The inter-bank market network models are constructed based on the inter-bank credit lending relationships, and the network efficiency characters of the Chinese inter-bank market are studied. Since it is impossible to ...The inter-bank market network models are constructed based on the inter-bank credit lending relationships, and the network efficiency characters of the Chinese inter-bank market are studied. Since it is impossible to obtain the specific credit data among banks, this paper estimates the inter-bank lending matrix based on the partial information of banks. Thus, directed network models of the Chinese inter-bank market are constructed by using the threshold method. The network efficiency measures and the effects of random attacks and selective attacks on the global efficiency of the inter-bank network are analyzed based on the network models of the inter-bank market. Empirical results suggest that the efficiency measures are sensitive to the threshold, and that the global efficiency is little affected by random attacks, while it is highly sensitive to selective attacks. Properties such as inter-bank market network efficiency would be useful for risk management and stability of the inter-bank market.展开更多
This paper presents a mechanism for detecting flooding-attacks. The simplicity of the mechanism lies in its statelessness and low computation overhead, which makes the detection mechanism itself immune to flooding-att...This paper presents a mechanism for detecting flooding-attacks. The simplicity of the mechanism lies in its statelessness and low computation overhead, which makes the detection mechanism itself immune to flooding-attacks. The SYN-flooding, as an instance of flooding-attack, is used to illustrate the anomaly detection mechanism. The mechanism applies an exponentially weighted moving average (EWMA) method to detect the abrupt net flow and applies a symmetry analysis method to detect the anomaly activity of the network flow. Experiment shows that the mechanism has high detection accuracy and low detection latency.展开更多
The paper puts forward a variance-time plots method based on slide-window mechanism tocalculate the Hurst parameter to detect Distribute Denial of Service(DDoS)attack in real time.Basedon fuzzy logic technology that c...The paper puts forward a variance-time plots method based on slide-window mechanism tocalculate the Hurst parameter to detect Distribute Denial of Service(DDoS)attack in real time.Basedon fuzzy logic technology that can adjust itself dynamically under the fuzzy rules,an intelligent DDoSjudgment mechanism is designed.This new method calculates the Hurst parameter quickly and detectsDDoS attack in real time.Through comparing the detecting technologies based on statistics andfeature-packet respectively under different experiments,it is found that the new method can identifythe change of the Hurst parameter resulting from DDoS attack traffic with different intensities,andintelligently judge DDoS attack self-adaptively in real time.展开更多
With the rapid developments of information technology,various industries become much more dependent on networks.Driven by economic interests and the game between countries reflected by growing cyberspace confrontation...With the rapid developments of information technology,various industries become much more dependent on networks.Driven by economic interests and the game between countries reflected by growing cyberspace confrontations,evasive network attacks on information infrastructures with high-tech,high concealment and longterm sustainability become severe threats to national security.In this paper,we propose a novel two-phased method for the detection of evasive network attacks which exploit or pretend to be common legal encryption services in order to escape security inspection.Malicious communications which camouflage themselves as legal encryption application are identified in the SSL'session structure verification phase firstly,and then by serverside X.509 certificate based anomaly detection,suspicious attack behaviors are further distinguished effectively.Experiment results show that our method is very useful for detecting the network activities of certain unknown threats or new malwares.Besides,the proposed method can be applied to other similar services easily.展开更多
Software Defined Networking(SDN) is a revolutionary networking paradigm towards the future network,experiencing rapid development nowadays.However,its main characteristic,the separation of control plane and data plane...Software Defined Networking(SDN) is a revolutionary networking paradigm towards the future network,experiencing rapid development nowadays.However,its main characteristic,the separation of control plane and data plane,also brings about new security challenges,i.e.,Denial-of-Service(DoS) attacks specific to Open Flow SDN networks to exhaust the control plane bandwidth and overload the buffer memory of Open Flow switch.To mitigate the DoS attacks in the Open Flow networks,we design and implement SGuard,a security application on top of the NOX controller that mainly contains two modules:Access control module and Classification module.We employ novel six-tuple as feature vector to classify traffic flows,meanwhile optimizing classification by feature ranking and selecting algorithms.All the modules will cooperate with each other to complete a series of tasks such as authorization,classification and so on.At the end of this paper,we experimentally use Mininet to evaluate SGuard in a software environment.The results show that SGuard works efficiently and accurately without adding more overhead to the SDN networks.展开更多
