Loading...
ISSN 1000-1239 CN 11-1777/TP

Table of Content

01 October 2018, Volume 55 Issue 10
Research on Scalability of Blockchain Technology: Problems and Methods
Pan Chen, Liu Zhiqiang, Liu Zhen, Long Yu
2018, 55(10):  2099-2110.  doi:10.7544/issn1000-1239.2018.20180440
Asbtract ( 2316 )   HTML ( 47)   PDF (2158KB) ( 1406 )  
Related Articles | Metrics
As one of the key technologies of distributed ledgers, blockchain solves the trust problem in open network without relying on any trusted third party. Its decentralized feature makes it potential for a wide range of application scenarios. However, it still faces scalability problems. The bottleneck of blockchain scalability is mainly in two aspects: low efficiency and difficulty in functional extension. For instance, Bitcoin can only deal with 7 transactions per second averagely. Obviously, it cannot meet the requirement of current digital payment scenarios, nor can it be carried in other applications such as distributed storage and credit investigation service. On the other hand, the data or assets within different blockchains are difficult to interact with each other. This restricts the functional extension of blockchain system. In reality, there are a variety of blockchain systems which are specially devised for various functionalities or applications. Therefore, it is crucial to establish interaction channels among different blockchains to make them form the Internet of value. So far the research of blockchain scalability has attracted much attention from both academia and industry due to its importance. This paper introduces and analyzes the blockchain scalability related technologies from the aspects of improving efficiency and extending functionality of blockchain system, respectively. Firstly, we introduce three major schemes for performance enhancement of blockchain, including off-chain payment network, Bitcoin-NG and sharding mechanism; and four typical cross-chain approaches for blockchain functionality extension. Then we analyze the merits and demerits of each technology, based on which we give the challenges and suggestions for further research in blockchain scalability.
Survey of Smart Home Security
Wang Jice, Li Yilian, Jia Yan, Zhou Wei, Wang Yucheng, Wang He, Zhang Yuqing
2018, 55(10):  2111-2124.  doi:10.7544/issn1000-1239.2018.20180585
Asbtract ( 1785 )   HTML ( 58)   PDF (2535KB) ( 1013 )  
Related Articles | Metrics
With the development of the Internet of things technology, smart home industry has become increasingly prosperous, and its security issues have attracted the attention of more and more researchers. Currently, the related research on smart home security is still in initial stage. This paper first reviews the development history and current status of smart home, and summarizes the architecture of current smart home system. In terms of security, we analyze and summarize the domestic and foreign literatures in recent years, and divide security issues into three aspects: platform security, device security and communication security. Platform security research mainly focuses on designing secure authentication and access control scheme, as well as discovering security issues in new scenarios such as smart home trigger-action and smart speakers; device security research mainly includes device firmware vulnerability discovery and side channel analysis; communication security research mainly includes protocol vulnerability discovery and network traffic analysis. Through in-depth analysis of the shortcomings of existing research work, the challenges and opportunities faced by smart home security are summarized. Finally, based on the current research status of smart home security, we point out four future research directions.
An Efficient and Secure Three-Party Wildcard Pattern Matching Protocol
Wei Xiaochao, Zheng Zhihua, Wang Hao
2018, 55(10):  2125-2133.  doi:10.7544/issn1000-1239.2018.20180418
Asbtract ( 791 )   HTML ( 7)   PDF (1309KB) ( 287 )  
Related Articles | Metrics
Secure multiparty computation is an important technique used to achieve distributed security, which mainly considers the cooperative computing between many distinct participants meanwhile guaranteeing the privacy of the input information. Pattern matching has wide application in information retrieval, bioengineering and facial recognition. How to protect the privacy of the retrieval pattern and result when achieving the matching function has attracted more and more attention of the researchers. As a variant of pattern matching, wildcard pattern matching enables the existence of wildcard in the retrieval pattern, such that batch retrieval can be achieved for information with same characteristics. Traditional secure wildcard pattern matching involves only two parties, which are database and user. However, in view of the development of data sharing technique, the above model cannot describe many new application scenarios. In this paper, we firstly research secure three-party wildcard pattern matching for some specific applications. At first, we propose a formal description of a concrete secure three-party wildcard pattern matching functionality and analyze its function. Then, we construct a protocol using secret sharing and outsourced oblivious transfer (OOT) in semi-honest model. Using oblivious transfer extension technique, our protocol requires only 3 rounds, and the computation and communication complexity is respectively O(k) and O(nm), where n and m are the lengths of the data providers, and k is the basic number of OT extension which is much less than nm.
