一种改进的XL算法

对XL算法中的方程组约简过程进行改进,提出一种更有效的求解算法。改进算法中充分利用各单项式之间的约束关系对方程组进行约简,消去其中次数较高的单项式。采用分步扩展及约简的思想消去扩展过程中添加的冗余等式,有效降低XL算法的计算复杂度及存储复杂度。此外,改进的算法还可用于构建布尔函数的低次零化子。     

从ASP的工作原理分析其安全性问题

该文通过分析ASP的工作原理,来阐述目前针对ASP的网络安全性问题。通过一个具体的实例,讲解了如何利用ASP的漏洞攻击服务器的过程,并对常见的安全性问题进行了介绍和归纳。希望通过实例的方式,让广大读者了解其攻击原理,并引起注意。在运用ASP编写程序时,避免安全性问题的发生,保证网站的运行和用户数据的安全性,为营造一个安全和谐的网络世界贡一点力量。     

局域网ARP攻击的防御机制探索

ARP攻击给局域网维护造成了很大的危害,它通过地址欺骗手段来伪造数据包,消耗网络带宽资源,达到攻击局域网乃至使网络瘫痪的目的。该文通过对ARP协议与攻击原理的分析,对网络中出现的攻击实施定位与防御。     

基于EBS 的动态密钥管理方法共谋问题

设计安全、合理的密钥管理方法是解决无线传感器网络安全性问题的核心内容.基于exclusion basis system(EBS)的动态密钥管理方法由于安全性高,动态性能和可扩展性好,受到了广泛关注.但在这种方法中存在共谋问题,即对于被捕获节点通过共享各自信息实施的联合攻击抵抗性较差.针对这一问题,分析了传感器节点形成共谋过程中的特点,以最短共谋链的长度为目标提出了共谋问题的优化模型.在此基础上,提出了基于离散粒子群算法的无线传感器网络共谋问题优化方法.仿真实验结果表明,与前人的工作相比,采用此优化模型和方法不仅提高了捕获网络难度,而且显著增强了网络对捕获节点的抵抗性.     

定位机制在WSN攻击检测中的应用

研究了无线传感网络中Sybil攻击的检测与防范,提出了一种多节点协作的基于接收信号强度（RSS）的检测机制。其主要思想是通过多节点协作检测确定不同身份节点的网络位置,将出现位置相同的多个身份归为Sybil攻击,并利用时间定位方法定位出Sybil节点的具体位置。     

抵抗多种攻击的视频水印新方案

随着多媒体技术的发展,数字视频的版权保护变得越来越重要.为了设计一种更加实用的数字视频水印,提出了集成多种技术的、对多种攻击鲁棒的自适应、盲检测视频水印新算法.首先,利用Arnold置乱技术将水印置乱,并进行Turbo编码,以提高其安全性;然后,根据视频的特征,即归纳的频率敏感性、色度敏感性、运动敏感性、纹理敏感性和亮度敏感性选取关键帧,并运用分块技术将关键帧进行3维分块;再进行3维小波分解,选中低频区域作为嵌入域;此外,为了抵抗旋转、缩放攻击,采用了一种新方法,即用Zernike矩提取视频的旋转、缩放不变信息;最后采用盲检测技术提取水印.通过对典型视频数据的攻击和测试,得出了水印的鲁棒性指标.结果表明,本文水印适合多种内容特点的视频,能够抵抗目前常见的各类攻击,具有一定的实用价值.     

Attacking smart card systems: Theory and practice

Smart card technology has evolved over the last few years following notable improvements in the underlying hardware and software platforms. Advanced smart card microprocessors, along with robust smart card operating systems and platforms, contribute towards a broader acceptance of the technology. These improvements have eliminated some of the traditional smart card security concerns. However, researchers and hackers are constantly looking for new issues and vulnerabilities. In this article we provide a brief overview of the main smart card attack categories and their corresponding countermeasures. We also provide examples of well-documented attacks on systems that use smart card technology (e.g. satellite TV, EMV, proximity identification) in an attempt to highlight the importance of the security of the overall system rather than just the smart card.     

Elastic block ciphers: method, security and instantiations

We introduce the concept of an elastic block cipher which refers to stretching the supported block size of a block cipher to any length up to twice the original block size while incurring a computational workload that is proportional to the block size. Our method uses the round function of an existing block cipher as a black box and inserts it into a substitution- permutation network. Our method is designed to enable us to form a reduction between the elastic and the original versions of the cipher. Using this reduction, we prove that the elastic version of a cipher is secure against key-recovery attacks if the original cipher is secure against such attacks. We note that while reduction-based proofs of security are a cornerstone of cryptographic analysis, they are typical when complete components are used as sub-components in a larger design. We are not aware of the use of such techniques in the case of concrete block cipher designs. We demonstrate the general applicability of the elastic block cipher method by constructing examples from existing block ciphers: AES, Camellia, MISTY1, and RC6. We compare the performance of the elastic versions to that of the original versions and evaluate the elastic versions using statistical tests measuring the randomness of the ciphertext. We also use our examples to demonstrate the concept of a generic key schedule for block ciphers.

剖析缓冲区溢出攻击

本文从程序设计语言的特征、程序编写、数据结构以及程序执行控制等多个角度对缓冲区溢出漏洞攻击的原理进行深入剖析,最后提出了遏制利用缓冲区溢出漏洞进行攻击的一些措施。     

Stealthy switching attacks on sensors against state estimation in cyber-physical systems

This article focuses on designing sensor attacks to deteriorate the state estimation in cyber-physical systems. The scenario that the malicious attack signals can be injected into different but limited number of sensor communication channels is considered. The state estimation error variations and innovation variations are adopted to measure attack performance and attack stealthiness, respectively. A switching attack strategy is proposed, under which the estimation error variations are driven to the predesigned target value and the norm of innovation variations remains at a small level. The switching attack design problem is formulated as a discrete switched optimal control problem which can be solved by dynamic programming, while the computational burden is heavy. To overcome this difficulty, by using pruning technique to remove the redundant matrices generated in dynamic programming, the quadratic optimization problem becomes numerically tractable. In this way, the suboptimal attack signal sequence and switching sequence can be acquired. Finally, a simulation example is provided to illustrate the effectiveness of the proposed attack strategy.