Earticle

In this paper we study one prison identification method based on iris image recognition to meet the real-time identification requirements for prison management. The identification method for online real-time acquisition personnel iris image using pre-processing algorithm to improve the quality of image for subsequent feature extraction. Moreover, we use the coarse-to-fine approach to precisely extract the iris information. We combine the edge extraction method and the connected domain characteristics of multistage de-noising method to locate the inner and outer boundary. Finally we use image multiple features template matching method to recognize the iris information. The experimental results show that the proposed algorithm can correctly identify the iris image quickly. It can meet the requirements of the prison site management.

This study designed a safe combined certification system by approaching the matter of certification upon recent expansion of the cyber world and the market size of mobile shopping through a newer plan. Recently, mobile field has drawn much attention and it is used for most means of living for users like purchase of commodity, payment, and user certification. The mobile economy also grows by this trend, but hacking accidents or financial crimes are also in full swing. It is expected that the service for mobile in the future will increase more than ever, but in security aspects we still use problematic certification and security system. Data control service in the future is expected to do a lot with the service, which basically stores all services in phones as well as service providers through cloud service. Data control service will lead to the expansion of IoT (Internet of Things) service, as it substitutes existing off-line backup and safely provide user data regardless of location or kinds of devices. That is, users can use data from the devices connected to the Internet without copying or moving to devices users want to use. To use this data safely, establishing a certification system of users will be an ever more important factor. Therefore, this treatise is going to suggest the plan that we can conduct the certification in a safer way among several threats. In particular, mobile hacking is a very serious and important issue, as it could directly lead to monetary loss. When certification is insufficient, the possibility of a third party reaping benefits through hacking is greater. This treatise is going to suggest a model that service providers can provide safe certification service by performing verification of transaction and data through electronic certification. Building of a combined and safe certification system upon recent FinTech boom is a very important factor and this study is going to suggest various structures in aspects of security and convenience.

In the virus world of Internet, it is a challenging and urgent problem that how can we ensure the safety of search engines. A security subsystem of the search engine based on the research of content-based image search engine system V2.0 is developed. A malicious URL (Uniform Resource Locator) detection method based on BM (Boyer-Moore) pattern matching is proposed. The main research contents and results are as follows: Many malicious URLs could be downloaded by web image search, which may cause unnecessary loses to the users. So the malicious URL detection algorithm based on BM pattern matching is proposed. This method is to let the URL source code match the virus characteristics in the database to confirm whether the URL is safe or not. Web image search detects 203 malicious URLs based on this method. By kaspersky scanning, we confirmed 189 URLs to be malicious URLs, and the error rate is 6.9%, and the accurate rate is 93.1%. The experimental results show that the malicious URL detection algorithm provides secure URLs for web image search engine..

Due to the various characteristics from the pseudo random number generator or many kinds of deterministic devices such as arithmetic processing units, new principles and test schemes should be proposed for assessment of true random number generator. In this contribution, a novel viewpoint on designing a Normal distribution sampler applicable for implementing a homomorphic encryption system based on Ring-LWE crypto scheme is proposed. We suggest a Gaussian normal distribution sampler described with HDL to create uniformly distributed pseudo random numbers which will be used for generating non-symmetric key matrices and error matrices using an open-source AES cryptographic module. The implemented sampler can be conducted with high-speed clock frequency with its succinct critical delay paths as well.

From the perspective of the credibility of evaluating network main body, first consider to improving of evidence source on which trust computing is based, and propose the concept of multi-dimensional evidence. The multi-dimension refers to involvement of multiple types of evidence, and the multi-dimensional evidence, in this paper, involves mainly e-commerce business feedback evidence, online community business feedback evidence and network operation behavior evidence. On this basis, the evidence features can be incorporated into combination rule of evidence, design a new method to calculate the dynamic trust, and propose an improved D-S combination rule to synthesize multi-dimensional evidence, better to solve the problem of uncertainty of evidence. Experiments show it can effectively resist network fraud.

