Due to the lack of authentication mechanism in BeiDou navigation satellite system(BDS),BD-Ⅱ civil navigation message(BDⅡ-CNAV) are vulnerable to spoofing attack and replay attack.To solve this problem,we present a s...Due to the lack of authentication mechanism in BeiDou navigation satellite system(BDS),BD-Ⅱ civil navigation message(BDⅡ-CNAV) are vulnerable to spoofing attack and replay attack.To solve this problem,we present a security authentication protocol,called as BDSec,which is designed by using China’s cryptography Shangyong Mima(SM) series algorithms,such as SM2/4/9 and Zu Chongzhi(ZUC)algorithm.In BDSec protocol,both of BDⅡ-CNAV and signature information are encrypted using the SM4 algorithm(Symmetric encryption mechanism).The encrypted result is used as the subject authentication information.BDSec protocol applies SM9 algorithm(Identity-based cryptography mechanism) to protect the integrity of the BDⅡ-CNAV,adopts the SM2 algorithm(Public key cryptosystem) to guarantee the confidentiality of the important session information,and uses the ZUC algorithm(Encryption and integrity algorithm) to verify the integrity of the message authentication serial number and initial information and the information in authentication initialization sub-protocol respectively.The results of the SVO logic reasoning and performance analysis show that BDSec protocol meets security requirements for the dual user identity authentication in BDS and can realize the security authentication of BDⅡ-CNAV.展开更多
Aiming at the problems of unreliable data transmission,poor steadiness,nonsupport of complex data types,direct couple between data transmission and exchange,a high-level method based on advanced message queuing protoc...Aiming at the problems of unreliable data transmission,poor steadiness,nonsupport of complex data types,direct couple between data transmission and exchange,a high-level method based on advanced message queuing protocol( AMQP) is proposed to integrate naval distributed tactical training simulation system after serious consideration with current information exchange features of military combat system. Transferring layer in traditional user datagram protocol is implemented by publishing and subscribing scheme of message middleware. By creating message model to standardize message structure,integration architecture is formulated to resolve potential information security risks from inconsistent data type and express data transmission. Meanwhile,a communication model is put forward based on AMQP,which is in the center position of the whole transmission framework and responsible for reliably transferring battlefield data among subsystems. Experiments show that the method can accurately post amounts of data to the subscriber without error and loss,and can get excellent real-time performance of data exchange.展开更多
The Internet Control Message Protocol(ICMP)covert tunnel refers to a network attack that encapsulates malicious data in the data part of the ICMP protocol for transmission.Its concealment is stronger and it is not eas...The Internet Control Message Protocol(ICMP)covert tunnel refers to a network attack that encapsulates malicious data in the data part of the ICMP protocol for transmission.Its concealment is stronger and it is not easy to be discovered.Most detection methods are detecting the existence of channels instead of clarifying specific attack intentions.In this paper,we propose an ICMP covert tunnel attack intent detection framework ICMPTend,which includes five steps:data collection,feature dictionary construction,data preprocessing,model construction,and attack intent prediction.ICMPTend can detect a variety of attack intentions,such as shell attacks,sensitive directory access,communication protocol traffic theft,filling tunnel reserved words,and other common network attacks.We extract features from five types of attack intent found in ICMP channels.We build a multi-dimensional dictionary of malicious features,including shell attacks,sensitive directory access,communication protocol traffic theft,filling tunnel reserved words,and other common network attack keywords.For the high-dimensional and independent characteristics of ICMP traffic,we use a support vector machine(SVM)as a multi-class classifier.The experimental results show that the average accuracy of ICMPTend is 92%,training ICMPTend only takes 55 s,and the prediction time is only 2 s,which can effectively identify the attack intention of ICMP.展开更多
Based on the analysis of the covert channel's working mechanism of the internet control message protocol (ICMP) in internet protocol version 4 (IPv4) and Internet Protocol version 6 (IPv6), the ICMP covert cha...Based on the analysis of the covert channel's working mechanism of the internet control message protocol (ICMP) in internet protocol version 4 (IPv4) and Internet Protocol version 6 (IPv6), the ICMP covert channd's algorithms of the IPv4 and IPv6 are presented, which enable automatic channeling upon IPv4/v6 nodes with non-IPv4-compatible address, and the key transmission is achieved by using this channel in the embedded Internet terminal. The result shows that the covert channel's algorithm, which we implemented if, set correct, the messages of this covert channel might go through the gateway and enter the local area network.展开更多
