the accuracy of the CL model is improved by 2.20% compared with that of the CNN model. And with the increase of the number of sample families, the CL network model has a better stability.

Reference | Related Articles | Metrics

Select

Energy data access control method based on blockchain

GE Jihong, SHEN Tao

Journal of Computer Applications 2021, 41 (9): 2615-2622. DOI: 10.11772/j.issn.1001-9081.2020111844

Abstract （454）

PDF （1175KB）（409）

Save

In order to solve the problems of energy data tampering, leakage and data ownership disputes in the process of data sharing between enterprises and departments of energy internet, combined with the characteristics of blockchain-traceability and hard to be tampered with, an energy data access control method based on blockchain multi-chain architecture was proposed, which can protect user privacy and realize cross-enterprise and cross-department access control of energy data at the same time. In this method, the combination of supervision chain and multi-data-chain was used to protect the privacy of data and improve the scalability. The method of storing data on the chain and storing original data under the chain alleviated the storage pressure of the blockchain.By using the outsourcing supported multi-authority attribute-based encryption technology, the fine-grained access control of energy data was realized. Experimental simulation results show that in the proposed method, the blockchain network has availability, and outsourcing supported multi-authority attribute-based encryption technology has advantages in functionality and computing cost. Therefore, the proposed method can achieve fine-grained access control of energy data while protecting user privacy.

Reference | Related Articles | Metrics

Select

Intrusion detection model based on semi-supervised learning and three-way decision

ZHANG Shipeng, LI Yongzhong, DU Xiangtong

Journal of Computer Applications 2021, 41 (9): 2602-2608. DOI: 10.11772/j.issn.1001-9081.2020111883

Abstract （348）

PDF （936KB）（304）

Save

Aiming at the situation that the existing intrusion detection models perform poorly on unknown attacks and have extremely limited labeled data, an intrusion detection model named SSL-3WD based on Semi-Supervised Learning (SSL) and Three-Way Decision (3WD) was proposed. In SSL-3WD model, the excellent performance of 3WD in the case of insufficient information was used to meet the assumption of sufficient redundancy of data information in SSL. Firstly, the 3WD theory was used to classify network behavior data, then some appropriate "pseudo-labeled" samples were selected according to the classification results to form a new training set to expand the original dataset. Finally, the classification process was repeated to obtain all the classifications of network behavior data. On the NSL-KDD dataset, the detection rate of the proposed model was 97.7%, which was 5.8 percentage points higher than that of the adaptive integrated learning intrusion detection model Multi-Tree, which has the highest detection rate in the comparison methods. On the UNSW-NB15 dataset, the accuracy of the proposed model reached 94.7% and the detection rate reached 96.3%, which were increased by 3.5 percentage points and 6.2 percentage points respectively compared with those of the best performing one in the comparison methods, the intrusion detection model based on Stack Nonsymmetric Deep Autoencoder (SNDAE). The experimental results show that the proposed SSL-3WD model improves the accuracy and detection rate of network behavior detection.

Reference | Related Articles | Metrics

Select

Reflective cross-site scripting vulnerability detection based on fuzzing test

NI Ping, CHEN Wei

Journal of Computer Applications 2021, 41 (9): 2594-2601. DOI: 10.11772/j.issn.1001-9081.2020111770

Abstract （315）

PDF （1152KB）（464）

Save

In view of the low efficiency, high false negative rate and high false positive rate of Cross-Site Scripting (XSS) vulnerability detection technology in current World Wide Web (WWW) applications, a reflective XSS vulnerability detection system based on fuzzing test was proposed. First, the Web crawler technology was used to crawl the Web page links with specified depth in the whole website and analyze them, so as to extract the potential user injection points. Secondly, a fuzzing test case was constructed according to the grammatical form of the attack payload, and an initial weights was set for each element, according to the injected probe vector, the output point type was obtained to select the corresponding attack grammatical form for constructing potential attack payload, and it was mutated to form a mutated attack payload as the request parameter. Thirdly, the website response was analyzed and the weights of the elements were adjusted to generate a more efficient attack payload. Finally, this proposed system was compared horizontally with OWASP Zed Attack Proxy (ZAP) and Wapiti systems. Experimental results show that the number of potential user injection points found by the proposed system is increased by more than 12.5%, the false positive rate of the system is dropped to 0.37%, and the false negative rate of the system is lower than 2.23%. At the same time, this system reduces the number of requests and saves the detection time.

