检索结果-南通市图书馆

Detecting compromised email accounts via login behavior characterization

同方期刊数据库评论

在线全文

同方期刊数据库

学校读者我要写书评

暂无评论

cybersecurity 2024年第1期7卷 16-36页

作者： Jianjun Zhao Can Yang Di Wu Yaqin Cao Yuling Liu Xiang Cui Qixu Liu Institute of information Engineering Chinese Academy of SciencesBeijing100085China School of Cyber security University of Chinese Academy of SciencesBeijing100049China China cybersecurity Review Technology and Certification Center Beijing100013China Zhongguancun Laboratory Beijing100089China

The illegal use of compromised email accounts by adversaries can have severe consequences for enterprises and society.Detecting compromised email accounts is more challenging than in the social network field,where email accounts have only a few interaction events(sending and receiving).To address the issue of insufficient features,we propose a novel approach to detecting compromised accounts by combining time zone differences and alternate logins to identify abnormal behavior.Based on this approach,we propose a compromised email account detection framework that relies on widely available and less sensitive login logs and does not require labels.Our framework characterizes login behaviors to identify logins that do not belong to the account owner and outputs a list of account-subnet pairs ranked by their likelihood of having abnormal login relationships.This approach reduces the number of account-subnet pairs that need to be investigated and provides a reference for investigation priority.Our evaluation demonstrates that our method can detect most email accounts that have been accessed by disclosed malicious IP addresses and outperforms similar research.Additionally,our framework has the capability to uncover undisclosed malicious IP addresses.

关键词： Compromised account detection Mixture model Login log analysis Attribution and forensic

DLP:towards active defense against backdoor attacks with decoupled learning process

在线全文

维普期刊数据库

学校读者我要写书评

暂无评论

cybersecurity 2024年第1期7卷 122-134页

作者： Zonghao Ying Bin Wu State Key Laboratory of information security Institute of Information EngineeringChinese Academy of SciencesBeijingChina School of Cyber security University of Chinese Academy of SciencesBeijingChina

Deep learning models are well known to be susceptible to backdoor attack,where the attacker only needs to provide a tampered dataset on which the triggers are injected.Models trained on the dataset will passively implant the backdoor,and triggers on the input can mislead the models during testing.Our study shows that the model shows different learning behaviors in clean and poisoned subsets during training.Based on this observation,we propose a general training pipeline to defend against backdoor attacks actively.Benign models can be trained from the unreli-able dataset by decoupling the learning process into three stages,i.e.,supervised learning,active unlearning,and active semi-supervised fine-tuning.The effectiveness of our approach has been shown in numerous experiments across various backdoor attacks and datasets.

关键词： Deep learning Backdoor attack Active defense

Lightweight Res-Connection Multi-Branch Network for Highly Accurate Crowd Counting and Localization

在线全文

维普期刊数据库

学校读者我要写书评

暂无评论

Computers, Materials & Continua 2024年第5期79卷 2105-2122页

作者： Mingze Li Diwen Zheng Shuhua Lu College of information and Cyber security People’s Public Security University of ChinaBeijing102600China

Crowd counting is a promising hotspot of computer vision involving crowd intelligence analysis,achieving tremendous success recently with the development of deep learning.However,there have been stillmany challenges including crowd multi-scale variations and high network complexity,etc.To tackle these issues,a lightweight Resconnection multi-branch network(LRMBNet)for highly accurate crowd counting and localization is proposed.Specifically,using improved ShuffleNet V2 as the backbone,a lightweight shallow extractor has been designed by employing the channel compression mechanism to reduce enormously the number of network parameters.A light multi-branch structure with different expansion rate convolutions is demonstrated to extract multi-scale features and enlarged receptive fields,where the information transmission and fusion of diverse scale features is enhanced via residual concatenation.In addition,a compound loss function is introduced for training themethod to improve global context information correlation.The proposed method is evaluated on the SHHA,SHHB,UCF-QNRF and UCF_CC_50 public datasets.The accuracy is better than those of many advanced approaches,while the number of parameters is smaller.The experimental results show that the proposed method achieves a good tradeoff between the complexity and accuracy of crowd counting,indicating a lightweight and high-precision method for crowd counting.

关键词： Crowd counting Res-connection multi-branch compound loss function

Modulated symbol-based one-time pad secure transmission scheme using physical layer keys

在线全文

维普期刊数据库

学校读者我要写书评

暂无评论

Science China(information Sciences) 2024年第1期67卷 221-239页

作者： Xiaoyan HU Zheng WAN Kaizhi HUANG Liang JIN Mengyao YAN Yajun CHEN Jinmei YANG information Engineering University Purple Mountain Laboratories for Network and Communication security

This paper proposes a novel modulated symbols-based one-time pad(SOTP) secure transmission scheme using physical layer keys.Unlike classical physical layer key generation and exclusive OR(XOR)encryption in the discrete binary space,we design a framework for modulated symbols-based one-time pad(OTP) encryption,where the cryptographic primitive and mathematical model of SOTP is given to build a practical cryptographic protocol.Compared with existing physical layer encryption(PLE) schemes,we provide rigorous proof that the framework can meet perfect secrecy and correctness requirements.In addition,we provide a specific scheme of physical layer OTP secure transmission for quadrature amplitude modulation(QAM) and phase-shift keying(PSK) symbols based on physical layer keys.This scheme realizes the unification of bit encryption and symbol encryption,which can adaptively select the quantization level according to the signal-to-noise ratio(SNR) to minimize the symbol error rate(SER).Further,we analyze the performance quantitatively and derive the closed-form expressions of SER,which indicates that the proposed scheme has a lower SER.Finally,simulation results verify that the proposed symbol-wise OTP secure transmission scheme can achieve perfect secrecy and high reliability.

