ISSN 1000-1239 CN 11-1777/TP

    null
    null
    null

    Default Latest Most Read
    Please wait a minute...
    For Selected: Toggle Thumbnails
    Journal of Computer Research and Development    2016, 53 (10): 2133-2136.  
    Abstract743)   HTML7)    PDF (874KB)(652)       Save
    Related Articles | Metrics
    Research Advances on Big Data Security and Privacy Preserving
    Cao Zhenfu, Dong Xiaolei, Zhou Jun, Shen Jiachen, Ning Jianting, Gong Junqing
    Journal of Computer Research and Development    2016, 53 (10): 2137-2151.   DOI: 10.7544/issn1000-1239.2016.20160684
    Abstract2980)   HTML34)    PDF (2684KB)(2697)       Save
    Nowadays, data security and privacy preserving have been definitely becoming one of the most crucial issues in the big data setting, where data encryption plays the most important role to achieve these goals. Therefore, to explore new data encryption techniques and new modes of big data processing has emerged as one of the most popular research topics all over the world. During the whole life cycle of data, the problems of computation, access control and data aggregation in the ciphertext domain (ciphertext computation, ciphertext access control and ciphertext data aggregation) are three critical issues in this research field. In this paper, we firstly review the state-of-the-art in the field of ciphertext computation, ciphertext access control and ciphertext data aggregation by identifying their inappropriateness. Based on it, a series of recent results in this research field are presented. In the aspect of ciphertext computation, a new method of designing efficient privacy preserving outsourced computation by reducing the usage times of public key encryption is proposed, with the implementation of a concrete construction which is realized by one time offline computation of any one-way trapdoor permutation without exploiting the technique of public key (fully) homomorphic encryption. In the aspect of ciphertext access control, a short ciphertext size traceable and revocable attribute-based encryption supporting flexible attributes is proposed. In the aspect of ciphertext data aggregation, an efficient privacy preserving data aggregation protocol with both input privacy and output privacy is devised without exploiting public key additive homomorphic encryption. Finally, we also suggest several interesting open research issues and the trend in the future.
    Related Articles | Metrics
    Secure Multiparty Computation in Cloud Computing
    Jiang Han, Xu Qiuliang
    Journal of Computer Research and Development    2016, 53 (10): 2152-2162.   DOI: 10.7544/issn1000-1239.2016.20160685
    Abstract2085)   HTML17)    PDF (1569KB)(1949)       Save
    The emergence and rapid development of cloud computing structurally change the computation models of secure multi-party computation. In cloud environment, the computation task, the participants and the external environment of secure multi-party computation are becoming diversified and complicated. Using huge cloud resources to design and implement the secure multi-party computation protocol becomes a new research area. Cloud computing provides the resources to implement secure multi-party computation protocols, meanwhile, it also brings new challenge. In this paper, a survey for generalmulti-party computation in cloud setting, as well as some specific cloud-based secure multi-party computation protocols are given. Also, our opinions of the problem in the current researches and the directions for future works on multi-party computation in cloud setting are proposed.
    Related Articles | Metrics
    Survey of HTML5 New Features Security
    Zhang Yuqing, Jia Yan, Lei Kenan, Lü Shaoqing, Yue Hongzhou
    Journal of Computer Research and Development    2016, 53 (10): 2163-2172.   DOI: 10.7544/issn1000-1239.2016.20160686
    Abstract1805)   HTML7)    PDF (1395KB)(945)       Save
    HTML5 is the latest standard of building Web applications. It introduces many new features to browsers, but also brings new security issues. The security of new features is the essence of HTML5 security. According to the differences in function, we analyze and summarize the security of new features including new label and form, communication, offline and storage, multimedia, performance, device access. The security problems and possible prevention methods are pointed out. Then we summarize existing researches, and classify HTML5 security problems into three categories: extending traditional threats, malicious use and improper use, to provide a new thought for the further study of HTML5 security. At last, four directions of the future work are pointed out: the security of new features, detection of malicious use, cross platform security and new security applications.
