ISSN 1000-1239 CN 11-1777/TP

    Default Latest Most Read
    Please wait a minute...
    For Selected: Toggle Thumbnails
    Journal of Computer Research and Development    2021, 58 (10): 2071-2078.   DOI: 10.7544/issn1000-1239.2021.qy1001
    Abstract574)   HTML295)    PDF (384KB)(512)       Save
    Related Articles | Metrics
    Protection Methods for Cloud Data Security
    Shen Jian, Zhou Tianqi, Cao Zhenfu
    Journal of Computer Research and Development    2021, 58 (10): 2079-2098.   DOI: 10.7544/issn1000-1239.2021.20210805
    Abstract1655)   HTML124)    PDF (2443KB)(1101)       Save
    The rapid development of computer networks and the popularization of big data have promoted the further development of cloud computing. The cloud environment is an important platform for data interaction in the network and information age. It provides great convenience for the efficient data interaction of individuals, enterprises and countries, but it also poses new challenges for the security of cloud data. In this paper, we first present the existing cloud computing model, investigate and analyze the threats in cloud data security protection schemes. On this basis, a systematic analysis of the latest research results of cloud data security protection schemes at home and abroad is conducted, namely, access control, key agreement, secure data auditing and secure data sharing. Secondly, we conduct systematic research and propose solutions to the problems such as easy disclosure of user privacy during the access control process, difficulty in controlling overhead during key generation, low efficiency in dynamic operations during auditing, and difficulty in tracking malicious users during data sharing in existing cloud data security protection schemes. Finally, the current challenges and future research directions of cloud data security protection are discussed, with a view to promoting the establishment of a more complete cloud data protection system.
    Related Articles | Metrics
    Data Privacy-Preserving for Blockchain: State of the Art and Trends
    Wang Chenxu, Cheng Jiacheng, Sang Xinxin, Li Guodong, Guan Xiaohong
    Journal of Computer Research and Development    2021, 58 (10): 2099-2119.   DOI: 10.7544/issn1000-1239.2021.20210804
    Abstract2253)   HTML135)    PDF (1295KB)(1621)       Save
    As a distributed ledger, blockchain solves the decentralized trust problem by integrating a series of techniques such as distributed consensus, P2P (Peer to Peer) network, smart contracts, and cryptography. Blockchain has a meaningful impact on the society and lifts a bloom of researches and applications due to the characteristics of immutability and decentralization. Blockchain technology has a broad scope of applications, and its unique advantages can deal with the pain points in many industry scenarios. However, the blockchain technology is faced with the problem of data privacy leakage in its applications, such as the disclosure of transaction, account and personal information privacy, which greatly impose restrictions on the application scope and fields. Data privacy-preserving for blockchain has become one of the key problems concerned by researchers. In this survey, we first describe the evolutionary history of blockchain technology, define the concept of corresponding privacy according to applications in the field of blockchain and introduce the main technical points and the technology architecture of blockchain. Then we summarize the privacy-preserving problems faced by the blockchain technology and explore the existing solutions based on the proposed concept of data privacy protection. Finally, some problems that still need to be addressed and future research directions of data privacy-preserving for blockchain are discussed based on the analysis.
    Related Articles | Metrics
    Detection and Analysis Technology of Cybercrime
    Hong Geng, Yang Sen, Ye Han, Yang Zhemin, Yang Min
    Journal of Computer Research and Development    2021, 58 (10): 2120-2139.   DOI: 10.7544/issn1000-1239.2021.20210855
    Abstract1023)   HTML72)    PDF (1057KB)(611)       Save
    With the rapid growth of information technology, people’s daily activities have been gradually moving to cyberspace. Online activities also play an increasingly important role national economy. While the Internet greatly facilitated our daily life, more and more criminal activities that threaten our daily life, have also moved to cyberspace. Therefore, how to understand, evaluate, prevent, and combat cybercrimes have become the focus of attention of academia, industry, and law enforcement agencies. Recently, researchers pay much attention to the prevention, evaluation, and countermeasures of cybercrimes. However, until now, only a few researchers focus on the overview of cybercrime. Also, there is an urgent need for systemization of the entire cybercrime kill chain. This paper starts from some classic cybercrime attacks such as phishing, scam, and cryptojacking, and then an in-depth analysis of their supporting techniques is conducted, including blackhat SEO and typosquatting. To analyze the cybercrime kill chain, we also investigate the cybercrime infrastructures such as underground market, botnet, and money laundering. Finally, we discuss the existing challenges and trends of cybercrime research.