With the rapid development of the Internet,a large number of private protocols emerge on the network.However,some of them are constructed by attackers to avoid being analyzed,posing a threat to computer network securi...With the rapid development of the Internet,a large number of private protocols emerge on the network.However,some of them are constructed by attackers to avoid being analyzed,posing a threat to computer network security.The blockchain uses the P2P protocol to implement various functions across the network.Furthermore,the P2P protocol format of blockchain may differ from the standard format specification,which leads to sniffing tools such as Wireshark and Fiddler not being able to recognize them.Therefore,the ability to distinguish different types of unknown network protocols is vital for network security.In this paper,we propose an unsupervised clustering algorithm based on maximum frequent sequences for binary protocols,which can distinguish various unknown protocols to provide support for analyzing unknown protocol formats.We mine the maximum frequent sequences of protocolmessage sets in bytes.Andwe calculate the fuzzymembership of the protocolmessage to each maximum frequent sequence,which is based on fuzzy set theory.Then we construct the fuzzy membership vector for each protocol message.Finally,we adopt K-means++to split different types of protocol messages into several clusters and evaluate the performance by calculating homogeneity,integrity,and Fowlkes and Mallows Index(FMI).Besides,the clustering algorithms based onNeedleman–Wunsch and the fixed-length prefix are compared with the algorithm presented in this paper.Compared with these traditional clustering methods,we demonstrate a certain improvement in the clustering performance of our work.展开更多
Over time, the world has transformed digitally and there is total dependence on the internet. Many more gadgets are continuously interconnected in the internet ecosystem. This fact has made the Internet a global infor...Over time, the world has transformed digitally and there is total dependence on the internet. Many more gadgets are continuously interconnected in the internet ecosystem. This fact has made the Internet a global information source for every being. Despite all this, attacker knowledge by cybercriminals has advanced and resulted in different attack methodologies on the internet and its data stores. This paper will discuss the origin and significance of Denial of Service (DoS) and Distributed Denial of Service (DDoS). These kinds of attacks remain the most effective methods used by the bad guys to cause substantial damage in terms of operational, reputational, and financial damage to organizations globally. These kinds of attacks have hindered network performance and availability. The victim’s network is flooded with massive illegal traffic hence, denying genuine traffic from passing through for authorized users. The paper will explore detection mechanisms, and mitigation techniques for this network threat.展开更多
There is a lack of appropriate guidelines for realistic user traces, mobility models, routing protocols, considerations of real-life challenges, etc. for general-purpose mobile ad hoc networks (MANET). In this paper...There is a lack of appropriate guidelines for realistic user traces, mobility models, routing protocols, considerations of real-life challenges, etc. for general-purpose mobile ad hoc networks (MANET). In this paper, four laptops are used in an open field environment in four scenarios to evaluate the performances of Internet control message protocol (ICMP) based ping and transmission control protocol (TCP) based streaming video applications using optimised link state routing (OLSR) implementation in an IEEE 802.11g wireless network. Corresponding simulations are developed in Network Simulator ns-2 by setting simulation parameters according to the real experiments. Difficulties faced to regenerate real-life scenarios have been discussed and the gaps between reality and simulation are identified. A setup guideline to produce realistic simulation results has been established.展开更多
This paper presents overview of new features so far prepared for new version of spectral analysis tool SPLAT-VO that allows to retrieve a large amount of spectra(and other data) based on its characteristics by detaile...This paper presents overview of new features so far prepared for new version of spectral analysis tool SPLAT-VO that allows to retrieve a large amount of spectra(and other data) based on its characteristics by detailed querying a virtual observatory s resources. The overview is focused on enhancements of user experience, work with simple application messaging protocol(SAMP) and other interoperability that improves work with global list of spectra, plot window and analysis menu.展开更多
基金supported in part by the National Key R&D Program of China(No.2022YFB3904503)National Natural Science Foundation of China(No.62172418)the joint funds of National Natural Science Foundation of China and Civil Aviation Administration of China(No.U2133203).
