Based on the authentication tests and the strand space model, the robust email protocol with perfect forward secrecy is formally analyzed, and the security shortcomings of the protocol is pointed out. Meanwhile, the m...Based on the authentication tests and the strand space model, the robust email protocol with perfect forward secrecy is formally analyzed, and the security shortcomings of the protocol is pointed out. Meanwhile, the man-in-the-middle attack to the protocol is given, where the attacker forges the messages in the receiving phase to cheat the two communication parties and makes them share the wrong session keys with him. Therefore, the protocol is not ensured to provide perfect forward secrecy. In order to overcome the above security shortcomings, an advanced email protocol is proposed, where the corresponding signatures in the receiving phase of the protocol are added to overcome the man-in-the-middle attack and ensure to provide perfect forward secrecy. Finally, the proposed advanced email protocol is formally analyzed with the authentication tests and the strand space model, and it is proved to be secure in authentication of the email sender, the recipient and the server. Therefore, the proposed advanced email protocol can really provide perfect forward secrecy.展开更多
Nowadays, machine learning is widely used in malware detection system as a core component. The machine learning algorithm is designed under the assumption that all datasets follow the same underlying data distribution...Nowadays, machine learning is widely used in malware detection system as a core component. The machine learning algorithm is designed under the assumption that all datasets follow the same underlying data distribution. But the real-world malware data distribution is not stable and changes with time. By exploiting the knowledge of the machine learning algorithm and malware data concept drift problem, we show a novel learning evasive botnet architecture and a stealthy and secure C&C mechanism. Based on the email communication channel, we construct a stealthy email-based P2 P-like botnet that exploit the excellent reputation of email servers and a huge amount of benign email communication in the same channel. The experiment results show horizontal correlation learning algorithm is difficult to separate malicious email traffic from normal email traffic based on the volume features and time-related features with enough confidence. We discuss the malware data concept drift and possible defense strategies.展开更多
Current communication technologies have provided new modalities for students to contact professors outside of the normal office settings and regulated office hours traditionally found in higher education. This study c...Current communication technologies have provided new modalities for students to contact professors outside of the normal office settings and regulated office hours traditionally found in higher education. This study concentrates on the faculty perceptions of how the usage of e-mail and cell phones has changed interactions with students over the past decade. General levels of usage are analyzed as well as correlation to curricular disciplines, An online survey of faculty members at Indiana University of Pennsylvania found maior changes in the type and frequency of contact between professors and students as well as a shift from personal contact to e-mail and telephone usage. The expanded level of communication opportunities has placed faculty in the position of having to extend direct student-oriented time outside of the classroom, while continuing to maintain academic scholarship and other professional responsibilities.展开更多
基金The Natural Science Foundation of Jiangsu Province(No.BK2006108)
文摘Based on the authentication tests and the strand space model, the robust email protocol with perfect forward secrecy is formally analyzed, and the security shortcomings of the protocol is pointed out. Meanwhile, the man-in-the-middle attack to the protocol is given, where the attacker forges the messages in the receiving phase to cheat the two communication parties and makes them share the wrong session keys with him. Therefore, the protocol is not ensured to provide perfect forward secrecy. In order to overcome the above security shortcomings, an advanced email protocol is proposed, where the corresponding signatures in the receiving phase of the protocol are added to overcome the man-in-the-middle attack and ensure to provide perfect forward secrecy. Finally, the proposed advanced email protocol is formally analyzed with the authentication tests and the strand space model, and it is proved to be secure in authentication of the email sender, the recipient and the server. Therefore, the proposed advanced email protocol can really provide perfect forward secrecy.
基金the National Key Basic Research Program of China (Grant: 2013CB834204)the National Natural Science Foundation of China (Grant: 61300242, 61772291)+1 种基金the Tianjin Research Program of Application Foundation and Advanced Technology (Grant: 15JCQNJC41500, 17JCZDJC30500)the Open Project Foundation of Information Security Evaluation Center of Civil Aviation, Civil Aviation University of China (Grant: CAAC-ISECCA- 201701, CAAC-ISECCA-201702)
文摘Nowadays, machine learning is widely used in malware detection system as a core component. The machine learning algorithm is designed under the assumption that all datasets follow the same underlying data distribution. But the real-world malware data distribution is not stable and changes with time. By exploiting the knowledge of the machine learning algorithm and malware data concept drift problem, we show a novel learning evasive botnet architecture and a stealthy and secure C&C mechanism. Based on the email communication channel, we construct a stealthy email-based P2 P-like botnet that exploit the excellent reputation of email servers and a huge amount of benign email communication in the same channel. The experiment results show horizontal correlation learning algorithm is difficult to separate malicious email traffic from normal email traffic based on the volume features and time-related features with enough confidence. We discuss the malware data concept drift and possible defense strategies.
文摘Current communication technologies have provided new modalities for students to contact professors outside of the normal office settings and regulated office hours traditionally found in higher education. This study concentrates on the faculty perceptions of how the usage of e-mail and cell phones has changed interactions with students over the past decade. General levels of usage are analyzed as well as correlation to curricular disciplines, An online survey of faculty members at Indiana University of Pennsylvania found maior changes in the type and frequency of contact between professors and students as well as a shift from personal contact to e-mail and telephone usage. The expanded level of communication opportunities has placed faculty in the position of having to extend direct student-oriented time outside of the classroom, while continuing to maintain academic scholarship and other professional responsibilities.