    Related Articles | Metrics
    Software Security Vulnerability Mining Based on Deep Learning
    Gu Mianxue, Sun Hongyu, Han Dan, Yang Su, Cao Wanying, Guo Zhen, Cao Chunjie, Wang Wenjie, Zhang Yuqing
    Journal of Computer Research and Development    2021, 58 (10): 2140-2162.   DOI: 10.7544/issn1000-1239.2021.20210620
    Abstract1609)   HTML66)    PDF (2892KB)(1575)       Save
    The increasing complexity of software and the diversified forms of security vulnerabilities have brought severe challenges to the research of software security vulnerabilities. Traditional vulnerability mining methods are inefficient and have problems such as high false positives and high false negatives, which have been unable to meet the increasing demands for software security. At present, a lot of research works have attempted to apply deep learning to the field of vulnerability mining to realize automated and intelligent vulnerability mining. This review conducts an in-depth investigation and analysis of the deep learning methods applied to the field of software security vulnerability mining. First, through collecting and analyzing existing research works of software security vulnerability mining based on deep learning, its general work framework and technical route are summarized. Subsequently, starting from the extraction of deep features, security vulnerability mining works with different code representation forms are classified and discussed. Then, specific areas of deep learning based software security vulnerability mining works are discussed systematically, especially in the field of the Internet of Things and smart contract security. Finally, based on the summary of existing research works, the challenges and opportunities in this filed are discussed, and the future research trends are presented.
    Related Articles | Metrics
    Secure Multiparty Computation and Application in Machine Learning
    Guo Juanjuan, Wang Qiongxiao, Xu Xin, Wang Tianyu, Lin Jingqiang
    Journal of Computer Research and Development    2021, 58 (10): 2163-2186.   DOI: 10.7544/issn1000-1239.2021.20210626
    Abstract1635)   HTML81)    PDF (1976KB)(1359)       Save
    With the emergence and development of artificial intelligence and big data, large-scale data collection and analysis applications have been widely deployed, which introduces the concern of privacy leakage. This privacy concern further prevents data exchanges among originations and results in “data silos”. Secure multiparty computation (MPC) allows multiple originations to perform privacy-preserving collaborative data analytics, without leaking any plaintext data during the interactions, making the data “usable but not visible”. MPC technologies have been extensively studied in the academic and engineering fields, and derive various technical branches. Privacy-preserving machine learning (PPML) is becoming a typical and widely deployed application of MPC. And various PPML schemes have been proposed to perform privacy-preserving training and inference without leaking model parameters nor sensitive data. In this paper, we systematically analyze various MPC schemes and their applications in PPML. Firstly, we list various security models and objectives, and the development of MPC primitives (i.e., garble circuit, oblivious transfer, secret sharing and homomorphic encryption). Then, we summarize the strengths and weaknesses of these primitives, and list the corresponding appropriate usage scenarios, which is followed by the thorough analysis of their applications in PPML. Finally, we point out the further research direction on MPC and their applications in PPML.
    Related Articles | Metrics
    Review of Coded Computing
    Zheng Tengfei, Zhou Tongqing, Cai Zhiping, Wu Hongjia
    Journal of Computer Research and Development    2021, 58 (10): 2187-2212.   DOI: 10.7544/issn1000-1239.2021.20210496
    Abstract806)   HTML44)    PDF (3575KB)(728)       Save
    By integrating the coding theory with distributed computing and exploiting flexible coding methods, coded computing manages to relieve the transmission burden and the negative effects of stragglers. In this way, it improves the overall performance of distributed computing systems. Meanwhile, coded computing schemes are also designed and used to provide security and privacy guarantees for distributed computing systems, where mechanisms, such as error-correcting and data masking, are generally adopted. Due to the advantages of coded computing in communication, storage and computational complexity, it has attracted extensive attention and has become a popular direction in the field of distributed computing. In this survey, the background of coded computing is reviewed with its definition and core ideology clarified. Afterward, the existing coding schemes for communication bottleneck, computation delay and security privacy are introduced and comparatively analyzed in detail. Finally, future research directions and technical challenges of coded computing are analyzed and introduced to provide valuable references for related researchers.
