Earticle

Nowadays, the network transmission and video encryption areas have urgently needed high-speed encryption systems for SM4 algorithm. To speed up the SM4 system in small area, three aspects in existing system is analyzed and optimized. Firstly, aiming at the prior encryption must wait long until completing all 32 rounds key expansion, a method is proposed for outputting round key in each key expansion to accelerate encryption response. Secondly, considering most user passwords are unchanged, we adopt additional memory for comparing old and new keys, so that key expansion can be cancelled sometimes. Thirdly, the paper analyses the relationship between key expansion and encryption/decryption algorithm in SM4. Using module reused technology, the designed key expansion module can also encrypt and decrypt, and the designed another two modules can both encrypt and decrypt. Therefore, the system can achieve three tasks’ synchronous encryption/decryption, which greatly improves the system's processing speed. This paper presents a hardware design scheme for the high-speed system. At last, the optimized design is realized in FPGA. The experimental results show that the design is feasible, and the SM4 encryption speed can increase fourfold.

In realizing a homomorphic encryption system, the operations of 1encrypt, decrypt, and recrypt constitute major portions. The most important common operation for each back-bone operations include a polynomial modulo multiplication for over million-bit integers, which can be obtained by performing integer Fourier transform, also known as number theoretic transform. In this paper, we adopt and modify an algorithm for calculating big integer multiplications introduced by Schonhage-Strassen to propose an efficient Ring-LWE processor architecture which can save memory. The proposed architecture of Ring-LWE encryption processor has been implemented on an FPGA and evaluated.

Using Hidden Markov Model (HMM), this paper detects some fraudulent financial information of a company. The research index MBSPM (Main Business Service Profit Margin) ratio of company is used to test the effectiveness of HMM. Due to the shortage of the fraudulent data, based on the MBSPM index data we generate the artificial fraudulent financial information data by Poisson process and Uniform distribution, that is, we use the Poisson process to simulate the arrival times of the fraudulent financial information and the Uniform distribution to simulate their fraudulent sizes. By embedding the artificial fraudulent financial information data into the non-fraudulent MBSPM data, we form the sample data series. Applying Henderson filter method, we derive the research sample data by getting rid of the sample data series trends. We do some experiments to test the validity of HMM for detecting the fraudulent financial information, and further make some comparisons with other detecting techniques: logistic regression and ANNs. The detected results show that the HMM approach can significantly improve the identification accuracy.

In order to improve credibility and precision of the personalized service recommendation, we propose a personalized trusted services recommendation method based on social network. Firstly, according to the similarity of user's preference, the method build new relations combined with direct trust and indirect trust of users between them. Secondly, form a set of similar services which includes services invoked by target users. Eventually, get user’s indirect trustrank to the recommended services through the weighted average of the target users’ indirect trustrank to the recommended service and thus form a recommendation list. The experiment take precision rate, recall rate and F1_Measure as evaluation indexes. Comparing with traditional method which based on no confidence and users’ trusted network, this approach demonstrates its effectiveness and feasibility through the result of the experiment.

The dynamic nature of Botnets along with their sophisticated characteristics makes them one of the biggest threats to cyber security. Recently, the HTTP protocol is widely used by Botmaster as they can easily hide their command and control traffic amongst the benign web traffic. This paper proposes a Neural Network based model to detect mobile HTTP Botnets with random intervals independent of the packet payload, commands content, and encryption complexity of Bot communications. The experimental test results that were conducted on existing datasets and real world Bot samples show that the proposed method is able to detect mobile HTTP Botnets with high accuracy.

This paper puts forward text filtering system based on SVM algorithm regarding to the problem that bad and sensitive information of user tag that may exist in the collaborative geographic information plotting system. Then further improvement has been made towards the TF-IDF for feature extraction and thus achieved the function that automatically blocks the bad and sensitive information marked by users.

