Earticle

The traditional encryption methods pay more attention to the confidentiality of the message content, but ignore the protection of identity information to the communicating parties. By encrypting, the contents of the communication acquired by attackers became relatively difficult, but they can still found the identity information of the two sides to communicate easily because in the TCP / IP protocol, the sender and receiver of the message are exposed. The anonymity communication technology, is used to solve this problem. The first anonymity communication technology can date back to 1981, Chaum proposed MIX [1] which is a very important technology for reference by a number of researchers of anonymity communication. The rapid development of the Internet has made things convenience to people, but also led to more personal information exposed to the public. As a result, a growing number of areas that required anonymity communication technology to protect the user's privacy. P2P file-sharing is not exception. P2P is undoubtedly the most popular way for file-sharing, but popular P2P file-sharing protocols, such as BitTorrent, can’t provide users anonymity communication service. Many people choose to build upon existing anonymous communication tools, such as Tor, to achieve anonymous P2P file transfer, but Tor primarily provides anonymous service for web browsing, instant message or other low latency applications. A large number of P2P file traffic will seriously threaten the service of Tor. Therefore, the anonymity communication service specifically for P2P file sharing system is very important. In this paper, we presents an anonymity communication scheme specifically for P2P file-sharing networks called F-Crowds which based on Crowds [2] to provide an adjustable anonymity service for P2P file-sharing.

Industrial and research organizations expect that tens of billions of daily life objects can communicate with each other in the near future for realizing a hyper connected society that is called Internet of Things (IoT). They also agree that security is one of the most important concerns to provide smart and intelligent services successfully in the IoT. The author notes in this paper that the first step towards a secure IoT is the initial configuration of connected objects and networks in a secure fashion. As a solution, this paper proposes a secure configuration (i.e., bootstrapping) scheme for resource constrained devices such as sensors or actuators. The scheme is activated when a new object (or node) initially installs and re-installs to a network that is currently in operation. The method is suitable for a scenario, where resource constrained small things are interconnected with each other and thus formed Internet of Things.

According to “Pressure - State – Response” model, an eco-security assessment system was built which contains 32 indictors such as human activities, regional development index, etc. The results showed that: ecological security index of Zhalong Wetland Nature Reserve, appeared upward trend after the first drop in overall, but were all in warning category from 2007 to 2012. As for subsystem level, since 2007, pressure subsystem showed worsening trend, while the state and response subsystem appeared signs of improvement.

In order to improve the recognition rate of user identity authentication system, a user identity authentication method based on the combination of mouse and keyboard behavior is proposed. First of all, the characteristics of the two indicators of the mouse and keyboard are extracted, and then realizing the use of support to the rationale for the establishment of an identity authentication device, and finally test through a number of user identification and authentication. The results show that this method can improve the recognition rate of the user identity authentication, which greatly reduces the error rate and rejection rate and the results are obviously superior to the traditional method.

Adhoc network is basically infrastructure less in nature and it is vulnerable to attacks. In such a network it is necessary to create the security autonomously without the involvement of centralized architecture. Address allocation, name resolution, services rendering, authentication and access control policies represent some of the functionalities that are supported by the Adhoc Networks. To solve the above issue, a novel security protocol is proposed for the Passionate network formation. Initial network formation done based on trust. For each newly added user authorization is performed using certificate generation. Authentication is carried out using certificate verification mechanism. Session key is used by all the nodes in the network, for the defended communication. Symmetric key encryption is used for data encryption. Asymmetric cryptography is used for session key encryption and signature generation. Session key updating is carried out based on expiration time. To revoke the attacker from participating in the network, User revocation mechanism is contributed to the proposed security protocol. Security is enhanced with revocation capabilities.

In order to solve the problems that lithium-ion power battery cannot reflect state of health(SOH) in sorting process , the parameters which can reflect the battery SOH, such as capacity, AC resistance and self-discharge current, were used as the input vector of battery sorting model, fuzzy c-means clustering analysis and support vector machine based on cross validation algorithm to the battery for classification and recognition were used, and lithium power battery sorting model was established and the same batch of power battery were separating tested and according to the experimental results, batteries was divided into groups. The test results showed that: battery electrochemistry was having a good consistency. The variation of capacitance was less than 5% while there was 1500 cycle life.