    Related Articles | Metrics
    Advances in Password Security
    Wang Ping, Wang Ding, Huang Xinyi
    Journal of Computer Research and Development    2016, 53 (10): 2173-2188.   DOI: 10.7544/issn1000-1239.2016.20160483
    Abstract2550)   HTML28)    PDF (4111KB)(2186)       Save
    Identity authentication is the first line of defense for information systems, and passwords are the most widely used authentication method. Though there are a number of issues in passwords regarding security and usability, and various alternative authentication methods have also been successively proposed, password-based authentication will remain the dominant method in the foreseeable future due to its simplicity, low cost and easiness to change. Thus, this topic has attracted extensive interests from worldwide researchers, and many important results have been revealed. This work begins with the introduction of users’ vulnerable behaviors and details the password characteristics, distribution and reuse rate. Next we summarize the primary cracking algorithms that have appeared in the past 30 years, and classify them into groups in terms of the difference in dependence on what information is exploited by the attacker. Then, we revisit the various statistical-based evaluation metrics for measuring the strength of password distributions. Further, we compare the state-of-the-art password strength meters. Finally, we summarize our results and outline some future research trends.
    Related Articles | Metrics
    Study of Botnets Trends
    Li Ke, Fang Binxing, Cui Xiang, Liu Qixu
    Journal of Computer Research and Development    2016, 53 (10): 2189-2206.   DOI: 10.7544/issn1000-1239.2016.20160419
    Abstract1952)   HTML23)    PDF (4302KB)(1453)       Save
    Botnets, as one of the most effective platforms to launch cyber-attacks, pose great threats to the security of today’s cyber-space. Despite the fact that remarkable progress had been made in the researches of botnets’ both attack and defense technologies in recent years, the forms and command and control mechanisms of botnets, however, as Internet applications are put into a wider variety of uses and communication technologies upgraded more rapidly than ever, are also undergoing constant changes, bringing new challenges to defenders. For this reason, an in-depth investigation of botnets’ working mechanisms and development is of great significance to deal with the threats posed by botnets. This paper, with the attack technologies of botnets as its main focus, gives an comprehensive introduction of the working mechanisms of botnets in terms of its definition, transmission, lifecycle, malicious behaviors and command and control channels, and divides the botnets’ development into two stages, namely, attacks to traditional PC and extensive attacks, with the technological features, behavioral characteristics, case studies and evolutionary patterns of each stage elaborated in a detailed manner. After a summary of existing work on the defense of botnets with the limitations of each approach discussed, possible future attempts are presented.
    Related Articles | Metrics
    Decentralized Attribute-Based Encryption Scheme with Constant-Size Ciphertexts
    Xiao Siyu, Ge Aijun, Ma Chuangui
    Journal of Computer Research and Development    2016, 53 (10): 2207-2215.   DOI: 10.7544/issn1000-1239.2016.20160459
    Abstract1061)   HTML1)    PDF (1360KB)(640)       Save
    Based on prime-order bilinear groups, we propose a decentralized multi-authority attribute-based encryption scheme which is proven to be secure in the standard model. Firstly, we construct an attribute-based encryption system with a central authority (CA) and multiple attribute authorities (AAs), where CA is responsible for generating a random value associated with each user’s unique global identifier (GID), and does not participate in any operation related to users’ attributes. Different users will get different random values, thus they cannot obtain any information beyond authority even through collusion. Every attribute authority is responsible for different attributes domain and they are independent of each other. It’s even not necessary to know the existence of each other in the system. In particular, there is no authority that can decrypt a ciphertext alone. Secondly, this scheme can be extended to a decentralized attribute-based encryption with multiple CAs setting, where every CA is also independent of each other, and each user can issue his private key from only one CA. Bringing it into practice under the Charm infrastructure, the results show that the decentralized attribute based encryption schemes are very efficient, whose ciphertexts are of constant size, i.e., regardless of the number of underlying attributes of access control policy or users.
    Related Articles | Metrics
    A Multi-Bit Fully Homomorphic Encryption with Better Key Size from LWE
    Chen Zhigang, Song Xinxia, Zhao Xiufeng
    Journal of Computer Research and Development    2016, 53 (10): 2216-2223.   DOI: 10.7544/issn1000-1239.2016.20160431
    Abstract840)   HTML3)    PDF (862KB)(502)       Save
    The efficiency of fully homomorphic encryption is a big question at present. To improve the efficiency of fully homomorphic encryption, we use the technique of packed ciphertexts to construct a multi-bit fully homomorphic encryption based on learning with errors (LWE) problem. Our scheme has a short public key. Since our fully homomorphic encryption scheme builds on the basic encryption scheme that chooses learning with errors samples from Gaussian distribution and add Gaussian error to it, which results in that the number of learning with errors samples decrease from 2n log q to n+1. We prove that our fully homomorphic encryption scheme is feasible and its security relies on the hardness of learning with errors problem. In addition, we adapt the optimization for the process of key switching from BGH13 and formal this new process of key switching for multi-bit fully homomorphic encryption. At last, we analyze the concert parameters and compare these parameters between our scheme and BGH13 scheme. The data show that our scheme has smaller public key by a factor of about log q than the one in BGH13 scheme.