The position and velocity errors are divergent of traditional navigation algorithms used in ballistic missile for it cannot estimate the bias of accelerometer precisely. To solve this problem, a novel SINS/CNS integrated navigation algorithm is proposed in this paper, which adds high angle error, azimuth angle error and height error on the basis of the traditional navigation method. As these three values are related to the position of missile, the proposed method can constrain the divergence of navigation errors. Meanwhile, a system model for ballistic missile is deduced. To verify the navigation precision of the proposed algorithm, the observable analysis and simulation experiments are performed. And the results show that the system state of proposed method is observable completely, and the divergence of navigation error can be restrained thoroughly.

Today’s security initiatives have encouraged incorporation of physical security and information security into converged security for greater effectiveness and capabilities. However, efforts for converging security have largely limited to the issues of the organizational structure with respect to streamlining processes and abstract frameworks for security management. To go beyond just a buzz word of converged security, it should be necessary to bring significant technical merits from this convergence. In this work, we consider “event correlations” that examine any associations between events coming from the above two distinctive worlds to provide greater capabilities for preventing unauthorized access to high-security computers, as a tangible step towards convergence of security. For this purpose, we introduce our approach using event categorization that maps physical events to a finite number of classes (five) instead of considering event types individually for feasibility, and also show how to define correlation rules with the categories. In addition, we present our prototype system that implements the incorporation of two typical physical security entities: a door/gate access control and a video surveillance system. Our exploration presented in this paper would be beneficial for guiding future development of a diverse range of converged security functions.

A novel technique for intrusion detection based on cutting-based real-valued negative selection scheme is proposed in this paper. Different from the current typical techniques, the proposed one sets a much more strict and reasonable mechanism to generate and optimize the set of mutual detector. Concretely, firstly, the new generating detector must be necessary and it should not be detected by the current existing mutual ones. Besides, those detectors coinciding with the self-set will be cut and optimized into several qualified ones which have better detecting abilities. Experimental results demonstrate that the proposed technique has much higher detecting rates.

In present era all the multimedia communication is done over open network such as Images, Audio, Videos, Text etc, so the security is also a major concern. In this research we proposed an image encryption algorithm by using chaotic map as it is well known for its Dynamic nature, Randomness and very sensitive towards initial condition. In the pro-posed algorithm two dimensional chaotic map and the two secrets keys for encryption of image are used in which first we divide the image into four blocks and then each block of the image is encrypted individually in n times, after that the keys are inverted for each block and repeat this process up to m times. The proposed work has been rigorously examined over the prevalent standard test and has encouragingly succeeded to pass most of them like key sensitivity analysis, statistical analysis, differential analysis, entropy analysis, which make the proposed algorithm good enough for real time secure communication.

This paper Through an analysis of the worm propagation behavior, found that there are certain constraints relationship of network size to the propagation speed of the worm . On this basis, network segmentation algorithm based on DFS is proposed to reduce the size of the network, in order to gain subnet boundaries , in order to further suppress the spread of worms provide a theoretical basis , provide reference and basis for the erection of a network worm isolation system. the method of using DFS network segmentation algorithm based on network topology was proposed to solve large-scale network analysis. It provides a strong theoretical support for fast access network backbone node. The result of experiment shows that the proposed method is effective.

Two faithful quantum secure communication and authentication schemes based on Bell states and classical XOR operation are proposed, which withstand collective noises. The authentication and eavesdropping detection are completed by using logical decoy photons generating by previously shared identity string. The logical decoy photons are decoherence-free states over the two collective noisy channels respectively. The transmission of secret message is a one-time pad system, which guarantees the absolute security of secret message. Encoding secret message after particle transmission ensures the accuracy of secret message.