Web sites can be dynamic and static sometimes a combination of both. To assure security all the websites need protections to their database. This paper proposes a static analysis of various technique of detecting recently discovered web-based vulnerabilities such as cross-site scripting and HTTP splitting attacks with NoSQL injection. Today, the situation is¬ better, and traditional databases have introduced built-in protection mechanisms. But does this mean that NoSQL systems are immune to injections? Our study shows that although the security of the query language has largely improved; there are still techniques for injecting malicious queries. Some works already provide reports of NoSQL injection techniques. We also show the methods of accessing the dark web. We use TOR browser for the explanation of accessing dark web. The user entering into the website with different format rather than the original will be noticed, and they are not allowed to access our website. Instead of passing SQL queries into the input fields the user can also directly pass the objects inside it. Once the user enters in, with the actual format and attempts to upload .exe file the website tends to block that user's account.

Due to limited time and resources, ocean enterprise usually give priority to low level of risk project to realize informatization. According to informatization projects content of ocean engineering project, constructing an index system of ocean engineering informatization project based on risk assessment of personnel, capital, organization and technology in total of four perspectives. Utilizing the advantage of Fuzzy TOPSIS of multiple attribute decision-making and limited amount of information decision advantage. The propose of the study is to develop a sorting model of ocean engineering informatization project based on risk level, then sorts the risk of four candidates ocean engineering informatization project ,and proceeding the empirical analysis. By observing the result, A1 has the minimum risk level of informatization, which is ocean enterprise informatization preferred.

In view of excessive calculation and bandwidth cost, excessive complexity of the user access permission revocation in the cloud storage service, taking the ciphertext access control scheme of property encryption system (CP - ABE) of ciphertext strategy as the theoretical background, this article designed a cloud storage permission revocation optimization mechanism based on the dynamic re-encryption, namely DRPRO. The mechanism uses (k, n) threshold scheme to divide data information into several blocks, and dynamically selects a data information block to implement the re-encryption, and completes the user access permission revocation realization process by data partitioning, reconstruction, transfer, extraction, permission revocation and other subalgorithm successively. Theoretical analysis and simulation experiment evaluation show that under the premise of ensuring the high security of cloud storage service user data, DRPRO mechanism reduces the calculation and bandwidth cost of the user access permission revocation effectively, and its performance efficiency has been further optimized and improved.

Tools required for the security purposes are firewall, passwords, IDS, IPS for the detection of anomaly and prevent it from sending out the harmful traffic to the network. So, it is very necessary to examine the behavior of traffic that coming to the network and recognize the anomalous behavior. In this paper, statistical based chi-square method is used to detect the anomalous behavior and predict the intrusions by calculating the observed and expected frequencies. Setting of interval is difficult for the detection of anomaly but in our case we set interval according to the less variation in traffic. Traffic contains from the backscatter dataset. Chi-square method is good to detect the anomalous behaviors because it gives the Poisson’s distribution for the whole traffic on network. Large difference shows anomaly occurs.

A location fingerprint positioning technology method is proposed based on bat algorithm to improve the defect of traditional indoor location fingerprint positioning technology. These shortcomings include offline heavy workload, limited accuracy and poor robustness. The fingerprint database can generate using the middle point interpolation method and the method that channel attenuation model which instead of offline training stage. This stage realize the function of timing automatic databased updates. After that the database combines K nearest neighbor algorithm with bat algorithm in the stage of matching algorithm to realize the positioning function. Compared with the traditional method, location fingerprint positioning technology using bat algorithm reduces the overall positioning of workload and rapidly respond to the effect of the changing environment. Finally, localization performance test is carried out under the given simulation environment. The result indicates that this method improves the average precision than other algorithms about 23.14%, the vast most of the blind node position error range within 1.5 meters, which shows the advantages of positioning accuracy, robustness and adaptation to the changing environment.