    Related Articles | Metrics
    Multi-Point Joint Power Analysis Attack Against SM4
    Du Zhibo, Wu Zhen, Wang Min, Rao Jintao
    Journal of Computer Research and Development    2016, 53 (10): 2224-2229.   DOI: 10.7544/issn1000-1239.2016.20160420
    Abstract807)   HTML1)    PDF (1825KB)(447)       Save
    The current power analysis attack of SM4 belongs to the single point power analysis attack. The single point power analysis attack does not use all the information related with the key in the algorithm and the single power trace. There are two limitations with the single point power analysis attack: it needs more power traces when SM4 is attacked, and the information utilization rate of the attack is low. To solve the questions of the attack, a novel method of multi-point joint power analysis attack of SM4 is proposed in this paper. Multiple information leakage points related with the key are selected at the same time. Multi-point joint power leakage function is constructed by the intermediate variable of the information leakage points and the power leakage model. The key of SM4 is attacked out by the proposing attack. The experiments demonstrate the effectiveness of the proposed attack method, and comparing with the single point power analysis attack method, the proposed attack method can improve the attack success rate, reduce the number of the attack traces, and improve the energy efficiency of the attack. According to the characteristics of the proposed method, it can also be applied to the power analysis attacks of the other cryptographic algorithms.
    Related Articles | Metrics
    Verifier-Based Three-Party Password Authenticated Key Exchange Protocol
    Yang Xiaoyan, Hou Mengbo, Wei Xiaochao
    Journal of Computer Research and Development    2016, 53 (10): 2230-2238.   DOI: 10.7544/issn1000-1239.2016.20160463
    Abstract833)   HTML2)    PDF (1389KB)(448)       Save
    Three-party password authenticated key exchange (3PAKE) protocols enable two parties to establish a common session key where each party only shares one password with a trusted server. In the situation of large-scale peer-to-peer communication, a user in two-party PAKE protocols has to remember n passwords if the user has n communication parties. The main advantage of 3PAKE protocols is that each user needs only to store a single password when he wants to communicate any party in the peer-to-peer circumstance. However, the security of the existing 3PAKE protocols is generally provided in the random oracle model, and in these protocols, passwords are stored in cleartext on the server. Only a few of protocols are proven secure in the standard model and do not require a server’s public key. We generally assumed that servers are secure. But once the password file in the server is compromised, the damage will be huge. In this paper, we propose a verifier-based three-party password authenticated key exchange protocol constructed by smooth projective Hash functions(SPHFs). The protocol is proven secure in the standard model. Our protocol satisfies the secure properties such as resilient to server corruption, undetectable on-line dictionary attack and key privacy.
    Related Articles | Metrics
    An Efficient and Expressive Attribute-Based Encryption Scheme with Chosen Ciphertext Security
    Zhang Kai, Wei Lifei, Li Xiangxue, Chen Jie, Qian Haifeng
    Journal of Computer Research and Development    2016, 53 (10): 2239-2247.   DOI: 10.7544/issn1000-1239.2016.20160430
    Abstract838)   HTML1)    PDF (1093KB)(458)       Save
    Attribute-based encryption (ABE) is a promising version of public key encryption, since it enables fine-grained access control on the encrypted data. In a key-policy ABE (KP-ABE) scheme, every ciphertext is related to attributes set and each secret key is associated with an access structure. Therefore, the decryption overhead is usually proportional to the number of attributes used in decryption process in most existing KP-ABE schemes. Inspired by Hohenberger and Waters’ KP-ABE scheme with fast decryption, we propose a large universe KP-ABE with fast decryption supporting non-monotonic access structure, which is proven selective chosen attribute set secure and chosen plaintext secure in the random oracle model. Moreover, observing Lai et.al expressive KP-ABE with fast decryption and applying with Chameleon Hash technique used to give a direct chosen ciphertext secure KP-ABE construction, we also give a direct chosen plaintext secure KP-ABE construction in the random oracle model, which still achieves the following features: non-monotonic access structure, large-universe and fast decryption. Compared with the related work, both two expressive large universe KP-ABE schemes enjoy comparable time efficiency in decryption process.