Reference | Related Articles | Metrics

Select

Blockchain digital signature scheme with improved SM2 signature method

YANG Longhai, WANG Xueyuan, JIANG Hesong

Journal of Computer Applications 2021, 41 (7): 1983-1988. DOI: 10.11772/j.issn.1001-9081.2020081220

Abstract （430）

PDF （1080KB）（381）

Save

In order to improve the storage security and signature efficiency of digital signature keys in the consortium blockchain Practical Byzantine Fault Tolerance (PBFT) algorithm consensus process, considering the actual application environment of the consortium blockchain PBFT consensus algorithm, a trusted third-party proof signature scheme based on key division and Chinese encryption SM2 algorithm was proposed. In this scheme, by a trusted third-party, the key was generated and split, and the sub-split private key was distributed to the consensus nodes. In each consensus, the identity must be proved to the trusted third-party at first, and then the other half of the sub-split private key was obtained by the verification party to perform identity verification. In this signature scheme, the segmentation and preservation of the private key was realized by combining the characteristics of the consortium chain, and the modular inversion process in the traditional SM2 algorithm was eliminated by using consensus feature and hash digest. The theoretical analysis proved that the proposed scheme was resistant to data tampering and signature forgery, while Java Development Kit (JDK1.8) and TIO network framework were used to simulate the signature process in consensus. Experimental results show that compared with the traditional SM2 algorithm, the proposed scheme is more efficient, and the more consensus nodes, the more obvious the efficiency gap. When the node number reaches 30, the efficiency of the scheme is improved by 27.56%, showing that this scheme can satisfy the current application environment of the consortium blockchain PBFT consensus.

Reference | Related Articles | Metrics

Select

E-forensics model for internet of vehicles based on blockchain

CHEN Weiwei, CAO Li, GU Xiang

Journal of Computer Applications 2021, 41 (7): 1989-1995. DOI: 10.11772/j.issn.1001-9081.2020081205

Abstract （351）

PDF （1260KB）（420）

Save

To resolve the difficulties of forensics and determination of responsibility for traffic accidents, a blockchain-based e-forensics scheme under Internet Of Vehicles (IOV) communications architecture was proposed. In this scheme, the remote storage of digital evidence was implemented by using the decentralized storage mechanism of blockchain, and the fast retrieval of digital evidence and effective tracing of related evidence chain were realized by using the smart contracts. The access control of data was performed by using the token mechanism to protect the privacy of vehicle identities. Meanwhile, a new consensus mechanism was proposed to meet real-time requirements of IOV for forensics. Simulation results show that the new consensus algorithm in this proposed scheme has higher efficiency compared with the traditional Delegated Proof Of Stake (DPOS) consensus algorithm and the speed of forensics meets the requirements of IOV environment, which ensures the characteristics of electronic evidence such as non-tampering, non-repudiation and permanent preservation, so as to realize the application of blockchain technology in judicial forensics.

Reference | Related Articles | Metrics

Select

Intrusion detection based on improved triplet network and K-nearest neighbor algorithm

WANG Yue, JIANG Yiming, LAN Julong

Journal of Computer Applications 2021, 41 (7): 1996-2002. DOI: 10.11772/j.issn.1001-9081.2020081217

Abstract （448）

PDF （1105KB）（279）

Save

Intrusion detection is one of the important means to ensure network security. To address the problem that it is difficult to balance detection accuracy and computational efficiency in network intrusion detection, based on the idea of deep metric learning, a network intrusion detection model combining improved Triplet Network (imTN) and K-Nearest Neighbor (KNN) was proposed, namely imTN-KNN. Firstly, a triplet network structure suitable for solving intrusion detection problems was designed to obtain the distance features that are more conducive to the subsequent classification. Secondly, due to the overfitting problem caused by removing the Batch Normalization (BN) layer from the traditional model which affected the detection precision, a Dropout layer and a Sigmoid activation layer were introduced to replace the BN layer, thus improving the model performance. Finally, the loss function of the traditional triplet network model was replaced with the multi-similarity loss function. In addition, the distance feature output of the imTN was used as the input of the KNN algorithm for retraining. Comparison experiments on the benchmark dataset IDS2018 show that compared with the Deep Neural Network based Intrusion Detection System (IDS-DNN) and Convolutional Neural Networks and Long Short Term Memory (CNN-LSTM) based detection model, the detection accuracy of imTN-KNN is improved by 2.76% and 4.68% on Sub_DS3, and the computational efficiency is improved by 69.56% and 74.31%.