Verifiable Secure Data Deduplication Based on User-Defined Security Requirements
Liu Hongyan, Xian Hequn, Lu Xiuqing, Hou Ruitao, Gao Yuan
2018, 55(10):  2134-2148.  doi:10.7544/issn1000-1239.2018.20180441
Asbtract ( 721 )   HTML ( 0)   PDF (4384KB) ( 376 )  
Related Articles | Metrics
With the increasing of cloud storage users, data deduplication technology is widely applied in cloud computing environment. One of the key issues in cloud computing security is to effectively protect data privacy while implementing efficient deduplication and achieving secure multi-party computation among the clients. Cloud users’ control over the deduplication process is considered for the first time. By introducing the user attribute-based security requirement mechanism, a novel data deduplication scheme in cloud storage is proposed, which doesn’t require any online trusted third party. It achieves users’ control over data sharing and fully protects data privacy. Based on bilinear mapping, data tags are constructed to keep track of the data without leaking any exploitable information. The combination of file-level and block-level deduplication is applied to obtain better efficiency with fine data granularity. The ownership proving method is designed based on multi-party computation principles and bloom filter, which ensures only authorized users can access the data. It can prevent malicious users from conducting eavesdropping attack. The data encryption key is protected via broadcast encryption, which secures the data deduplication process. The correctness and security of the proposed scheme are analyzed and proved. Simulation results show that the scheme is secure and effective.
Multiple-Keyword Encrypted Search with Relevance Ranking on Dual-Server Model
Li Yuxi, Zhou Fucai, Xu Jian, Xu Zifeng
2018, 55(10):  2149-2163.  doi:10.7544/issn1000-1239.2018.20180433
Asbtract ( 524 )   HTML ( 4)   PDF (2920KB) ( 330 )  
Related Articles | Metrics
Focusing on the problem of confidentiality and availability of user data in cloud storage environment, we study the encrypted search method with multi-keyword. Aiming at the practical demand, we propose a multi-keyword encrypted search scheme with relevance ranking (MES-RR) in dual-server model, which can not only achieve secure multi-keyword encrypted search, but also ensure efficient search result sorting. We construct a relevance-based keyword index with the tools of TF-IDF weighting scheme and Paillier homomorphic cryptosystems, which not only obtains optimize computational complexity but also reduces storage complexity. We design a dual-server model architecture to perform the collaborated mechanism. Based on that, we design a secure sorting protocol between the two collaborated servers to sort the encrypted search results, which outputs private ranking result to user. In terms of security, we design the security model of MES-RR under honest but curious threat scenario, and give formal security analysis. The result shows that MES-RR can resist adaptive chosen keyword attacks under the random oracle model (IND-CKA2). The performance analysis shows that compared with the previous multi-keyword encrypted search scheme that supports result sorting, MES-RR reduces the storage cost and interactions, and is applicable to the cloud storage environment in the real world.
Identity-Based Threshold Decryption Scheme from Lattices under the Standard Model
Wu Liqiang, Yang Xiaoyuan, Zhang Minqing
2018, 55(10):  2164-2173.  doi:10.7544/issn1000-1239.2018.20180446
Asbtract ( 467 )   HTML ( 2)   PDF (1162KB) ( 269 )  
Related Articles | Metrics
The identity-based threshold decryption (IBTD) system combines the secret sharing method with the identity-based encryption mechanism. In a (t, N) IBTD system, N decryption servers share the private key corresponding to a user’s identity. When to decrypt, at least t servers are required to participate in and calculate their corresponding decryption shares. However, less than t or fewer servers are unable to obtain any information about the plaintext. At present, the existing IBTD schemes from lattices are constructed under the random model, and the main method is to divide the private key statistically close to a Gauss distribution directly. This paper constructs a non-interactive IBTD scheme. A public vector is split using the Lagrange secret partition method, and each decryption server obtains its respective characteristic vector. Each private key share is obtained by sampling the pre-image of the characteristic vectors through the private trapdoor function for each decryption server. The user’s complete private key is effectively hidden and the security of the scheme is improved. The difficulty of the discrete logarithm problem is used to realize the verifiability of decryption share. The correctness of the decryption share is guaranteed by the homomorphism of the operations between the common vector and the private key shares. The IND-sID-CPA security for the proposed scheme is proved based on the decisional learning with errors (LWE) hardness assumption under the standard model.