    Related Articles | Metrics
    Key-Recovery Attack on Reduced-Round AES-128 Using the Exchange-Equivalence
    Zhang Li, Wu Wenling, Zhang Lei, Zheng Yafei
    Journal of Computer Research and Development    2021, 58 (10): 2213-2221.   DOI: 10.7544/issn1000-1239.2021.20210549
    Abstract343)   HTML5)    PDF (701KB)(172)       Save
    The advanced encryption standard (AES) is a kind of high-security secret key cryptosystem. It has been widely recognized and used in real life. Since its birth, the research on its security has been the most interesting to cryptographers. At present, it is very difficult to break the full round AES, and the existing analysis methods are difficult to break through the exhaustive search method. So in recent years, researchers have focused on the attacks which can break reduced-round versions of AES, and there are a lot of excellent analysis methods that have emerged, among them, exchange-equivalence attacks, a new cryptanalytic attack technique suitable for SPN-like block cipher designs is widely concerned. Using this technology, researchers have obtained better the secret-key chosen plaintext distinguisher and adaptive chosen ciphertext distinguisher. In this paper, we run through this new technology, based on 5-round adaptive chosen ciphertexts distinguisher on AES, and at the same time, we use a basic property of the Mixcolumns coefficient matrix and a zero difference property to present a new key-recovery attack on 6-round reduced-round AES-128 with a single secret S-Box that requires only 2\+\{51.5\} chosen plaintexts and 2\+\{57.42\} adaptively chosen ciphertexts data complexity and 2\+\{72\} time complexity. In addition, we practically verified our key-recovery attack on a small-scale variant of the AES. The block size of the small-scale AES is 64 bits, and each word is a 4-bit nibble in the state matrix. The experimental result supports our theory. Finally, the results of the current key-recovery attack on 6-round Reduced-Round AES-128 are better than the previously known attack on Reduced-Round AES-128.
    Related Articles | Metrics
    Flexible Fine-Grained Authorization Public Key Encryption with Equality Test Under Standard Model
    Deng Xiangtian Qian Haifeng
    Journal of Computer Research and Development    2021, 58 (10): 2222-2237.   DOI: 10.7544/issn1000-1239.2021.20210596
    Abstract452)   HTML8)    PDF (649KB)(140)       Save
    Public key encryption with equality test(PKEET) is a public key encryption scheme which allows testers to perform equality tests on ciphertexts without holding corresponding private keys, that is, detecting whether the plaintexts decrypted from given cyphertext are equal. The fine-grained authorization PKEET (FG-PKEET) and PKEET with flexible authorization (PKEET-FA) schemes mentioned in previous works improve the functionality of PKEET in aspect of authorization granularity: FG-PKEET scheme allows one user to interact with another user to generate a token specifically for detecting the equality of all these two users’ ciphertexts, while PKEET-FA scheme extends the type of authorization object of the token from user level to ciphertext level, permitting one user to authorize on a specific ciphertext. Both solutions have their own application scenarios and do not include each other in terms of functionality. Thus we propose flexible fine-grained authorization PKEET scheme. Our scheme obtains security properties related to adaptive ciphertext attack and fine-grained authorization. Our solution combines both fine-grained authorization and flexible fine-grained features, allowing two users to authorize respectively on one specified ciphertext or all his ciphertexts. Meanwhile, comparing to existing PKEET schemes with fine-grained authorization or flexible authorization features which rely on random oracle model, our scheme’s security properties are proved under standard model.
