A new efficient protocol-proving algorithm was proposed for verifying security protocols. This algorithm is based on the improved authentication tests model, which enhances the original model by formalizing the messag...A new efficient protocol-proving algorithm was proposed for verifying security protocols. This algorithm is based on the improved authentication tests model, which enhances the original model by formalizing the message reply attack. With exact causal dependency relations between messages in this model, the protocol-proving algorithm can avoid the state explosion caused by asynchronous. In order to get the straight proof of security protocols, three authentication theorems are exploited for evaluating the agreement and distinction properties. When the algorithm terminates, it outputs either the proof results or the potential flaws of the security protocol. The experiment shows that the protocol-proving algorithm can detect the type flaw attack on Neuman-Stubblebine protocol, and prove the correctness of NSL protocol by exploring only 10 states.展开更多
Due to the civil BeiDou navigation system is open,unauthenticated,and non-encrypted,civilian BeiDou navigation signals may have great security loopholes during transmission or reception.The main security loophole here...Due to the civil BeiDou navigation system is open,unauthenticated,and non-encrypted,civilian BeiDou navigation signals may have great security loopholes during transmission or reception.The main security loophole here is spoofing attacks.Spoofing attacks make the positioning or timing results of BeiDou civilian receivers wrong.Such errors may cause a series of security problems,which lays a serious hidden danger for Bei-Dou satellite information security.This article proposes an anti-spoofing method for BeiDou navigation system based on the combination of SM commercial cryptographic algorithm and Timed Efficient Stream Loss-tolerant Authentication(TESLA)for spoofing attacks.In this solution,we use the SM3 algorithm to generate a TESLA key chain with time information,and then use the key in the key chain to generate the message authentication code for the BeiDou D2 navigation message.The message authentication code is inserted into a reserved bit of the D2 navigation message.In addition,this solution uses the SM2 algorithm to protect and encrypt time information in the TESLA key chain to prevent key replay attacks in TESLA.The experimental results tested on the experimental platform built in this paper show that this scheme reduces the possibility of the BeiDou navigation system being deceived and enhances the safety of the BeiDou navigation system.展开更多
Fingerprint is a very popular and an ancient biometric technology to uniquely identify a person. In this paper, a fingerprint matcher is proposed which uses the global and local adaptive binarization and global minuti...Fingerprint is a very popular and an ancient biometric technology to uniquely identify a person. In this paper, a fingerprint matcher is proposed which uses the global and local adaptive binarization and global minutia features. The fingerprint data is collected using three different authentication devices based on optical sensors. The experimental results are compared with the National Institute of Standards and Technology (NIST) Bozorth algorithm and various authentication fingerprint sensors. The accuracy of the proposed algorithm has been improved significantly compared with that of the NIST Bozorth algorithm.展开更多
A fast authentication mode based on Multi-Block Chaining (MBC) is put forward; and its security is proved. The MBC mode is for new generation block cipher algorithms. Its speed is about 13% faster than that of the aut...A fast authentication mode based on Multi-Block Chaining (MBC) is put forward; and its security is proved. The MBC mode is for new generation block cipher algorithms. Its speed is about 13% faster than that of the authentication modes in common use (for example, cipher block chaining-message authentication code mode). The dependence test results meet the requirement. The MBC mode is complete; its degree of ava-lanche effect is about 0.9993; its degree of strict avalanche criterion is 0.992 or so. The frequency test results indicate that the output generated by the MBC mode has uniformity. The binary matrix rank test results imply that it is linear independent among disjoint sub-matrices of the output. Maurer’s universal statistical test results show that the output could be significantly compressed without loss of information. Run test, spectral test, non-overlapping template matching test, overlapping template matching test, Lempel-Ziv compression test, linear complexity test, serial test, approximate entropy test, cumulative sums test, random excursions test and random excursions variant test results fulfill the requirements of all. Therefore the MBC mode has good pseudo-randomness. Thus the security of MBC mode is verified by the way of statistical evaluation.展开更多
