Subtle role of latency for information diffusion in online social networks

Information diffusion in online social networks is induced by the event of forwarding information for users, and latency exists widely in user spreading behaviors. Little work has been done to reveal the effect of latency on the diffusion process. In this paper, we propose a propagation model in which nodes may suspend their spreading actions for a waiting period of stochastic length. These latent nodes may recover their activity again. Meanwhile, the mechanism of forwarding information is also introduced into the diffusion model. Mean-field analysis and numerical simulations indicate that our model has three nontrivial results. First, the spreading threshold does not correlate with latency in neither homogeneous nor heterogeneous networks, but depends on the spreading and refractory parameter. Furthermore, latency affects the diffusion process and changes the infection scale. A large or small latency parameter leads to a larger final diffusion extent, but the intrinsic dynamics is different. Large latency implies forwarding information rapidly, while small latency prevents nodes from dropping out of interactions. In addition, the betweenness is a better descriptor to identify influential nodes in the model with latency, compared with the coreness and degree. These results are helpful in understanding some collective phenomena of the diffusion process and taking measures to restrain a rumor in social networks.

A Website Security Risk Assessment Method Based on the I-BAG Model

In order to protect the website and assess the security risk of website, a novel website security risk assessment method is proposed based on the improved Bayesian attack graph(I-BAG) model. First, the Improved Bayesian attack graph model is established, which takes attack benefits and threat factors into consideration. Compared with the existing attack graph models, it can better describe the website's security risk. Then, the improved Bayesian attack graph is constructed with optimized website attack graph, attack benefit nodes, threat factor nodes and the local conditional probability distribution of each node, which is calculated accordingly. Finally, website's attack probability and risk value are calculated on the level of nodes, hosts and the whole website separately. The experimental results demonstrate that the risk evaluating method based on I-BAG model proposed is a effective way for assessing the website security risk.

Improved Quantum ＂ Ping-Pong＂ Protocol Based on Extended Three-Particle GHZ State

In order to transmit secure messages, a quantum secure direct communication protocol based on extended three-particle GHZ state was presented, in which the extended three-particle GHZ state was used to detect eave sdroppers. In the security analysis, the method of the entropy theory is introduced, and three detection strategies are compared quantitatively by using the constraint between the information eavesdroppers can obtain and the interference introduced. If the eavesdroppers intend to obtain all information, the detection rate of the original "Ping-pong" protocol is 50%; the second protocol used two particles of EPR pair as detection particles is also 50%; while the presented protocol is 58%. At last, the security of the proposed protocol is discussed. The analysis results indicate that the protocol in this paper is more secure than the other two.

一种基于动态ID刷新机制的低成本RFID标签双向认证协议(英文)

In order to solve the various privacy and security problems in RFID system, a new low-cost RFID mutual authentication protocol based on ID updating mechanics is proposed. In the proposed scheme, the backend server keeps both the current ID and potential next ID for each tag, thus to solve the possible problem of de-synchronization attack in the most ID updating-based schemes. In the security analysis section, comparing several protocols in property required and attacker resistances, the comparison results show that the proposed protocol provides strong authentication and strong integrity of the transmissions and can withstand most the possible attacks that break the security of the previous schemes. In the performance evaluation section, the analysis results also indicate that, in terms of computational cost and storage requirement, the proposed scheme is safer, more efficient, more suitable for low-cost tag and more feasible in practice.

SVR-Miner:一种基于大型软件的安全验证规则挖掘和缺陷检测工具(英文)

For various reasons,many of the security programming rules applicable to specific software have not been recorded in official documents,and hence can hardly be employed by static analysis tools for detection.In this paper,we propose a new approach,named SVR-Miner(Security Validation Rules Miner),which uses frequent sequence mining technique [1-4] to automatically infer implicit security validation rules from large software code written in C programming language.Different from the past works in this area,SVR-Miner introduces three techniques which are sensitive thread,program slicing [5-7],and equivalent statements computing to improve the accuracy of rules.Experiments with the Linux Kernel demonstrate the effectiveness of our approach.With the ten given sensitive threads,SVR-Miner automatically generated 17 security validation rules and detected 8 violations,5 of which were published by Linux Kernel Organization before we detected them.We have reported the other three to the Linux Kernel Organization recently.