Ciphertext-Only Fault Analysis of the LBlock Lightweight Cipher
Li Wei, Wu Yixin, Gu Dawu, Cao Shan, Liao Linfeng, Sun Li, Liu Ya, Liu Zhiqiang
2018, 55(10):  2174-2184.  doi:10.7544/issn1000-1239.2018.20180437
Asbtract ( 610 )   HTML ( 1)   PDF (2495KB) ( 309 )  
Related Articles | Metrics
The lightweight cipher LBlock was proposed at ANCS in 2011. It has the structure of Feistel and is widely applied in the security of Internet of things (IoT). In this paper, a cipher-text fault analysis for LBlock cipher by injecting faults is proposed, and it is analyzed by 6 distinguishers in the last but 3 rounds. On the basis of original distinguishers as SEI, GF, GF-SEI, MLE, we propose GF-MLE and MLE-SEI distinguishers as new distinguishers. The simulation experiments show that the secret key can be recovered with over 99% success probability in a short period of time, and these two new distinguishers can not only improve the attacking efficiency, but also decrease the number of faults. This shows that the ciphertext-only fault analysis poses a great threat to the security of LBlock cipher.
Full Anonymous Blockchain Based on Aggregate Signature and Confidential Transaction
Wang Ziyu, Liu Jianwei, Zhang Zongyang, Yu Hui
2018, 55(10):  2185-2198.  doi:10.7544/issn1000-1239.2018.20180430
Asbtract ( 1481 )   HTML ( 23)   PDF (3342KB) ( 793 )  
Related Articles | Metrics
The public ledger of Bitcoin blockchain system offers ownership proof for distributed users by revealing all transaction details from coinbase transaction to unspent transaction output. However, an adversary could deanonymize user identities by transaction graph analysis and obtain transaction amount which reveals users’ privacy. This paper resolves this problem and uses both mixing and confidential transaction technique to achieve a full anonymous blockchain system by a one-way aggregate signature scheme and a homomorphic encryption scheme. It protects user identities and transaction amount to achieve full anonymity. The one-way aggregate signature scheme compresses all individual signatures to an aggregated one without additional storage space, which could neutralize the storage overhead caused by confidential transaction to a certain extent. The homomorphic encryption scheme encrypts the plaintext transaction amount to the Pedersen-style ciphertext, which is validated without decryption. In addition, miners in our system would become entities for verifying, mixing and packing all transactions in blocks. Four-step validation mechanism is also designed to prevent transaction makers from cheating. Finally, we evaluate our system with related work from the aspect of privacy protection, in which our storage overhead is acceptable with full anonymity.
Blockchain-Based Verification Scheme for Deletion Operation in Cloud
Liu Yining, Zhou Yuanjian, Lan Rushi, Tang Chunming
2018, 55(10):  2199-2207.  doi:10.7544/issn1000-1239.2018.20180436
Asbtract ( 1039 )   HTML ( 12)   PDF (1811KB) ( 607 )  
Related Articles | Metrics
Nowadays, more and more users upload their data to the cloud server, since the cloud can provide the service for users any time and at any place. Therefore, the cloud service facilitates the data usability and reduces the cost. However, the information leakage accidents have been reported frequently over the world, that is to say the cloud server is not fully trusted, and the security issue in cloud service must be paid enough attention. For example, illegal user may want to access the cloud server, and perhaps the cloud server does not delete the data according the user’s requirement. In order to address these concerns, a verification scheme for deletion operation in cloud is presented using block-chain technology, which can make the deletion operation more transparent. In our scheme, the user calls the smart contract to prove his identity to the cloud server, and creates the request transaction for data deletion; then the cloud server deletes the data and generates a block chain with the evidence (evidence chain). Even if the cloud server is dishonest, the user can still verify the data deletion result. Moreover, the proposed scheme is analyzed to really achieve the public verification of data without the third-party trusted organization, the impersonation attacks resistance, and the eavesdropping attacks resistance, etc.