关键词： physical layer security one-time pad wireless channel physical layer encryption perfect secrecy

Heterophilic Graph Neural Network Based on Spatial and Frequency Domain Adaptive Embedding Mechanism

同方期刊数据库评论

在线全文

同方期刊数据库

学校读者我要写书评

暂无评论

Computer Modeling in Engineering & Sciences 2024年第5期139卷 1701-1731页

作者： Lanze Zhang Yijun Gu Jingjie Peng College of information and Cyber security People’s Public Security University of ChinaBeijing100038China

Graph Neural Networks(GNNs)play a significant role in tasks related to homophilic graphs.Traditional GNNs,based on the assumption of homophily,employ low-pass filters for neighboring nodes to achieve information aggregation and embedding.However,in heterophilic graphs,nodes from different categories often establish connections,while nodes of the same category are located further apart in the graph topology.This characteristic poses challenges to traditional GNNs,leading to issues of“distant node modeling deficiency”and“failure of the homophily assumption”.In response,this paper introduces the Spatial-Frequency domain Adaptive Heterophilic Graph Neural Networks(SFA-HGNN),which integrates adaptive embedding mechanisms for both spatial and frequency domains to address the aforementioned issues.Specifically,for the first problem,we propose the“Distant Spatial Embedding Module”,aiming to select and aggregate distant nodes through high-order randomwalk transition probabilities to enhance modeling capabilities.For the second issue,we design the“Proximal Frequency Domain Embedding Module”,constructing adaptive filters to separate high and low-frequency signals of nodes,and introduce frequency-domain guided attention mechanisms to fuse the relevant information,thereby reducing the noise introduced by the failure of the homophily assumption.We deploy the SFA-HGNN on six publicly available heterophilic networks,achieving state-of-the-art results in four of them.Furthermore,we elaborate on the hyperparameter selection mechanism and validate the performance of each module through experimentation,demonstrating a positive correlation between“node structural similarity”,“node attribute vector similarity”,and“node homophily”in heterophilic networks.

关键词： Heterophilic graph graph neural network graph representation learning failure of the homophily assumption

Attention-Enhanced Voice Portrait Model Using Generative Adversarial Network

在线全文

维普期刊数据库

学校读者我要写书评

暂无评论

Computers, Materials & Continua 2024年第4期79卷 837-855页

作者： Jingyi Mao Yuchen Zhou YifanWang Junyu Li Ziqing Liu Fanliang Bu School of information Network security People’s Public Security University of ChinaBeijing100038China

Voice portrait technology has explored and established the relationship between speakers’ voices and their facialfeatures, aiming to generate corresponding facial characteristics by providing the voice of an unknown speaker.Due to its powerful advantages in image generation, Generative Adversarial Networks (GANs) have now beenwidely applied across various fields. The existing Voice2Face methods for voice portraits are primarily based onGANs trained on voice-face paired datasets. However, voice portrait models solely constructed on GANs facelimitations in image generation quality and struggle to maintain facial similarity. Additionally, the training processis relatively unstable, thereby affecting the overall generative performance of the model. To overcome the abovechallenges,wepropose a novel deepGenerativeAdversarialNetworkmodel for audio-visual synthesis, namedAVPGAN(Attention-enhanced Voice Portrait Model using Generative Adversarial Network). This model is based ona convolutional attention mechanism and is capable of generating corresponding facial images from the voice ofan unknown speaker. Firstly, to address the issue of training instability, we integrate convolutional neural networkswith deep GANs. In the network architecture, we apply spectral normalization to constrain the variation of thediscriminator, preventing issues such as mode collapse. Secondly, to enhance the model’s ability to extract relevantfeatures between the two modalities, we propose a voice portrait model based on convolutional attention. Thismodel learns the mapping relationship between voice and facial features in a common space from both channeland spatial dimensions independently. Thirdly, to enhance the quality of generated faces, we have incorporated adegradation removal module and utilized pretrained facial GANs as facial priors to repair and enhance the clarityof the generated facial images. Experimental results demonstrate that our AVP-GAN achieved a cosine similarity of0.511, outperforming the performance of our comparison mo

关键词： Cross-modal generation GANs voice portrait technology face synthesis

Big Data Access Control Mechanism Based on Two-Layer Permission Decision Structure

