SONG Wen-Na , PENG Guo-Jun , FU Jian-Ming , ZHANG Huan-Guo , CHEN Shi-Lü
2019, 30(8):2229-2267. DOI: 10.13328/j.cnki.jos.005767
Abstract:The traceability of malicious code refers to the tracking of the source of malicious code based on the characteristics of the target malicious code by analyzing the rules of the generation and propagation of malicious code and the correlation of derivation among malicious codes. The tracking technology can quickly locate the source of attacker or attacker, which would make a deterrent effect to the attacker. It has the important role and value in curbing deterring hacking attacks and improving the network security system. In recent years, the network security situation has become more and more severe. This study categorizes and summarizes research work in the academic and malicious code traceability field. First, the coding characteristics and evolutionary characteristics of malicious codes are revealled, and the relationship between these characteristics and traceability is analyzed. Then, the traceability techniques of malicious code are reviewed and the role and impact of each traceability phase are discussed in the industry and academia. Also analyzed is the level of confrontation of traceability of current malicious code. Finally, the challenges and the future development trend faced by malicious code tracing technology are discussed.
ZHANG Fan , XU Ming-Di , CHAO Han-Chieh , ZHANG Cong , LIU Xiao-Li , HU Fang-Ning
2019, 30(8):2268-2286. DOI: 10.13328/j.cnki.jos.005768
Abstract:Trust measurement, which is the basis of "measurement, storage, and reporting" of trusted computing, is still lack of mathematical theory and has few applications in a real-time environment thus far. The difficulty lies in three points. One is how to establish a general mathematical model that can cover different mainstream definitions of "trust"; the second is how to build a runtime trust measurement theory based on the established mathematical model; and the third is how to map the above the model and theory to real information systems, and therefore form a practical real-time measurement method. To address the above issues, a runtime software trust measurement approach is proposed. Initially, a noninterference model is leveraged to explain different mainstream definitions of trust, indicating that noninterference model can be an appropriate option of general mathematical model for trusted computing. Next, a noninterference model-based real-time trust measurement theory is presented. In the proposed trust measurement theory, a system call is processed as an atomic action, and the sequence of system calls is constructed as the real behaivior of a process. Note that every system call belongs to a security domain, and different security domains are of noninterference with each other. Therefore, after obtaining a real behavior α, the theoretically expected behavior β can be calculated based on the noninterference relations between security domains to which system calls in α belong. Once obtaining α and β, the trust of a process can be measured by determining whether two behaivors α and β deviates. Finally, a trust measurement algorithm is given. The algorithm can determine whether a process trust or not, i.e., whether the real behavior α and the theoretically expected behavior β deviates, within the time complexity of O(1). The proposed theory is also applied into real information system, and experimental results show that the proposed approach is effective and efficient.
2019, 30(8):2287-2313. DOI: 10.13328/j.cnki.jos.005761
Abstract:International Standard "TPM-Rev-2.0-Part-1-Architecture-01.38" allows users to design a migration protocol based on the duplication interface which provides confidentiality, integrity, and authentication for key migration by innerwrap and outerwrap. However, the researchs have found that there are three problems, one is the lack of mutual authentication between the two parties of the interaction TPM, which results in the transfer of keys between adversaries and TPM. The other is that when the property of the duplication key encryptedDuplication=0 and the new parent key handle newParentHandle=TPM_RH_NULL, the duplication interface can not implement innerwrap and outerwrap, the migration key will be transmitted in clear text. The third is that how are the symmetric encryption key in innerwrap and the seed in outerwrap exchanged securely between the source TPM and the target TPM when the new parent key is a symmetric key. "TPM-Rev-2.0-Part-1-Architecture-01.38" did not give a specific solution. In order to solve the above problems, this study proposes a transfer protocol based on Duplication Authority which uses as the authentication and control center, and the protocol is divided into three phases:initialization phase, authentication and attribute acquisition phase, and control and execution phase. Duplication Authority determines the migration process by the migration key's duplication attributes and types, the key type and handle type of the new parent key. A combination of various compliance attributes was considered and a total of 12 migration processes were designed. Finally, the protocol was analyzed by security and experiments, the results show that the protocol is not only fully compliant with the "TPM-Rev-2.0-Part-1-Architecture-01.38" specification but also meets the requirements of integrity, confidentiality, and authenticity for key migration.