Control Flow Obfuscation Based Protection Method for Android Applications

With the popularization and rapid development of mobile intelligent terminals(MITs), the number of mobile applications, or apps, has increased exponentially. It is increasingly common for malicious code to be inserted into counterfeit apps, which can cause significant economic damage and threaten the security of users. Code obfuscation techniques are a highly efficient group of methods for code security protection. In this paper, we propose a novel control flow obfuscation based method for Android code protection. First, algorithms to insert irrelevant code and flatten the control flow are employed that minimize the cost of obfuscation while ensuring its strength. Second, we improve the traditional methods of control flow flattening to further reduce the costs of obfuscation. Lastly, the use of opaque predicates is strengthened by establishing an access control strategy, which converts the identification of opaque predicates in the entire program into a graph traversal problem, and thereby increases the strength of the code protection. We did some experiments to evaluate our method, and the results show that the proposed method can work well.

Towards accountable authority attribute-based encryption

An accountable authority attribute-based encryption(A-ABE)scheme is presented in this paper.The notion of accountable authority identity-based encryption(A-IBE)was first introduced by Goyal at Crypto'07.It is a novel approach to mitigate the(inherent)key escrow problem in identity-based cryptosystems.In this work,the concept of accountable authority to attribute-based encryption(ABE)setting is generalized for the first time,and then a construction is given.The scheme non-trivially integrates an A-IBE scheme proposed by Libert et al.with an ABE scheme.In our construction,a user will be identified by a pair(id,ω),where id denotes the user's identity andωdenotes the set of attributes associated to the user.In addition,our construction is shown to be secure under some reasonable assumptions.

Software Defect Distribution Prediction Model Based on NPE-SVM

During the prediction of software defect distribution, the data redundancy caused by the multi-dimensional measurement will lead to the decrease of prediction accuracy. In order to solve this problem, this paper proposed a novel software defect prediction model based on neighborhood preserving embedded support vector machine(NPESVM) algorithm. The model uses SVM as the basic classifier of software defect distribution prediction model, and the NPE algorithm is combined to keep the local geometric structure of the data unchanged in the process of dimensionality reduction. The problem of precision reduction of SVM caused by data loss after attribute reduction is avoided. Compared with single SVM and LLE-SVM prediction algorithm, the prediction model in this paper improves the F-measure in aspect of software defect distribution prediction by 3%~4%.

Towards improving detection performance for malware with a correntropy-based deep learning method

With the rapid development of Internet of Things(IoT)technologies,the detection and analysis of malware have become a matter of concern in the industrial application of Cyber-Physical System(CPS)that provides various services using the IoT paradigm.Currently,many advanced machine learning methods such as deep learning are popular in the research of malware detection and analysis,and some achievements have been made so far.However,there are also some problems.For example,considering the noise and outliers in the existing datasets of malware,some methods are not robust enough.Therefore,the accuracy of malware classification still needs to be improved.Aiming at this issue,we propose a novel method that combines the correntropy and the deep learning model.In our proposed method for malware detection and analysis,given the success of the mixture correntropy as an effective similarity measure in addressing complex datasets with noise,it is therefore incorporated into a popular deep learning model,i.e.,Convolutional Neural Network(CNN),to reconstruct its loss function,with the purpose of further detecting the features of outliers.We present the detailed design process of our method.Furthermore,the proposed method is tested both on a real-world malware dataset and a popular benchmark dataset to verify its learning performance.