Improvement of the PoS Consensus Mechanism in Blockchain Based on Shapley Value
Liu Yiran, Ke Junming, Jiang Han, Song Xiangfu
2018, 55(10):  2208-2218.  doi:10.7544/issn1000-1239.2018.20180439
Asbtract ( 966 )   HTML ( 12)   PDF (1804KB) ( 592 )  
Related Articles | Metrics
Blockchain has attracted much attention for its decentralization, tamper-proof, easy to verify and other notable advantages. But for the blockchain, its most fundamental attribute is decentralization. This requires a good consensus mechanism to be established. At present, the common consensus mechanisms include the proof-of-work (PoW) consensus mechanism, the proof-of-stake (PoS) consensus mechanism, the proof-of-activity (PoA) consensus mechanism, and so on. However, these consensus mechanisms didn’t give a specific scheme for the reward distribution of participating nodes. Based on the principle of calculating Shapley value in Game Theory, this paper improves the distribution of reward in the mechanism of the PoS consensus mechanism, makes the reward distribution of the nodes participated in the generated block in the PoS mechanism more fair and reasonable, and it can also reverse the social stratification in the blockchain, thus greatly improving the possibility of the new small node gaining the benefit. In addtion, we apply the same ideas in the Ouroboros protocol to improve its revenue distribution algorithm so that it satisfies survivability and durability.
A Regulatable Digital Currency Model Based on Blockchain
Zhang Jianyi, Wang Zhiqiang, Xu Zhili, Ouyang Yafei, Yang Tao
2018, 55(10):  2219-2232.  doi:10.7544/issn1000-1239.2018.20180426
Asbtract ( 1710 )   HTML ( 22)   PDF (3824KB) ( 721 )  
Related Articles | Metrics
The digital currency, represented by Bitcoin, was designed to be a decentralized system. And this property makes the regulation more difficult. However, the research of designing a regulatable digital currency is very limited. In this paper, we introduce a new digital currency model based on two chains scheme, public blockchain and consortium blockchain. As the core participant, the consortium blockchain collects and confirms every transaction, determines the status of the system, and stores the complete transaction records. The users’ private information is guaranteed by the secret sharing in the consortium blockchain and also can be decrypted by the voting committee. Based on the characteristics and requirements of the consortium blockchain, we also introduce an agreement protocol based on the Credit Practical Byzantine Fault Tolerance and use the simplified agreement protocol to offer high throughput for our model and flexibility of the system. With the view-change and checkpoint protocol, we can dynamically adjust the nodes’ status and authority. Extensive analysis and experimental results indicate that our proposed method is both efficient and secure. We believe that this is the first work that has the capacity of the tamper-resistant, traceability, decentralize and regulation.
Privacy-Preserving Scheme of Electronic Health Records Based on Blockchain and Homomorphic Encryption
Xu Wenyu, Wu Lei, Yan Yunxue
2018, 55(10):  2233-2243.  doi:10.7544/issn1000-1239.2018.20180438
Asbtract ( 1654 )   HTML ( 43)   PDF (1970KB) ( 1071 )  
Related Articles | Metrics
The privacy protection of electronic health records (EHR) has become an issue which attracts more and more attention in public. Blockchain is a technology that has emerged with the spread of digital cryptocurrency such as Bitcoin and has features of “decentralization” and “unmodifiable”. Existing electronic health record management systems ignore the security problems of patients’ interaction with other roles while focusing on protecting the user’s privacy data, especially there is no such an appropriate solution to problem nowadays that insurance can view patients’ sensitive data and invade privacy. This paper proposes a scheme based on blockchain for solving the above three problems. In combination with homomorphic encryption and smart contract technology based on Ethereum, we implement the feature that the insurance company can judge whether to handle the claim requests, although it has no way to obtain the plaintext of EHR and the ID. So there is no sensitive data of the patient which will be leaked to unauthorized users during interaction, thus the privacy protection of users’ data is strengthened. This thesis focuses on analyzing the interaction process of different roles under different application requirements based on the premise of patients’ privacy and carries out security analysis and performance evaluation.