Security of precious data is the most critical design parameter of a communication network. Applications like online banking and military information exchange requires more concern over security regardless of other design issues like power and energy consumption. Data alterations in some applications can lead to severe irreparable losses. This paper presents a novel and reliable Hash algorithm which inherits the basic architecture of MD5. Performance of proposed technique is compared with existing MD5, SHA-160, SHA-256 and SHA-384 techniques through statistical test suite for random numbers. Results reveal that the suggested technique is more effective in terms of randomness than the MD5, SHA-160, SHA-256 and SHA-384. The proposed technique thus finds its applicability in the sensitive data environment.

With the development of information technology, Internet age has changed the way of people's life in learning, entertainment, communication, consumption and other areas. Network has a positive effect on study and life for college student, but also brings a lot of negative impact. In this paper, we test the influence of internet content and try to find out how it could impact the college students’ sports life. By using empirical analysis, the result shows that the main reason of college students' motivation to participate in sports activities is to have a strong physique, there is a significant correlation between the Internet and college students' sports life style. Internet will significantly affect the sports consumption and sports interest of college students. On this basis, we put forward some advices.

Malicious code detection is one of the important missions of malicious code analysis. Current researches on the detection of malicious code mostly focused on single classifier, whereas the single classifier is not suitable for the detection based on features of different types. We utilized multi-classifiers ensemble based on fuzzy integral to improve the accuracy of the detection framework. A framework based on the Choquet fuzzy integral was proposed to fuse the analysis results of the base classifiers with different features. And the genetic algorithm was used to obtain the fuzzy measure. Finally, the result of Choquet fuzzy integral was compared to a threshold predefined to determine the maliciousness of binary code. Experiment showed that the framework proposed in this paper could be used to determine the maliciousness of binary code more accurately.

A smart phone is closely related to our lives throughout the world. It processes and stores various information from personal information to classified information of companies. As it is called as “a PC in my hand,” it is similar to a PC so that it is likely to be misused, being exposed to many security threats such as hacking, malicious code, and loss, just like the DDoS attack on PC. A hacker can control a smart phone through a number of zombie smart phone instructions, even shutting down the service on the server. However, it is difficult to adapt the PC defense system to the smart phone environment as is because the attack methods on a PC and a smart phone are different. Therefore, this study aims to compare and analyze DDoS attacks on the smart phone environment and PC environment to predict DDoS attack scenario on the smart phone and establish a defense system to reduce the damage.

Code injection attacks are widely used by attackers to compromise computer systems. Attackers could obtain the control of a victim's computer system by injecting shellcode to the vulnerable program. The existing solutions to detect shellcode can be grouped into two categories: static analysis and dynamic analysis. Static analysis can detect shellcode efficiently, but cannot handle the shellcode that employs obfuscation techniques. Dynamic analysis is able to detect the obfuscated shellcode, however it is still limited to detect the recent virtualization-aware shellcode. In this paper, we present a novel shellcode detection approach without using any virtualization technology. We implement our approach based on the commodity OS kernel which is compatible to the existing system. Our approach is able to detect the shellcode that could be aware of the virtualization environment and reduces the probability of exposing detection environment. Our experimental evaluations show that our system can effectively detect a large set of shellcode instances with good performance.

It is a double bind for financial companies to observe electronic financial transaction law and regulation for maintainment a certain level of information security, as well as to introduce information security management system for improvement the company's information security level. In reality financial companies are suffering from spending a lot of time and money to apply highly professional and technical knowledge information security control items that may be redundancy or dissimilar. This study presents a specific authentication model on the financial industry through unifying a duplicate set of controls in terms of the electronic finance transaction law & regulation on e-banking and complements the missing items ISMS controls on the financial industry.

In order to restrain the bad influences of fake and inferior products, an automatic identification authentic work anti-counterfeiting algorithm is proposed in this paper. The authentic work anti-counterfeiting uses a unique random character structure to carry out security. The algorithm is convenient for customers to distinguish the anti-counterfeiting tag by both naked eye and mobile. There is not yet a similar algorithm published. In the algorithm, the feature vectors are extracted using DWT-DCT. Using extracted feature vectors from anti-counterfeiting tag to realize automatic identification. Therefore, this algorithm saves the storage space and improves the identification rate. In addition, the experimental results show this algorithm have strong robustness under common attacks, geometrical attacks.

As interests in security increases, several software development lifecycle considering security have been proposed. Actual results of applying software development lifecycle considering security reduced threats have been reported. But to apply software development lifecycle considering security, requires expertise and experiences. In this paper a secure software development lifecycle applying integrated secure guide is proposed. Secure Guides such as Misuse Case, Security Patterns and Secure Coding are integrated in the proposed method. And then, by applying integrated Secure Guide in each software development phase, the security becomes available in every phase of software development. Since, proposed secure guide provides more security information than available secure guides, software developer can use more security information while they are developing software. As a result, it is expected that developers could consider security more easily when developing software even though developers lacks expertise in security or experience.