    Related Articles | Metrics
    Security Analysis and Evaluation for the Usage of Settings Mechanism in Android
    Lu Yemian, Ying Lingyun, Su Purui, Feng Dengguo, Jing Erxia, Gu Yacong
    Journal of Computer Research and Development    2016, 53 (10): 2248-2261.   DOI: 10.7544/issn1000-1239.2016.20160449
    Abstract880)   HTML0)    PDF (2268KB)(670)       Save
    Offered by Android system, Settings is a mechanism used by applications to read and write some global settings of the device. Data stored in Settings can be read by all the applications on the same device. Some Android applications and third-party libraries carelessly put privacy data and important configuration information into Settings, which leads to serious security risks such as privacy leakage and configuration data leakage. In this paper, we make a comprehensive study of the issues mentioned above. By analyzing a large number of applications, we find the privacy data and configuration information leaked to Settings including IMEI, BSSID and location info, etc. We also successfully undertake some data hijacking attacks and DoS attacks for Android applications and third-party libraries, which confirms that the inappropriate use of Settings can really lead to serious security problems. Based on the above research, we propose SettingsHunter, a static detection tool for Settings issues. SettingsHunter detects privacy data and important configuration information put in Settings using taint analysis technology. In order to improve the efficiency, SettingsHunter separates the analysis of third-party libraries from the one of host applications. This separation also improves the analysis ability for third-party libraries. We use SettingsHunter to analysis 3477 applications and the result shows that 23.5% of the analyzed applications put privacy data or key configuration information into Settings, of which 90.7% is due to the using of third-party libraries. These applications and third-party libraries may suffer from privacy data leakage or configuration data pollution attacks.
    Related Articles | Metrics
    SQL Injection Prevention Based on Sensitive Characters
    Zhang Huilin, Ding Yu, Zhang Lihua, Duan Lei, Zhang Chao, Wei Tao, Li Guancheng, Han Xinhui
    Journal of Computer Research and Development    2016, 53 (10): 2262-2276.   DOI: 10.7544/issn1000-1239.2016.20160443
    Abstract1213)   HTML8)    PDF (2784KB)(738)       Save
    SQL injection attacks are prevalent Web threats. Researchers have proposed many taint analysis solutions to defeat this type of attacks, but few are efficient and practical to deploy. In this paper, we propose a practical and accurate SQL injection prevention method by tainting trusted sensitive characters into extended UTF-8 encodings. Unlike typical positive taint analysis solutions that taint all characters in hard-coded strings written by the developer, we only taint the trusted sensitive characters in these hard-coded strings. Furthermore, rather than modifying Web application interpreter to track taint information in extra memories, we encode the taint metadata into the bytes of trusted sensitive characters, by utilizing the characteristics of UTF-8 encoding. Lastly, we identify and escape untrusted sensitive characters in SQL statements to prevent SQL injection attacks, without parsing the SQL statements. A prototype called PHPGate is implemented as an extension on the PHP Zend engine. The evaluation results show that PHPGate can protect Web applications from real world SQL injection attacks and introduce a low performance overhead (less than 1.6%).
    Related Articles | Metrics
    A Code Reuse Attack Protection Technique Based on Code Anti-Leakage
    Wang Ye, Li Qingbao, Zeng Guangyu, Chen Zhifeng
    Journal of Computer Research and Development    2016, 53 (10): 2277-2287.   DOI: 10.7544/issn1000-1239.2016.20160423
    Abstract897)   HTML0)    PDF (2405KB)(603)       Save
    As the address space layout randomization (ASLR) is widely deployed on operating systems, traditional code reuse attacks are suppressed. New code reuse attacks analyze program memory layout through information leak to bypass ASLR, which causes a serious threat to the safety of programs. By analyzing the nature of traditional code reuse attacks and new code reuse attacks, we propose a code reuse attack protection technique VXnR based on code anti-leakage. In this method, we set Execute-no-Read (XnR) permission for the code pages of the target process so that code can be properly executed by the processor, but a read operation is controlled according to the content in the physical page to be accessed, which can prevent attackers from maliciously reading code pages of process to search gadgets by using the information disclosure vulnerability, and defense both traditional code reuse attacks and new code reuse attacks. We have developed a prototype of VXnR and implemented it in a virtual machine monitor Bitvisor. We also evaluate the effectiveness and performance overhead of our approach by comprehensive experiments. The experimental results show that VXnR can effectively prevent attackers from exploiting executable code of the target process to launch code reuse attacks with less than 52.1% overhead.