Regional Cooperative Authentication Protocol for LEO Satellite Networks Based on Consensus Mechanism
Wei Songjie, Li Shuai, Mo Bing, Wang Jiahe
2018, 55(10):  2244-2255.  doi:10.7544/issn1000-1239.2018.20180431
Asbtract ( 555 )   HTML ( 7)   PDF (4667KB) ( 293 )  
Related Articles | Metrics
Authentication is an important point of satellite network security. On the premise of security, it is one of the research hot spots that how to design efficient authentication scheme according to the ability of satellite network. Nowadays, researches about authentication scheme of LEO satellite network mainly focus on reducing the calculation consumption with low cost computation, like Hash operation, while ignoring the features of LEO satellite network like dynamic topology and frequent link switch etc. On the other hand, the consensus mechanism of blockchain is drawing more and more attention. Through the consensus mechanism, internal nodes of network reach a consensus and confirm the synchronization of transactions among the whole network. Based on these, a regional cooperative authentication protocol is proposed, which makes LEO network dynamic topology abstract with regional division and implements efficient handover authentication by consensus among satellites. Additionally, the proposed protocol reaches the fast switch by combining the method of distributed Hash table and Hash lock, which are light in computation and can avoid the defect that each authentication with normal authentication way is a brand new authentication phase. For the security and performance, a contrastive analysis to relevant researches in these years is made. At last, the protocol is simulated with a LEO network scenario similar to Iridium system upon OPNET network stimulation platform. And the results of simulation show that the performance of the protocol is obviously superior to existing authentication protocols in satellite network.
Formal Modeling and Factor Analysis for Vulnerability Propagation Oriented to SDN
Wang Jian, Zhao Guosheng, Zhao Zhongnan, Li Ke
2018, 55(10):  2256-2268.  doi:10.7544/issn1000-1239.2018.20180447
Asbtract ( 476 )   HTML ( 0)   PDF (5033KB) ( 253 )  
Related Articles | Metrics
Software defined network (SDN) is one of the most popular network technologies nowadays. SDN decouples the traditional control plane from the forwarding plane, resulting in many new security and management issues while performing centralized control. Meanwhile, the types of vulnerabilities are diverse in each layer and north-south trending interfaces of SDN, and the spread trend is quite different. Aiming at the effect of vulnerability propagation in/between layers of SDN as well as its suppression strategy, a formal model of vulnerability propagation for SDN based on Bio-PEPA is proposed in this paper. First of all, the basic syntax of Bio-PEPA is discussed, and its applicability to SDN with obvious hierarchical structure and the vulnerability propagation process with dynamic characteristic is illustrated. Then, the vulnerabilities existing in each layer of SDN are explored and modeled in terms of layers. Besides, by constructing a formal model for the process of vulnerability propagation in/between layers of SDN, the mechanism of vulnerability propagation is analyzed in two levels, horizontal (in layers) and vertical (between layers). In this way, the vulnerability propagation of SDN can be better suppressed. Finally, the simulation results show that the vulnerability propagation of SDN can be effectively retained by reducing the connection conversion rate, improving the detection conversion rate and repairing conversion rate. Our works provide a reference for the law of vulnerability propagation of SDN, so as to improve the security of SDN.