Inversions in small finite fields are the most computationally intensive field arithmetic and have been playing a key role in areas of cryptography and engineering. The main algorithms for small finite field inversions are based on Fermat's little theorem, extended Euclidean algorithm, Itoh-Tsujii algorithm and other methods. In this brief, we present techniques to exploit special irreducible polynomials for fast inversions in small finite fields GF(2n) , where n is a positive integer and 0 < n < 16 . Then, we propose fast inversions based on Fermat's theorem for two special irreducible polynomials in small finite fields, i.e. trinomials and All-One-Polynomials (AOPs). Trinomials can be represented by polynomials xn + xm + 1 and AOPs can be represented by polynomials xn + Xn-1 + ... +1 , where m is a positive integer and 0 < m < n . Our designs have low hardware requirements, regular structures and are therefore suitable for hardware implementation. After that, our designs are programmed in Very-High-Speed Integrated Circuit Hardware Description Language (VHDL) by using integrated environment Altera Quartus II and implemented on a low-cost Field- Programmable Gate Array (FPGA). The experimental results on FPGAs show that our designs provide significant reductions in executing time of inversions in small finite fields, e.g. the executing time of inversion in GF(27) is 18.80 ns and the executing time of inversion in GF(212) is 29.57 ns.

The way of remote specially appointed and sensor systems make them exceptionally alluring to aggressors. A standout amongst the most prevalent and genuine assaults in remote impromptu systems is wormhole assault and most proposed conventions to protect against this assault utilized situating gadgets, synchronized timekeepers, or directional reception apparatuses. We propose a novel calculation for identifying worm-opening assaults in remote multi-bounce systems. The proposed methodology is totally limited and, not at all like numerous procedures proposed in writing, does not utilize any exceptional equipment antique or area data, making the strategy all around appropriate. The calculation is autonomous of remote correspondence models. Be that as it may, learning of the model and hub dispersion gauges a parameter utilized as a part of the calculation. We display reproduction results for three diverse correspondence models and two distinctive hub circulations, and demonstrate that the calculation can recognize wormhole assaults with 100% discovery and 0% false caution probabilities at whatever point the system is associated with high likelihood. Notwithstanding for low thickness systems where a possibility of disengagement is high, the recognition likelihood stays high.

With the development of E-business, logistics industry has become an important part of China's economic development. E-commerce market brings a great opportunity to traditional logistics industry, as more than 70% express business is derived from the network shopping; however, E-commerce supply chain security problem also produced some adverse effects. In this paper, the authors analyze the key factor of logistics industry in E-commerce market, and find out three factors affecting logistics capability as logistics infrastructure optimization, industrial structure and marketization degree. By using VAR model, the empirical results show that there exist a long-term relationship between the basic logistics optimization degree, industrial structure and the degree of marketization, and marketization degree has positive related to the logistics optimization degree. At the same time, the market degree has obvious promotion effect on logistics optimization in the short term. This conclusion shows that in order to play the role of logistics industry to promote economic growth, government should optimize the industrial structure, and improve network infrastructure.

This work presentss the system for dynamic enforcement of access rights on Android. Each application will be repackaged by this system, so that the access to selected private data is restricted for the outer world. The system intercepts the system calls using Aurasium framework and adds an innovative approach of tracking the information flows from the privacy-sensitive sources using tainting mechanism without need of administrator rights. There has been designed file-level and data-level taint propagation and policy enforcement based on Android binder.

With the development of E-commerce, more and more enterprises begin to use the network platform to carry on the sales; E-commerce transaction security will become the key issues and may restrict the development of electronic commerce. Using field survey method, this paper tried to explore the effects and internal mechanism of employee voice behavior in E-business Company. We collected data from provinces of Hubei, Hunan, Fujian, Guangdong and Zhejiang and got a sample of 93 multi-function work teams comprising 614 employees from E-business enterprises and institutions. All measurement instruments were adapted from well-established scales. Confirmatory factor analysis showed acceptable model fit indices. The values of inter-rated agreement and intra-class correlation indicated that the data aggregation from individual-level to shared team-level was reasonable, Through hierarchical regression and mediation and moderation effect analytic techniques the final results showed that voice behavior had a significant positive influence on team creativity. Team members’ voice behavior has positive effect on team creativity was not only partially mediated by specialization and credibility dimensions of transactive memory system, but also fully mediated by team knowledge sharing. In addition, team learning behavior was found to have significant moderation effect on the relationship between voice behavior and team creativity.

Android operating system provides a rich inter-application message passing system. The mechanism encourages inter-application collaboration and reduces developer burden by facilitating component reuse. Unfortunately, message passing is also an application attack surface. The content of messages can be sniffed, modified, stolen, or replaced, which can compromise user privacy. In this paper, we examine Android application interaction and identify security risks in application components. We provide a method that detects application communication vulnerabilities. And the effectiveness of the method is verified by experiments.