文摘Due to the lack of authentication mechanism in BeiDou navigation satellite system(BDS),BD-Ⅱ civil navigation message(BDⅡ-CNAV) are vulnerable to spoofing attack and replay attack.To solve this problem,we present a security authentication protocol,called as BDSec,which is designed by using China’s cryptography Shangyong Mima(SM) series algorithms,such as SM2/4/9 and Zu Chongzhi(ZUC)algorithm.In BDSec protocol,both of BDⅡ-CNAV and signature information are encrypted using the SM4 algorithm(Symmetric encryption mechanism).The encrypted result is used as the subject authentication information.BDSec protocol applies SM9 algorithm(Identity-based cryptography mechanism) to protect the integrity of the BDⅡ-CNAV,adopts the SM2 algorithm(Public key cryptosystem) to guarantee the confidentiality of the important session information,and uses the ZUC algorithm(Encryption and integrity algorithm) to verify the integrity of the message authentication serial number and initial information and the information in authentication initialization sub-protocol respectively.The results of the SVO logic reasoning and performance analysis show that BDSec protocol meets security requirements for the dual user identity authentication in BDS and can realize the security authentication of BDⅡ-CNAV.
基金Supported by the National Natural Science Foundation of China(No.61401496)
文摘Aiming at the problems of unreliable data transmission,poor steadiness,nonsupport of complex data types,direct couple between data transmission and exchange,a high-level method based on advanced message queuing protocol( AMQP) is proposed to integrate naval distributed tactical training simulation system after serious consideration with current information exchange features of military combat system. Transferring layer in traditional user datagram protocol is implemented by publishing and subscribing scheme of message middleware. By creating message model to standardize message structure,integration architecture is formulated to resolve potential information security risks from inconsistent data type and express data transmission. Meanwhile,a communication model is put forward based on AMQP,which is in the center position of the whole transmission framework and responsible for reliably transferring battlefield data among subsystems. Experiments show that the method can accurately post amounts of data to the subscriber without error and loss,and can get excellent real-time performance of data exchange.
基金This research was supported by National Natural Science Foundation of China(Grant Nos.61972048,62072051).
文摘The Internet Control Message Protocol(ICMP)covert tunnel refers to a network attack that encapsulates malicious data in the data part of the ICMP protocol for transmission.Its concealment is stronger and it is not easy to be discovered.Most detection methods are detecting the existence of channels instead of clarifying specific attack intentions.In this paper,we propose an ICMP covert tunnel attack intent detection framework ICMPTend,which includes five steps:data collection,feature dictionary construction,data preprocessing,model construction,and attack intent prediction.ICMPTend can detect a variety of attack intentions,such as shell attacks,sensitive directory access,communication protocol traffic theft,filling tunnel reserved words,and other common network attacks.We extract features from five types of attack intent found in ICMP channels.We build a multi-dimensional dictionary of malicious features,including shell attacks,sensitive directory access,communication protocol traffic theft,filling tunnel reserved words,and other common network attack keywords.For the high-dimensional and independent characteristics of ICMP traffic,we use a support vector machine(SVM)as a multi-class classifier.The experimental results show that the average accuracy of ICMPTend is 92%,training ICMPTend only takes 55 s,and the prediction time is only 2 s,which can effectively identify the attack intention of ICMP.
基金Supported by the National Natural Science Foun-dation of China (90104005 ,66973034)
文摘Based on the analysis of the covert channel's working mechanism of the internet control message protocol (ICMP) in internet protocol version 4 (IPv4) and Internet Protocol version 6 (IPv6), the ICMP covert channd's algorithms of the IPv4 and IPv6 are presented, which enable automatic channeling upon IPv4/v6 nodes with non-IPv4-compatible address, and the key transmission is achieved by using this channel in the embedded Internet terminal. The result shows that the covert channel's algorithm, which we implemented if, set correct, the messages of this covert channel might go through the gateway and enter the local area network.