    Related Articles | Metrics
    Multi-Platform Efficient Implementation and Optimization of Aigis-enc Algorithm
    Shen Shiyu, He Feng, Zhao Yunlei
    Journal of Computer Research and Development    2021, 58 (10): 2238-2252.   DOI: 10.7544/issn1000-1239.2021.20210617
    Abstract567)   HTML11)    PDF (1493KB)(239)       Save
    The new challenges brought by the rapid development of quantum computing technology have made post-quantum cryptography (PQC) a hot research topic in the current cryptographic community. The Aigis-enc key encapsulation mechanism is a post-quantum cryptographic algorithm based on the asymmetric module learning with errors (A-MLWE) problem, which is one of the algorithms that won the first prizes of public key cryptographic algorithms in the National Cryptographic Algorithm Design Competition held by the Chinese Association for Cryptologic Research. In order to resist quantum attacks, maintain the long-term security of national cyberspace, and contribute to the development of future national PQC algorithm standards, it is important to optimize the excellent post-quantum cryptographic algorithms developed by Chinese scholars. In this paper, we focus on optimizing the Aigis-enc algorithm for different platforms, including fast parallel implementation for high-performance platforms and compact implementation for embedded low-power platforms. Specifically, we fully optimize the existing AVX2 implementation of Aigis-enc using single instruction multiple data stream (SIMD) instructions, and provide its first lightweight compact implementation for the ARM Cortex-M4 platform. Our implementation includes the following optimizations: reducing the number of assembly instructions for Montgomery and Barrett reduction to improve the efficiency of reduction; using number theoretic transformations with trimmed layers and optimized instruction pipelining to speed up polynomial multiplication and reduce the precomputed table storage; providing a parallel implementation of assembly instructions for polynomial serialization and deserialization to speed up the processes of encoding, decoding and encryption; combining on-the-fly computation and space multiplexing to optimize the algorithm storage space. The experimental results show that the proposed optimization techniques can improve the original AVX2 implementation of the Aigis-enc-768 algorithm by 25% on an 8-core Intel Core i7 processor, and significantly reduce its precomputed table storage, code size and stack usage on the ARM Cortex-M4 platform, which is of great practical importance for future deployment of the algorithm.
    Related Articles | Metrics
    Provably Secure Traceable Attribute-Based Sanitizable Signature Scheme in the Standard Model
    Li Jiguo, Zhu Liufu, Liu Chengdong, Lu Yang, Han Jinguang, Wang Huaqun, Zhang Yichen
    Journal of Computer Research and Development    2021, 58 (10): 2253-2264.   DOI: 10.7544/issn1000-1239.2021.20210669
    Abstract496)   HTML12)    PDF (1229KB)(279)       Save
    Since the concept of Attribute-Based Signature(ABS) was proposed, it has attracted wide attention due to its anonymity. ABS can hide the identity of signers to support anonymity, but anonymity may enable malicious signers to abuse signatures if the signatures are not traceable. At the same time, in specific application scenarios, such as e-medical treatment or e-commerce, some personal data(e.g. medical records, trade-transfer details, etc.) should be protected to prevent the leakage of private information. In order to hide sensitive information in data transmission and prevent malicious signers from abusing signatures, a traceable attribute-based sanitizable signature scheme is proposed. The security of the scheme is reduced to the Computational Diffie-Hellman(CDH) hard problem in the standard model. The scheme not only solves the problem of sensitive information hiding, guarantees the privacy of the signer, but also prevents the signer from abusing the signature.
    Related Articles | Metrics
    Anonymous Authentication and Key Agreement Protocol for 5G-V2V Based on PUF
    Hou Wanyu, Sun Yu, Li Dawei, Cui Jian, Guan Zhenyu, Liu Jianwei
    Journal of Computer Research and Development    2021, 58 (10): 2265-2277.   DOI: 10.7544/issn1000-1239.2021.20210486
    Abstract838)   HTML10)    PDF (2296KB)(332)       Save
    In order to solve complex algorithm and high time delay for vehicle-to-vehicle(V2V) communication in 5G vehicle-to-everything(V2X), an anonymous V2V authentication and key agreement protocol based on physical unclonable function(PUF) is proposed. By using lightweight PUF, vehicles can avoid digital signature, key storage and certificate escrow to reduce the overhead of calculation and storage. At the same time, our protocol only needs one-way communication between two vehicles and 5G service network(SN) and one handshake communication between two vehicles to complete V2V authentication and key agreement scheme, which can greatly reduce the communication overhead and time delay. What’s more, PUF binds the on board unit(OBU) of vehicle to the 5G SIM card, which can resist identity forgery attacks. Through the construction of identity index table, the regulatory authority can track the source of vehicles’ pseudo identities through 5G SN, which satisfies conditional anonymity. The security of the proposed protocol is proved in the Dolve-Yao model by AVISPA which is a formal analysis tool. Also, it is superior to the existing 5G V2X anonymous communication protocols in terms of computation overhead, communication overhead and security. Our protocol can provide essential security for V2V communication in 5G V2X.