In this paper we propose a new method of digital audio watermarking based on two dimensional cellular automata; the method increases the dimension of the audio and uses cellular automata in generating the key of watermark embedding. The watermarking method is blind, and does not require the original host audio or any of its features to extract the watermark; the watermark can be easily extracted using the right key. The experimental results show that the watermarks are imperceptible; and show a high similarity between the original and the watermarked audio. Cosine similarity and peak signal-to-noise ratio were used to measure the similarity between the original audio and the watermarked audio.

In this paper we propose and implement a provably-correct bytecode verifier for Micro-Dalvik which is a significant subset of Dalvik. We take the approach of a data flow analysis on semilattice to solve the bytecode verification. The operational semantics of Micro-Dalvik is developed. The semilattice structure is constructed and transfer functions are defined. Based on the semilattice and transfer functions the well-typing is described. The bytecode verifier is realized to compute a method type to see whether each instruction is assigned a well-typing. By giving conforming relations between the machine state and the well-typing, the correctness of the verifier is proved that the verifier guarantees safe execution and well-typed Micro-Dalvik programs do not produce type errors.

Mobile Ad hoc Networks consist of a set of mobile nodes communicating with each other in a decentralized and dynamic topology where nodes provide retransmission capabilities. Communications between source nodes and destinations go through routes represented by a set of intermediate nodes that are required to adapt and behave in response to some actions according to orders given by the chosen routing protocol. Absence of a centralized architecture, in addition to open wireless medium of Ad hoc networks, as well as nodes mobility are ones of the network characteristics that render the environment much vulnerable to different routing attacks. A wide range of current researches focus on enhancing MANET security using various techniques like cryptography, but these mechanisms creates too much overhead. Artificial Immune Systems provide intrusion detection techniques based on the abstraction of the human immune system. They are known to be very efficient and lightweight algorithms. Multiple immune theories are implemented like Negative selection, Clonal selection, Danger theory, Immune network...etc. This paper proposes the use of combined immune theories as an Intrusion Detection System that integrates to the AODV routing protocol and that can sense the presence of non-trusted nodes, as it can eliminate them from the network. The proposed approach is tested and validated in presence of Packet Dropping Attack. Promising results in terms of network performance then are discussed.

Computer network information security has attracted much attention of the society. The importance of computer network information is widely accepted. According to the determined selection criterion of computer network information security evaluation indexes to choose 5 first-level evaluation indexes and 19 second-level evaluation indexes to construct the evaluation system of computer network information security, using the analytic hierarchy process (AHP) to determine the weight of each evaluation index, the evaluation results of computer network information security are divided into 5 levels, that is, very safe, safe, general, dangerous, very dangerous. Establishing the fuzzy comprehensive evaluation model, through the expert evaluation method to carry on the level evaluation, the computer network information security evaluation of Weifang University of Science and Technology is taken as an example to carry on the simulation calculation. The fuzzy comprehensive evaluation model of the computer network information security is professional, scientific, and reasonable, which could provide theoretical basis for the development of computer network.

The anti deception technology of the capture section is put forward, which is based on the idea of three-dimensional space compression domain. In the first part, the acquisition range of the signal is strictly controlled and the difficulty of the attack is increased. Doppler frequency and code phase estimation error are the key factor to affect the performance of the technology. The smaller the estimation error is, the more accurate the position of the real signal can be accurately determined.

Recently, smartphone and Wireless network environment is provided, users of IPTV services using smart phone is increasing rapidly. We want to method to collect and delivering of user’s need, and to search for ways to securely transfer contents suitable. Moreover, if computing environment changes to CPS environment, these requirements are further increase. But, the suitable encryption algorithm and suitable secure protocol does not exist now. Therefore, we propose a new system to use the CP-ABPRE technique in order to safely transfer the contents in the CPS environments. Our proposed system can support to re-encryption and decryption on the smart gateway. It can provide to confidentiality, integrity, real-time response, and collusion attack resistance in CPS environments.