In this paper, we investigate the effect due to the change of topology structure of network on the nonlinear dynamical behavior, by virtue of the OFC neuron evolution model with attack and repair strategy based on the...In this paper, we investigate the effect due to the change of topology structure of network on the nonlinear dynamical behavior, by virtue of the OFC neuron evolution model with attack and repair strategy based on the small world. In particular, roles of various parameters relating to the dynamical behavior are carefully studied and analyzed. In addition, the avalanche and EEC-like wave activities with attack and repair strategy are also explored in detail in this work.展开更多
Controller vulnerabilities allow malicious actors to disrupt or hijack the Software-Defined Networking. Traditionally, it is static mappings between the control plane and data plane. Adversaries have plenty of time to...Controller vulnerabilities allow malicious actors to disrupt or hijack the Software-Defined Networking. Traditionally, it is static mappings between the control plane and data plane. Adversaries have plenty of time to exploit the controller's vulnerabilities and launch attacks wisely. We tend to believe that dynamically altering such static mappings is a promising approach to alleviate this issue, since a moving target is difficult to be compromised even by skilled adversaries. It is critical to determine the right time to conduct scheduling and to balance the overhead afforded and the security levels guaranteed. Little previous work has been done to investigate the economical time in dynamic-scheduling controllers. In this paper, we take the first step to both theoretically and experimentally study the scheduling-timing problem in dynamic control plane. We model this problem as a renewal reward process and propose an optimal algorithm in deciding the right time to schedule with the objective of minimizing the long-term loss rate. In our experiments, simulations based on real network attack datasets are conducted and we demonstrate that our proposed algorithm outperforms given scheduling schemes.展开更多
By allowing routers to combine the received packets before forwarding them,network coding-based applications are susceptible to possible malicious pollution attacks.Existing solutions for counteracting this issue eith...By allowing routers to combine the received packets before forwarding them,network coding-based applications are susceptible to possible malicious pollution attacks.Existing solutions for counteracting this issue either incur inter-generation pollution attacks(among multiple generations)or suffer high computation/bandwidth overhead.Using a dynamic public key technique,we propose a novel homomorphic signature scheme for network coding for each generation authentication without updating the initial secret key used.As per this idea,the secret key is scrambled for each generation by using the generation identifier,and each packet can be fast signed using the scrambled secret key for the generation to which the packet belongs.The scheme not only can resist intra-generation pollution attacks effectively but also can efficiently prevent inter-generation pollution attacks.Further,the communication overhead of the scheme is small and independent of the size of the transmitting files.展开更多
Wormhole attack is one of the most devastating threats for range-free localization in wireless sensor networks. In this paper, we evaluate three statistical estimation methods with the same network model and geographi...Wormhole attack is one of the most devastating threats for range-free localization in wireless sensor networks. In this paper, we evaluate three statistical estimation methods with the same network model and geographic information obtailaed by the DV-Hop algorithm. We analyze the limits of Minimum Mean Square Estimate (MMSE), Least Median of Squares (LMS) and Enhanced greedy At- tack-Resistant MMSE (EARMMSE) and propose an improved EARMMSE with the hop-distance relationship, named EARMMSE+. Simulation results illustrate the performance of MMSE, LMS and EARMMSE+ with different anchor fraction, the length of wormhole link and the average local neighborhood and show that EARMMSE+ outperforms MMSE and LMS.展开更多
Security issues are always difficult to deal with in mobile ad hoe networks. People seldom studied the costs of those security schemes respectively and for some security methods designed and adopted beforehand, their ...Security issues are always difficult to deal with in mobile ad hoe networks. People seldom studied the costs of those security schemes respectively and for some security methods designed and adopted beforehand, their effects are often investigated one by one. In fact, when facing certain attacks, different methods would respond individually and result in waste of resources. Making use of the cost management idea, we analyze the costs of security measures in mobile ad hoc networks and introduce a security framework based on security mechanisms cost management. Under the framework, the network system's own tasks can be finished in time and the whole network's security costs can be decreased. We discuss the process of security costs computation at each mobile node and in certain nodes groups. To show how to use the proposed security framework in certain applications, we give examples of DoS attacks and costs computation of defense methods. The results showed that more secure environment can be achieved based on the security framework in mobile ad hoc networks.展开更多
