Sui L.,Xi'an University of Science and Technology |
Sui L.,Network Security Technology |
Duan K.,Xi'an University of Science and Technology |
Liang J.,Xi'an University of Technology |
Hei X.,Xi'an University of Science and Technology
Optics Express | Year: 2014
A double-image encryption is proposed based on the discrete fractional random transform and logistic maps. First, an enlarged image is composited from two original images and scrambled in the confusion process which consists of a number of rounds. In each round, the pixel positions of the enlarged image are relocated by using cat maps which are generated based on two logistic maps. Then the scrambled enlarged image is decomposed into two components. Second, one of two components is directly separated into two phase masks and the other component is used to derive the ciphertext image with stationary white noise distribution by using the cascaded discrete fractional random transforms generated based on the logistic map. The cryptosystem is asymmetric and has high resistance against to the potential attacks such as chosen plaintext attack, in which the initial values of logistic maps and the fractional orders are considered as the encryption keys while two decryption keys are produced in the encryption process and directly related to the original images. Simulation results and security analysis verify the feasibility and effectiveness of the proposed encryption scheme. © 2014 Optical Society of America.
Jin H.,Xi'an University of Science and Technology |
Jin H.,Network Security Technology |
Wang Y.,Xi'an University of Science and Technology
Infrared Physics and Technology | Year: 2014
This paper proposes a novel image fusion scheme based on contrast pyramid (CP) with teaching learning based optimization (TLBO) for visible and infrared images under different spectrum of complicated scene. Firstly, CP decomposition is employed into every level of each original image. Then, we introduce TLBO to optimizing fusion coefficients, which will be changed under teaching phase and learner phase of TLBO, so that the weighted coefficients can be automatically adjusted according to fitness function, namely the evaluation standards of image quality. At last, obtain fusion results by the inverse transformation of CP. Compared with existing methods, experimental results show that our method is effective and the fused images are more suitable for further human visual or machine perception. © 2014 Elsevier B.V. All rights reserved.
News Article | August 16, 2016
An anonymous hacking group which goes by the name of Shadow Brokers claims to have acquired software tools that belong to hackers linked to the National Security Agency of the United States. The previously unknown group said that it broke into the cyberespionage organization known as the Equation Group and has now put the hacking tools that it acquired up for auction. In addition to selling the hacking tools to whoever would end up as the highest bidder, the Shadow Brokers said that if it will be paid 1 million bitcoins, which currently carries a value of about $568 million, the cyberweapons will be publicly released. To back up its claims, the Shadow Brokers uploaded what looks like attack code that focuses on the security systems of routers that direct computer traffic online. According to security experts, the code looks legitimate, affecting routers manufactured by three United States companies and two Chinese companies. Specifically, the companies involved are Cisco Systems, Fortinet, Juniper Networks, Shaanxi Networkcloud Information Technology and Beijing Topsec Network Security Technology. As to the statement of Shadow Brokers that it actually has acquired such tools from the NSA-linked hackers, that is up for debate. Security experts are saying that either the group was able to carry out a one-of-a-kind security breach or that the group has put in place an elaborate hoax. Last year, researchers from Kaspersky Lab described the Equation Group as one of the most advanced hacking groups in the world. The compressed data that accompanied the post by the Shadow Brokers had a size of just over 256 MB and is said to contain hacking tools that are dated as early as 2010 belonging to the Equation Group. The posted data, which is composed mostly of poorly coded python scripts and batch scripts, has not yet been proven to actually have come from the Equation Group. However, there was little doubt that the data did indeed come from an advanced group of hackers. "These files are not fully fake for sure," said CrySys security researcher Bencsáth Boldizsár, who is widely credited for the discovery of the Flame espionage malware platform, which is linked to the Equation Group. In the email to Ars Technica, Boldizsár added that the files are likely part of the toolset of the NSA as important attack-related files, with the first guess being that they are indeed somehow linked to the Equation Group. Boldizsár's findings have been echoed by other security researchers, including Comae Technologies FZE founder Matt Suiche and International Computer Science Institute's Nicholas Weaver. A researcher from the Citizen Lab of the University of Toronto, Claudio Guarnieri, said that it would seem that the NSA launched an attack and then someone managed to trace the origin of the attack and launched a counter-hack. Guarnieri cautions that it is still too early to tell if the code and other data uploaded by the Shadow Brokers can definitely be linked to the Equation Group or to the NSA. However, he added that the code coincides with some of the exploits that was part of the catalogue leaked by infamous NSA whistleblower Edward Snowden back in 2013. © 2017 Tech Times, All rights reserved. Do not reproduce without permission.
Li H.,Network Security Technology |
Hu C.,Network Security Technology
Proceedings - IEEE INFOCOM | Year: 2013
Fine-grained traffic identification (FGTI) reveals the context/purpose of each packet that flows through the network nodes/links. Instead of only indicating the application/protocol that a packet is related to, FGTI further maps the packet to a meaningful user behavior or application context. In this paper, we propose a Rule Organized Optimal Matching (ROOM) for fast and memory efficient fine-grained traffic identification. ROOM splits the identification rules into several fields and elaborately organizes the matching order of the fields. We formulate and model the optimal rule organization problem of ROOM mathematically, which is demonstrated to be NP-hard, and then we propose an approximate algorithm to solve the problem with the time complexity of O(N 2) (N is the number of fields in a rule). In order to perform evaluations, we implement ROOM and related work as real prototype systems. Also, real traces collected in wired Internet and mobile Internet are used as the experiment input. The evaluations show very promising results: 1.6X to 104.7X throughput improvement is achieved by ROOM in the real system with acceptable small memory cost. © 2013 IEEE.