    Related Articles | Metrics
    VDNS: An Algorithm for Cross-Platform Vulnerability Searching in Binary Firmware
    Chang Qing, Liu Zhongjin, Wang Mengtao, Chen Yu, Shi Zhiqiang, Sun Limin
    Journal of Computer Research and Development    2016, 53 (10): 2288-2298.   DOI: 10.7544/issn1000-1239.2016.20160442
    Abstract1171)   HTML10)    PDF (2720KB)(714)       Save
    Nowadays, most IOT vendors use the similar code to compile firmware for devices based on various CPU architectures. However, the prior vulnerability searching methods are limited to the same platform, which can’t be directly extended to the cross-platform case, and the cross-platform studies have just started. In this paper, we propose an algorithm to search vulnerabilities of firmware in a cross-platform model based on neural network and local calling structure matching. Firstly we extract the selected compared features from the call graphs, the basic attributes and the control flow graphs of the two compared functions as the input of the neural network, and gain the calculated results. Then we match the call sub-graphs of the compared functions with the results of the previous step as weight to improve the accuracy. The experimental results on the open source code OpenSSL demonstrate our method has better performance than the prior cross-platform vulnerability searching method with the Top1 increasing from 32.1% to 76.49% in the searching pattern from ARM to MIPS. The searching ranks of the common five vulnerabilities in OpenSSL are all No.1 rank. Moreover, we search the common four vulnerabilities in the firmware of the 372 types of D-Link routers and the results show good performance too.
    Related Articles | Metrics
    Maldetect: An Android Malware Detection System Based on Abstraction of Dalvik Instructions
    Chen Tieming, Yang Yimin, Chen Bo
    Journal of Computer Research and Development    2016, 53 (10): 2299-2306.   DOI: 10.7544/issn1000-1239.2016.20160348
    Abstract1046)   HTML5)    PDF (1400KB)(647)       Save
    A novel static Android malware detection system Maldetect is proposed in this paper. At first, the Dalvik instructions decompiled from Android DEX files are simplified and abstracted into simpler symbolic sequences. N-Gram is then employed to extract the features from the simplified Dalvik instruction sequences, and the detection and classification model is finally built using machine learning algorithms. By comparing different classification algorithms and N-Gram sequences, 3-Gram sequences with the random forest algorithm is identified as an optimal solution for the malware detection and classification. The performance of our method is compared against the professional anti-virus tools using 4000 malware samples, and the results show that Maldetect is more effective for Android malware detection with high detection accuracy.
    Related Articles | Metrics
    A Novel Multiple Bits Reversible Data Hiding in Encrypted Domain Based on R-LWE
    Ke Yan, Zhang Minqing, Su Tingting
    Journal of Computer Research and Development    2016, 53 (10): 2307-2322.   DOI: 10.7544/issn1000-1239.2016.20160444
    Abstract1024)   HTML7)    PDF (7580KB)(633)       Save
    Reversible data hiding in encrypted domain is one kind of information hiding techniques which can both extract secret messages and decrypt the embedded ciphertext to restore the original cover vehicle losslessly, possessing privacy protection and data hiding dual function. It is a potential technique in signal processing and data management of the encrypted domain fields. This paper proposes a novel scheme of multiple bits reversible data hiding in encrypted domain based on R-LWE (ring-learning with errors). Multi-band data can be embedded by quantifying the encrypted domain and recoding in the redundancy of cipher text without degrading the hardness of R-LWE algorithm; the embedding recoding method is based on the data distribution during encryption, which maintains the robustness of R-LWE algorithm; By dividing the integer domain into the sub-regions and introducing different quantifying rules, the processes of extraction and decryption can be separated. By deducing the error probability of the scheme, parameters in the scheme which is directly related to the correctness of the scheme is mainly discussed, and reasonable ranges of the parameters are obtained by experiments. When analyzing the security, the probability distribution function of the embedded cipher text is deduced and the statistic features of cipher data are analyzed, which both prove the embedded data isn’t detective. Experimental results have demonstrated that the proposed scheme can not only keep fully reversibility of vehicle recovering and lossless extraction of secret message, but realize that one bit original data can load multiple-bit additional data in encrypted domain, achieving an embedding capacity of 0.2353 bit per every bit of the encrypted data.