A discussion is devoted to the design of an adaptive flight control system of the armed helicopter using wavelet neural network method. Firstly, the control loop of the attitude angle is designed with a dynamic invers...A discussion is devoted to the design of an adaptive flight control system of the armed helicopter using wavelet neural network method. Firstly, the control loop of the attitude angle is designed with a dynamic inversion scheme in a quick loop and a slow loop. respectively. Then, in order to compensate the error caused by dynamic inversion, the adaptive flight control system of the armed helicopter using wavelet neural network method is put forward, so the BP wavelet neural network and the Lyapunov stable wavelet neural network are used to design the helicopter flight control system. Finally, the typical maneuver flight is simulated to demonstrate its validity and effectiveness. Result proves that the wavelet neural network has an engineering practical value and the effect of WNN is good.展开更多
Denial of Service Distributed Denial of Service (DOS) attack, especially (DDoS) attack, is one of the greatest threats to Internet. Much research has been done for it by now, however, it is always concentrated in ...Denial of Service Distributed Denial of Service (DOS) attack, especially (DDoS) attack, is one of the greatest threats to Internet. Much research has been done for it by now, however, it is always concentrated in the behaviors of the network and can not deal with the problem exactly. In this paper, we start from the security of the protocol, then we propose a novel theory for security protocol analysis of Denial of Service in order to deal with the DoS attack. We first introduce the conception of weighted graph to extend the strand space model, then we extend the penetrator model and define the goal of anti-DoS attack through the conception of the DoS-stop protocol, finally we propose two kinds of DoS test model and erect the novel formal theory for security protocol analysis of Denial of Service. Our new formal theory is applied in two example protocols. It is proved that the Internet key exchange (IKE) easily suffers from the DoS attacks, and the efficient DoS- resistant secure key exchange protocol (JFK) is resistant against DoS attack for the server, respectively.展开更多
We study the attack vulnerability of network with duplication-divergence mechanism. Numerical results have shown that the duplication-divergence network with larger retention probability a is more robust against targe...We study the attack vulnerability of network with duplication-divergence mechanism. Numerical results have shown that the duplication-divergence network with larger retention probability a is more robust against target attack relatively. Furthermore, duplication-divergence network is broken down more quickly than its counterpart BA network under target attack. Such result is consistent with the fact of WWW and Internet networks under target attack. So duplication-divergence model is a more realistic one for us to investigate the characteristics of the world wide web in future. We also observe that the exponent γ of degree distribution and average degree are important parameters of networks, reflecting the performance of networks under target attack. Our results are helpful to the research on the security of network.展开更多
Privacy-preserving data publishing (PPDP) is one of the hot issues in the field of the network security. The existing PPDP technique cannot deal with generality attacks, which explicitly contain the sensitivity atta...Privacy-preserving data publishing (PPDP) is one of the hot issues in the field of the network security. The existing PPDP technique cannot deal with generality attacks, which explicitly contain the sensitivity attack and the similarity attack. This paper proposes a novel model, (w,γ, k)-anonymity, to avoid generality attacks on both cases of numeric and categorical attributes. We show that the optimal (w, γ, k)-anonymity problem is NP-hard and conduct the Top-down Local recoding (TDL) algorithm to implement the model. Our experiments validate the improvement of our model with real data.展开更多
This paper introduces the cost-sensitive feature weighting strategy and its application in intrusion detection. Cost factors and cost matrix are proposed to demonstrate the misclassification cost for IDS. How to get t...This paper introduces the cost-sensitive feature weighting strategy and its application in intrusion detection. Cost factors and cost matrix are proposed to demonstrate the misclassification cost for IDS. How to get the whole minimal risk, is mainly discussed in this paper in detail. From experiments, it shows that although decision cost based weight learning exists somewhat attack misclassification, it can achieve relatively low misclassification costs on the basis of keeping relatively high rate of recognition precision. Key words decision cost - feature weighting - intrusion detection CLC number TP 393. 08 Foundation item: Supported by the National Natural Science Foundation Key Research Plan of China (90104030) and “20 Century Education Development Plan”Biography: QIAN Quan(1972-), male, Ph. D. research direction: computer network, network security and artificial intelligence展开更多