A digital signature is a mathematical structure for indicating the validity of digital information or any document. A message is created by a known sender whose digital signature provides a recipient reason, such that the sender cannot reject having sent the message confirmation and that the message was not changed in transportation integrity. The Signature recognition and verification are a behavioral biometric. It can be operated in two various types: one is the Off-Line or Static Signature Verification Technique and another is the On-line or Dynamic Signature Verification Technique. In this paper, we are studying about Off-Line or Static Signature Verification Technique. In this method, users write their own signature on the blank paper and then digitize it with an optical scanner or a camera, and then the biometric system identifies the signature by analyzing its shape and this collection is also called as “off-line” Signature verification. Signature authentication can be divided into three main classes. These classes are based on how alike a forgery is in relation to signature and are identified as random, simple and skilled. In the random forgery the forger does not know about the signer’s shape or signature name. In the simple forgery or unskillful forgery, the forger knows the name of the actual signer but don’t know how his signature looks like. And in the skilled forgery, the forger knows both the information of the signer.

In 2012, Singh and Verma proposed an ID-based proxy signature scheme with message recovery. In this paper, we show that their scheme is vulnerable to the forgery attack, and an adversary can forge a valid proxy signature for any message with knowing a previous valid proxy signature. In addition, there is a security flaw in their proof. Furthermore, we propose an improved scheme that remedies the weakness of their scheme, and the improved scheme can be proved existentially unforgeable-adaptively chosen message and ID attack assuming the computational Diffie-Hellman problem is hard.

Since quantum computer attacks will be threats to the current public key cryptographic systems, there has been a growing interest in Multivariate Public Key Cryptography (MPKC), which has the potential to resist such attacks. Finite field multiplication is playing a crucial role in the implementations of multivariate cryptography and most of them use two-input multipliers. However, there exist multiple multiplications of three elements in multivariate cryptography. This motivates our work of designing three-input multipliers, which extend the improvements on multiplication of three elements in three directions. First, since multivariate cryptography can be implemented over small composite fields, our multipliers are designed over such fields. Second, since it requires multiplications of two and three elements, our multipliers can execute both of them. Third, our multipliers adapt table look-up and polynomial basis, since they are faster over specific fields, respectively. We demonstrate the improvement of our design mathematically. We implement our design on a Field-Programmable Gate Array (FPGA), which shows that our design is faster than other two-input multipliers when computing multiplication of three elements, e.g. multiplier with field size 256 is 28.4% faster. Our multipliers can accelerate multivariate cryptography and mathematical applications, e.g. TTS is 14% faster.

Based on some commonly used methods of deicing technology, this paper used the series-parallel network system to express the risk level and proposed a simplified mathematical optimization model to arrange the ice prevention measures properly to make the lowest input while achieve the best ice prevention effect. An example based on WSCC-9 system is calculated using MATLAB. It can be seen that the deicing tool input should be larger if the efficiency of deicing tools is low or the expected failure probability is low. And a higher failure probability indicates more deicing tool input.

With the development of science, software becomes more and more complex, which makes it difficult to do fault propagation analysis. Software Network is a general tool in studying fault propagation, but because of the diversification of software’s architecture, we can no longer oversimplify the data flow of nodes in the software network which is universal in conventional method to analyze fault propagation. This paper put forward a new structure Class Interactive Network based on the data interaction of classes in software to analyze software’s fault propagation in the class hierarchy and simulate software classes’ performance in fault propagation with quantitative analysis in Class Interactive Network.

Cloud computing is an advantageous technology, which allows any enterprises to shift their data towards Cloud Service Provider (CSP) end. This shift poses an essential necessity for data being available all the time with a considerable level of security. Availability is an important concern for any subscribers as their sensitive data are prone to attack threats. Resource and data availability are most important security measure. So, blocking the attack traffic towards Data Center (DC) improves availability, but passive outwitting leads to high false positive and negative rate. This affects the legitimate requestors being outwitted. So, the proposed chaotic theory based defense mechanism considers the stability state of traffic and detects the anomaly traffic condition. The anomaly traffic condition is just the passive way of diminishing the effect of overload, but classifying them appropriately and allowing the non-attack case of overload improves the availability and utilization and reduces the false case rates. Considering several cases of overload threats and allowing the legitimate overload case improves efficiency. The simulation results proved that the mechanism proposed is deployable at an attack-prone DC for resource protection, which would eventually benefit the DC economically as well.