    Related Articles | Metrics
    Adaptor Signature Scheme Based on the SM2 Digital Signature Algorithm
    Peng Cong, Luo Min, He Debiao, Huang Xinyi
    Journal of Computer Research and Development    2021, 58 (10): 2278-2286.   DOI: 10.7544/issn1000-1239.2021.20210645
    Abstract656)   HTML10)    PDF (898KB)(441)       Save
    The adaptor signature scheme is an extension of the standard digital signature, which can create a “pre-signature” that implies the state of a hard relation (such as discrete logarithm problems) and can be transformed into a completed signature by the witness of the hard relation. The completed signature can be verified by the verification algorithm of a standard signature scheme. Intuitively, an adaptor signature has two properties: 1)only users who know the witness can transform the pre-signature into a completed signature; 2)any user may extract the witness through a pre-signature and a completed signature. Thus, the adaptor signature scheme can provide the atomic exchange property in the blockchain, and has been proved to be very widely used in practice. Based on the SM2 digital signature algorithm, a new adaptor signature scheme (SM2-AS) is constructed in this paper. This scheme can effectively match the SM2 signature scheme’s key generation, signature generation and signature verification algorithms. Moreover, under the random oracle model, we prove that the SM2-AS scheme is secure, that is, it satisfies the pre-signature correctness, pre-signature adaptability, existential unforgeability under chosen plaintext attacks, and witness extractability. Through theoretical analysis and experimental test, the performance of the SM2-AS scheme is comparable to that of ECDSA-based adaptor signature scheme, but obviously weaker than that of the Schnorr-based adaptor signature scheme.
    Related Articles | Metrics
    A Multi-Pattern Hiding Dynamic Symmetric Searchable Encryption Based on Differential Privacy
    Zhao Ziting, Xu Yin, Song Xiangfu, Jiang Han
    Journal of Computer Research and Development    2021, 58 (10): 2287-2300.   DOI: 10.7544/issn1000-1239.2021.20210614
    Abstract509)   HTML13)    PDF (906KB)(333)       Save
    Dynamic Symmetric Searchable Encryption (DSSE) has become one of the most important primitives for data privacy protection in recent years. It allows clients to efficiently retrieve and update encrypted data stored in cloud servers. Only a small amount of strictly defined leakage is disclosed to the server, such as search pattern, access pattern, update pattern, and volume pattern. However, a growing number of studies have found that some powerful adversaries can exploit DSSE leakage to carry out specific attacks that undermine the privacy of data and retrieval. In the past, Private Information Retrieval, Oblivious Random Access Machine and storage padding are often used to compress or even eliminate the leaked information. These technologies can provide better security, but they are difficult to be applied because of the high complexity of computation, communication and storage. In order to achieve a better balance between safety and efficiency, this paper proposes the following ideas: We first introduce a meaningful security concept-differential privacy and propose a new padding method, differential privacy padding(DPP), which can reduce the storage load while ensuring the security. Then a Dynamic search update scheme called “MDSSE” is proposed in the multi-server mode. Through DPP apply to our scheme, volume, update and search pattern hiding are realized. The forward privacy and back privacy security are guaranteed at the same time. For the security proof of the scheme, we extend the definition of update history and propose a differential Update history DP-Update which is suitable for this scheme. Experimental results show that our scheme can resist leakage and abuse attacks, it also provides high storage and communication efficiency.
    Related Articles | Metrics
    SOTS: A Hash Function-Based Shorter Post-Quantum Digital Signature Scheme
    Wei Hongru Huang Jingyi
    Journal of Computer Research and Development    2021, 58 (10): 2300-2309.   DOI: 10.7544/issn1000-1239.2021.20210619
    Abstract563)   HTML9)    PDF (1109KB)(304)       Save
    In the post-quantum digital signature schemes, the Hash-based signature schemes are efficient and provably secure. However, one major drawback of Hash-based signature schemes is the large size of the key and the signature. In this study, based on existing digital signature schemes, a new One-Time Signature (OTS) scheme, which reduces both the number of the signatures and the size of each signature, has been proposed. Under the same post-quantum security level, the proposed scheme reduces the key and the signature sizes by 77% and 82.0% respectively as compared with the Winternitz OTS scheme. And it also reduces the key and the signature sizes by 60.7% and 60.5% respectively as compared with WOTS+. In terms of the signature size, compared with the NOTS, SDS-OTS and WOTS-S schemes proposed in the past two years, this proposed novel scheme has reduced by 17%, 24.5% and 48.1% respectively. Furthermore, this novel scheme is existentially unforgeable under the Chosen-Plaintext Attack (CPA) model. The security of this scheme is a security reduction of the onewayness of the underlying Hash function. Moreover, compared with WOTS+, the proposed signature scheme reduces the time of generating keys, creating signatures and verifying signatures by 71.4%, 47.7%, and 60.9% respectively.