According to the security shortages of two robust practical email protocols with perfect forward secrecy, attacks on the two protocols are analyzed and corresponding improvements on the two protocols are proposed. Fir...According to the security shortages of two robust practical email protocols with perfect forward secrecy, attacks on the two protocols are analyzed and corresponding improvements on the two protocols are proposed. First, by analyzing the two email protocols, the corresponding man-in-the-middle attacks are proposed, where the adversary forges the messages in the receiving phase to cheat the two communication participants and makes them share the wrong session keys with him. Consequently, the man-in-the-middle attacks can make the two protocols fail to provide perfect forward secrecy. Secondly, by adding corresponding signatures in the receiving phases of the two protocols, two corresponding improvements on the protocols are proposed to overcome the man-in-the-middle attacks on the two protocols and make them provide perfect forward secrecy. Moreover, the two improved protocols can retain all the merits of the former protocols.展开更多
In the last decade,cognitive radio(CR) has emerged as a major next generation wireless networking technology,which is the most promising candidate solution to solve the spectrum scarcity and improve the spectrum utili...In the last decade,cognitive radio(CR) has emerged as a major next generation wireless networking technology,which is the most promising candidate solution to solve the spectrum scarcity and improve the spectrum utilization.However,there exist enormous challenges for the open and random access environment of CRNs,where the unlicensed secondary users(SUs) can use the channels that are not currently used by the licensed primary users(PUs) via spectrum-sensing technology.Because of this access method,some malicious users may access the cognitive network arbitrarily and launch some special attacks,such as primary user emulation attack,falsifying data or denial of service attack,which will cause serious damage to the cognitive radio network.In addition to the specifi c security threats of cognitive network,CRNs also face up to the conventional security threats,such as eavesdropping,tampering,imitation,forgery,and noncooperation etc..Hence,Cognitive radio networks have much more risks than traditional wireless networks with its special network model.In this paper,we considered the security threats from passive and active attacks.Firstly,the PHY layer security is presented in the view of passive attacks,and it is a compelling idea of using the physical properties of the radio channel to help provide secure wireless communications.Moreover,malicious user detection is introduced in the view of active attacks by means of the signal detection techniques to decrease the interference and the probabilities of false alarm and missed detection.Finally,we discuss the general countermeasures of security threats in three phases.In particular,we discuss the far reaching effect of defensive strategy against attacks in CRNs.展开更多
In this paper, we present Real-Time Flow Filter (RTFF) -a system that adopts a middle ground between coarse-grained volume anomaly detection and deep packet inspection. RTFF was designed with the goal of scaling to hi...In this paper, we present Real-Time Flow Filter (RTFF) -a system that adopts a middle ground between coarse-grained volume anomaly detection and deep packet inspection. RTFF was designed with the goal of scaling to high volume data feeds that are common in large Tier-1 ISP networks and providing rich, timely information on observed attacks. It is a software solution that is designed to run on off-the-shelf hardware platforms and incorporates a scalable data processing architecture along with lightweight analysis algorithms that make it suitable for deployment in large networks. RTFF also makes use of state of the art machine learning algorithms to construct attack models that can be used to detect as well as predict attacks.展开更多
基金The National Natural Science Foundation of China (No.70671025)the Scientific Research Foundation of Graduate School of Southeast University (No.YBJJ1014)
文摘The inter-bank market network models are constructed based on the inter-bank credit lending relationships, and the network efficiency characters of the Chinese inter-bank market are studied. Since it is impossible to obtain the specific credit data among banks, this paper estimates the inter-bank lending matrix based on the partial information of banks. Thus, directed network models of the Chinese inter-bank market are constructed by using the threshold method. The network efficiency measures and the effects of random attacks and selective attacks on the global efficiency of the inter-bank network are analyzed based on the network models of the inter-bank market. Empirical results suggest that the efficiency measures are sensitive to the threshold, and that the global efficiency is little affected by random attacks, while it is highly sensitive to selective attacks. Properties such as inter-bank market network efficiency would be useful for risk management and stability of the inter-bank market.