Modeling and Dynamic Analysis in Software Systems Based on Complex Networks

A software network model with multiple links is constructed on the basis of a dynamical model of a general complex network with multiple links.The principle of network division of multiple links is introduced.Following these principles,the software network model is decomposed into three types of subnets and different relationships between classes are revealed.Then,the dynamic analysis of software networks is presented.A sufficient condition for the stability of general complex networks is obtained followed by that of software networks.Finally,the dynamics of an open-source software system is analyzed,and their simulations are provided to demonstrate the effectiveness of the presented model.

总体国家安全观视域下的俄乌危机及战略思考

Xi Jinping,General Secretary of the Communist Party of China(CPC)Central Committee,has creatively put forward a holistic approach to national security,making a major breakthrough beyond the traditional national security concepts and providing the world with a new one characterized by universality and inclusivity.This thesis uses a holistic approach to national security to analyze the ongoing Russia-Ukraine crisis:its underlying causes,latest developments,tactics deployed,and potential implications.The outbreak of the Russia-Ukraine crisis highlights the antagonism between different national security paths of the US,Russia,and Ukraine.Moreover,the crisis has proven the correctness of the path of national security with Chinese characteristics and the importance of pursuing peaceful development.The process of the Russia-Ukraine crisis has foregrounded the necessity and scientificity of balancing development and security-that is,a higher level of national security provides a guarantee and support for high-quality development,which in turn improves its competence and efficiency.Typified by intertwined traditional and non-traditional security issues,the form of the RussiaUkraine crisis has indicated that,to safeguard national security,China must coordinate a full spectrum of security issues,be prepared for worst-case scenarios,and remain keenly alert to potential dangers.Efforts must be made to strengthen a well-coordinated,interconnected,and multi-pronged approach.The consequences of the Russia-Ukraine crisis shed light on the complexity of the international security environment wheredisorder prevails,and underscore the importance of paying equal attention to our security and that shared by the world.China must continue to encourage all other countries to pursue peaceful development,actively respond to the legitimate security concerns of the international community,and promote a new type of international security framework that features mutually beneficial cooperation under the vision of a community with a shared future for humanity.

Improved Linear Attacks on the Chinese Block Cipher Standard

The block cipher used in the Chinese Wireless LAN Standard （WAPI）, SMS4, was recently renamed as SM4, and became the block cipher standard issued by the Chinese government. This paper gives a method for finding the linear approximations of SMS4. With this method, 19-round one-dimensional approximations are given, which are used to improve the previous linear cryptanalysis of SMS4. The 19-round approximations hold with bias 2-62.27; we use one of them to leverage a linear attack on 23-round SMS4. Our attack improves the previous 23-round attacks by reducing the time complexity. Furthermore, the data complexity of our attack is further improved by the multidimensional linear approach.

Anonymous authentication scheme of trusted mobile terminal under mobile Internet

In order to solve the contradictions between user privacy protection and identity authentication, an anonymous authentication scheme under mobile Internet is proposed, which is based on the direct anonymous attestation of trusted computing and uses the encrypting transfer and signature validation for its implementation. Aiming at two access mode of trusted mobile terminal under mobile Internet, self access and cross-domain access, the authentication process of each mode is described in details. The analysis shows that the scheme implements anonymous authentication on mobile Internet and is correct, controllable and unforgeable.

Key Recovery Against 3DES in CPU Smart Card Based on Improved Correlation Power Analysis

The security of CPU smart cards, which are widely used throughout China, is currently being threatened by side-channel analysis. Typical countermeasures to side-channel analysis involve adding noise and filtering the power consumption signal. In this paper, we integrate appropriate preprocessing methods with an improved attack strategy to generate a key recovery solution to the shortcomings of these countermeasures. Our proposed attack strategy improves the attack result by combining information leaked from two adjacent clock cycles. Using our laboratory-based power analysis system, we verified the proposed key recovery solution by performing a successful correlation power analysis on a Triple Data Encryption Standard （3DES） hardware module in a real-life 32-bit CPU smart card. All 112 key bits of the 3DES were recovered with about 80 000 power traces.