The Octonary PVD algorithm is the method that simultaneously achieves three contradicting objectives, high payload, commendable perceptual quality and high statistical un-detectability. However, the Octonary PVD algorithm has a major defect that it does not embed the secret data in the optimum locations because it does not consider the use of different pixel groups will have different effects on the statistical undetectability and payload of the stego image in the process of embedding. In view of the above problem, an improved steganography is proposed. An improved objective function which is used by the PSO module is defined at first in this proposed method. Then, an improved data hiding scheme is proposed. The proposed algorithm is an improved method based on the Octonary PVD algorithm, and the improved objective function which be used by the PSO module is set in such a way that both perceptual quality and statistical un-detectability are considered. This proposed algorithm has high statistical un-detectability and high payload with commendable visual quality. An extensive experimental evaluation has demonstrated the excellent performance of the proposed algorithm compared with other existing image spatial domain steganography algorithms.

In the daily-real systems, protecting the data only is far less enough. The process about the generation, distribution, storage, and the revocation of the key is the core problem in the system-security consideration. If the management of the key is insecure, attackers could easily get the key used in the encryption steps to the context, leading to useless processing in the encryption no matter how secure the system be. Unlike the period of validity for the different key, the key can easily be attacked by various methods due to its distribution through the complex net links, which would bring about the threatening of the security. In this paper, we analyze three models of the key distribution, associated with the actual applications for the encryption in the hypermedia video stream. Besides, we raise up a new protocol based on the IKEV2 distribution protocol and evaluate the stability when it suffer the Man-in –the-Middle Attacks, DoS and Replay attacks.

Under the revised personal information security law in Korea, users may face inconvenience with managing privacy files. This paper proposes a privacy protection system, called TEAM, enhanced with a ‘Virtual Synchronized File’ concept, which keep convenience by providing users with a transparent user experience, while complying with the personal information security law. The proposed system periodically detects and compresses files containing personal information and encrypts them. The encrypted files are transmitted to a remote storage server. Then the client PC replaces the original privacy file with a Virtual Synchronized File termed VSF. From the users’ perspective, the VSF alleviates the inconveniences and maximizes efficiency of personal information management as it (1) allows the users to access to the privacy files in a transparent manner in comparison to an access scheme for a normal document file; (2) internally performs encryption/decryption for the file; and (3) separately stores the files with minimized users’ interventions. Consequently, TEAM makes it possible to comply with the law while providing users with transparent user experience.

Distributed computing guarantees to on a very basic level change the way we utilize PCs and get to and store our own specific and business data. With these new registering and correspondences models develop new data security challenges. Existing information security structures, for instance, encryption have fizzled in imagining information theft strikes, particularly those executed by an insider to the cloud supplier. We propose a substitute methodology for securing information in the cloud utilizing adversarial mimic improvement. We screen data access in the cloud and perceive unpredictable data access outlines. Right when unapproved access is suspected and after that confirmed using test questions, we dispatch a disinformation strike by giving back a considerable measure of fake information to the attacker. This secures against the misuse of the customer's real data. Trials coordinated in a neighbor-hood archive setting give confirmation this technique may give unprecedented levels of customer data security in a Cloud space.

The prediction problem of network security should be studied facing the Massive malicious attacks, the information should be alarmed in time, then the network security can be ensured. The network security situation prediction is necessary to ensure safety of network, therefore the Markov game theory is applied in predicting the network security situation. Firstly, the network security situation prediction model is constructed based on coarse grained treatment. Secondly, the prediction model of network security situation based on Markov game theory is established, the basic procedure of network security situation prediction is established. Finally, the simulation of network security situation based on Markov game is carried out, and results show that the Markov game theory is an effective method for predicting the network security situation.

As a new information hiding method, coverless information hiding has become a hot issue in the field of information security. The existing coverless information hiding method can hide only one Chinese character in each natural text. However, the problem of the method is that the hiding capacity is too small. To address this problem, a new method named coverless multi-keywords information hiding method based on text is proposed in this paper. The main idea of the method is that both the keywords and their number will be hidden in the texts. Experimental results show that the proposed method can improve the capacity of the existing coverless information hiding method based on text.