Time filter

Source Type

Fu J.,Wuhan University | Fu J.,Key Laboratory of Aerospace Information Security and Trusted Computing | Li P.,Wuhan University | Li P.,Key Laboratory of Aerospace Information Security and Trusted Computing | And 4 more authors.
Proceedings - 15th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, 10th IEEE International Conference on Big Data Science and Engineering and 14th IEEE International Symposium on Parallel and Distributed Processing with Applications, IEEE TrustCom/BigDataSE/ISPA 2016 | Year: 2016

Security-sensitive behaviors in Android applications (apps for short) may or may not be malicious. We propose that a fundamental difference between malicious and benign behaviors is that their corresponding user intentions are different, i.e., whether there is an association between the app behavior and user intention. The user knows and wants this behavior to happen. Based on this discovery, we first design and realize IBdroid, which can precisely monitor user inter-faces, user actions and security-sensitive behaviors of apps. Then the user intention features, which can perceive the correlations between user intention and app behavior from time, process, semantic and data perspectives, are extracted from the records obtained by IBdroid. Finally, an approach using user intention features is proposed to differentiate benign and malicious behaviors. In our evaluations, we correctly identify 333 out of 354 security-sensitive behaviors, achieving 96.43% precision and 91.53% recall, the experimental result demonstrates that our approach can effectively and accurately detect and block malicious behaviors of Android apps. © 2016 IEEE.


Wang C.,Shanghai University | Wang C.,Key Laboratory of Aerospace Information Security and Trusted Computing | Zhang H.,Hubei University | Zhang H.,Key Laboratory of Aerospace Information Security and Trusted Computing | Liu L.,Huawei
China Communications | Year: 2011

Elliptic curve cryptography is one of the most important public-key cryptography. The Koblitz Curve is a special kind of elliptic curve in ECC and its security mainly depends on the base field. Based on Evolutionary Cryptography theory, which becomes a principal concept for cryptography design and cryptanalysis, we propose a new algorithm for secure EC generation based on Ant Colony Optimization (ACO) to accelerate the search process of safe base field. We preliminarily deal with secure Koblitz curve selecting over the field F (2800). Experiments show that the base field and base point of secure curves generated by ant colony algorithm have gone beyond the parameter range of Koblitz curves recommended by NIST. We can present many new secure Koblitz curves, including base field and base point, which are not recommended by NIST. The maximum size of our secure Koblitz curve has gone beyond 700bit. The algorithm in this paper follows the same cryptography criteria recommended by the ANSI. So, it can resist current attacks. Theoretical analysis and experimental results prove that the new algorithm is effective and successful, and it is the first successful practice of Evolutionary Cryptography theory in public cryptography research.


Wang J.,Wuhan University | Wang J.,Key Laboratory of Aerospace Information Security and Trusted Computing | Hu H.,Arizona State University | Zhao B.,Wuhan University | And 7 more authors.
Chinese Journal of Electronics | Year: 2013

Information Card (InfoCard) is a user-centric identity management metasystem. It has been accepted as a standard of OASIS Identity Metasystem Interoperability Technical Committee. However, there is currently a lack of security analysis to InfoCard protocol, especially, with formal methods. In this paper, we accommodate such a requirement by analyzing security properties of InfoCard protocol adopting a formal protocol analysis tool. Our analysis result discovers that current InfoCard protocol is vulnerable against the session replay attack. Furthermore, we reveal the importance of two optional elements in InfoCard metasystem, token scope and proof key, and found that InfoCard protocol will be susceptible to manin-the-middle attack and token replay attack if these two optional elements lack.


Zhao B.,Wuhan University | Zhao B.,Key Laboratory of Aerospace Information Security and Trusted Computing | Xiang S.,Wuhan University | Xiang S.,Key Laboratory of Aerospace Information Security and Trusted Computing | And 4 more authors.
Dianzi Keji Daxue Xuebao/Journal of the University of Electronic Science and Technology of China | Year: 2013

A parallel trust structure is proposed to contain application software into its credence coverage. The structure passes trust from the TPM to the applications in virtual domains. Based on this structure, we design and implement a trusted software protection agent (TSPA), a module in hypervisor, which simplifies the trust complexity and makes trust transfer more controllable and more secure. This paper also contributes a model for protecting software integrity.


Zhang H.G.,Wuhan University | Zhang H.G.,Key Laboratory of Aerospace Information Security and Trusted Computing | Yan F.,Wuhan University | Yan F.,Key Laboratory of Aerospace Information Security and Trusted Computing | And 10 more authors.
Science in China, Series F: Information Sciences | Year: 2010

Trusted computing has become a new trend in the area of international information security, and the products of trusted computing platform begin to be used in application. Users will not use the products of information security, unless it goes through the testing and evaluation. Here we concentrate on the testing and evaluation problem of trusted computing platform, begin with constructing proper formalization model of trusted computing platform for testing, and establish a mathematical chain of trust model based on SPA. Moreover, we give a verification method of composite characteristics and find the potential factors threatening the trusted system in the process of remote attestation through analysis. For trusted software stack, we study the problem of automatic generation of test case and propose an improved method of generating the random test case, to raise the quality of test case. Finally, we give a prototype system of trusted computing platform and the actual test data related. The result demonstrates that there exist some flaws in the architecture of the present TCG computing platform. At the same time, some flaws are found in the products of existing trusted computing platform, thus a basis is laid for the improvement and development of trusted platform technology and its products. © 2010 Science China Press and Springer-Verlag Berlin Heidelberg.