This paper proposes a new method of fingerprint singular points searching algorithm based on fingerprint orientation maps mainly. In these orientation maps, mathematical morphology theory and operations are used to search the fingerprint’s singular points in view of the phenomenon that the change of ridges’ direction at the points is the fastest in the whole fingerprint image and the directions of finger ridges which surround the points are symmetric with each other. For obtaining more accuracy result, before obtain the orientation maps, we use db3 wavelet technology to remove the most of fingerprint images’ noises in this paper. For the same reason, before the main mathematical morphology operations, we first obtain fingerprint images’ binary image models based on the db3-denoise image, and use these models to remove the disturb directions of the image background secondly. Experiments indicate this method is easy to understand, achieve and has a good robustness for the fingerprint’s translation and deformation.

The basic task in intrusion detection system is to classify network activities as normal or abnormal while minimizing misclassification. In literature, various machine learning and data mining techniques have been applied to Intrusion Detection Systems (IDSs) to protect the special computer systems, vulnerable traffics cyber-attacks for computer networks. In addition, Support Vector Machine (SVM) is applied as the classification techniques in literature. However, there is a lack of review for the IDS method using SVM as the classifier. The objective of this paper is to review the contemporary literature and to provide a critical evaluation of various techniques of intrusion detection using SVM as classifier. We analyze and identify the strengths and limitations of various SVM usages as classifier in IDS systems. This paper also highlights the usefulness of SVM in IDS system for network security environment with future direction.

Internet of Things (IoT) represents the extension and evolution of the Internet, which has great potential and prospects for modern intelligent service and applications. However the current IoT is still based on traditional static architectures and models by our deep investigation. It lacks enough intelligence and cannot comply with the increasing application performance requirements. By integrating cognition into IoT, we present a new concept of Cognitive Internet of Things (CIoT) and its corresponding intelligent architecture. CIoT consists of Protocol Plane, Cognitive Plane and Control Plane modules and involves some novel designed models such as layer protocol stack, three-layer cognitive rings. Based on the proposed CIoT, we finally develop an actual application system to address the transportation and dispatching for ready-mixed concrete. The statistical results show that the new dispatching pattern with CIoT can achieve higher efficiency of transportation and dispatching with lower oil consumption than traditional dispatching pattern.

A quantum public-key cryptosystem without quantum channels between any two users using non-orthogonal states is provided in this paper. Every user keeps a set of quantum particles in non-orthogonal states in a key management center (KMC) as the public key while he or she keeps the states of them as the private key. By the help of KMC users can accomplish secret communication and message authentication. The laws of quantum physics guarantee the unconditional security of this cryptosystem. No entangled states or complex quantum operations are needed. On the other hand there are no quantum channels needed to connecting any two users. So the public-key cryptosystem is easier to carry out and more robust in practice.

Serviceable and secure authentication is a research field that approaches dissimilar challenges related to authentication, including security, from a human-computer interaction perspective. The process of identifying an individual usually based on an email id and passwords. In this paper, we focus on client and server authentication. We examine the phishing problem, Man-In-The-Middle Attack, The main challenge in the design of a security system for high security is, how to prevent the attacks against data modification and authentication. Web based delivery is one of the most complicated phishing techniques. Also known as “man-in-the-middle,” the hacker is being found on the original website and the phishing system.