LIU Ming-Da , SHI Yi-Juan , CHEN Zuo-Ning
2019, 30(8):2314-2336. DOI: 10.13328/j.cnki.jos.005764
Abstract:Trusted network connection is the key technology for trust relationship to extend from terminal to network. However, TCG's TNC architecture and China's TCA architecture are both oriented to a strong identity network with central access. In actual deployment, there is a single point of access control and policy decision center. In addition, the trust extension uses the binary trust chain transfer model, which is not consistent with the security model of the complex network environment, and the portrayal of the trusted state of the network is not accurate enough. In response to the above issues, this study fully analyzes the trust relationship in the security world and then proposes a distributed trusted network connection architecture based on blockchain, called B-TNC, which is the transformation of TNC with blockchain essentially. B-TNC fully integrates the de-centralization, tamper-proof, and traceable security features of blockchain, and realizes a stronger network trust model. This paper first describes the overall architecture design of B-TNC, and summarizes its trust relationship. Then, the core problems are described:(1) proposing three blockchain systems for access control, data protection, and identity authentication; (2) proposing to build distributed trusted verifiers based on blockchain; and (3) proposing a remote attestation protocol based on DPoS consensus. Finally, this paper analyzes the correctness, security, and efficiency of B-TNC. The analysis shows that B-TNC can realize trusted network connection oriented to distributed network, with decentralization, traceability, anonymity, not tampered security features that are resistant to common attacks, with sound efficiency.
LI Ming-Ming , GUO Jian-Sheng , CUI Jing-Yi , XU Lin-Hong
2019, 30(8):2337-2348. DOI: 10.13328/j.cnki.jos.005759
Abstract:The security of Midori-64 under truncated impossible differential cryptanalysis was studied. Firstly, by analyzing the differential paths of Midori in encryption and decryption direction, it was proved that the upper bound for the rounds of impossible differential distinguishers in single-key setting for Midori is 6. And the 6-round truncated impossible differential distinguisher was classified. Secondly, based on the classification, a 6-round distinguisher was constructed. At the same time the impossible differential attack on 11-round Midori-64 was given to recover the 128-bit master key with a time complexity of 2121.4 11-round encryptions, a data complexity of 260.8 chosen-plaintexts, and a memory complexity of 296.5 64-bit blocks.
XU Lin-Hong , GUO Jian-Sheng , CUI Jing-Yi , LI Ming-Ming
2019, 30(8):2349-2361. DOI: 10.13328/j.cnki.jos.005762
Abstract:The existing security analysis results for Piccolo attack only up to 14-round Piccolo-80 and 18-round Piccolo-128 with lower complexity than exhaustive analysis, except for biclique analysis. By analyzing the information disclosure law of the key-schedule algorithm of Piccolo, the related-key impossible differential cryptanalysis method is used to give the attack results on 15-round Piccolo-80 and 21-round Piccolo-128 with pre-whitening keys respectively. When 28 related-keys are used, the data complexity of the attack is 258.6 and 262.3, the memory complexity is 260.6 and 264.3, and the computational complexity is 278 and 282.5 respectively. When 24 related-keys are used, the data complexity, memory complexity, and computational complexity of attack are 262.6, 262.3; 264.6, 264.3; 277.93, 2124.45 respectively. The analysis shows that the 15-round Piccolo-80 and 21-round Piccolo-128 with pre-whitening keys are insecure under the related-key impossible differential attack.