Ren Z.,Wuhan University | Wang L.,Wuhan University | Wang L.,Key Laboratory of Aerospace Information Security and Trusted Computing | Wu Q.,Wuhan University | Deng R.,Wuhan University
Chinese Journal of Electronics | Year: 2014

Many schemes have been present to tackle data integrity and retrievability in cloud storage. Few of existing schemes support data dynamics, public verification and protect data privacy simultaneously. We propose a public auditing scheme which enables privacy-preserving, data dynamics and batch auditing. A data updating information table is designed to record the status information of the data blocks and facilitate data dynamics. Homomorphic authenticator and random masking technologies are exploited to protect data privacy for data owners. The scheme employs a Trusted third party auditor (TTPA) to verify the data integrity without learning any information about the data content during the auditing process. The scheme also allows batch auditing so that TTPA can process multiple auditing requests simultaneously which greatly accelerates the auditing process. Security and performance analysis show that our scheme is secure and feasible.


Yu F.,Hubei University | Yu F.,Key Laboratory of Aerospace Information Security and Trusted Computing | Li T.,Key Laboratory of Aerospace Information Security and Trusted Computing | Lin Y.,Key Laboratory of Aerospace Information Security and Trusted Computing | And 2 more authors.
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) | Year: 2011

PKI-based trusted computing platform (TCP) requires platform users to apply for multiple Platform Identity Key (PIK) certificates to provide remote attestation, users must pay the fee of digital certificates, which increases users' economic burdens and leads there is hardly any TCP has really performed the core function of trusted computing, platform remote attestation, so the application of TCP is not very wide. This paper presents a trusted computing cryptography scheme based on Hierarchical Combined Public Key (HCPK), which can reduce the risk of single Private Key Generator (PKG), and let the verifier authenticate TCP directly without third party, so platform users do not need to apply additional digital certificates. This scheme can reduce users' cost of using TCP, and encourage the development of TCP application. © 2011 Springer-Verlag.


Yu F.,Wuhan University | Yu F.,Key Laboratory of Aerospace Information Security and Trusted Computing | Xu Y.,Zhejiang Provincial Testing Institute of Electronic Products | Yu Y.,Wuhan University | And 2 more authors.
Journal of Computational Information Systems | Year: 2011

Program's behavior verification is the core of trusted computing dynamic attestation. The first step of program's behavior verification is building program's trusted behavior model. Static analysis based behavior model building can cover all running paths, but there may be many ε run circuits, which can lead to the failure of dynamic attestation execution. This paper gives out an improved Floyd algorithm to find out and remove one ε run circuit with shortest length. The action is repeated until there is no ε run circuit, which can optimize the trusted behavior model. This paper also carries out one theoretical analysis of the time complexity and space complexity, the optimization method is better than the method based on the traditional algorithm of finding out all elementary circuits in directed graph. Finally, this paper does some optimization experiments about real Windows binary program's behavior model. The result shows there is a large reduction in the number of directed graph's nodes and edges in the behavior model after deleting all ε run circuits. Copyright © 2011 Binary Information Press.


Li Y.-K.,Wuhan University | Li Y.-K.,Key Laboratory of Aerospace Information Security and Trusted Computing | Liu S.-B.,Wuhan University | Liu S.-B.,Key Laboratory of Aerospace Information Security and Trusted Computing | And 4 more authors.
Tongxin Xuebao/Journal on Communications | Year: 2015

In opportunistic networks, users can take the advantage of parallel opportunistic contacts with other mobile users and find the appropriate helpers to forward the messages or share the contents. Most of the existing profile-matching protocols were designed on the basis of homomorphic cryptosystem and were not quite efficient in encryption and decryption. Three efficient and privacy-preserving profile matching protocols were proposed to deal with different privacy requirements in opportunistic networks, which do not use any homomorphic encryption. The proposed protocols were proved to be privacy-preserving and correct. The performances of the protocols are thoroughly analyzed and evaluated via real smartphone experiments, and the results show that the proposed protocols can decrease encryption and decryption time by at least an order of magnitude than the Paillier cryptosystem based protocol. © 2015, Editorial Board of Journal on Communications. All right reserved.


Wang L.-N.,Key Laboratory of Aerospace Information Security and Trusted Computing | Wang L.-N.,Hubei University | Peng R.-Q.,Key Laboratory of Aerospace Information Security and Trusted Computing | Peng R.-Q.,Hubei University | And 4 more authors.
Tien Tzu Hsueh Pao/Acta Electronica Sinica | Year: 2013

In the Context-Aware location services, the opening characteristic of the mobile network brings some security risks for personal mobility data. The spatial-temporal correlation of the mobility data is a great challenge for protecting privacy of the users. To solve the background knowledge attack based on the spatial-temporal correlation, we proposed a privacy protection method based on multi-dimensional trajectory anonymity in this paper. This method is built on the anonymous trajectory data collection system and achieves the protection of user privacy through spatial-temporal anonymity algorithm based on the multi-user collaboration privacy protection mode. The experimental results demonstrated that this method can prevent the background knowledge attack based on the position and moving mode effectively and meets the demands of the privacy protect of k-Anonymity.

Loading Key Laboratory of Aerospace Information Security and Trusted Computing collaborators
Loading Key Laboratory of Aerospace Information Security and Trusted Computing collaborators