在线全文

维普期刊数据库

学校读者我要写书评

暂无评论

Computers, Materials & Continua 2024年第4期79卷 1705-1726页

作者： Aodi Liu Na Wang Xuehui Du Dibin Shan Xiangyu Wu Wenjuan Wang He’nan Province Key Laboratory of information security Information Engineering UniversityZhengzhou450000China

Big data resources are characterized by large scale, wide sources, and strong dynamics. Existing access controlmechanisms based on manual policy formulation by security experts suffer from drawbacks such as low policymanagement efficiency and difficulty in accurately describing the access control policy. To overcome theseproblems, this paper proposes a big data access control mechanism based on a two-layer permission decisionstructure. This mechanism extends the attribute-based access control (ABAC) model. Business attributes areintroduced in the ABAC model as business constraints between entities. The proposed mechanism implementsa two-layer permission decision structure composed of the inherent attributes of access control entities and thebusiness attributes, which constitute the general permission decision algorithm based on logical calculation andthe business permission decision algorithm based on a bi-directional long short-term memory (BiLSTM) neuralnetwork, respectively. The general permission decision algorithm is used to implement accurate policy decisions,while the business permission decision algorithm implements fuzzy decisions based on the business constraints.The BiLSTM neural network is used to calculate the similarity of the business attributes to realize intelligent,adaptive, and efficient access control permission decisions. Through the two-layer permission decision structure,the complex and diverse big data access control management requirements can be satisfied by considering thesecurity and availability of resources. Experimental results show that the proposed mechanism is effective andreliable. In summary, it can efficiently support the secure sharing of big data resources.

关键词： Big data access control data security BiLSTM

CMAES-WFD:Adversarial Website Fingerprinting Defense Based on Covariance Matrix Adaptation Evolution Strategy

在线全文

维普期刊数据库

学校读者我要写书评

暂无评论

Computers, Materials & Continua 2024年第5期79卷 2253-2276页

作者： Di Wang Yuefei Zhu Jinlong Fei Maohua Guo School of Cyberspace security Information Engineering UniversityZhengzhou450000China

Website fingerprinting,also known asWF,is a traffic analysis attack that enables local eavesdroppers to infer a user’s browsing destination,even when using the Tor anonymity network.While advanced attacks based on deep neural network(DNN)can performfeature engineering and attain accuracy rates of over 98%,research has demonstrated thatDNNis vulnerable to adversarial samples.As a result,many researchers have explored using adversarial samples as a defense mechanism against DNN-based WF attacks and have achieved considerable success.However,these methods suffer from high bandwidth overhead or require access to the target model,which is unrealistic.This paper proposes CMAES-WFD,a black-box WF defense based on adversarial samples.The process of generating adversarial examples is transformed into a constrained optimization problem solved by utilizing the Covariance Matrix Adaptation Evolution Strategy(CMAES)optimization algorithm.Perturbations are injected into the local parts of the original traffic to control bandwidth overhead.According to the experiment results,CMAES-WFD was able to significantly decrease the accuracy of Deep Fingerprinting(DF)and VarCnn to below 8.3%and the bandwidth overhead to a maximum of only 14.6%and 20.5%,respectively.Specially,for Automated Website Fingerprinting(AWF)with simple structure,CMAES-WFD reduced the classification accuracy to only 6.7%and the bandwidth overhead to less than 7.4%.Moreover,it was demonstrated that CMAES-WFD was robust against adversarial training to a certain extent.

关键词： Traffic analysis deep neural network adversarial sample Tor website fingerprinting

Fault-tolerant identity-based encryption from SM9

在线全文

维普期刊数据库

学校读者我要写书评

暂无评论

Science China(information Sciences) 2024年第2期67卷 104-117页

作者： Xiaohong LIU Xinyi HUANG Zhaohui CHENG Wei WU Fujian Provincial Key Laboratory of Network security and Cryptology College of Computer and Cyber SecurityFujian Normal University Artificial Intelligence Thrust Information HubThe Hong Kong University of Science and Technology (Guangzhou) Olym information security Technology Ltd. Center for Applied Mathematics of Fujian Province School of Mathematics and StatisticsFujian Normal University

This paper initiates the formal study of attribute-based encryption within the framework of SM9,the Chinese National Cryptography Standard for Identity-Based Cryptography, by presenting two new faulttolerant identity-based encryption(FIBE) schemes. Our first scheme uses the same private-key/ciphertext structure as the original SM9 algorithm and operates in a small attribute universe. As a result, it can be effectively and smoothly integrated into the information systems using SM9. In the random oracle model,we prove that our scheme is ciphertext-indistinguishable against fuzzy selective-identity and chosen-plaintext attacks under the(k + 3)-DBDHI assumption. Our second design is a large universe FIBE scheme based on SM9 that is ciphertext-indistinguishable against chosen-plaintext attacks in the random oracle model under the(f, g)-GDDHE assumption. Finally, we compare the communication and computing costs of our schemes to those of other classical ones. The comparison shows that our schemes have comparable performance as others. We believe that our findings will accelerate the applications of SM9 in modern information systems such as cloud computing and blockchain.

关键词： attribute-based encryption identity-based encryption fault-tolerant SM9