HCAA:一种哈希冲突过度的动态解决算法

HASH表作为一种快速查询的数据结构,在防火墙等网络安全应用中得到了广泛的应用。然而,攻击者可能通过一些手段对这些应用发动HASH攻击使其失去响应,从而使某些恶意的数据流能够逃脱网络安全应用的管理和控制。提出一种动态的哈希冲突过度的解决算法—HCAA(Hash Collision-Acceptable Algorithm)算法,该算法在哈希冲突过于集中时通过动态申请HASH表并使用不同哈希函数来对冲突数据流进行处理,使冲突在可接受的范围内。实验结果表明,与已有方法相比,HCAA算法能在使用更少HASH表项的情况下获得更均衡的HASH效果,从而能对数据流进行更快的HASH操作。     

基于SNMP的校园网ARP攻击检测方法研究

防范地址解析协议ARP(Address Resolution Protocol)欺骗攻击的难点是:攻击源可以隐藏在网段内任何一个主机中,即使发现了攻击的存在,也难以迅速定位攻击源。结合校园网络的特点,提出了一种新的ARP攻击检测方案:检测服务器通过SNMP协议定期读取核心交换机的ARP、VLAN等信息和接入交换机的MAC-PORT信息,利用综合检测算法,及时发现攻击现象,迅速定位攻击源,并根据网络实际情况采用不同的技术措施进行处理。实践证明,该方法能够有效保障校园网络安全。     

模糊相关机会规划的蚁群优化算法及收敛性分析

模糊相关机会规划(Fuzzy dependent-chance programming, FDCP)因其非线性、非凸性及模糊性,对经典的优化理论提出了极大的挑战. 本文为解决复杂的模糊相关机会规划问题设计了一种基于模糊模拟的蚁群优化算法, 证明了该算法的收敛性,并通过估算期望收敛时间以分析蚁群优化算法的收敛速度. 数值案例研究验证了该算法的有效性、稳定性及准确性.     

CCA-secure unidirectional proxy re-encryption in the adaptive corruption model without random oracles

Up to now, it is still an open question of how to construct a chosen-ciphertext secure unidirectional proxy re-encryption scheme in the adaptive corruption model. To address this problem, we propose a new unidirectional proxy re-encryption scheme, and prove its chosen-ciphertext security in the adaptive corruption model without random oracles. Compared with the best known unidirectional proxy re-encryption scheme proposed by Libert and Vergnaud in PKC’08, our scheme enjoys the advantages of both higher effi...     

Time-varying sliding mode control for a class of uncertain MIMO nonlinear system subject to control input constraint

To solve the regulator problem of a class of uncertain MIMO nonlinear systems subject to control input constraint, three types of time-varying sliding mode control laws are proposed. The sliding surfaces pass the initial value of the system at the initial time, and are shifted/rotated towards the predetermined ones. The controller parameters are optimized by genetic algorithm (GA). Lyapunov method is adopted to prove the stability and robustness to the parameter uncertainties and external disturbance. By me...     

Parallel crypto-devices for GF(p) elliptic curve multiplication resistant against side channel attacks

All elliptic curve cryptographic schemes are based on scalar multiplication of points, and hence its faster computation signifies faster operation. This paper proposes two different parallelization techniques to speedup the GF(p) elliptic curve multiplication in affine coordinates and the corresponding architectures. The proposed implementations are capable of resisting different side channel attacks based on time and power analysis. The 160, 192, 224 and 256 bits implementations of both the architectures have been synthesized and simulated for both FPGA and 0.13μ CMOS ASIC. The final designs have been prototyped on a Xilinx Virtex-4 xc4vlx200-12ff1513 FPGA board and performance analyzes carried out. The experimental result and performance comparison show better throughput of the proposed implementations as compared to existing reported architectures.     

Anti-cloning protocol suitable to EPCglobal Class-1 Generation-2 RFID systems

Radio frequency Identification (RFID) systems are used to identify remote objects equipped with RFID tags by wireless scanning without manual intervention. Recently, EPCglobal proposed the Electronic Product Code (EPC) that is a coding scheme considered to be a possible successor to bar-code with added functionalities. In RFID-based applications where RFID tags are used to identify and track tagged objects, an RFID tag emits its EPC in plaintext. This makes the tag inevitably vulnerable to cloning attacks as well as information leakage and password disclosure. In this paper, we propose a novel anti-cloning method in accordance with the EPCglobal Class-1 Generation-2 (C1G2) standard. Our method only uses functions that can be supported by the standard and abides by the communication flow of the standard. The method is also secure against threats such as information leakage and password disclosure.     

基于进程执行轮廓的缓冲区溢出攻击效果检测

缓冲区溢出攻击效果检测对缓冲区溢出安全防御工作具有重要意义,该文分析进程与Windows NativeAPI的关系,以Windows NativeAPI为数据源进行攻击效果检测。提出执行轮廓的概念及其建立方法,在分析缓冲区溢出攻击效果的基础上,提出基于进程执行轮廓的缓冲区溢出攻击效果检测方法,实验结果表明该方法的有效性。     

面向攻击图构建的网络连通性分析

针对目前网络攻击图构建系统的需求,设计网络连通性分析算法。通过对网络拓扑及防火墙规则进行离线分析,可以判断网络中由若干台过滤设备分隔的任意2台主机间的连通性。引入关键实体集的概念,结合经典的Apriori算法提出一种快速有效的获取关键实体集的方法。分析对比表明,关键实体集可以在连通性分析过程中为网络中各节点的重要性评估提供有力依据。