基金National Natural Science Foundation of China under Grant No.61872111Sichuan Science and Technology Program(No.2019YFSY0049)the“Project for the Development and Application of Safety Testing and Verification Platform for Industrial Robots”of the Ministry of Industry and Information Technology.
文摘With the rapid development of the Internet,a large number of private protocols emerge on the network.However,some of them are constructed by attackers to avoid being analyzed,posing a threat to computer network security.The blockchain uses the P2P protocol to implement various functions across the network.Furthermore,the P2P protocol format of blockchain may differ from the standard format specification,which leads to sniffing tools such as Wireshark and Fiddler not being able to recognize them.Therefore,the ability to distinguish different types of unknown network protocols is vital for network security.In this paper,we propose an unsupervised clustering algorithm based on maximum frequent sequences for binary protocols,which can distinguish various unknown protocols to provide support for analyzing unknown protocol formats.We mine the maximum frequent sequences of protocolmessage sets in bytes.Andwe calculate the fuzzymembership of the protocolmessage to each maximum frequent sequence,which is based on fuzzy set theory.Then we construct the fuzzy membership vector for each protocol message.Finally,we adopt K-means++to split different types of protocol messages into several clusters and evaluate the performance by calculating homogeneity,integrity,and Fowlkes and Mallows Index(FMI).Besides,the clustering algorithms based onNeedleman–Wunsch and the fixed-length prefix are compared with the algorithm presented in this paper.Compared with these traditional clustering methods,we demonstrate a certain improvement in the clustering performance of our work.
文摘Over time, the world has transformed digitally and there is total dependence on the internet. Many more gadgets are continuously interconnected in the internet ecosystem. This fact has made the Internet a global information source for every being. Despite all this, attacker knowledge by cybercriminals has advanced and resulted in different attack methodologies on the internet and its data stores. This paper will discuss the origin and significance of Denial of Service (DoS) and Distributed Denial of Service (DDoS). These kinds of attacks remain the most effective methods used by the bad guys to cause substantial damage in terms of operational, reputational, and financial damage to organizations globally. These kinds of attacks have hindered network performance and availability. The victim’s network is flooded with massive illegal traffic hence, denying genuine traffic from passing through for authorized users. The paper will explore detection mechanisms, and mitigation techniques for this network threat.
文摘There is a lack of appropriate guidelines for realistic user traces, mobility models, routing protocols, considerations of real-life challenges, etc. for general-purpose mobile ad hoc networks (MANET). In this paper, four laptops are used in an open field environment in four scenarios to evaluate the performances of Internet control message protocol (ICMP) based ping and transmission control protocol (TCP) based streaming video applications using optimised link state routing (OLSR) implementation in an IEEE 802.11g wireless network. Corresponding simulations are developed in Network Simulator ns-2 by setting simulation parameters according to the real experiments. Difficulties faced to regenerate real-life scenarios have been discussed and the gaps between reality and simulation are identified. A setup guideline to produce realistic simulation results has been established.
基金supported by Agency of the Czech Republic-GACR(No.P103/13/08195S)the Development of Human Resources in Research and Development of Latest Soft Computing Methods and Their Application in Practical Project,Operational Programm Education for Competitiveness(No.CZ.1.07/2.3.00/20.0072)+1 种基金ESF State Budget of the Czech Republic,SGS(No.SP2013/114)VBTechnical University of Ostrava,Czech Republic
文摘This paper presents overview of new features so far prepared for new version of spectral analysis tool SPLAT-VO that allows to retrieve a large amount of spectra(and other data) based on its characteristics by detailed querying a virtual observatory s resources. The overview is focused on enhancements of user experience, work with simple application messaging protocol(SAMP) and other interoperability that improves work with global list of spectra, plot window and analysis menu.
