Time filter

Source Type

Qin Z.,Nanjing Southeast University | Qin Z.,A+ Network | Zhang X.,Nanjing Southeast University | Feng K.,Nanjing Southeast University | And 2 more authors.
Sensors (Switzerland) | Year: 2014

With the rapid development and widespread adoption of wireless sensor networks (WSNs), security has become an increasingly prominent problem. How to establish a session key in node communication is a challenging task for WSNs. Considering the limitations in WSNs, such as low computing capacity, small memory, power supply limitations and price, we propose an efficient identity-based key management (IBKM) scheme, which exploits the Bloom filter to authenticate the communication sensor node with storage efficiency. The security analysis shows that IBKM can prevent several attacks effectively with acceptable computation and communication overhead. © 2014 by the authors; licensee MDPI, Basel, Switzerland.

Qin Z.,Nanjing Southeast University | Qin Z.,A+ Network | Zhang X.,Nanjing Southeast University | Zhang Q.,Nanjing Institute of Artillery Corps | Yang Z.,Nanjing Southeast University
IET Conference Publications | Year: 2014

With the massive popularity of smartphones, many third-party marketplaces are emerged to meet smartphone users' need. These third-party marketplaces usually provide thousands of applications, but can't guarantee their security. Among the malicious applications, repackaging is one of the most common techniques to piggyback malicious payloads into legitimate applications. In order to keep the android ecosystem healthy, an app similarity measurement system is proposed to detect repackaged applications directly from the DEX file. We use the string length as the fingerprint to measure the similarity between third-party application and the original one, afterwards according to the similarity score whether one third-party application is repackaged or not can be determined. We perform a systematic study on five popular Android-based third-party marketplaces with randomly 200 samples from each third-party marketplace. Further manual investigation shows that these repackaged apps are mainly used to replace existing in-app advertisements or embed new ones to "steal" or re-route ad revenues. We also identify a few cases with planted malicious payloads among repackaged apps.

Qin Z.,Nanjing Southeast University | Zhang X.,Nanjing Southeast University | Feng K.,Nanjing Southeast University | Zhang Q.,Nanjing Institute of Artillery Corps | Huang J.,Nanjing Southeast University
International Journal of Distributed Sensor Networks | Year: 2015

With the wide adoption of wireless sensor network (WSN), security problems emerge as a challenging issue because of the limited computational power and energy of the sensor nodes. Furthermore, the deployment of WSN in the hostile area with a large number of nodes also poses a threat. In this paper, we proposed a new efficient key management scheme based on Elliptic Curve Cryptography (ECC) and AVL tree for large scale WSNs. In our scheme the Elliptic Curve Paillier Encryption (ECPE) cryptography is adopted for communication and the AVL tree is used to store the neighbors' ID and public key. The number of keys used in our scheme is smaller than the proposed schemes as we store these keys using AVL tree to shorten the search time. Regular key updates are also designed to further improve the security of the whole network. Our scheme has a good scalability where the node addition and deletion are supported. Experimental results and analysis show our scheme can significantly reduce the energy consumed by the node and reduce the memory and computational overhead. © 2015 Zhongyuan Qin et al.

Wang Y.,Nanjing Southeast University | Qin Z.,Nanjing Southeast University | Zhang Q.,Nanjing Institute of Artillery Corps | Wang H.,Nanjing Southeast University | Huang J.,Nanjing Southeast University
Proceedings - 2014 10th International Conference on Computational Intelligence and Security, CIS 2014 | Year: 2015

To achieve security in wireless sensor networks, it is needed to encrypt and authenticate message sent between sensor nodes. Key management is a very critical problem. However, as sensor nodes are resource-constrained, achieving key agreement is nontrivial. In this paper, we propose a key pre-distribution scheme based on multiple key spaces. The scheme combines the advantages of BIBD and Blom. Detailed analysis of the performance for this scheme is also given which shows that it has acceptable storage, computation, communication overhead and increases the network connectivity compared to previous schemes. © 2014 IEEE.

Qin Z.,Nanjing Southeast University | Qin Z.,A+ Network | Xu Y.,Nanjing Southeast University | Liang B.,Nanjing Sample Technology Company Ltd | And 2 more authors.
Dongnan Daxue Xuebao (Ziran Kexue Ban)/Journal of Southeast University (Natural Science Edition) | Year: 2013

In order to efficiently detect malicious software on Android, an integrated static detection method is proposed based on dangerous permissions and behavior analyses. For the application package (APK) which has been detected before, its MD5 value is extracted as the signature for fast match and decision. For those which have not been detected, permission and behavior analyses are used to detect whether it is malware or not. First, a pre-decision is made according to whether dangerous permissions are applied. Secondly, taint propagation and semantic analyses are conducted to detect the behavior of stealing private information and financial over-charge in APK. The proposed system does not depend on the collection and update of the virus database and can efficiently detect the variants of known and unknown malware, which is different from the anti-virus software that can only detect known malware. The experimental results show that malwares with privacy stealing and malicious extra charges are successfully detected, which proves the effectiveness of the system.

Discover hidden collaborations