DU Rui-Zhong , LI Ming-Yue , TIAN Jun-Feng , WU Wan-Qing
2019, 30(8):2362-2374. DOI: 10.13328/j.cnki.jos.005763
Abstract:With the development of cloud computing, the issue of secure search with ciphertext retrieval as the key technology has become a hot topic at worldwide. In order to improve the security of the ciphertext retrieval scheme, a verifiable ciphertext retrieval scheme is designed based on inverted index. First, insert the confusion keywords when building trapdoorstoagainst a malicious cloud server's keywords attack. At the same time, the data cache area is introduced, which utilize the Pailliar encryption technology to blindly calculate the search results containing the obfuscated keywords, and the ciphertext data other than the target keyword is filtered out to reduce the communication overhead. Secondly, take advantage of bilinear maps generate tags to verify search results, and verify the scheme in terms of correctness, security and reliability. Repeated experiments on real data sets, theoretical analysis and experimental results show that the proposed scheme can improve the security of ciphertext retrieval compared with the existing ciphertext retrieval schemes while ensuring retrieval efficiency.
LI Wen-Ting , WANG Ding , WANG Ping
2019, 30(8):2375-2391. DOI: 10.13328/j.cnki.jos.005766
Abstract:Once after the wireless sensor network technology was proposed, it quickly gained wide attention from the academic and industrial areas, and played a major role in the defense military, environmental monitoring, smart home, health care, and other fields. User authentication is becoming an essential mechanism for real-time access in wireless sensor networks. Based on the enhanced adversary model, a kind of insider attack is pointed out, of which it has been neglected for a long time. Then, two foremost authentication protocols are cryptanalyzed for wireless sensor networks environment. Two more things are point out as well. (1) Mir et al.'s protocol cannot resist against insider attack and smart card loss attack, and it also cannot provide forward secrecy; (2) Fang et al.'s protocol cannot achieve the claimed goal of forward secrecy and is vulnerable to insider attack and smart card loss attack. It is suggested that a reasonable solution according to the specific mistakes in their protocol and seven solutions in the existing literatures are summarized for dealing with insider attack. Furthermore, the deficiencies of existing methods are pointed out and a reasonable solution is given to resist insider attack.
TANG Ben-Xiao , WANG Li-Na , WANG Run , ZHAO Lei , CHEN Qing-Song
2019, 30(8):2392-2414. DOI: 10.13328/j.cnki.jos.005760
Abstract:The privacy issue under the motion sensor-based side channel is a fundamental and critical research topic with many challenges. The existing solutions do not solve some significant problems in practice, for example, the protection mechanism should balance user experience with defensive effectiveness. Moreover, extra settings should not be required. As an effort towards this issue, the common pattern of motion sensor-based side-channel attacks is analyzed, and it finds that the key step of these side-channel attacks is learning the mapping relationship among user behavior, device status, and sensor reading. In addition, a protection method is proposed which applies differential privacy scheme and injects random noise to sensor readings indiscriminately to reduce the effect of learning mapping relationship. This defense method is implemented in system framework, thus it is transparent to both users and attackers. Moreover, the mechanism of proposed defense method is analyzed theoretically to demonstrate how this method decrease the attack success rate and prove that this method can work for any other known and unknown motion sensor side-channel attacks. Finally, the proposed schema is evaluated by conducting experiments against 11 typical motion sensor-based side-channel attacks.
WANG Wen-Qi , WANG Run , WANG Li-Na , Tang Ben-Xiao
2019, 30(8):2415-2427. DOI: 10.13328/j.cnki.jos.005765
Abstract:Studies have shown that the adversarial example attack is that small perturbations are added on the input to make deep neural network (DNN) misbehave. Meanwhile, these attacks also exist in Chinese text sentiment orientation classification based on DNN and a method "WordHandling" is proposed to generate this kind of adversarial examples. This method designs a new algorithm aiming at calculating important words. Then the words are replaced with homonym to generate adversarial examples, which are used to conduct an adversarial example attack in black-box scenario. This study also verifies the effectiveness of the proposed method with real data set, i.e. Jingdong shopping and Ctrip hotel review, on long short-term memory network (LSTM) and convolutional neural network (CNN). The experimental results show that the adversarial examples in this study can mislead Chinese text orientation detection system well.