Reference | Related Articles | Metrics

Select

Blockchain storage expansion model based on Chinese remainder theorem

QING Xinyi, CHEN Yuling, ZHOU Zhengqiang, TU Yuanchao, LI Tao

Journal of Computer Applications 2021, 41 (7): 1977-1982. DOI: 10.11772/j.issn.1001-9081.2020081256

Abstract （415）

PDF （1043KB）（318）

Save

Blockchain stores transaction data in the form of distributed ledger, and its nodes hold copies of current data by storing hash chain. Due to the particularity of the blockchain structure, the number of blocks increases over time and the storage pressure of nodes also increases with the increasing of blocks, so that the storage scalability has become one of the bottlenecks in blockchain development. To address this problem, a blockchain storage expansion model based on Chinese Remainder Theorem (CRT) was proposed. In the model, the blockchain was divided into high-security blocks and low-security blocks, which were stored by different storage strategies. Among them, low-security blocks were stored in the form of network-wide preservation (all nodes need to preserve the data), while the high-security blocks were stored in a distributed form after being sliced by the CRT-based partitioning algorithm. In addition, the error detection and correction of Redundant Residual Number System (RRNS) was used to restore data to prevent malicious node attacking, so as to improve the stability and integrity of data. Experimental results and security analysis show that the proposed model not only has security and fault tolerance ability, but also ensures the integrity of data, as well as effectively reduces the storage consumption of nodes and increases the storage scalability of the blockchain system.

Reference | Related Articles | Metrics

Select

Improvement and analysis of certificate-based wired local area network security association scheme

XIAO Yuelei, DENG Xiaofan

Journal of Computer Applications 2021, 41 (7): 1970-1976. DOI: 10.11772/j.issn.1001-9081.2020081155

Abstract （344）

PDF （883KB）（248）

Save

In the Tri-element Peer Authentication (TePA)-based wired Local Area Network (LAN) media access control Security (TLSec), the certificate-based wired LAN security association scheme has communication waste in the exchange key establishment processes and is not suitable for trusted computing environment. To solve these two problems, firstly, an improved certificate-based wired LAN security association scheme was proposed. In this scheme, the exchange key establishment process between the newly added switch and each nonadjacent switch was simplified, thus improving the communication performance of the exchange key establishment processes. Then, a certificate-based wired LAN security association scheme for trusted computing environment was proposed based on the above scheme. In this scheme, the platform authentication of the newly added terminal devices was added in the process of certificate-based authentication, so as to realize the trusted network access of the newly added terminal devices, and effectively prevent the newly added terminal devices from bringing worms, viruses and malicious softwares into the wired LAN. Finally, the two schemes were proved secure by using the Strand Space Model (SSM). In addition, through qualitative and quantitative comparative analysis, the two schemes are better than those proposed in related literatures.

Reference | Related Articles | Metrics

Select

Scrambling and hiding algorithm of streaming media image information based on state view

YANG Panpan, ZHAO Jichun

Journal of Computer Applications 2021, 41 (6): 1729-1733. DOI: 10.11772/j.issn.1001-9081.2020091422

Abstract （236）

PDF （840KB）（304）

Save

Aiming at the information security risks of streaming media images, a new scrambling and hiding algorithm for streaming media image information based on state view was proposed. Firstly, the streaming media image enhancement algorithm based on Neighborhood Limited Empirical Mode Decomposition (NLEMD) was used to enhance the streaming media image and highlight the details of the streaming media image, so as to realize the effect of streaming media image enhancement. Then, the efficient encoding and decoding algorithm based on state view was used to encode and decode the streaming media image information, so that the streaming media image information was scrambled and hidden. Experimental results show that, the proposed algorithm can effectively and comprehensively scramble and hide plant and text streaming media image information, and it can significantly enhance the streaming media images. In the scrambling and hiding of streaming media image information, the scrambling and hiding degree of the proposed algorithm is higher than 95%, which indicates that the proposed algorithm can protect the security of streaming media image information.