基金TheNationalHighTechnologyResearchandDevelopmentProgramofChina(863Program) (No .2 0 0 2AA14 5 0 90 )
文摘This paper presents a mechanism for detecting flooding-attacks. The simplicity of the mechanism lies in its statelessness and low computation overhead, which makes the detection mechanism itself immune to flooding-attacks. The SYN-flooding, as an instance of flooding-attack, is used to illustrate the anomaly detection mechanism. The mechanism applies an exponentially weighted moving average (EWMA) method to detect the abrupt net flow and applies a symmetry analysis method to detect the anomaly activity of the network flow. Experiment shows that the mechanism has high detection accuracy and low detection latency.
基金the Six Heights of Talent in Jiangsu Prov-ince(No.06-E-044).
文摘The paper puts forward a variance-time plots method based on slide-window mechanism tocalculate the Hurst parameter to detect Distribute Denial of Service(DDoS)attack in real time.Basedon fuzzy logic technology that can adjust itself dynamically under the fuzzy rules,an intelligent DDoSjudgment mechanism is designed.This new method calculates the Hurst parameter quickly and detectsDDoS attack in real time.Through comparing the detecting technologies based on statistics andfeature-packet respectively under different experiments,it is found that the new method can identifythe change of the Hurst parameter resulting from DDoS attack traffic with different intensities,andintelligently judge DDoS attack self-adaptively in real time.
基金supported by the National Science and Technology Support Program under Grant No.2012BAH46B02 and 2012BAH45B01the National High Technology Research and Development Program(863 Program) of China under Grant No.2011AA010703the Strategic Priority Research Program of the Chinese Academy of Sciences under Grant No.XDA06030200
文摘With the rapid developments of information technology,various industries become much more dependent on networks.Driven by economic interests and the game between countries reflected by growing cyberspace confrontations,evasive network attacks on information infrastructures with high-tech,high concealment and longterm sustainability become severe threats to national security.In this paper,we propose a novel two-phased method for the detection of evasive network attacks which exploit or pretend to be common legal encryption services in order to escape security inspection.Malicious communications which camouflage themselves as legal encryption application are identified in the SSL'session structure verification phase firstly,and then by serverside X.509 certificate based anomaly detection,suspicious attack behaviors are further distinguished effectively.Experiment results show that our method is very useful for detecting the network activities of certain unknown threats or new malwares.Besides,the proposed method can be applied to other similar services easily.