Shao J.,Zhejiang Topthinking Information Technology Co. |
Wu W.,Network Security Technology |
Geng P.,Zhejiang Topthinking Information Technology Co.
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) | Year: 2013
The traceability links among software artifacts plays a very important role for the maintenance of consistency in the evolution of software product lines. This paper introduces an improved approach to the recovery of traceability information between requirement documents and source codes based on Latent Semantic Indexing (LSI) and the special features of object-oriented source codes. In order to obtain accurate traceability links, it employs the hierarchical information caused by the inheritance relationship among classes and recovers the traceability links using class clusters. Moreover, it assigns different weights for the terms in source codes according to their degrees of correlation to the documents. The case demonstrates the improved approach, and the experimental results show that it can increase the extraction precision by 3%~6%, compared with that based on the traditional LSI. © 2013 Springer-Verlag Berlin Heidelberg.
Yu D.,Hangzhou Dianzi University |
Zhang Y.,Hangzhou Dianzi University |
Ge J.,Hangzhou Dianzi University |
Wu W.,Network Security Technology
Proceedings - International Computer Software and Applications Conference | Year: 2013
Structural design patterns address concerns related to high-level structures for applications being developed. Accurately recovered instances of structural design patterns support development related tasks like program comprehension and reengineering. However, the detection of structural design pattern instances is not always a straightforward task. The lack of documentation, the ad-hoc nature of programming and the possible variants of pattern instances often lead to the low accuracy of detection. In this paper, we present an approach to the detection of instances of structural design patterns using source codes. We first transform the source codes and predefined patterns into graphs, with the classes as nodes and the relations as edges. We then identify the instances of sub-patterns that would be the possible constituents of pattern instances by means of subgraph discovery. The sub-pattern instances are further merged by joint classes to see if the collective matches one of the predefined patterns. Compared with existing approaches, our approach focuses on simple sub-patterns, not complicated patterns. In this way, it can not only simplify the detection process, but also detect multiple pattern instances at a time. The results of the experiments on detecting pattern instances of Adapter, Bridge, Composite, Decorator and Proxy from 4 open source software systems demonstrate that our approach obtains better precision than the existing approaches. © 2013 IEEE.
Tao Y.,Network Security Technology
Information Technology Journal | Year: 2013
Component-Based Software Development (CBSD) is becoming increasingly more important in software engineering research and software development; however, it encounters many problems regarding its application. Here, based on the active repository system CodeBroker, the authors introduce a new approach to push components to end users according to their personalized information. The integration of the component repository, retrieval methods, queries, and the developer coding process reduces the CBSD cost on training, as well as renders CBSD applicable in research. Framework of this approach containing the following modules: building domain ontology, repository access agent, code analysis, personality catch and ontology-based component retrieval and push. Our experimental evaluation of the SourceForge projects on database field shows that suitable components can be automatically pushed to user through this approach. Using ontology reasoning and personality filtering, the proposed approach can improve the quality of the search results. © 2013 Asian Network for Scientific Information.
Yu D.,Hangzhou Dianzi University |
Geng P.,Hangzhou Dianzi University |
Wu W.,Network Security Technology
Proceedings - Asia-Pacific Software Engineering Conference, APSEC | Year: 2012
Software Product Line Engineering organizes the commonality and the variability of domain feature model in order to achieve large-scale software reuse. Although there are a variety of approaches to the construction of domain feature models, they are however difficult to locate inconsistency caused by frequent changes occurring in the process of evolution. This paper presents a novel approach to the construction of domain feature model and its trace ability with corresponding requirements. It first constructs a set of feature models for individual applications within same domain and their trace ability to corresponding application requirements. Then, it merges all application feature models to form the domain feature model and constructs the trace ability between features in different models. It finally extracts the domain requirements and the trace ability between domain requirements and domain features. The case of software product line for labor market monitoring applications verifies this new approach, and shows that it can not only construct domain feature model automatically and effectively, but also help locate affected requirements while features change or vice versa. © 2012 IEEE.
News Article | November 28, 2016
DUBLIN--(BUSINESS WIRE)--Research and Markets has announced the addition of the "Network Security Technology TechVision Opportunity Engine" newsletter to their offering. Technical Insights presents its latest research subscription-the Network Security Technology (NST) Alert. This monthly subscription analyzes recent global advancements across a range of security technologies that address privacy of network communications, information security, access control, and security for remote access to c
Wei L.-X.,Network Security Technology |
Yang P.,Network Security Technology
Advanced Materials Research | Year: 2012
Video steganographic algorithm has the advantage of large hiding capacity, but we neglect the security when seek the capacity. In order to balance the two aspects, both to meet the high capacity of improving the load of video carrier and can safely protect the secret information. This paper presents the error-correcting code which can effectively correct burst errors and use it in video steganography. The secret information is hidden in error-correcting code first and then integrated the code with secret information with the video carrier's DCT coefficients to insert the secret information in video carrier. The experiment results show that: this algorithm not only has great visual and statistical invisibility, also the safety of secret information is more significant. And achieve the objective of effective protect the secret information. © (2012) Trans Tech Publications, Switzerland.