Reference | Related Articles | Metrics

Select

Oversampling method for intrusion detection based on clustering and instance hardness

WANG Yao, SUN Guozi

Journal of Computer Applications 2021, 41 (6): 1709-1714. DOI: 10.11772/j.issn.1001-9081.2020091378

Abstract （332）

PDF （1211KB）（505）

Save

Aiming at the problem of low detection efficiency of intrusion detection models due to the imbalance of network traffic data, a new Clustering and instance Hardness-based Oversampling method for intrusion detection (CHO) was proposed. Firstly, the hardness values of the minority data were measured as input by calculating the proportion of the majority class samples in the neighbors of minority class samples. Secondly, the Canopy clustering approach was used to pre-cluster the minority data, and the obtained cluster values were taken as the clustering parameter of K-means++ clustering approach to cluster again. Then, the average hardness and the standard deviation of different clusters were calculated, and the former was taken as the "investigation cost" in the optimum allocation theory of statistics, and the amount of data to be generated in each cluster was determined by this theory. Finally, the "safe" regions in the clusters were further identified according to the hardness values, and the specified amount of data was generated in the safe regions in the clusters by using the interpolation method. The comparative experiment was carried out on 6 open intrusion detection datasets. The proposed method achieves the optimal values of 1.33 on both Area Under Curve (AUC) and Geometric mean (G-mean), and has the AUC increased by 1.6 percentage points on average compared to Synthetic Minority Oversampling TEchnique (SMOTE) on 4 of the 6 datasets. The experimental results show that the proposed method can be well applied to imbalance problems in intrusion detection.

Reference | Related Articles | Metrics

Select

Anomaly detection method based on multi-task temporal convolutional network in cloud workflow

YAO Jie, CHENG Chunling, HAN Jing, LIU Zheng

Journal of Computer Applications 2021, 41 (6): 1701-1708. DOI: 10.11772/j.issn.1001-9081.2020091383

Abstract （391）

PDF （1677KB）（632）

Save

Numerous logs generated during the daily deployment and operation process in cloud computing platforms help system administrators perform anomaly detection. Common anomalies in cloud workflow include pathway anomalies and time delay anomalies. Traditional anomaly detection methods train the learning models corresponding to the two kinds of anomaly detection tasks respectively and ignore the correlation between these two tasks, which leads to the decline of the accuracy of anomaly detection. In order to solve the problems, an anomaly detection method based on multi-task temporal convolutional network was proposed. Firstly, the event sequence and time sequence were generated based on the event templates of log stream. Then, the deep learning model based on the multi-task temporal convolutional network was trained. In the model, the event and the time characteristics were learnt in parallel from the normal system execution processes by sharing the shallow layers of the temporal convolutional network. Finally, the anomalies in the cloud computing workflow were analyzed, and the related anomaly detection logic was designed. Experimental results on the OpenStack dataset demonstrate that, the proposed method improves the anomaly detection accuracy at least by 7.7 percentage points compared to the state-of-art log anomaly detection algorithm DeepLog and the method based on Principal Component Analysis (PCA).

Reference | Related Articles | Metrics

Select

Optimized CKKS scheme based on learning with errors problem

ZHENG Shangwen, LIU Yao, ZHOU Tanping, YANG Xiaoyuan

Journal of Computer Applications 2021, 41 (6): 1723-1728. DOI: 10.11772/j.issn.1001-9081.2020091447

Abstract （997）

PDF （760KB）（928）

Save

Focused on the issue that the CKKS (Cheon-Kim-Kim-Song) homomorphic encryption scheme based on the Learning With Errors (LWE) problem has large ciphertext, complicated calculation key generation and low homomorphic calculation efficiency in the encrypted data calculation, an optimized scheme of LWE type CKKS was proposed through the method of bit discarding and homomorphic calculation key reorganization. Firstly, the size of the ciphertext in the homomorphic multiplication process was reduced by discarding part of the low-order bits of the ciphertext vector and part of the low-order bits of the ciphertext tensor product in the homomorphic multiplication. Secondly, the method of bit discarding was used to reorganize and optimize the homomorphic calculation key, so as to remove the irrelevant extension items in powersof2 during the key exchange procedure and reduce the scale of the calculation key as well as the noise increase in the process of homomorphic multiplication. On the basis of ensuring the security of the original scheme, the proposed optimized scheme makes the dimension of the calculation key reduced, and the computational complexity of the homomorphic multiplication reduced. The analysis results show that the proposed optimized scheme reduces the computational complexity of the homomorphic calculation and calculation key generation process to a certain extent, so as to reduce the storage overhead and improve the efficiency of the homomorphic multiplication operation.