基金supported by the National key Research and Development Program of China(No.2016YFB0800100,2016YFB0800101)the National Natural Science Fund for Creative Research Groups Project(No.61521003)the National Natural Science Fund for Youth Found Project(No.61602509)
文摘Software Defined Networking(SDN) is a revolutionary networking paradigm towards the future network,experiencing rapid development nowadays.However,its main characteristic,the separation of control plane and data plane,also brings about new security challenges,i.e.,Denial-of-Service(DoS) attacks specific to Open Flow SDN networks to exhaust the control plane bandwidth and overload the buffer memory of Open Flow switch.To mitigate the DoS attacks in the Open Flow networks,we design and implement SGuard,a security application on top of the NOX controller that mainly contains two modules:Access control module and Classification module.We employ novel six-tuple as feature vector to classify traffic flows,meanwhile optimizing classification by feature ranking and selecting algorithms.All the modules will cooperate with each other to complete a series of tasks such as authorization,classification and so on.At the end of this paper,we experimentally use Mininet to evaluate SGuard in a software environment.The results show that SGuard works efficiently and accurately without adding more overhead to the SDN networks.
基金The project supported by National Natural Science Foundation of China under Grant No.10675060
文摘In this paper, we investigate the effect due to the change of topology structure of network on the nonlinear dynamical behavior, by virtue of the OFC neuron evolution model with attack and repair strategy based on the small world. In particular, roles of various parameters relating to the dynamical behavior are carefully studied and analyzed. In addition, the avalanche and EEC-like wave activities with attack and repair strategy are also explored in detail in this work.
基金supported by the Foundation for Innovative Research Groups of the National Natural Science Foundation of China (No. 61521003)The National Key R&D Program of China (No.2016YFB0800101)+1 种基金the National Science Foundation for Distinguished Young Scholars of China (No.61602509)Henan Province Key Technologies R&D Program of China(No.172102210615)
文摘Controller vulnerabilities allow malicious actors to disrupt or hijack the Software-Defined Networking. Traditionally, it is static mappings between the control plane and data plane. Adversaries have plenty of time to exploit the controller's vulnerabilities and launch attacks wisely. We tend to believe that dynamically altering such static mappings is a promising approach to alleviate this issue, since a moving target is difficult to be compromised even by skilled adversaries. It is critical to determine the right time to conduct scheduling and to balance the overhead afforded and the security levels guaranteed. Little previous work has been done to investigate the economical time in dynamic-scheduling controllers. In this paper, we take the first step to both theoretically and experimentally study the scheduling-timing problem in dynamic control plane. We model this problem as a renewal reward process and propose an optimal algorithm in deciding the right time to schedule with the objective of minimizing the long-term loss rate. In our experiments, simulations based on real network attack datasets are conducted and we demonstrate that our proposed algorithm outperforms given scheduling schemes.
基金supported by the National Natural Science Foundation of China under Grant No. 61271174
文摘By allowing routers to combine the received packets before forwarding them,network coding-based applications are susceptible to possible malicious pollution attacks.Existing solutions for counteracting this issue either incur inter-generation pollution attacks(among multiple generations)or suffer high computation/bandwidth overhead.Using a dynamic public key technique,we propose a novel homomorphic signature scheme for network coding for each generation authentication without updating the initial secret key used.As per this idea,the secret key is scrambled for each generation by using the generation identifier,and each packet can be fast signed using the scrambled secret key for the generation to which the packet belongs.The scheme not only can resist intra-generation pollution attacks effectively but also can efficiently prevent inter-generation pollution attacks.Further,the communication overhead of the scheme is small and independent of the size of the transmitting files.
基金Acknov,.4edgements This work was supported in part by National Basic Research Program of China ("973 program") under contract No. 2007CB307101, and in part by National Natural Science Foundation of China under Grant No. 60833002, No. 60802016 and No.60972010.
文摘Wormhole attack is one of the most devastating threats for range-free localization in wireless sensor networks. In this paper, we evaluate three statistical estimation methods with the same network model and geographic information obtailaed by the DV-Hop algorithm. We analyze the limits of Minimum Mean Square Estimate (MMSE), Least Median of Squares (LMS) and Enhanced greedy At- tack-Resistant MMSE (EARMMSE) and propose an improved EARMMSE with the hop-distance relationship, named EARMMSE+. Simulation results illustrate the performance of MMSE, LMS and EARMMSE+ with different anchor fraction, the length of wormhole link and the average local neighborhood and show that EARMMSE+ outperforms MMSE and LMS.