Reverse-Analysis of S-Box for GIFT-Like Algorithms Based on Independent Component Analysis Technology
Ma Xiangliang, Li Bing, Xi Wei, Chen Hua, Chen Caisen
2018, 55(10):  2269-2277.  doi:10.7544/issn1000-1239.2018.20180427
Asbtract ( 508 )   HTML ( 1)   PDF (3337KB) ( 234 )  
Related Articles | Metrics
In the security evaluation of practical crypto system or module, the reverse analysis of unknown cryptographic algorithm is an important evaluation content. At present, the reverse analysis methods of cryptographic algorithms mainly contain mathematical analysis and physical bypass analysis, among which the latter is more popular due to its low cost and high universality. The side-channel analysis technology based on independent component analysis technology recovers the intermediate state value directly, bypassing the limitation of the “guess-and-determine” attack idea in the traditional side-channel analysis. This paper studies the safety of GIFT-like algorithm under the reverse analysis. We successfully recovered the content of the S-box by independent component analysis (ICA) technology, taking advantage of the characteristics of GIFT algorithm structure and taking the inputs of P permutation as observation conditions. The result of this paper is one of the reverse analysis results of the GIFT-like algorithm, and the method is also of reference significance to the reverse analysis of other unknown algorithms.
A Memory Forensic Method Based on Hidden Event Trigger Mechanism
Cui Chaoyuan, Li Yonggang, Wu Yun, Wang Licheng
2018, 55(10):  2278-2290.  doi:10.7544/issn1000-1239.2018.20180405
Asbtract ( 485 )   HTML ( 1)   PDF (6101KB) ( 313 )  
Related Articles | Metrics
As an important branch of computer forensics, memory forensics can extract and alalyze digital evidence of OS running status, and has become a powerful weapon against cybercrimes. Most of the existed memory forensics approaches obtain memory data completely, and thus contain a large amount of redundant information, which brings inconvenience to subsequent memory analysis. In addition, there is blindness in the selection of forensic time points, especially for malware with hidden characteristics, so it cannot accurately perform real-time forensics when an attack occurs. Because of the volatile and unrecoverable nature of memory, the mismatch between the forensic time point and the attack process will make the forensic content unable to characterize the attack behavior, resulting in invalid forensic data. This study proposes ForenHD, a memory forensics approach based on hidden event trigger mechanism. ForenHD monitors the kernel objects in the target virtual machine in real time by leveraging virtualization technology. It firstly determines hidden objects by analyzing the logical connection and running status of kernel objects, and then uses the discovered hidden objects as the triggering event of memory forensics. Finally ForenHD extracts the code segment information of the hidden object through memory mapping. As a result, real-time and partial memory forensics can be achieved. Experiments on multiple hidden object forensics show ForenHDs feasibility and effectiveness.
Research Progress of Recommendation Technology in Location-Based Social Networks
Jiao Xu, Xiao Yingyuan, Zheng Wenguang, Zhu Ke
2018, 55(10):  2291-2306.  doi:10.7544/issn1000-1239.2018.20170489
Asbtract ( 680 )   HTML ( 1)   PDF (4687KB) ( 556 )  
Related Articles | Metrics
The rapid development of mobile Internet technology, positioning technology and wireless sensor technology has endowed the smart terminal more powerful features and applications. Location-based social networks (LBSNs) and its services have emerged and advanced rapidly. Location data both bridges the gap between the physical and digital worlds and enables deeper understanding of user preferences and behaviors. The location-based and personalized recommendation service in accordance with users’ interests has become dramatically vital in location-based social networks and has widely received attention in both academia and industry. Currently, it is becoming a new research hotspot in the field of recommendation system and social networks. In this paper, we aim at offering a literature review of the former contributions on this program and exploring the relations within the former achievements. We firstly discuss the new properties and challenges that location brings to recommendation systems for LBSNs. Then, we systematically introduce the location-based social network recommendation service from three aspects: the objective, methodology and the major methods for evaluating. We classify recommendation objectives into four categories: location recommendations, friend & companion recommendations, local expert discovery and activity recommendations. According to the use of data set types, location recommendations and friend & companion recommendations are classified. Finally, we point out the possible research directions of this area in the future and arrive at the conclusion of this survey.