Reference | Related Articles | Metrics

Select

Dynamic group based effective identity authentication and key agreement scheme in LTE-A networks

DU Xinyu, WANG Huaqun

Journal of Computer Applications 2021, 41 (6): 1715-1722. DOI: 10.11772/j.issn.1001-9081.2020091428

Abstract （306）

PDF （988KB）（359）

Save

As one of the communication methods in future mobile communications, Machine Type Communication (MTC) is an important mobile communication method in Internet of Things (IoT). When many MTC devices want to access the network at the same time, each MTC device needs to perform independent identity authentication, which will cause network congestion. In order to solve this problem and improve the security of key agreement of MTC device, a dynamic group based effective identity authentication and key agreement scheme was proposed in Long Term Evolution-Advanced (LTE-A) networks. Based on symmetric bivariate polynomials, the proposed scheme was able to authenticate a large number of MTC devices at the same time and establish independent session keys between the devices and the network. In the proposed scheme, multiple group authentications were supported, and the updating of access policies was provided. Compared with the scheme based on linear polynomials, bandwidth analysis shows that the bandwidth consumptions of the proposed scheme during transmission are optimized:the transmission bandwidth between the MTC devices in the Home Network (HN) and the Service Network (SN) is reduced by 132 bit for each group authentication, the transmission bandwidth between the MTC devices within the HN is reduced by 18.2%. Security analysis and experimental results show that the proposed scheme is safe in actual identity authentication and session key establishment, and can effectively avoid signaling congestion in the network.

Reference | Related Articles | Metrics

Select

End-to-end security solution for message queue telemetry transport protocol based on proxy re-encryption

GU Zhengchuan, GUO Yuanbo, FANG Chen

Journal of Computer Applications 2021, 41 (5): 1378-1385. DOI: 10.11772/j.issn.1001-9081.2020060985

Abstract （320）

PDF （1130KB）（479）

Save

Aiming at the lack of built-in security mechanism in Message Queue Telemetry Transport (MQTT) protocol to protect communication information between the Internet of Things (IoT) devices, as well as the problem that the credibility of MQTT broker is questioned in the new concept of zero trust security, a new solution based on proxy re-encryption for implementing secure end-to-end data transmission between publisher and subscriber in MQTT communication was proposed. Firstly, the Advanced Encryption Standard (AES) was used to symmetrically encrypt the transmitted data for ensuring the confidentiality of the data during the transmission process. Secondly, the proxy re-encryption algorithm that defines the MQTT broker as a semi-honest participant was adopted to encrypt the session key used by the AES symmetric encryption, so as to eliminate the implicit trust of the MQTT broker. Thirdly, the computation of re-encryption key generation was transferred from clients to a trusted third party for the applicability of the proposed scheme in resource-constrained IoT devices. Finally, Schnorr signature algorithm was employed to digitally sign the messages for the authenticity, integrity and non-repudiation of the data source. Compared with the existing MQTT security schemes, the proposed scheme acquires the end-to-end security features of MQTT communication at the expense of the computation and communication overhead equivalent to that of the lightweight security scheme without end-to-end security.

Reference | Related Articles | Metrics

Select

Verifiable and secure outsourcing for large matrix full rank decomposition

DU Zhiqiang, ZHENG Dong, ZHAO Qinglan

Journal of Computer Applications 2021, 41 (5): 1367-1371. DOI: 10.11772/j.issn.1001-9081.2020081237

Abstract （301）

PDF （695KB）（235）

Save

Focused on the problems of no protection for the number of zero elements in original matrix and no verification for the result returned by cloud in outsourcing algorithm of matrix full rank decomposition, a verifiable and secure outsourcing scheme of matrix full rank decomposition was proposed. Firstly, in the phase of encryption, a dense invertible matrix was constructed by using the Sherman-Morrison formula for encryption. Secondly, in the phase of cloud computing, the cloud computing of the full rank decomposition for the encryption matrix was required. And when the results of full rank decomposition for encryption matrix (a column full rank matrix and a row full rank matrix) were obtained, the cloud computing of the left inverse of the column full rank matrix and the right inverse of the row full rank matrix was required respectively. Thirdly, in the phase of verification, the client not only needed to verify whether these two matrices returned by cloud are row-full-rank or column-full-rank respectively, but also needed to verify whether the multiplication of these two matrices is equal to the encryption matrix. Finally, if the verification was passed, the client was able to use the private key to perform the decryption. In the protocol analysis, the proposed scheme is proved to satisfy correctness, security, efficiency, and verifiability. At the same time, when the dimension of the selected original matrix is 512×512, with different densities of non-zero elements in the matrix, the entropy of the encryption matrix calculated by this scheme is identically equal to 18, indicating that the scheme can protect the number of zero elements effectively. Experimental results show the effectiveness of the proposed scheme.