文摘Security issues are always difficult to deal with in mobile ad hoe networks. People seldom studied the costs of those security schemes respectively and for some security methods designed and adopted beforehand, their effects are often investigated one by one. In fact, when facing certain attacks, different methods would respond individually and result in waste of resources. Making use of the cost management idea, we analyze the costs of security measures in mobile ad hoc networks and introduce a security framework based on security mechanisms cost management. Under the framework, the network system's own tasks can be finished in time and the whole network's security costs can be decreased. We discuss the process of security costs computation at each mobile node and in certain nodes groups. To show how to use the proposed security framework in certain applications, we give examples of DoS attacks and costs computation of defense methods. The results showed that more secure environment can be achieved based on the security framework in mobile ad hoc networks.
文摘A discussion is devoted to the design of an adaptive flight control system of the armed helicopter using wavelet neural network method. Firstly, the control loop of the attitude angle is designed with a dynamic inversion scheme in a quick loop and a slow loop. respectively. Then, in order to compensate the error caused by dynamic inversion, the adaptive flight control system of the armed helicopter using wavelet neural network method is put forward, so the BP wavelet neural network and the Lyapunov stable wavelet neural network are used to design the helicopter flight control system. Finally, the typical maneuver flight is simulated to demonstrate its validity and effectiveness. Result proves that the wavelet neural network has an engineering practical value and the effect of WNN is good.
基金This work is supported by National Natural Science Foundation of China under contract 60902008.
文摘Denial of Service Distributed Denial of Service (DOS) attack, especially (DDoS) attack, is one of the greatest threats to Internet. Much research has been done for it by now, however, it is always concentrated in the behaviors of the network and can not deal with the problem exactly. In this paper, we start from the security of the protocol, then we propose a novel theory for security protocol analysis of Denial of Service in order to deal with the DoS attack. We first introduce the conception of weighted graph to extend the strand space model, then we extend the penetrator model and define the goal of anti-DoS attack through the conception of the DoS-stop protocol, finally we propose two kinds of DoS test model and erect the novel formal theory for security protocol analysis of Denial of Service. Our new formal theory is applied in two example protocols. It is proved that the Internet key exchange (IKE) easily suffers from the DoS attacks, and the efficient DoS- resistant secure key exchange protocol (JFK) is resistant against DoS attack for the server, respectively.
基金The project supported by National Natural Science Foundation of China under Grant No. 10375022Acknowledgment We thank Prof. Tang Yi for helpful discussions.
文摘We study the attack vulnerability of network with duplication-divergence mechanism. Numerical results have shown that the duplication-divergence network with larger retention probability a is more robust against target attack relatively. Furthermore, duplication-divergence network is broken down more quickly than its counterpart BA network under target attack. Such result is consistent with the fact of WWW and Internet networks under target attack. So duplication-divergence model is a more realistic one for us to investigate the characteristics of the world wide web in future. We also observe that the exponent γ of degree distribution and average degree are important parameters of networks, reflecting the performance of networks under target attack. Our results are helpful to the research on the security of network.
基金supported in part by Research Fund for the Doctoral Program of Higher Education of China(No.20120009110007)Program for Innovative Research Team in University of Ministry of Education of China (No.IRT201206)+3 种基金Program for New Century Excellent Talents in University(NCET-110565)the Fundamental Research Funds for the Central Universities(No.2012JBZ010)the Open Project Program of Beijing Key Laboratory of Trusted Computing at Beijing University of TechnologyBeijing Higher Education Young Elite Teacher Project(No. YETP0542)
文摘Privacy-preserving data publishing (PPDP) is one of the hot issues in the field of the network security. The existing PPDP technique cannot deal with generality attacks, which explicitly contain the sensitivity attack and the similarity attack. This paper proposes a novel model, (w,γ, k)-anonymity, to avoid generality attacks on both cases of numeric and categorical attributes. We show that the optimal (w, γ, k)-anonymity problem is NP-hard and conduct the Top-down Local recoding (TDL) algorithm to implement the model. Our experiments validate the improvement of our model with real data.