    Related Articles | Metrics
    One-Time Chameleon Hash Function and Its Application in Redactable Blockchain
    Gao Wei, Chen Liqun, Tang Chunming, Zhang Guoyan, Li Fei
    Journal of Computer Research and Development    2021, 58 (10): 2310-2318.   DOI: 10.7544/issn1000-1239.2021.20210653
    Abstract837)   HTML13)    PDF (780KB)(440)       Save
    A new cryptographic primitive called a one-time chameleon Hash function is proposed for the first time. For this new primitive, two pre-images of the same Hash value (i.e. one collision) will not expose any trapdoor information, while three pre-images of the same Hash value (i.e. two collisions) will expose some trapdoor information, but it is enough to cause some serious security hazards. An efficient one-time chameleon Hash function scheme is constructed based on the classical RSA hard problem. Then its security is proved based on the RSA assumption in the random oracle model. By using this one-time chameleon Hash function scheme, a redactable blockchain scheme is further implemented efficiently, which only allows one redaction at most for each block, and any second redaction of the block will result in the penalty of the blockchain crash. Effective governance of blockchain is the key area of cyberspace security governance, and the redactable blockchain constitutes the most core technology of blockchain supervision and governance. The redactable blockchain scheme proposed in this paper has two characteristics of high efficiency and redacting restrictions compatible with the practical demand. So it is expected to provide a powerful technical method for blockchain supervision (especially for the post-governance of harmful data stored on the chain).
    Related Articles | Metrics
    Study of Wechat Sybil Detection
    Yang Zheng, Yin Qilei, Li Haoran, Miao Yuanli, Yuan Dong, Wang Qian, Shen Chao, Li Qi
    Journal of Computer Research and Development    2021, 58 (11): 2319-2332.   DOI: 10.7544/issn1000-1239.2021.20210461
    Abstract1163)   HTML354)    PDF (1653KB)(789)       Save
    Online social networks (OSNs) are efficient platforms for information dissemination and facilitate our daily life. The value of OSN accounts increases with the popularity of OSNs. In order to obtain profits illegally, attackers leverage OSNs to construct various attacks such as fraud and gambling. A number of solutions have been proposed to protect users’ security, which mainly focuses on detecting malicious accounts (or Sybils) by analyzing user behavior or the propagation of user relations. Unfortunately, it usually takes much time to collect enough data to perform malicious account detection. Attackers can perform different kinds of attacks during the data collection phase. To detect Sybils efficiently, we propose a new approach that leverages account registration attributes to detect Sybils. First, we analyze the existing detection methods in sybil detection. Then, we analyze the registration data of WeChat. We analyze and compare the distribution of Sybils and benign accounts in different registration attributes, and find that Sybils are prone to cluster with some registration attributes. According to these statistics, we extract two kinds of features from different attributes, i.e., synchronization-based features and anomaly-based features, and calculate the similarity of two accounts based on those features. The accounts that have high similarity are more likely to be malicious. Finally, we build a graph upon accounts having a high similarity to cluster malicious users. We calculate a malicious score for each user to infer whether it is a Sybil. We prototype our approach, and the experimental results with real WeChat show that our approach can achieve 96% precision and 60% recall.