In recent years,the demand for biometric-based human recog-nition methods has drastically increased to meet the privacy and security requirements.Palm prints,palm veins,finger veins,fingerprints,hand veins and other a...In recent years,the demand for biometric-based human recog-nition methods has drastically increased to meet the privacy and security requirements.Palm prints,palm veins,finger veins,fingerprints,hand veins and other anatomic and behavioral features are utilized in the development of different biometric recognition techniques.Amongst the available biometric recognition techniques,Finger Vein Recognition(FVR)is a general technique that analyzes the patterns of finger veins to authenticate the individuals.Deep Learning(DL)-based techniques have gained immense attention in the recent years,since it accomplishes excellent outcomes in various challenging domains such as computer vision,speech detection and Natural Language Processing(NLP).This technique is a natural fit to overcome the ever-increasing biomet-ric detection problems and cell phone authentication issues in airport security techniques.The current study presents an Automated Biometric Finger Vein Recognition using Evolutionary Algorithm with Deep Learning(ABFVR-EADL)model.The presented ABFVR-EADL model aims to accomplish bio-metric recognition using the patterns of the finger veins.Initially,the presented ABFVR-EADL model employs the histogram equalization technique to pre-process the input images.For feature extraction,the Salp Swarm Algorithm(SSA)with Densely-connected Networks(DenseNet-201)model is exploited,showing the proposed method’s novelty.Finally,the Deep-Stacked Denoising Autoencoder(DSAE)is utilized for biometric recognition.The proposed ABFVR-EADL method was experimentally validated using the benchmark databases,and the outcomes confirmed the productive performance of the proposed ABFVR-EADL model over other DL models.展开更多
Security testing is a critical concern for organizations worldwide due to the potential financial setbacks and damage to reputation caused by insecure software systems.One of the challenges in software security testin...Security testing is a critical concern for organizations worldwide due to the potential financial setbacks and damage to reputation caused by insecure software systems.One of the challenges in software security testing is test case prioritization,which aims to reduce redundancy in fault occurrences when executing test suites.By effectively applying test case prioritization,both the time and cost required for developing secure software can be reduced.This paper proposes a test case prioritization technique based on the Ant Colony Optimization(ACO)algorithm,a metaheuristic approach.The performance of the ACO-based technique is evaluated using the Average Percentage of Fault Detection(APFD)metric,comparing it with traditional techniques.It has been applied to a Mobile Payment Wallet application to validate the proposed approach.The results demonstrate that the proposed technique outperforms the traditional techniques in terms of the APFD metric.The ACO-based technique achieves an APFD of approximately 76%,two percent higher than the second-best optimal ordering technique.These findings suggest that metaheuristic-based prioritization techniques can effectively identify the best test cases,saving time and improving software security overall.展开更多
学历、学位造假是目前就业市场的一种乱象,传统的学历学位认证系统则存在数据易被篡改、易丢失等风险.为此,本文结合区块链技术设计了一个可溯源、可监管的学位学历认证管理框架.为了解决传统区块链系统共识时存在认证时间过长、资源消...学历、学位造假是目前就业市场的一种乱象,传统的学历学位认证系统则存在数据易被篡改、易丢失等风险.为此,本文结合区块链技术设计了一个可溯源、可监管的学位学历认证管理框架.为了解决传统区块链系统共识时存在认证时间过长、资源消耗过大的问题,提出了一种新型基于信任的低能耗权益证明算法ToS(trust of stake).以此为契机,使用以太坊框架开发了一款基于ToS底层共识的学位学历认证管理系统,实现了学位信息录入、查询、认证和撤销等主要功能.实验结果表明:该系统能够确保信息的可认证和可溯源管理,具备执行效率高、能耗低、不易受篡改和攻击等优点.展开更多
基金The National High Technology Research and Development Program of China(863Pro-gram)(No.2005AA145110)
文摘A new efficient protocol-proving algorithm was proposed for verifying security protocols. This algorithm is based on the improved authentication tests model, which enhances the original model by formalizing the message reply attack. With exact causal dependency relations between messages in this model, the protocol-proving algorithm can avoid the state explosion caused by asynchronous. In order to get the straight proof of security protocols, three authentication theorems are exploited for evaluating the agreement and distinction properties. When the algorithm terminates, it outputs either the proof results or the potential flaws of the security protocol. The experiment shows that the protocol-proving algorithm can detect the type flaw attack on Neuman-Stubblebine protocol, and prove the correctness of NSL protocol by exploring only 10 states.
基金supported in part by the Joint Foundation of National Natural Science Committee of China and Civil Aviation Administration of China under Grant U1933108in part by the Scientific Research Project of Tianjin Municipal Education Commission under Grant 2019KJ117.
文摘Due to the civil BeiDou navigation system is open,unauthenticated,and non-encrypted,civilian BeiDou navigation signals may have great security loopholes during transmission or reception.The main security loophole here is spoofing attacks.Spoofing attacks make the positioning or timing results of BeiDou civilian receivers wrong.Such errors may cause a series of security problems,which lays a serious hidden danger for Bei-Dou satellite information security.This article proposes an anti-spoofing method for BeiDou navigation system based on the combination of SM commercial cryptographic algorithm and Timed Efficient Stream Loss-tolerant Authentication(TESLA)for spoofing attacks.In this solution,we use the SM3 algorithm to generate a TESLA key chain with time information,and then use the key in the key chain to generate the message authentication code for the BeiDou D2 navigation message.The message authentication code is inserted into a reserved bit of the D2 navigation message.In addition,this solution uses the SM2 algorithm to protect and encrypt time information in the TESLA key chain to prevent key replay attacks in TESLA.The experimental results tested on the experimental platform built in this paper show that this scheme reduces the possibility of the BeiDou navigation system being deceived and enhances the safety of the BeiDou navigation system.
