Time filter

Source Type

Chen J.,Beijing University of Technology | Chen J.,National Computer Virus Emergency Response Center | Yang L.,Tianjin University of Technology | Zhang H.,Tianjin University of Technology | Liu Y.,National Computer Virus Emergency Response Center
WIT Transactions on Information and Communication Technologies | Year: 2014

In order to deal with serious security threats of SQL injection to Web applications, this paper proposes a novel SQL-injection detection method based on genetic algorithm (GA). A unified description for characteristics of SQL-injection was issued by regular expression, and an optimized SQL-injection sequence motherboard was got through GA. We detected harmful levels of SQL-injection attacks using template matching and achieved optimized correction scheme of the algorithm by a large amount of data. © 2014 WIT Press.


Wang J.-S.,Tianjin University of Technology | Liu F.,Tianjin University of Technology | Zhang J.,National Computer Virus Emergency Response Center
Tongxin Xuebao/Journal on Communications | Year: 2010

A botnet detecting method was presented based on group-signature filter, suitable for the traditional signatures matching algorithm. Using multiple member signatures to filter the packets of hosts from Intranet, the proposed method is able to handle the shortened and scattered signatures at a space expense of O(tmn). The simulated experiment proves the correctness and validity of the detecting method.


Chen J.,Beijing University of Technology | Chen J.,National Computer Virus Emergency Response Center | Zou S.,Beijing University of Posts and Telecommunications | Ren A.,Xidian University | Ren A.,Baoji University of Arts And Sciences
Journal of Computers (Finland) | Year: 2013

The paper analyses the traditional methods of the stream video integrity technology and gives some possible signature schemes for video integrity, including the batch signature which can improve the efficiency in signature generation, sanitizable signature which can tolerate non-malicious operation, and Merkle-tree signature. What's more, we present a new idea for video integrity based on the batch signature scheme, which is more efficient than traditional methods. © 2013 ACADEMY PUBLISHER.


Chen J.-M.,Beijing University of Technology | Chen J.-M.,National Computer Virus Emergency Response Center | Feng Y.-M.,Beijing University of Technology | Mei Y.-M.,Kingsoft
2010 International Conference on Machine Learning and Cybernetics, ICMLC 2010 | Year: 2010

With the rapid development of Internet application, malware detection becomes more and more important and tremendous. There are tens of thousands of new mal ware samples especially associated with economic interests. Manual inspection is difficult to identify the samples with high-speed response. We designed and implemented an automatically identifying system based on the mass samples. It has high accuracy and good speed improving the efficiency of detecting malware. © 2010 IEEE.


Chen J.,Beijing University of Technology | Chen J.,National Computer Virus Emergency Response Center | Ning Z.,Beijing University of Technology | Xiao P.,Beijing University of Technology | Fu Y.,Beijing University of Technology
Huazhong Keji Daxue Xuebao (Ziran Kexue Ban)/Journal of Huazhong University of Science and Technology (Natural Science Edition) | Year: 2013

In order to realize trusted measurement of the running states of operating system and application programming, considering multi-hop feature of wireless Mesh network, two steps were carried out to evaluate the system's trust: starting states and runtime states. The values stored in PCR (platform configuration registers) were used to measure and evaluate starting states, and grey relevance analysis method to evaluate runtime states. And then the proposed trust evaluation mechanism was implemented in trusted network connections of wireless Mesh networks. Moreover, in network simulations, untrusted nodes can be detected effectively and false detection rate is less than 10%, which shows the performance is good.


Duan X.-T.,Nankai University | Jia C.-F.,Nankai University | Jia C.-F.,National Computer Virus Emergency Response Center | Liu C.-B.,Nankai University
Tongxin Xuebao/Journal on Communications | Year: 2010

The defects of intrusion detection using fixed-length short system call sequences were analyzed. A method of extracting variable-length short system call sequences, grounded on the function return addresses stored in the process stacks, was proposed. Based on the hierarchical relationship and the state transition characteristics of the variable-length semantic patterns, a hierarchical hidden Markov intrusion detection model was presented. The experimental results show that the hierarchical hidden Markov intrusion detection model is superior to the traditional hidden Markov model.

Loading National Computer Virus Emergency Response Center collaborators
Loading National Computer Virus Emergency Response Center collaborators