高效的验证码识别技术与验证码分类思想

验证码图片是论坛类网站用以阻止自动化程序恶意行为的重要人机区分技术,其设计和实用安全性直接涉及到互联网的正常使用。为研究国内验证码实用安全性,设计实现一种验证码识别算法模型,对国内的论坛验证码类型进行了实验和分析。实验结果表明,实用中的验证码识别率通常在50%以上,某些甚至达到100%,难以起到对自动化程序的阻碍作用。从实用角度将验证码分为4类,发现最佳的一类基本是空白的,表明验证码实用技术还应做较大改进。     

Usability and Security of Arabic Text-based CAPTCHA Using Visual Cryptography

Recently, with the spread of online services involving websites, attackers have the opportunity to expose these services to malicious actions. To protect these services, A Completely Automated Public Turing Test to Tell Computers and Humans Apart (CAPTCHA) is a proposed technique. Since many Arabic countries have developed their online services in Arabic, Arabic text-based CAPTCHA has been introduced to improve the usability for their users. Moreover, there exist a visual cryptography (VC) technique which can be exploited in order to enhance the security of text-based CAPTCHA by encrypting a CAPTCHA image into two shares and decrypting it by asking the user to stack them on each other. However, as yet, the implementation of this technique with regard to Arabic text-based CAPTCHA has not been carried out. Therefore, this paper aims to implement an Arabic printed and handwritten text-based CAPTCHA scheme based on the VC technique. To evaluate this scheme, experimental studies are conducted, and the results show that the implemented scheme offers a reasonable security and usability levels with text-based CAPTCHA itself.     

基于CAPTCHA的中文安全机制的研究

随着越来越多的“网络机器人”在Intemet上活动,网站的安全性问题显得越来越严峻。全自动人机识别系统（CAPTCHA）,一个让人类能够通过测试,而当前的计算机不能通过的程序出现了。它的原理建立在未解决的人工智能问题领域。通过对几种在实际安全应用中的不同CAPTCHA结构的考察,描述了它们的原理、模型和优缺点,并结合我国情况,提出了基于中文文字识别的CAPTCHA模型,详细描述了在中文CAPTCHA编程设计中的实现策略。     

验证码技术的攻防对策研究

针对验证码的本质特征、形式化定义、今后发展方向和研究重点等问题, 通过深入、细致地分析和研究现有大量验证码, 给出了验证码的本质特征描述及形式化定义, 并从信息类型分类（共五种）、识别方式分类（共两种）和交互性分类（共两种）三个维度给出了验证码的20个种类; 分析了20种验证码类型的技术特点, 研究了其攻防对策, 给出了各类验证码今后的研究重点、难点及其研究方向。重点探讨了动态验证码和隐性验证码（包括语义验证码）, 特别针对验证码通用攻击的攻防对策, 提出了验证码领域的一些新思路和新研究方法。     

验证码的设计与破解探讨

验证码属于人机区分测试的一种,已经被广泛用于网络来阻止恶意程序对网络服务的使用。文章论述了验证码的设计原理,分析了其设计中可能存在的容易被破解的缺陷,提出了一种自动识别验证码的流程,描述了识别的详细过程,利用实际网络中使用的验证码进行了测试,实验结果证明识别率达到了99%。     

采用PKI增强VPN安全的研究

VPN技术改进了通信协议的安全机制，但因其身份鉴别不完善而影响到在复杂环境下的网络安全。PKI是由公开密钥密码技术、数字证书、证书认证机构和安全策略等基本成分共同组成的安全基础设施。PKI技术能够提供身份鉴别和角色控制服务。文章分析了PKI和VPN技术的各自安全特点，采用PKI技术与VPN技术相结合的方法，增强了系统的身份鉴别和访问控制能力。     