The space explosion caused by loop structure in path exploration makes it difficult to find a target-oriented path during code coverage testing. In this paper, a method named target-oriented concolic testing(TOCT) is introduced to tackle the problem of generating a path to cover a target in a loop structure. First, the static analysis method static prefix path search (SPSS) is used to generate a prefix path. Solving the constraints on the prefix path obtains a test case, with which concrete execution is carried out as an input. Meanwhile the execution trace is captured. The trace is used to unfold the loop into a feasible path. Finally SPPS is adopted again for the next prefix-path until a feasible path containing the target is achieved. Experimental results show that the proposed strategy reached a higher coverage when the targets are in loop structure and demonstrate that it is applicable in engineering.

In June 2015, Smishing text and malicious code designed to take advantage of the confusion caused by the Middle East Respiratory Syndrome(MERS-coV) appeared. The Korea Internet & Security Agency(KISA), says recent MERS-related information is used for Smishing text messages with the malicious code disguised as a document being circulated via e-mail attachments. Because the infection following attached e-mails intends to remotely control the system of the infected PC, there is a possibility to cause that further damage may result. This study aims to analyze the Smishing text and malware contents, and the form of hacking attacks taking used to take advantage of the confusion caused by MERS.

Firstly, we are given the security problems faced by a detailed analysis of the cognitive radio networks, and introduces the related basic cognitive radio network problems. Then, based on the difference between the cognitive radio network and the existing wireless network, which analyzes security and artificial intelligence, dynamic spectrum access and discussion. It concluded for the safety of cross-layer design.

The recent years have witnessed the fast growth of mobile e-commerce in the world, and this model has become the most popular one among all the e-commerce models. However, compared with the traditional e-commerce models, the mobile e-commerce is less secure as the carriers, including smart phones, PDA, or handheld computers, can hardly reach the same high level of security as personal computers. The network gap caused by different network operators also causes the network delay when the users are doing cross-platform internet browsing. To solve these problems, a new scheme to reduce network delay and improve security level has been put forward. This scheme proposes to install a “routing box” in user’s home at first. When the smart equipment is to be connected to the Internet, it shall log in on the equipment to be connected to the nearest cloud server which will send the connection request and connect the user to his/her aimed website quickly. Through SSL + WPKI protocol, the user’s log-in information and other forms of information can be safely transmitted. The visiting history can be stored in cache in different levels via cloud server. Therefore, when the relevant information is visited again, the user request can be sent to his/her smart equipment through the nearest cloud server, which can resolve the network gap caused by cross-platform visiting. Such a scheme has been proved effective in local area network by test.

In traditional hierarchical identity based cryptosystems (HIBC), non-leaf entities as level PKGs are usually capable of deriving private keys for their descendants with use of their private keys, non-leaf entities can therefore act (decrypt or sign) on the behalf of their arbitrary descendants. This is called key escrow problem of HIBC. In order to resolve key escrow problem, a new technique – Identifier Discrimination is proposed in this paper for composing private keys for entities in hierarchy. With the technique, an identity selective secure HIBE scheme is constructed under Decisional Bilinear Diffie- Helleman (DBDH) assumption in standard security model, in which any identity is incapable of deriving private keys for any of its descendants with use of its private key, and the privilege of generating private keys for each individual descendant is delegated by the root PKG through authorization, that we call Authorization Delegation. Moreover, a new hierarchical identity based signature (HIBS) scheme is constructed from our HIBE construction, by applying Naor transformation of an identity-based signature (IBS) out of an IBE. Because of the inability of deriving its descendants’ private keys with use its private key, an entity therefore cannot sign messages on behalf of any of its descendants, thus guaranteeing that authenticity and non-repudiation properties are achieved in our HIBS system.

GSM system is widely used by hundreds of millions of people. In fact there is no encryption scheme provides the reasonable security level (user-to-user encryption), it’s just provide the Air-interface encryption i.e. between the mobile station and the base station. Furthermore, there are other wireless links are vulnerable to attacks. It is therefore of great importance to provide reasonable security techniques to ensure the privacy of the mobile users especially circuit switching-based services, as well as prevent unauthorized use of the service. In this paper, a new approach is proposed to provide end-to-end encryption for the GSM system (EEE-GSM). This is achieved by using CL-PKC with some modifications and follow some assumptions in GSM system architecture in order to make the scheme compliant to the GSM cellular system. However, the proposed scheme not only efficient due to end-to-end security, but can also provide a secure system against IMSI catcher, man-in-the-middle, and replay attacks.