    Related Articles | Metrics
    Multi-Mode Attack Detection and Evaluation of Abnormal States for Industrial Control Network
    Xu Lijuan, Wang Bailing, Yang Meihong, Zhao Dawei, Han Jideng
    Journal of Computer Research and Development    2021, 58 (11): 2333-2349.   DOI: 10.7544/issn1000-1239.2021.20210598
    Abstract443)   HTML9)    PDF (2714KB)(391)       Save
    The ultimate intentions of various attack strategies leads the control system to a critical states or dangerous states for industrial control network. As a consequence, the attack detection method based on abnormal device status exceeds any other methods in terms of reliability. Oriented to the difficulty of accurately determining the ending of attack, this paper established the attack strategies model and the abnormal status description model, and then constructed corresponding datasets under a variety of attack strategies, proposed time slice partitioning algorithm based on inflection point fusion and state feature clustering algorithm, finally constructed an anomaly detection scheme based on state transition probability graph. Experimental results indicate that this scheme can effectively detect a variety of attack strategies. In addition, the research on the quantitative evaluation of semantic attack impacting on system states is relatively weaker than any other attack pattern, such as data injection attack, denial of service attack, and man-in the middle attack. In response to the above phenomenon, with results of anomaly detection as the cornerstone, this paper proposed the scheme of quantitative evaluation of attack impact on system states, according to the fusion analysis of abnormal features and threat degree indicators, for the state changes of the system at different stages. This work has important theoretical valuation and practical significance for identifying attack intention.
    Related Articles | Metrics
    Stealthy Attack Towards Speaker Recognition Based on One-“Audio Pixel” Perturbation
    Shen Yijie, Li Liangcheng, Liu Ziwei, Liu Tiantian, Luo Hao, Shen Ting, Lin Feng, Ren Kui
    Journal of Computer Research and Development    2021, 58 (11): 2350-2363.   DOI: 10.7544/issn1000-1239.2021.20210632
    Abstract339)   HTML2)    PDF (1560KB)(267)       Save
    Attacks towards the speaker recognition system need to inject a long-time perturbation, so it is easy to be detected by machines or administrators. We propose a novel attack towards the speaker recognition based on one-“audio pixel”. Such attack uses the black-box characteristics and search mode of the differential evolution algorithm that does not rely on the model and the gradient information. It overcomes the problem in previous works that the disturbance duration cannot be constrained. Thus, our attack effectively spoofs the speaker recognition via one-“audio pixel” perturbation. In particular, we design a candidate point construction model based on the audio-point-disturbance tuple targeting time series of audio data. It solves the problem that candidate points of differential evolution algorithm are difficult to be described against our attack. The success rate of our attack achieves 100% targeting 60 people in LibriSpeech dataset. In addition, we also conduct abundant experiments to explore the impact of different conditions (e.g., gender, dataset and speaker recognition method) on the performance of our stealthy attack. The result of above experiments provides guidance for effective attacks. At the same time, we put forward ideas based on denoising, reconstruction algorithm and speech compression to defend against our stealthy attack, respectively.
    Related Articles | Metrics
    Federated Learning Backdoor Attack Scheme Based on Generative Adversarial Network
    Chen Dawei, Fu Anmin, Zhou Chunyi, Chen Zhenzhu
    Journal of Computer Research and Development    2021, 58 (11): 2364-2373.   DOI: 10.7544/issn1000-1239.2021.20210659
    Abstract857)   HTML16)    PDF (3164KB)(669)       Save
    Federated learning enables users to participate in collaborative model training while keeping their data in local, which ensures the privacy and security of users’ data. It has been widely used in smart finance, smart medical and other fields. However, federated learning shows inherent vulnerability to backdoor attacks, where the attacker implants the backdoor by uploading the model parameters. Once the global model recognizes the input with the trigger, it will misclassify the input as the label specified by the attacker. This paper proposes a new federated learning backdoor attack scheme, Bac_GAN. By combining generative adversarial network, triggers are implanted in clean samples in the form of watermarks, which reduces the discrepancy between trigger features and clean sample features, and enhance the imperceptibility of triggers. By scaling the backdoor model, the problem of offsetting the contribution of the backdoor during parameter aggregation is avoided, so that the backdoor model can converge in a short time, thus significantly increasing the attack success rate. In addition, we conduct experimental tests on the core elements of backdoor attacks, such as trigger generation, watermark coefficient and scaling coefficient, and give the best parameters that affect the performance of backdoor attack. Also, we validate the attack effectiveness of the Bac_GAN scheme on MNIST and CIFAR-10.
    Related Articles | Metrics