2019, 30(8):2428-2452. DOI: 10.13328/j.cnki.jos.005511
Abstract:There are two core activities in pattern-oriented software architectural synthesis (AS):responsibility synthesis which attempts to assign responsibilities to classes, and pattern synthesis which tries to prevent violations of pattern constraints. One of the major challenges of providing automated support for architectural synthesis is how to compose a final architectural solution from generated solutions of the two activities without inconsistencies. In this study, a learning based cooperative co-evolution approach (CoEA-L) is proposed for automated AS by leveraging search-based software engineering (SBSE) techniques. CoEA-L extends the traditional genetic operator of the genetic algorithm with a learning operator, and employs an association algorithm from data mining in the learning operator to discover the relations between responsibilities. The relations are further used to address the inconsistency issues during pattern-oriented AS. The experiment results show the effectiveness of learning for addressing the inconsistency issues during automated pattern-oriented architectural synthesis.
HAN Min , SUN Guo-Qing , ZHENG Dan-Chen , ZHOU Hui-Wei
2019, 30(8):2453-2469. DOI: 10.13328/j.cnki.jos.005514
Abstract:In order to solve the problems of system interface and optimal service matching, this study puts forward a kind of Web service composition system which is based on the time-varying Petri net. It brings in the probability of service call to change the invalid trouble in distributed network. It uses the structure of Petri net to achieve sound dynamic balance in the composition success rate and user satisfaction. For demonstrating the correctness and validity of the system, this paper presents a kind of global fish algorithm based on backward theory to get the optimal combination of QoS. And it defines the evaluation index of system performance. By comparing different efficiency of combinations, it proves the feasibility of the composite method and can meet the needs of specific users of the service function.
LI Yan-Feng , DING Li-Ping , WU Jing-Zheng , CUI Qiang , LIU Xue-Hua , GUAN Bei , WANG Yong-Ji
2019, 30(8):2470-2490. DOI: 10.13328/j.cnki.jos.005859
Abstract:Network covert channel is the information channel that carries on covert information transmission in violation of the communication restriction rules under the network environment. It brings new challenges to the network information security and provides new research point for ensuring the security and privacy of data transmission. Firstly, the basic concepts of network covert channel are introduced, such as definition, classification, capability dimension. Then, network covert storage channel and network covert timing channel construction technologies are sorted out from three aspects of symbol design, information coding and channel optimization. Then the evaluation methods of network covert channel are summarized from three aspects of covertness, robustness, and transmission efficiency. Furthermore, the countermeasure technology of network covert channel is sorted from three aspects of elimination, restriction, and detection. Finally, some future research directions are prospected.
ZHANG Kai-Yuan , GUI Xiao-Lin , REN De-Wang , LI Jing , WU Jie , REN Dong-Sheng
2019, 30(8):2491-2516. DOI: 10.13328/j.cnki.jos.005861
Abstract:With the explosive growth of mobile devices and the advent of many new applications, mobile network traffic volume has been growing exponentially. The traditional centralized network architecture cannot accommodate such user demands due to heavy burden on the backhaul links and long latency. Therefore, new architecture, which brings network capability to the edge of network, is proposed, i.e., mobile edge computing (MEC). MEC provides lightweight cloud computing and caching capabilities at the edge of cellular networks. In this survey, an exhaustive review on the state-of-the-art research efforts on mobile edge computing is carried out. First, an overview of mobile edge computing, including development process, research hotpots, and key enablers, is given. Then, a comprehensive survey of issues on mobile edge computing architecture, computation offloading, edge caching and service orchestration at the mobile edge computing is presented. The applications and use cases of mobile edge computing, such as augmented reality, virtual reality, dynamic content delivery, Internet of vehicles, and Internet of things, are discussed. Finally, from the prspectives of function enhancement, quality of service assurance, security, and availability, the open research challenges and future direction of mobile edge computing are presented as well.