SwordDTA： A Dynamic Taint Analysis Tool for Software Vulnerability Detection

Software vulnerabilities are the root cause of various information security incidents while dynamic taint analysis is an emerging program analysis technique. In this paper, to maximize the use of the technique to detect software vulnerabilities, we present SwordDTA, a tool that can perform dynamic taint analysis for binaries. This tool is flexible and extensible that it can work with commodity software and hardware. It can be used to detect software vulnerabilities with vulnerability modeling and taint check. We evaluate it with a number of commonly used real-world applications. The experimental results show that SwordDTA is capable of detecting at least four kinds of softavare vulnerabilities including buffer overflow, integer overflow, division by zero and use-after-free, and is applicable for a wide range of software.

Properties of strangelets in a new quark mass confinement model with one-gluon-exchange interaction

The properties of strangelets at zero temperature with a new quark model that includes both the confinement and one-gluonexchange interactions is studied in a fully self-consistent method.The charge and parameter dependence of the stability of strangelets are discussed.It is found that the one-gluon-exchange interaction lowers the energy of a strangelet,and consequently allows the strangelet to be absolutely stable.The stable strangelet radius in the present model is smaller in comparison with the absence of one-gluon-exchange interaction,and can thus be much less than that of a normal nucleus with the same baryon number,according to the strength of the confinement and one-gluon-exchange interactions.

Software Backdoor Analysis Based on Sensitive Flow Tracking and Concolic Execution

In order to effectively detect and analyze the backdoors this paper introduces a method named Backdoor Analysis based on Sensitive flow tracking and Concolic Execution（BASEC）.BASEC uses sensitive flow tracking to effectively discover backdoor behaviors, such as stealing secret information and injecting evil data into system, with less false negatives. With concolic execution on predetermined path, the backdoor trigger condition can be extracted and analyzed to achieve high accuracy. BASEC has been implemented and experimented on several software backdoor samples widespread on the Internet, and over 90% of them can be detected. Compared with behavior-based and system-call-based detection methods, BASEC relies less on the historical sample collections, and is more effective in detecting software backdoors, especially those injected into software by modifying and recompiling source codes.

Efficient and Provably-Secure Certificateless Proxy Re-encryption Scheme for Secure Cloud Data Sharing

In current cloud computing system, large amounts of sensitive data are shared to other cloud users.To keep these data confidentiality, data owners should encrypt their data before outsourcing. We choose proxy reencryption(PRE) as the cloud data encryption technique. In a PRE system, a semi-trusted proxy can transform a ciphertext under one public key into a ciphertext of the same message under another public key, but the proxy cannot gain any information about the message. In this paper, we propose a certificateless PRE(CL-PRE) scheme without pairings. The security of the proposed scheme can be proved to be equivalent to the computational DiffieHellman(CDH) problem in the random oracle model. Compared with other existing CL-PRE schemes, our scheme requires less computation cost and is significantly more efficient. The new scheme does not need the public key certificates to guarantee validity of public keys and solves the key escrow problem in identity-based public key cryptography.

Propagation History Ranking in Social Networks:A Causality-Based Approach

Information diffusion is one of the most important issues in social network analysis.Unlike most existing works,which either rely on network topology or node profiles,this study focuses on the diffusion itself,i.e.,the recorded propagation histories.These histories are the evidence of diffusion and can be used to explain to users what happened in their networks.However,these histories can quickly grow in size and complexity,limiting their capacity to be intuitively understood.To reduce this information overload,in this paper we present the problem of propagation history ranking.The goal is to rank participant edges/nodes by their contribution to the diffusion.We first discuss and adapt a causal measure,Difference of Causal Effects(DCE),as the ranking criterion.Then,to avoid the complex calculation of DCE,we propose two integrated ranking strategies by adopting two indicators.One is responsibility,which captures the necessity aspect of causal effects.We further give an approximate algorithm,which could guarantee a feasible solution,for this indicator.The other is capability,which captures the sufficiency aspect of causal effects.Finally,promising experimental results are presented to verify the feasibility of the proposed ranking strategies.