文摘Fingerprint is a very popular and an ancient biometric technology to uniquely identify a person. In this paper, a fingerprint matcher is proposed which uses the global and local adaptive binarization and global minutia features. The fingerprint data is collected using three different authentication devices based on optical sensors. The experimental results are compared with the National Institute of Standards and Technology (NIST) Bozorth algorithm and various authentication fingerprint sensors. The accuracy of the proposed algorithm has been improved significantly compared with that of the NIST Bozorth algorithm.
基金Supported by the National Hi-Tech Research & Devel-opment Plan of China (863 Project) (No.2003AA143040) and Jiangsu Provincial Key Laboratory of Network & Information Security (No.BM2003201).
文摘A fast authentication mode based on Multi-Block Chaining (MBC) is put forward; and its security is proved. The MBC mode is for new generation block cipher algorithms. Its speed is about 13% faster than that of the authentication modes in common use (for example, cipher block chaining-message authentication code mode). The dependence test results meet the requirement. The MBC mode is complete; its degree of ava-lanche effect is about 0.9993; its degree of strict avalanche criterion is 0.992 or so. The frequency test results indicate that the output generated by the MBC mode has uniformity. The binary matrix rank test results imply that it is linear independent among disjoint sub-matrices of the output. Maurer’s universal statistical test results show that the output could be significantly compressed without loss of information. Run test, spectral test, non-overlapping template matching test, overlapping template matching test, Lempel-Ziv compression test, linear complexity test, serial test, approximate entropy test, cumulative sums test, random excursions test and random excursions variant test results fulfill the requirements of all. Therefore the MBC mode has good pseudo-randomness. Thus the security of MBC mode is verified by the way of statistical evaluation.
基金The Deanship of Scientific Research(DSR)at King Abdulaziz University(KAU),Jeddah,Saudi Arabia has funded this project,under Grant No.KEP-3-120-42.
文摘In recent years,the demand for biometric-based human recog-nition methods has drastically increased to meet the privacy and security requirements.Palm prints,palm veins,finger veins,fingerprints,hand veins and other anatomic and behavioral features are utilized in the development of different biometric recognition techniques.Amongst the available biometric recognition techniques,Finger Vein Recognition(FVR)is a general technique that analyzes the patterns of finger veins to authenticate the individuals.Deep Learning(DL)-based techniques have gained immense attention in the recent years,since it accomplishes excellent outcomes in various challenging domains such as computer vision,speech detection and Natural Language Processing(NLP).This technique is a natural fit to overcome the ever-increasing biomet-ric detection problems and cell phone authentication issues in airport security techniques.The current study presents an Automated Biometric Finger Vein Recognition using Evolutionary Algorithm with Deep Learning(ABFVR-EADL)model.The presented ABFVR-EADL model aims to accomplish bio-metric recognition using the patterns of the finger veins.Initially,the presented ABFVR-EADL model employs the histogram equalization technique to pre-process the input images.For feature extraction,the Salp Swarm Algorithm(SSA)with Densely-connected Networks(DenseNet-201)model is exploited,showing the proposed method’s novelty.Finally,the Deep-Stacked Denoising Autoencoder(DSAE)is utilized for biometric recognition.The proposed ABFVR-EADL method was experimentally validated using the benchmark databases,and the outcomes confirmed the productive performance of the proposed ABFVR-EADL model over other DL models.
基金Deanship of Scientific Research at King Khalid University for funding this work through Large Group Research Project under Grant Number RGP2/249/44.
文摘Security testing is a critical concern for organizations worldwide due to the potential financial setbacks and damage to reputation caused by insecure software systems.One of the challenges in software security testing is test case prioritization,which aims to reduce redundancy in fault occurrences when executing test suites.By effectively applying test case prioritization,both the time and cost required for developing secure software can be reduced.This paper proposes a test case prioritization technique based on the Ant Colony Optimization(ACO)algorithm,a metaheuristic approach.The performance of the ACO-based technique is evaluated using the Average Percentage of Fault Detection(APFD)metric,comparing it with traditional techniques.It has been applied to a Mobile Payment Wallet application to validate the proposed approach.The results demonstrate that the proposed technique outperforms the traditional techniques in terms of the APFD metric.The ACO-based technique achieves an APFD of approximately 76%,two percent higher than the second-best optimal ordering technique.These findings suggest that metaheuristic-based prioritization techniques can effectively identify the best test cases,saving time and improving software security overall.
文摘学历、学位造假是目前就业市场的一种乱象,传统的学历学位认证系统则存在数据易被篡改、易丢失等风险.为此,本文结合区块链技术设计了一个可溯源、可监管的学位学历认证管理框架.为了解决传统区块链系统共识时存在认证时间过长、资源消耗过大的问题,提出了一种新型基于信任的低能耗权益证明算法ToS(trust of stake).以此为契机,使用以太坊框架开发了一款基于ToS底层共识的学位学历认证管理系统,实现了学位信息录入、查询、认证和撤销等主要功能.实验结果表明:该系统能够确保信息的可认证和可溯源管理,具备执行效率高、能耗低、不易受篡改和攻击等优点.