National Research Center for Information Technology Security

Beijing, China

National Research Center for Information Technology Security

Beijing, China

Time filter

Source Type

Li X.,University of Science and Technology Beijing | Zheng X.,University of Science and Technology Beijing | Li J.,National Research Center for Information Technology Security | Wang S.,National Research Center for Information Technology Security
Proceedings - 2012 5th International Conference on Intelligent Computation Technology and Automation, ICICTA 2012 | Year: 2012

Many projects have tried to analyze the structure and dynamics of application overlay networks on the Internet using packet analysis and network flow data. While such analysis is essential for a variety of network management and security tasks, it is difficult on many networks: either the volume of data is so large as to make packet inspection intractable, or privacy concerns forbid packet capture and require the dissociation of network flows from users' actual IP addresses. In this paper, an algorithm for mining privacy preserving itemsets is proposed. On the one hand, only maximal itemset is considered, which reduces the number of itemsets greatly. On the other hand, the intermediate mining results are encrypted for the security concern. Experimental results show that the proposed algorithm is both accurate and efficient. © 2012 IEEE.


Li X.,University of Science and Technology Beijing | Wang W.,IBM | Li J.,National Research Center for Information Technology Security | Zheng X.,University of Science and Technology Beijing | Wang S.,National Research Center for Information Technology Security
Journal of Convergence Information Technology | Year: 2012

P2P network communications can facilitate distributed intrusion detection systems (IDS) to improve system resilience and defense effectiveness. However, P2P networks may be vulnerable to node failures and malicious attacks if not well designed, which may block or delay the intrusion information and reaction strategy to reach some IDS points, and consequently affect the system integrity. In this paper, we propose a distributed heuristic called "Multipath" that enables peers to improve their connectivity without global knowledge or coordination. We design the MultiPath heuristic to work in conjunction with latency improvement mechanisms. Such integration not only speeds up P2P network convergence, but also significantly cuts down MultiPath's maintenance overhead. Our experiments show that MultiPath reduces the number of disconnected components in a P2P network by an order of magnitude when 20% of peers failed.


Yu Z.,Beijing Wuzi University | Shen G.-C.,Beijing Wuzi University | Liu B.-W.,Beijing Wuzi University | Li J.-C.,National Research Center for Information Technology Security | Wang S.-J.,National Research Center for Information Technology Security
Tien Tzu Hsueh Pao/Acta Electronica Sinica | Year: 2010

In Peer-to-Peer (P2P) networks, peers' features such as heterogeneity, anonymity and autonomy lead to some security problems, such as forging, slandering and collective cheating, which affect the quality of service a lot. A trust model METrust in P2P networks based on the recommendation is proposed, each peer in the network has a unique credibility of recommendation, two trust parameters for updating the credibility of recommendation are introduced, namely updating range and updating strength. The trust model METrust proposes an algorithm to update the credibility of recommendation; a peer selects recommendation peers whose evaluation criteria are similar, evaluation criteria of peers are determined through the AHP method(Analytic Hierarchy Process). Simulations show that, the trust model METrust can identify malicious peers, and improve the quality of service in P2P networks effectively.

Loading National Research Center for Information Technology Security collaborators
Loading National Research Center for Information Technology Security collaborators