    Related Articles | Metrics
    Anonymous Mutual Authentication and Key Agreement Protocol in Multi-Server Architecture for VANETs
    Xie Yong, Wu Libing, Zhang Yubo, Ye Luyao
    Journal of Computer Research and Development    2016, 53 (10): 2323-2333.   DOI: 10.7544/issn1000-1239.2016.20160428
    Abstract956)   HTML3)    PDF (1985KB)(616)       Save
    Vehicular ad hoc networks (VANETs) is a large network that runs according to a special communication protocol to achieve wireless communication and information exchange among vehicles and roadside infrastructures, pedestrian, Internet and so on. With the development of cloud computing, more and more cloud services for VANETs will emerge. However, the services are usually provided by different servers. Thus, vehicle users have to register different servers and remember a lot of usernames and passwords. Aimed to the goal that a user can do mutual authentication with all servers after hisher one-time registration, the multi-server architecture authentication protocols have been proposed and applied in many areas, but no one focuses on VANETs. The instantaneity of communication in VAENTs poses a new challenge on the multi-server architecture authentication protocol. The existing multi-server architecture authentication protocols use the complex bilinear pairing operations, which cannot meet the strict requirements of VANETs on authentication and communication costs. In this paper, a new efficient anonymous mutual authentication and key agreement protocol for the multi-server environment of VANETs is proposed. The proposed protocol decreases the complexity of protocol by using elliptic curve cryptosystem (ECC) to construct a simple authentication way, and provides the function of random anonymity to protect the privacy of vehicle. The security of the proposed protocol is proved in the random oracle model. Performance analysis shows that compared with the most recent mutual authentication protocols, our protocol decreases the computation and communication cost at least 61% and 62% in the mutual authentication and key agreement phase, and can better meet the computation and communication cost requirements of VANETs.
    Related Articles | Metrics
    Privacy-Preserving Public Auditing for Dynamic Group Based on Hierarchical Tree
    Huang Longxia, Zhang Gongxuan, Fu Anmin
    Journal of Computer Research and Development    2016, 53 (10): 2334-2342.   DOI: 10.7544/issn1000-1239.2016.20160429
    Abstract990)   HTML2)    PDF (1733KB)(574)       Save
    As the rapid development of cloud storage, it is important to protect the security of shared data in cloud. Therefore, it is necessary to protect users’ privacy and verify the integrity of data efficiently during the data sharing. As the existing schemes consider little about the management and secure distribution of key, based on hierarchy tree and proxy re-signature, a privacy-preserving public auditing scheme which supports dynamic group in cloud storage is supposed. The proposed scheme firstly uses logical hierarchy key tree to establish and distribute keys, and a key server is utilized to store keys. The revocation of user is independent from users’ obtaining new group secret key as each user only stores the leaf node key. When a user revokes, the valid user can obtain the new group secret key with their original keys. Therefore, the scheme is more efficient for dynamic group. The security analysis and performance analysis show that the scheme is secure and efficient.
    Related Articles | Metrics
    Privacy Preserving Data Publishing via Weighted Bayesian Networks
    Wang Liang, Wang Weiping, Meng Dan
    Journal of Computer Research and Development    2016, 53 (10): 2343-2353.   DOI: 10.7544/issn1000-1239.2016.20160465
    Abstract993)   HTML2)    PDF (2014KB)(500)       Save
    Privacy preserving in data publishing is a hot topic in the field of information security currently. How to effectively prevent the disclosure of sensitive information has become a major issue in enabling public access to the published dataset that contain personal information. As a newly developed notion of privacy preserving, differential privacy can provide strong security protection due to its greatest advantage of not making any specific assumptions on the attacker's background, and has been extensively studied. The existing approaches of differential privacy cannot fully and effectively solve the problem of releasing high-dimensional data. Although the PrivBayes can transform high-dimensional data to low-dimensional one, but cannot prevent attributes disclosure on certain conditions, and also has some limitations and shortcomings. In this paper, to solve these problems, we propose a new and powerful improved algorithm for data publishing called weighted PrivBayes. In this new algorithm, thorough both theoretical analysis and experiment evaluation, not only guarantee the security of the published dataset but also significantly improve the data accuracy and practical value than PrivBayes.
    Related Articles | Metrics