Personalized Investment Recommendation in P2P Lending Considering Friend Relationships and Expected Utilities of Investors
Wan Changxuan, You Yun, Jiang Tengjiao, Liu Xiping, Liao Guoqiong, Liu Dexi
2018, 55(10):  2307-2320.  doi:10.7544/issn1000-1239.2018.20170632
Asbtract ( 621 )   HTML ( 2)   PDF (4574KB) ( 313 )  
Related Articles | Metrics
With the rapid development of Internet technology, online P2P lending market investment recommendation has become an important research direction in the field of online finance. For potential investors in P2P lending market, there are two key issues which need to be solved. One is how to choose the right investment projects considering their investment needs and preferences, the other is how to reasonably allocate their investment amount to these projects. Previous studies on these two questions mainly focused on default risk prediction of lending projects, global optimal product recommendation and portfolio optimization. With further research, limitations of recommendation model which was designed based on historical transaction data and utility indifference of investors have become increasingly prominent. It does not meet the investment decision needs of investors with different risk preferences. In view of this, firstly, based on the historical data of Prosper platform, this paper establishes the P2P relationship network model and calculates the concept features of the lending projects and investors separately, and then obtains the corresponding conceptual model. Secondly, we build friend network model to capture the mutual influence of investment behavior among investors, excavate investment behavior influence factor and take it as indicator variables of investment interest prediction, then generate a candidate investment recommendation list. Thirdly, in order to optimize the shares of each recommended candidate, individualized portfolio recommended framework is constructed based on expected utility theory considering the influence of risk preference difference on investment demand of investors. Finally, the recommendation results of our model are compared with other benchmark models to comprehensively evaluate its recommend effect. We implement experiments on real datasets of Prosper platform, experimental results demonstrate that our method has better recommendation quality than traditional investment recommendation method.
A Feature Selection Method for Small Samples
Xu Hang, Zhang Kai, Wang Wenjian
2018, 55(10):  2321-2330.  doi:10.7544/issn1000-1239.2018.20170748
Asbtract ( 1136 )   HTML ( 15)   PDF (1796KB) ( 560 )  
Related Articles | Metrics
For small samples, the common machine learning algorithms may not obtain good results as the feature dimension of small samples is often larger than the number of samples and some irrelevant or redundant features are often existed. It is an effective way to solve this problem by reducing the feature dimension through feature selection. This paper proposes a filter feature selection method based on mutual information for the small samples. First, the criterion of feature grouping based on the mutual information is defined. Both the correlations between features and the class and the redundancy among different features are considered in this criterion, according to which the features are grouped. Then those features that have maximal correlation with the class in each group will be chosen to compose a candidate feature subset. Meanwhile, it is ensured that the time complexity of this algorithm is low. After that, the feature selection method based on feature grouping is combined with Boruta algorithm to determine the optimal feature subset automatically from the candidate feature subset. In this way, the feature dimension can be reduced greatly. Compared with the five classical feature selection algorithms, experimental results on benchmark data sets demonstrate that the feature subset selected by the proposed method has better classification performance and running efficiency on three kinds of classifiers.
Variable Dependent Relation Analysis in Program State Condition Merging
Guo Xi, Wang Pan
2018, 55(10):  2331-2342.  doi:10.7544/issn1000-1239.2018.20170545
Asbtract ( 423 )   HTML ( 0)   PDF (2515KB) ( 308 )  
Related Articles | Metrics
The main purpose of program analysis is researching the properties of programs. Symbolic execution, which is the current popular analysis method, plays an important role in the aspects of generating efficient test cases, improving the path coverage ratio and so on. The key processes are extracting the path constraint and constraint solving. The current analysis methods have the shortcomings with low efficient of constraint solving, which results to low path coverage ratio. Due to different search strategies used by symbolic execution engine, the process of state merging may exist during symbolic execution, which may result to incorrect path information. This paper aims at improving the efficiency of path analysis, and a high efficient program analysis method is proposed. The shape of conventional symbolic execution tree is improved, and extracting the symbolic expression and path constraints in different paths to improve the efficiency of state merging; and then we use the potential relation analysis to generate the dependent relation set in backward analysis. The algorithm of dependent relation reorder is proposed to improve the path coverage ratio. Experimental results demonstrate that our method can improve the efficiency of state merging and improve the accuracy of path constraint analysis compared with conventional methods of state merging and symbolic execution.