Time filter

Source Type

Jin Z.,Beijing University of Posts and Telecommunications | Li Z.,National Cybernet Security Ltd
International Journal of Security and Networks | Year: 2016

Proxy multi-signature isa scheme that allows a proxy signer to sign messages onbehalf of a group of original signers. To our best knowledge, most of the existing proxy multi-signature schemes are proposed in public key infrastructure or identity-based setting. However, owing to avoiding the inherent escrow problem of identity-based cryptography and yet not requiring certificatesto guarantee the authenticity of public keys, certificateless public key cryptography has become an attractive paradigm on which many cryptographical primitives are based. In this paper, a generic construction and a formal security model of certificateless proxy multi-signature (CLPMS) is defined. A concrete CLPMS scheme is also proposed, which is proven to be existentially unforgeable against adaptively chosen warrant attacks and chosen message and identity attacks in the random oracle model under the computational Diffie-Hellman assumption. © Copyright 2016 Inderscience Enterprises Ltd.


Xie K.,Shandong University | Yang Y.,Shandong University | Yang Y.,Beijing University of Posts and Telecommunications | Xin Y.,Beijing University of Posts and Telecommunications | Xia G.,National Cybernet Security Ltd.
Mathematical Problems in Engineering | Year: 2015

According to the problems of current distributed architecture intrusion detection systems (DIDS), a new online distributed intrusion detection model based on cellular neural network (CNN) was proposed, in which discrete-time CNN (DTCNN) was used as weak classifier in each local node and state-controlled CNN (SCCNN) was used as global detection method, respectively. We further proposed a new method for design template parameters of SCCNN via solving Linear Matrix Inequality. Experimental results based on KDD CUP 99 dataset show its feasibility and effectiveness. Emerging evidence has indicated that this new approach is affordable to parallelism and analog very large scale integration (VLSI) implementation which allows the distributed intrusion detection to be performed better. © 2015 Kang Xie et al.


Liu J.,Beijing University of Posts and Telecommunications | Gu L.,Beijing University of Posts and Telecommunications | Luo S.,Beijing University of Posts and Telecommunications | Yang Y.,Beijing University of Posts and Telecommunications | And 2 more authors.
Xi'an Dianzi Keji Daxue Xuebao/Journal of Xidian University | Year: 2011

In order to enable the mobile network to provide anonymity services and ensure the confidentiality of the user's identity, whereabouts and other information, we put up an anonymous authentication scheme, which solves the problem of user's anonymity not only in roaming network, but also in adscription network. The scheme has not only a small amount of communication, but also does not need to change the key every time. The scheme is based on the knowledge proof, and uses the direct anonymous attestation protocol theory together with encrypting transfer and signature validation for its implementation. Theoretical analysis and experimental results demonstrate that users do not need to go to the home agent to authenticate the user's identity in the roaming network, and that there is no need to map out its true identity in the adscription network. It implements user's anonymity in the whole network effectively.


Zhang D.,Beijing University of Posts and Telecommunications | Zhang R.,Beijing University of Posts and Telecommunications | Niu X.,Beijing University of Posts and Telecommunications | Yang Y.,Beijing University of Posts and Telecommunications | Zhang Z.,National Cybernet Security Ltd.
ICCET 2010 - 2010 International Conference on Computer Engineering and Technology, Proceedings | Year: 2010

Third Generation (3G) wireless networks are now increasingly being deployed throughout the world. Because of their complex signaling and relatively limited bandwidth, these 3G networks are generally more vulnerable than their wireline counterparts, thus making them fertile ground for some new attacks. In this paper, we propose a novel AKA Protocol scheme of 3G, which is based on Diffie-Hellman Algorithm. This scheme improves the transmission security between ME, VLR and HLR, it also provides message freshness, forward secrecy, robust message confidentiality and message integrity. Man-in-the-middle attack and replay attack are also prevented. However, it cannot prevent the key compromise impersonation because of the shared key scheme. © 2010 IEEE.


Yang Y.-B.,Beijing University of Posts and Telecommunications | Huang W.,Communication University of China | Li Z.-X.,National Cybernet Security Ltd. | Hu Z.-M.,Beijing University of Posts and Telecommunications
Beijing Ligong Daxue Xuebao/Transaction of Beijing Institute of Technology | Year: 2015

Code obfuscation was employed to prevent the software reverse analysis and protect the important information effectively by strengthening the restore difficult. bf (branch function) algorithm is obfuscation algorithm effective for the static disassembly, but the bf jump is a constant address, so it is easy to be restored. The proposed algorithm based on the bf algorithm improved the defect and enhanced the confusing complexity for the static disassembly, reusing the junk instruction to relocate the bf function jump address and hide the second jump address. In the experiment, the test samples were obfuscated by bf algorithm and the proposed algorithm separately and the static disassembly tool IDA Pro was used for testing, the experimental results show that the new algorithm has significantly improvement in performance and security. ©, 2015, Beijing Institute of Technology. All right reserved.