Reference | Related Articles | Metrics

Select

Encrypted traffic classification method based on data stream

GUO Shuai, SU Yang

Journal of Computer Applications 2021, 41 (5): 1386-1391. DOI: 10.11772/j.issn.1001-9081.2020071073

Abstract （525）

PDF （948KB）（1064）

Save

Aiming at the problems of fast classification and accurate identification of encrypted traffic in current network, a new feature extraction method for data stream was proposed. Based on the characteristics of sequential data and the law of the SSL (Secure Sockets Layer) handshake protocol, an end-to-end one-dimensional convolutional neural network model was adopted, and five-tuples were used to label the data stream. By selecting the data stream representation manner, the number of data packets, and the length of feature bytes, the key field positions of sample classification were located more accurately, and the features with little impact on sample classification were removed, so that the 784 bytes used by a single data stream during the original input were reduced to 529 bytes, which reduced 32% of the original length, and the classification of 12 encrypted traffic service types was implemented with the accuracy of 95.5%. These results show that the proposed method can reduce the original input feature dimension and improve the efficiency of data processing on the basis of ensuring the accuracy of the current research.

Reference | Related Articles | Metrics

Select

Intrusion detection model based on combination of dilated convolution and gated recurrent unit

ZHANG Quanlong, WANG Huaibin

Journal of Computer Applications 2021, 41 (5): 1372-1377. DOI: 10.11772/j.issn.1001-9081.2020071082

Abstract （320）

PDF （936KB）（543）

Save

Intrusion detection model based on machine learning plays a vital role in the security protection of network environment. Aiming at the problem that the existing network intrusion detection model cannot fully learn the data features of network intrusion, the deep learning theory was applied to intrusion detection, and a deep network model with automatic feature extraction function was proposed. In this model, the dilated convolution was used to increase the receptive field of information and extract high-level features from it, the Gated Recurrent Unit (GRU) model was used to extract long-term dependencies between retained features, then the Deep Neural Network (DNN) was used to fully learn the data features. Compared with the classical machine learning classifier, this model has a higher detection rate. Experiments conducted on the famous KDD CUP99, NSL-KDD and UNSW-NB15 datasets show that the model has the performance better than other classifiers. Specifically, the model has the accuracy of 99.78% on KDD CUP99 dataset, the accuracy of 99.53% on NSL-KDD dataset, and the accuracy of 93.12% on UNSW-NB15 dataset.

Reference | Related Articles | Metrics

Select

Parallel implementation and analysis of SKINNY encryption algorithm using CUDA

XIE Wenbo, WEI Yongzhuang, LIU Zhenghong

Journal of Computer Applications 2021, 41 (4): 1136-1141. DOI: 10.11772/j.issn.1001-9081.2020071060

Abstract （334）

PDF （927KB）（616）

Save

Focusing on the issue of low efficiency of SKINNY encryption algorithm in Central Processing Unit(CPU), a fast implementation method was proposed based on Graphic Processing Unit(GPU). In the first place, an optimization scheme was proposed by combining the structural characteristics of SKINNY algorithm, and one whole calculation, where the whole calculation was integrated by 5 step-by-step operations. Moreover, the characteristics of the Electronic CodeBook(ECB) mode and counter(CTR) mode of this algorithm were analyzed, and the parallel design schemes such as parallel granularity and memory allocation were given. Experimental results illustrate that the efficiency and throughput of SKINNY algorithm implemented by Computing Unified Device Architecture(CUDA) are significantly improved, when compared to the algorithm with the traditional CPU implementation. More specifically, for data size of 16 MB or large size, the SKINNY algorithm implementation with ECB mode achieves maximum efficiency improvement of 99.85% and maximum speedup ratio of 671. On the other hand, the SKINNY algorithm implementation with CTR mode achieves maximum efficiency improvement of 99.87% and maximum speedup ratio of 765. In particular, the throughput of the proposed SKINNY-256(ECB) parallel algorithm has 1.29 times and 2.55 times of those of the existing AES-256(ECB) and SKINNY_ECB parallel algorithms, respectively.