文摘This paper introduces the cost-sensitive feature weighting strategy and its application in intrusion detection. Cost factors and cost matrix are proposed to demonstrate the misclassification cost for IDS. How to get the whole minimal risk, is mainly discussed in this paper in detail. From experiments, it shows that although decision cost based weight learning exists somewhat attack misclassification, it can achieve relatively low misclassification costs on the basis of keeping relatively high rate of recognition precision. Key words decision cost - feature weighting - intrusion detection CLC number TP 393. 08 Foundation item: Supported by the National Natural Science Foundation Key Research Plan of China (90104030) and “20 Century Education Development Plan”Biography: QIAN Quan(1972-), male, Ph. D. research direction: computer network, network security and artificial intelligence
基金The Natural Science Foundation of Jiangsu Province(No.BK2006108)
文摘According to the security shortages of two robust practical email protocols with perfect forward secrecy, attacks on the two protocols are analyzed and corresponding improvements on the two protocols are proposed. First, by analyzing the two email protocols, the corresponding man-in-the-middle attacks are proposed, where the adversary forges the messages in the receiving phase to cheat the two communication participants and makes them share the wrong session keys with him. Consequently, the man-in-the-middle attacks can make the two protocols fail to provide perfect forward secrecy. Secondly, by adding corresponding signatures in the receiving phases of the two protocols, two corresponding improvements on the protocols are proposed to overcome the man-in-the-middle attacks on the two protocols and make them provide perfect forward secrecy. Moreover, the two improved protocols can retain all the merits of the former protocols.
基金supported in part by the National Natural Science Foundation of China(61227801,61121001,61201152,and 61421061)the Program for New Century Excellent Talents in University(NCET-01-0259)the Fundamental Research Funds for the Central Universities(2013RC0106)
文摘In the last decade,cognitive radio(CR) has emerged as a major next generation wireless networking technology,which is the most promising candidate solution to solve the spectrum scarcity and improve the spectrum utilization.However,there exist enormous challenges for the open and random access environment of CRNs,where the unlicensed secondary users(SUs) can use the channels that are not currently used by the licensed primary users(PUs) via spectrum-sensing technology.Because of this access method,some malicious users may access the cognitive network arbitrarily and launch some special attacks,such as primary user emulation attack,falsifying data or denial of service attack,which will cause serious damage to the cognitive radio network.In addition to the specifi c security threats of cognitive network,CRNs also face up to the conventional security threats,such as eavesdropping,tampering,imitation,forgery,and noncooperation etc..Hence,Cognitive radio networks have much more risks than traditional wireless networks with its special network model.In this paper,we considered the security threats from passive and active attacks.Firstly,the PHY layer security is presented in the view of passive attacks,and it is a compelling idea of using the physical properties of the radio channel to help provide secure wireless communications.Moreover,malicious user detection is introduced in the view of active attacks by means of the signal detection techniques to decrease the interference and the probabilities of false alarm and missed detection.Finally,we discuss the general countermeasures of security threats in three phases.In particular,we discuss the far reaching effect of defensive strategy against attacks in CRNs.
文摘In this paper, we present Real-Time Flow Filter (RTFF) -a system that adopts a middle ground between coarse-grained volume anomaly detection and deep packet inspection. RTFF was designed with the goal of scaling to high volume data feeds that are common in large Tier-1 ISP networks and providing rich, timely information on observed attacks. It is a software solution that is designed to run on off-the-shelf hardware platforms and incorporates a scalable data processing architecture along with lightweight analysis algorithms that make it suitable for deployment in large networks. RTFF also makes use of state of the art machine learning algorithms to construct attack models that can be used to detect as well as predict attacks.