Cloud computing is a new computing model, it will be large-scale computing resource interconnection were effectively integrated, and the computing resources available to users in the form of services. The user can at any time according to need to access a virtual computer and storage system using a broadband network, without the need to test the underlying anxiety complex implementation and management, greatly reduce the difficulty of realization and hardware investment users. Cloud computing effectively the actual resources and virtual service separation reduce all kinds of business service costs, improve the utilization of network resources. The main work of this paper includes: first introduced the current cloud environment security threat, attack and common intrusion detection technology, summarizes the advantages and disadvantages of the proposed at the present stage of intrusion detection system under the cloud environment. Then the research on the analysis of the fuzzy C mean clustering algorithm for intrusion detection exist deficiencies in a cloud environment, the improvement and optimization of its, and the improved algorithm for parallel implementation of map reduce, to solve the clustering problem of the magnanimity data.

In view of the simple keys, time-consuming in encryption and decryption process and the loss of original function characteristics in encrypted image QR two-dimensional code, we adobe a kind of encryption method of QR code based on ECA state ring. In this method, the simple structure, highly parallel of elementary cellular automaton is being used. Operating each pixel point on the quick response code except which can express QR code function information. The simulation results show that the method is faster than two kinds of typical QR code encryption method, and the encrypted image can preserve the original QR code function information, while the safety coefficient is very similar.

A genetic algorithm (GA) is a search algorithm for solving optimization problems due to it is robustness; it offers benefits over optimization techniques in searching n-dimensional surface. In today's information age, information transfer has increased exponentially. Hence, security, confidentiality and authentication have become important factors in multimedia communications. Encryption is an effective technique that is preserving the confidentiality of data in Internet applications. Cryptanalysis is a technique of encoding and decoding ciphertext in such way it cannot be interpreted by anyone expects sender and receiver. In this paper, GA with an improved crossover operator was used for the cryptanalysis of Simplified data encryption standard problem (S-DES). Results have shown that GA performance is better than brute force search technique in breaking S-DES key.

This paper proposes a novel watermarking algorithm of 3D CAD product model, which is able to keep strictly geometrical shape around embedding watermark and make watermarked model have function transparency. Firstly, the isolated geometrical entities are selected as watermark carriers. Secondly, the watermark is embedded into the isolated geometrical entities with a geometric entity substitution algorithm. When extracting the watermark, the original product model and pre-process (registration or re-sampling) need not be provided. The experimental results have shown that the proposed watermarking algorithm is robustness against some common attacks, such as transformation, rotation, scaling and entity deletion.

Intrusion detection is an important way to ensure the security of computers and networks. In this paper, a new intrusion detection system (IDS) is proposed based on Hidden Conditional Random Fields (HCRFs). In order to optimize the performance of HCRFs, we bring forward the Two-stage Feature Selection method, which contains Manual Feature Selection method and Backward Feature Elimination Wrapper (BFEW) method. The BFEW is a feature selection method which is introduced based on wrapper approach. Experimental results on KDD99 dataset show that the proposed IDS not only has a great advantage in detection efficiency but also has a higher accuracy when compared with other well-known methods.

In an identity-based proxy re-encryption scheme, a semi-trusted proxy can convert a ciphertext under Alice’s public identity into a ciphertext for Bob. The proxy does not know the secret key of Alice or Bob, and also does not know the plaintext during the conversion. In identity-based proxy re-encryption, the collusion of the proxy and a delegatee may result in the decryption of ciphertext for delegator. In this paper, we present a new scheme which can avoid the collusion of proxy and delegatee. Our scheme improves the scheme of Chu and Tzeng while inheriting all useful properties such as unidirectionality and non-interactivity. In our scheme, we get the security by using added secret parameter and change the secret key and re-encryption key. Our sheme is secure against Chosen-Ciphertext Attack (CCA) and collusion attack in the standard model.

There is great similarity between the information industry security and ecosystem of information industry. Therefore, using the theory and methods of ecology and system science, we studied the issue of information industry security in detail based on the theory of ecosystem from the level of individual, cluster, and so on, and take China’s information industry security as an example of empirical research, then provided a range of effective policy suggestions for relevant Chinese government departments to control and guide China's information industry security.