Reference | Related Articles | Metrics

Select

Internet rumor propagation model considering non-supportive comments

LI Yan, CHEN Qiaoping

Journal of Computer Applications 2021, 41 (4): 1128-1135. DOI: 10.11772/j.issn.1001-9081.2020071135

Abstract （253）

PDF （1088KB）（592）

Save

In view of the existing rumor propagation model, the impact of non-supportive comments on internet rumor propagation has not been analyzed in detail. An SII _CR ₁R ₂(Susceptible-Infected-Infected with non-supportive comment-Removed1-Removed2) internet rumor propagation model was proposed by introducing rumor spreaders with non-supportive comments. Firstly, the steady-state analysis of the model was performed to prove the stability of rumor-free equilibrium and rumor propagation equilibrium. Secondly, the theoretical results were verified by the numerical simulation, and the impacts of non-supportive comment probability, recovery probability, propagation probability and the persuasiveness of non-supportive comments on internet rumor propagation were analyzed. The analysis results show that increasing non-supportive comment probability has an inhibitory effect on internet rumor propagation, but the effect is affected by the recovery probability, and enhancing the persuasiveness of non-supportive comments and reducing the propagation probability can effectively reduce the influence range of internet rumor. Simulations results on WS(Watts-Strogatz) small-world network and BA(Barabási-Albert) scale-free network confirm that non-supportive comments can suppress internet rumor propagation. Finally, according to the analysis results, the prevention and control strategies of rumor were put forward.

Reference | Related Articles | Metrics

Select

Malicious code detection based on multi-channel image deep learning

JIANG Kaolin, BAI Wei, ZHANG Lei, CHEN Jun, PAN Zhisong, GUO Shize

Journal of Computer Applications 2021, 41 (4): 1142-1147. DOI: 10.11772/j.issn.1001-9081.2020081224

Abstract （468）

PDF （2386KB）（597）

Save

Existing deep learning-based malicious code detection methods have problems such as weak deep-level feature extraction capability, relatively complex model and insufficient model generalization capability. At the same time, code reuse phenomenon occurred in large number of malicious samples of the same type, resulting in similar visual features of the code. This similarity can be used for malicious code detection. Therefore, a malicious code detection method based on multi-channel image visual features and AlexNet was proposed. In the method, the codes to be detected were converted into multi-channel images at first. After that, AlexNet was used to extract and classify the color texture features of the images, so as to detect the possible malicious codes. Meanwhile, the multi-channel image feature extraction, the Local Response Normalization(LRN) and other technologies were used comprehensively, which effectively improved the generalization ability of the model with effective reduction of the complexity of the model. The Malimg dataset after equalization was used for testing, the results showed that the average classification accuracy of the proposed method was 97.8%, and the method had the accuracy increased by 1.8% and the detection efficiency increased by 60.2% compared with the VGGNet method. Experimental results show that the color texture features of multi-channel images can better reflect the type information of malicious codes, the simple network structure of AlexNet can effectively improve the detection efficiency, and the local response normalization can improve the generalization ability and detection effect of the model.

Reference | Related Articles | Metrics

Select

Image grey level encryption based on cat map

LI Shanshan, ZHAO Li, ZHANG Hongli

Journal of Computer Applications 2021, 41 (4): 1148-1152. DOI: 10.11772/j.issn.1001-9081.2020071029

Abstract （349）

PDF （1056KB）（370）

Save

In order to solve the problem that the leakage of privacy content of images in the process of public channel transmission results in endangering information security, a new encryption method of greyscale image was proposed. The iteration of coupled logistic map was used to generate two-dimensional chaotic sequences. One of the sequences was used to generate the coefficients of cat map. The another was used to scramble the pixel positions. The traditional image encryption method based on cat map was used to encrypt the image pixel position, while the proposed encryption method was used to adopt different cat map coefficients for different pixel groups, so as to transform the grey value of each pixel in the group. In addition, bidirectional diffusion was adopted by the method to improve the security performance. The proposed method has simple encryption and decryption processes, high execution efficiency, and no limitation for the image size. Security analysis shows that the proposed encryption method is very sensitive to secret keys, and has good stability under multiple attack methods.

Reference | Related Articles | Metrics

Select

Research and application progress of blockchain in area of data integrity protection

GAO Haoyu, LI Leixiao, LIN Hao, LI Jie, DENG Dan, LI Shaoxu

Journal of Computer Applications 2021, 41 (3): 745-755. DOI: 10.11772/j.issn.1001-9081.2020060912

Abstract （406）

PDF （1658KB）（1969）

Save

As an indispensable new resource of modern information society, data always face the risk of being tampered from the beginning. The availability and authenticity of the tampered data will be greatly reduced. And the blockchain technology perfectly meets the requirements of data integrity protection due to its characteristics of anti-tampering, decentralization and single point failure prevention. Firstly, the background of blockchain technology and vital requirements of data protection were briefly described. Secondly, according to the types of blockchain, the existing blockchain data integrity protection achievements were classified and introduced, and the advantages and disadvantages of each achievement were summarized combined with data integrity protection. Thirdly, the current data integrity protection technologies were classified and compared with the blockchain data integrity protection technology, and the shortcomings of the traditional data integrity protection technologies and the advantages of blockchain data integrity protection technology were analyzed. Finally, the defects of blockchain data integrity protection technology were summarized, and the solutions were given.