LUO Wang-Ping , FENG Chao-Sheng , QIN Zhi-Guang , YUAN Ding , LIAO Juan-Ping , LIU Xia
2019, 30(8):2517-2527. DOI: 10.13328/j.cnki.jos.005486
Abstract:In view of the existing ciphertext sharing scheme, there is too large calculation of user clients, and each user manages too many secret keys. Moreover, it does not support personal sharing and other issues. Thus the Public Cloud is introduced into the ciphertext sharing scheme, and a security file-sharing framework of the Public Cloud is proposed. And based on this framework, a new ciphertext sharing scheme is designed. In this scheme, the vast majority of computation and storage are outsourced to the Public Cloud. The user simply saves two private key components occupying small space. The client only needs a little computation to complete encryption and decryption of the shared file. The security analysis shows that the scheme can deal with not only the conspiracy attack from malicious users, but also the plaintext-chosen attack in the generic group model and the random oracle model.
GAO Hong-Chao , CHEN Xiao-Jiang , XU Dan , PENG Yao , TANG Zhan-Yong , FANG Ding-Yi
2019, 30(8):2528-2544. DOI: 10.13328/j.cnki.jos.005513
Abstract:There exists the energy shortage problem of the nodes deployed in the field in sensor network. The new type of node which uses the energy harvesting technology can prolong the work time by collecting energy from environment periodically. Thus energy consumption is no longer the only concerned factors in this passive sensing network. Taking into account the energy consumption and delay comprehensively can make the node obtain a longer life cycle while increasing the speed of data sending to the base station. To solve the problem that most of the existing routing protocols applied to passive sensing networks cannot balance the problem of power consumption and delay performance, this paper presents the balance of energy and delay opportunistic routing protocol (EDOR) to improve the performance of energy consumption and delay. The protocol estimates the expected energy consumption value of the node by analyzing the node transmission process, so that the node chooses the neighbor node with low energy consumption as the forwarding candidate. When the final forward node is determined, this protocol makes a decision by considering the duty cycle information of the next hop neighbor node among candidate nodes, so that the sending node chooses the candidate node that will forward the data faster to reduce the delay, which realizes the balance of energy consumption and delay performance. Finally, this protocol also reduces the number of unnecessary copies of data packets during the opportunistic routing process by designing a back-off strategy to achieve the singularity of the forwarding nodes.
ZHANG Dan , WU Zhong-Ke , WANG Xing-Ce , Lü Chen-Lei , LIU Xiang-Yuan , ZHOU Ming-Quan
2019, 30(8):2545-2568. DOI: 10.13328/j.cnki.jos.005845
Abstract:The shape descriptors based on spectral analysis have achieved good matching results in 3D non-rigid shape matching, which have attracted wide attention of researchers. Spectral analysis is an intrinsic shape analysis method based on spectral decomposition of Laplace-Beltrami operator on manifold, including spectral shape descriptors and spectral distance distribution functions, which have different mathematical properties and physical meanings. Based on two different types of shape descriptors, this paper gives a detailed method analysis and its application in shape matching. Firstly, this paper provides a 3D non-rigid shape matching framework by applying the shape descriptors based on spectral analysis, and the basic ideas and calculation methods of several commonly used spectral shape descriptors and spectral distance distribution functions are introduced. Secondly, this paper analyzes and compares the advantages and disadvantages of these methods and their application scenarios and provides reference for researchers to choose shape descriptors based on spectral analysis. Finally, the robustness, time consumption, and non-rigid matching performances of different shape descriptors based on spectral analysis are compared through experiments to promote the application process of shape descriptors based on spectral analysis.