Wang Y.,Beijing University of Posts and Telecommunications | Gu L.-Z.,Beijing University of Posts and Telecommunications | Li Z.-X.,National Cybernet Security Ltd | Yang Y.-X.,Beijing University of Posts and Telecommunications
Journal of China Universities of Posts and Telecommunications | Year: 2013

This paper presents a new method for protocol reverse engineering, which combines both the dynamic and static binary analysis. Our work not only does precise positioning on the field and its length, but also gives the field attributes accurately. According to different instructions and the current program structure, we can infer the message format validly. To prove the method is sound and effective, we build a prototype tool - NetProtocolFinder, and select some documented protocol and undocumented protocol messages as the test instances respectively. Results of our experiments show that the tool can not only extract the message format from protocols effectively, but also speculate the state machine model through relevant field attributes conveniently. © 2013 The Journal of China Universities of Posts and Telecommunications.


Liu J.,Beijing University of Posts and Telecommunications | Gu L.-Z.,Beijing University of Posts and Telecommunications | Niu X.-X.,Beijing University of Posts and Telecommunications | Yang Y.-X.,Beijing University of Posts and Telecommunications | Li Z.-X.,National Cybernet Security Ltd
Beijing Youdian Daxue Xuebao/Journal of Beijing University of Posts and Telecommunications | Year: 2015

The traditional network security events analysis methods depend more on human interventions. To address this problem, an automatic and self-adaptive method is presented. The neural network models are used to classify amounts of security events according to various attack scenarios, which can reduce much human intervention. The rule items are extracted from the classification results. And the correlation rules are generated automatically from these items using genetic algorithm. Experiments demonstrate that the method can classify the network security events and generate association rules automatically, so that the degree of automation can be improved. It is an effective enhancement and improvement to the traditional methods. ©, 2015, Beijing University of Posts and Telecommunications. All right reserved.


Lei X.,Beijing University of Posts and Telecommunications | Fan W.,Communication University of China | Huang W.,Communication University of China | Yang Y.,Beijing University of Posts and Telecommunications | Li Z.,National Cybernet Security Ltd
Open Automation and Control Systems Journal | Year: 2015

In this paper, we propose a systematic approach for automatically detecting and elimination redundant Eflags to optimize intermediate language (IL). We analyzed a broad spectrum of different IL and resulted that a number of IL expose all side effects explicitly by default and not all the Eflags are relevant with subsequent analysis. Therefore, we propose a unified approach, invertible analysis, to reduce the volume of IL. Our approach does not rely on any concrete IL, and thus can identify redundant Eflags in the IL. Moreover, we devised a method using flag relevant chain dependency analysis to remove redundant Eflags and shrink the IL. We developed a prototype, and conducted extensive experiments using representative samples from various categories. We demonstrated that our approach could diminish the volume of Vine IL obviously, and provide accurate representation about the assembly code. © Lei et al.


Dai F.-F.,Beijing University of Posts and Telecommunications | Zheng K.-F.,Beijing University of Posts and Telecommunications | Hu Y.,Armed Police Beijing Command Academy | Li Z.-X.,National Cybernet Security Ltd.
Beijing Youdian Daxue Xuebao/Journal of Beijing University of Posts and Telecommunications | Year: 2014

A K-means cluster evaluation technique using bi-dimensional entropy components was proposed. The attack dataset on the basis of network entropy was preprocessed, a two-dimensional plane was mapped. The output of preprocess as the input of clustering was utilized. And a relation between the attack dataset and the effect category on the basis of K-means algorithm was established, thus an explicit division of attack effect set was achieved. Efficient evaluation was given. Experiment shows that the method can process attack dataset with high efficiency, as well as provide a visualized evaluation result by form of evaluation cluster diagram.


PubMed | Northeastern University China, Beijing University of Posts and Telecommunications, Shandong University and National Cybernet Security Ltd.
Type: | Journal: TheScientificWorldJournal | Year: 2014

In order to meet the demands of operation monitoring of large scale, autoscaling, and heterogeneous virtual resources in the existing cloud computing, a new method of live virtual machine (VM) migration detection algorithm based on the cellular neural networks (CNNs), is presented. Through analyzing the detection process, the parameter relationship of CNN is mapped as an optimization problem, in which improved particle swarm optimization algorithm based on bubble sort is used to solve the problem. Experimental results demonstrate that the proposed method can display the VM migration processing intuitively. Compared with the best fit heuristic algorithm, this approach reduces the processing time, and emerging evidence has indicated that this new approach is affordable to parallelism and analog very large scale integration (VLSI) implementation allowing the VM migration detection to be performed better.

Loading National Cybernet Security Ltd. collaborators
Loading National Cybernet Security Ltd. collaborators