Reference | Related Articles | Metrics

Select

Sunflower based construction of locally repairable codes

ZHANG Mao, LI Ruihu, ZHENG Youliang, FU Qiang

Journal of Computer Applications 2021, 41 (3): 763-767. DOI: 10.11772/j.issn.1001-9081.2020060839

Abstract （250）

PDF （681KB）（516）

Save

The construction of binary Locally Repairable Code (LRC) achieving C-M (Cadambe-Mazumdar) bound has been fully studied while there are few researches on general fields. In order to solve the problem, the construction of LRC on general fields was studied. Firstly, a method for determining the number of elements in sunflower was proposed by projective geometry theory. Then, the parameters such as code length, dimension and locality of LRC were clearly described by depicting LRC through the disjoint repair group. Finally, based on the parity-check matrix with disjoint local repair group, two families of LRC on general fields with the minimum distance of 6 were constructed by sunflower, many of which were optimal or almost optimal. Compared with the existing LRC constructed by methods such as subfield subcode, generalized concatenated code and algebraic curve, the constructed two families of codes improve the information rate under the same code minimum distance and locality. These results can be applied to the construction of other LRC on general fields.

Reference | Related Articles | Metrics

Select

d-PBFT:detection consensus algorithm for alliance blockchain

LIU Yu, ZHU Chaoyang, LI Jinze, LAO Yuanji, QIN Tuanfa

Journal of Computer Applications 2021, 41 (3): 756-762. DOI: 10.11772/j.issn.1001-9081.2020060900

Abstract （359）

PDF （1007KB）（1316）

Save

There is an identity authentication mechanism in alliance blockchain, but even by using the mechanism, Byzantine malicious nodes still exist in the network, and the member nodes in the alliance may be controlled and utilized by the third-party enemies. To solve these problems, a detection-Practical Byzantine Fault Tolerance (d-PBFT) consensus algorithm that can monitor the node states was proposed. Firstly, the primary node was elected and the its state was checked to ensure that the elected primary node never be malicious before. Secondly, the consensus request submitted by the client was executed through the three-stage consensus process "pre-prepare-prepare-commit". Finally, the primary node state was assessed according to the three-stage achievement state. If primary node was unstable or malicious, it would be marked, and the malicious node would be added to the quarantine to wait for processing. In this algorithm, based on tolerating a specific number of Byzantine nodes, every node state was monitored all the time and the malicious nods would be isolated. In this case, the bad impact of malicious nodes on the alliance would be reduced. Experimental results show that the network with d-PBFT algorithm has high throughput and low consensus delay, and the consensus generation amount of the algorithm is 26.1% more than that of Practical Byzantine Fault Tolerance (PBFT) algorithm when alliance network includes Byzantine nodes. The d-PBFT algorithm not only improves the robustness of alliance network, but also improves the network throughput.

Reference | Related Articles | Metrics

Select

Malware detection method based on perceptual hash algorithm and feature fusion

JIANG Qianyu, WANG Fengying, JIA Lipeng

Journal of Computer Applications 2021, 41 (3): 780-785. DOI: 10.11772/j.issn.1001-9081.2020060906

Abstract （506）

PDF （995KB）（395）

Save

In the current detection of the malware family, the local features or global features extracted through the grayscale image of the malware cannot fully describe the malware. Aiming at the problem and to improve the detection effect, a malware detection method based on perceptual hash algorithm and feature fusion was proposed. Firstly, the grayscale image samples of malware were detected through the perceptual hash algorithm, and samples of specific malware families and uncertain malware families were quickly divided. Experimental tests showed that about 67% malwares were able to be detected by the perceptual hash algorithm. Then, the local features of Local Binary Pattern (LBP) and global features of Gist were further extracted for the samples of uncertain families, and the features of merging the above two features were used to classify and detect the malware samples by the machine learning algorithm. Finally, experimental results of the detection of 25 types of malware families show that the detection accuracy is higher when using the fusion feature of LBP and Gist compared to that when using a single feature only, and the proposed method is more efficient in classification and detection than the detection algorithm using machine learning only with the detection speed increased by 93.5%.

Reference | Related Articles | Metrics

Project Articles