China Information Technology Evaluation Center

Beijing, China

China Information Technology Evaluation Center

Beijing, China
SEARCH FILTERS
Time filter
Source Type

Xiong Q.,China Information Technology Evaluation Center | Xiong Q.,Wuhan University | Peng Y.,China Information Technology Evaluation Center | Dai Z.,China Information Technology Evaluation Center
Qinghua Daxue Xuebao/Journal of Tsinghua University | Year: 2012

Intrusion response is a key measure of system survivability and the survivability of intrusion response system is critical. A survivability analysis model was developed using queuing nets transformed into a two-dimension Markov model and simplified into a quasi birth and death (QBD) process. The steady-state distribution is obtained based on the spectral expansion method. The blocking probability and the mean queue length of the intrusion response model are calculated to quantify the survivability of the intrusion response system. The results are useful not only for determining whether the survivability requirements are satisfied but also for optimizing the system structure and parameters.


Liu L.,University of Sichuan | Peng D.,University of Sichuan | Yang Y.-F.,University of Sichuan | Wu R.-P.,China Information Technology Evaluation Center
Sichuan Daxue Xuebao (Gongcheng Kexue Ban)/Journal of Sichuan University (Engineering Science Edition) | Year: 2012

By researching the previous binary mining method, a new mining model based on fuzzing, reversing and symbolic execution technology was presented. This method used reversing analysis to locate integer vulnerabilities scope, obtain related data types by IDA disassembler and SDK development kit, detect safety-sensitive functions, build function control diagram, determine the related codes of potential integer vulnerabilities, and cover each code part related. The input and output relations were obtained by symbolic execution in assembly codes and adjusting the input for fuzzing. The proposed model greatly enhances the binary integer vulnerabilities mining accuracy and efficiency.


Wang T.,China Information Technology Evaluation Center | Peng Y.,China Information Technology Evaluation Center | Dai Z.,China Information Technology Evaluation Center | Yi S.,China Information Technology Evaluation Center | Han L.,Huazhong University of Science and Technology
Huazhong Keji Daxue Xuebao (Ziran Kexue Ban)/Journal of Huazhong University of Science and Technology (Natural Science Edition) | Year: 2013

For the deficiencies of existing phishing detection methods, based on backward selection algorithm, the processes of information acquisition, website feature extraction, classifier training and the suspected phishing web inspection were optimized. According to the relationship between features of the division level space, a new algorithm recursive feature elimination based on SVM-RFE (support vector machine and recursive feature elimination) was put forward to detect phishing web, and a system of phishing website recognition was designed. The effectiveness of negative rate, false positive rate and recognition rate were compared at different dimensions. The experimental results show that this method can accurately determine the actual needed features.


Peng Y.,China Information Technology Evaluation Center | Wang T.,China Information Technology Evaluation Center | Xiong Q.,China Information Technology Evaluation Center | Dai Z.,China Information Technology Evaluation Center | And 2 more authors.
Beijing Jiaotong Daxue Xuebao/Journal of Beijing Jiaotong University | Year: 2013

Fuzzing is an effective automated vulnerability finding technology. It is significant to apply it to the field of testing for network protocols. According to the characteristics of network protocols, the paper analyses the basic principles of fuzzing in network protocols, and proposes an automated framework of fuzzing in network protocols. Meanwhile, it has proposed an effective testing method for the fuzzing in encrypted network protocols. The method has decreased the procedure, which is used to reverse engineering for the encryption routines in the course of protocol analysis. In addition, the efficiency in vulnerability detecting has greatly improved.

Loading China Information Technology Evaluation Center collaborators
Loading China Information Technology Evaluation Center collaborators