一种提高通信安全性的混沌加密新方法

Bu和Wang曾提出利用标量信号调制混沌载波的方法,以提高混沌保密通信的安全性,并防御Preze和Cerdeira的回归映射攻击。通过对Bu和Wang方法的传输模式分析,发现了该方法的缺陷,即可从调制信号中恢复标量信号的参数,并利用回归映射从解调混沌载波信号中提取出消息。在此基础上改进了Bu和Wang的方法,即在密文中增加一个大于1的开关函数。通过对广义Rössler系统的数值模拟,表明改进方法既克服上述缺陷,又提高了通信的安全性。     

利用信任管理提高网格安全

网格计算系统是一个分布式的高性能计算机环境,由广域分布的异构的计算机和资源组成,目的是让用户透明的使用这些资源,为保证共享合作更加安全可靠,提出了信任的概念.信任管理是一种适用于大规模的、开放的分布式系统的授权机制.广义上讲,信任分为执行信任和代码信任.提出了一种信任管理的框架来提高网格的安全性,这种新的信任模型能捕获网格系统中存在的不同类型的信任关系,还提供了信任评价,信任推荐和信任更新的机制.     

使用ECMQV密钥交换方案增强WTLS协议安全性

ECMQV协议是一种基于ECDH的认证和密钥交换方案,它具有高安全性和低计算开销 等优点。通过将ECMQV协议集成到WTLS协议框架中实现了一种WTLS扩展协议,它在略微增加 无线终端计算开销情况下明显提高现有WTLS协议安全性。在协议中采用了Cookie技术来防止可 能的拒绝服务攻击。该WTLS扩展协议可在轻量级无线终端上实现,以满足无线终端在企业远程访 问环境下的高安全性要求。     

易用的操作系统安全模型的设计和实现

提出并实现了一种应用于PC操作系统的安全模型USPM,在保证足够安全性同时具有兼容性好、无需专门配置即可使用的特点。模型使系统能够在被黑客攻击成功的情况下保证机密文件不丢失、关键文件完整性不被破坏。USPM模型通过限制那些与远程系统进行数据交换的进程的活动来保证系统的安全性,同时通过设置一些例外规则部分的允许特定进程的访问活动来提高系统的易用性,达到在安全性和易用性间的平衡。测试表明,USPM具有较好的安全性,较低的开销和很好的易用性、兼容性。     

一种提高OFDM系统安全传输的载波功率分配算法

现有的OFDM安全传输技术无法满足无线通信系统对安全性能的需求,针对这一问题,提出了一种旨在提高OFDM系统安全传输速率的载波功率分配算法。考虑OFDM各载波信道存在的衰落差异性,基于OFDM窃听信道模型推导出窃听端与授权接收端平均信噪比不同的系统安全传输速率;在总功率受限的条件下,以安全传输速率最大化为目标,利用K-T条件对各载波功率进行优化分配,从而提高OFDM系统安全传输性能。仿真结果表明,当选用128个载波时,优化分配的安全传输速率比平均分配的安全传输速率最多可以提升6.109 bit/s/Hz,并且随着载波数的不断增加,安全传输速率的提升也越来越明显。     

增强TLS 1.3中Early data安全性的协议

将新型0-RTT密钥交换协议思想借鉴到TLS 1.3会话重用阶段,构建rFSOPKE协议,改进了Early data的加密和传输过程。rFSOPKE协议可以在Ticket有效期内保护Early data的前向安全性并使其抵抗重放攻击。与改进前Early data的发送过程相比,本协议大幅增强了Early data的安全性。在实现效率方面,由于在发送Early data时增加了本协议的计算和传输开销,所以实现效率有所降低。但是本协议可以根据应用场景的不同嵌入适合的算法,所以可以选择更加高效的算法提高协议实现速度。     

Using color in visualization: A survey

Color mapping is an important technique used in visualization to build visual representations of data and information. With output devices such as computer displays providing a large number of colors, developers sometimes tend to build their visualization to be visually appealing, while forgetting the main goal of clear depiction of the underlying data.Visualization researchers have profited from findings in adjoining areas such as human vision and psychophysics which, combined with their own experience, enabled them to establish guidelines that might help practitioners to select appropriate color scales and adjust the associated color maps, for particular applications.This survey presents an overview on the subject of color scales by focusing on important guidelines, experimental research work and tools proposed to help non-expert users.     