With the rapid growth of car ownership, "parking" has gradually become the hot issue of society in general. At present, people widely used stereo garage because it took small area, which had a high space utilization, and convenient operation. However, due to internal instability of three-phase asynchronous motor parameters and load disturbance factors such as fluctuations, it led to a poor robustness of the control system. Therefore, we build a system of first order mathematical model using Simulink based on Active Disturbance Rejection Control (ADRC) and made the simulation analysis by the analysis of the controller structure and algorithm. And through the comparison with the traditional PID control, we implementated the signal fast response optimization design and control overshoot.

With the increasing of Web services on Internet, services composition requests considering not only the static information compatibility, such as interface grammar and semantic, but also the structural behavior compatibility, i.e., control flow and communication protocol. However, due to the uncertainty of Internet, application failures occurred in service-based software will cause kinds of economic losses. This stochastic phenomenon has been impacted on the structural behavior which makes services composition should take the probabilistic compatibility into account. The probabilistic compatibility needs to compute the degree of compatibility for the effective performance evaluation, which has been an important issue during services collaboration. In this paper, the probabilistic interface automaton is proposed to formalize service behaviors. Then, the synchronized product model is used to the qualitative checking for verifying whether they can interact with each other or not. Third, the probabilistic compatibilities of composite service and component service are discussed for the quantitative computing. Our method provides a reference to generate the correctness and reliable services composition.

This paper introduces people-oriented security vulnerability assessment techniques through pattern analysis in order to overcome the limits of the prevalent system-centered and data-centered security vulnerability assessments. This paper suggests algorithms to detect abnormal patterns due to security breach by analyzing physical and logical patterns of people who approach to IT information system. As a result of the analysis, we found that the information system users’ access patterns and behaviors belong to certain categories, and by combining these patterns, it is possible to identify abnormal patterns (∮= 1) which lead to security breach accidents. This research will enable a new way of user-oriented security vulnerability assessment.

There are shortcomings in the currently used traditional CCD imaging system which can automatically recognize banknote image defect, such as the need to manually extract the defect characteristics and low accuracy rate of detection results. This paper briefly introduced the advantage of convolution Neural Network (CNN) in image classification and designed a image defect identification method based on convolutional neural network (CNN). The experimental results on data sets show that the identification accuracy rate of this method is 95.6%, which is significantly better than traditional identification method.

After the version changes,locatingthe influence domain of control flow modificationis a hot issue in software testing, because it helps developersto solve software defects effectivelyand testersto determine the regression test cases. This paper puts forward that an algorithm toanalyzethe influence domain of control flow modification. It can accurately locate the functions which are affected by modified control statements. According to the control flow function calling paths algorithm, a path of nodes is extracted, where control word as well as the function name is regarded as a node,and extract the control block and analysis it, and a static function calling path with the control logic is obtained.Control flow modificationpoint algorithm is put forward to obtain the modified control statements, which is based on Longest Common Substring (LCS) algorithm. An algorithm is also proposed to determine the influence domain of control flow modification.Experimental results show that the proposedalgorithm can determine the influence domain, and provide support for test case reduction in regression testing effectively.

In this paper, we have presented a study on traditional group signatures, which is the Ring Signature T out of n threshold and discuss its implementation issues. Also, we outline the security issues. In threshold Signature Scheme the information can be encrypted and decrypted, only if T numbers out of n numbers (t<n) in the group use their secret keys. As compare to the traditional ring signature scheme, it is more efficient that can prevent spurious or fake messages issued in the name of a reputed group by a compromised personnel in the group.

With the rapid development of mobile Internet, the smartphone has become an essential part of campus student everyday life. In this paper, an intelligent application platform for campus life based on mobile Internet (iCollege) is proposed. Using the collaborative filtering recommendation algorithm, iCollege aims at providing smart recommendations based on daily study demand and social entertainment of campus students.

In the face recognition system, the protection of the facial feature template has already become the most important part. In view of that the current protection methods cannot meet the security and the matching rate simultaneously, a hybrid encryption algorithm was proposed in this paper fusing chaotic encryption and RSA encryption to solve this problem. After the preprocessing to the ORL face database, the feature template was extracted by 2D2LDA and PCA in the non-transformation domain. Then we applied the scrambling encryption and RSA encryption to obtain the final security template. At last, a system with the nearest neighbor classifier and Euclidean distance was used for the matching verification. The experimental results showed that this hybrid encryption method was feasible, effective and easy transplantation with no matching rate reduction.