Decolorize: Fast, contrast enhancing, color to grayscale conversion

We present a new contrast enhancing color to grayscale conversion algorithm which works in real-time. It incorporates novel techniques for image sampling and dimensionality reduction, sampling color differences by Gaussian pairing and analyzing color differences by predominant component analysis. In addition to its speed and simplicity, the algorithm has the advantages of continuous mapping, global consistency, and grayscale preservation, as well as predictable luminance, saturation, and hue ordering properties.     

运用DH-EKE增强WTLS握手协议的安全性

WTLS握手协议不满足前向安全性,非匿名验证模式下不满足用户匿名性,完全匿名模式下易遭受中间人攻击.DH-EKE协议具有认证的密钥协商功能,将改进的DH-EKE集成到WTLS握手协议中,只需使用可记忆的用户口令,不需使用鉴权证书及数字签名.该方案适用于完全匿名的验证模式,可抵御中间人攻击和字典式攻击,且在服务器中不直接存储口令,攻击者即使攻破服务器获得口令文件也无法冒充用户,能够在WTLS握手协议中实现简单身份认证和安全密钥交换.     

PRISM: A preventive and risk-reducing integrated security management model using security label

An automated security management integrating various security systems is strongly required because cyber attacks are evolving day after day. Moreover, the attacks are become more complex and intelligent than past. Several integrated security management (ISM) models are supposed and implemented to meet the requirements. However, the current ISM is passive and behaves in a post-event manner. To reduce costs and resources for managing security and to remove the possibility of an intruder succeeding in attacks, the preventive security management technology is strongly required. This paper proposes the PRISM model that is based on tracing important assets in a managed network and performs preventive security management before security incidents occur. Additionally, PRISM model employs security labels to deploy differentiated security measure. The PRISM will provide concrete and effective security management to the organization’s network.     

Wireless and mobile technologies to enhance teaching and learning

Abstract This research aims to build a Wireless Technology Enhanced Classroom (WiTEC) that supports everyday activities unobtrusively and seamlessly in classroom contexts. This paper describes the integration of wireless LAN, wireless mobile learning devices, an electronic whiteboard, an interactive classroom server, and a resource and class management server to build the WiTEC. This contains a number of features that can support class members in various types of teaching and learning activities. Project-based learning is taken as a scenario to elaborate how teachers and students can engage in teaching and learning via WiTEC. Finally, a number of suggestions are discussed for further study.     

Information security management standards: Problems and solutions

International information security management guidelines play a key role in managing and certifying organizational IS. We analyzed BS7799, BS ISO/IEC17799: 2000, GASPP/GAISP, and the SSE-CMM to determine and compare how these guidelines are validated, and how widely they can be applied. First, we found that BS7799, BS ISO/IEC17799: 2000, GASPP/GAISP and the SSE-CMM were generic or universal in scope; consequently they do not pay enough attention to the differences between organizations and the fact that their security requirements are different. Second, we noted that these guidelines were validated by appeal to common practice and authority and that this was not a sound basis for important international information security guidelines. To address these shortcomings, we believe that information security management guidelines should be seen as a library of material on information security management for practitioners.     

Motion estimation based color transfer and its application to color video compression

In this paper a novel scheme for color video compression using color transfer technique is proposed. Towards this, a new color transfer mechanism for video using motion estimation is presented. Encoder and decoder architectures for the proposed compression scheme are also presented. In this scheme, compression is achieved by firstly discarding chrominance information for all but selected reference frames and then using motion prediction and discrete cosine transform (DCT) based quantization. At decompression stage, the luminance-only frames are colored using chrominance information from the reference frames applying the proposed color transfer technique. To integrate color transfer mechanism with hybrid compression scheme a new color transfer protocol is defined. Both compression scheme and color transfer work in YCbCr color space.