An Achilles heel: denial of service attacks on Australian critical information infrastructures

Critical, or national, information infrastructure protection, referred to as either CIIP or NIIP, has been highlighted as a critical factor in overall national security by the United States, the United Kingdom, India and the European Community. As nations move inexorably towards so-called ‘digital economies’, critical infrastructure depends on information systems to process, transfer, store and exchange information through the Internet. Electronic attacks such as denial of service attacks on critical information infrastructures challenge the law and raise concerns. A myriad of issues potentially plague the protection of critical information infrastructures owing to the lack of legal regulation aimed at ensuring the protection of critical information infrastructures. This paper will highlight the legal concerns that relate to the denial of service attacks on critical information infrastructures and provide an introductory overview of the law as it relates to CIIP in Australia.     

On detecting active worms with varying scan rate

Active worms have posed a major security threat to the Internet and many research efforts have focused on them. However, defending against them remains challenging due to their continuous evolution. In this paper, we study a new class of defense-oriented evolved worms, the Varying Scan Rate worm (the VSR worm in short). In order to circumvent detection by existing worm detection schemes, the VSR worm deliberately varies its scan rate according to these schemes’ weaknesses. To counteract the VSR worm, we design a new worm-detection scheme, the attack-target Distribution Entropy-based Dynamic detection scheme (DED detection for short). DED detection utilizes the attack-target distribution and robust statistical feature in conjunction with dynamic decision adaptation to distinguish worm-scan traffic from non-worm-scan traffic. We present a comparatively complete space of detection schemes and conduct extensive performance evaluations on the DED detection scheme compared with other schemes, using real-world Internet traces as background scan traffic. Our data clearly demonstrate the effectiveness of the DED detection scheme in detecting both the VSR worm and the traditional worm.     

基于k-距离与重加权M-估计量的鲁棒协同推荐算法(英文)

The existing collaborative recommendation algorithms have lower robustness against shilling attacks.With this problem in mind,in this paper we propose a robust collaborative recommendation algorithm based on k-distance and Tukey M-estimator.Firstly,we propose a k-distancebased method to compute user suspicion degree(USD).The reliable neighbor model can be constructed through incorporating the user suspicion degree into user neighbor model.The influence of attack profiles on the recommendation results is reduced through adjusting similarities among users.Then,Tukey M-estimator is introduced to construct robust matrix factorization model,which can realize the robust estimation of user feature matrix and item feature matrix and reduce the influence of attack profiles on item feature matrix.Finally,a robust collaborative recommendation algorithm is devised by combining the reliable neighbor model and robust matrix factorization model.Experimental results show that the proposed algorithm outperforms the existing methods in terms of both recommendation accuracy and robustness.     

Geometrically resilient color image zero-watermarking algorithm based on quaternion Exponent moments

Although research on zero-watermarking has made great progress in recent years, most of it has been focused on grayscale images rather than color ones, and cannot resist geometric attacks efficiently. In this paper, we discuss properties of quaternion Exponent moments (QEMs) in detail and propose a robust color image zero-watermarking algorithm which is robust to geometric attacks. We first compute and select robust QEMs of the original color image, and then a binary feature image is constructed using the magnitude of the selected moments. Eventually, a bitwise exclusive-or is applied on the binary feature image and a scrambled binary logo to generate the zero-watermark image. Experimental results show that the proposed zero-watermarking algorithm is robust to both geometric attacks and common image processing attacks effectively. Compared to similar zero-watermarking algorithms and traditional watermarking algorithms based on QEMs, the proposed zero-watermarking algorithm has better performance.     

An Efficient SCF-PEKS Without Random Oracle Under Simple Assumption

The Public key encryption scheme with keyword search (PEKS), firstly put forward by Boneh et al., can achieve the keyword searching without revealing any information of the initial data. However, the original PEKS scheme was required to construct a secure channel, which was usually expensive. Aimed at resolving this problem, Baek et al. put forward an improved scheme, which tried to construct a Secure channel free PEKS (SCF-PEKS). Subsequently, several SCF-PEKS schemes were proposed, however most of them turned out only secure in the random oracle model, which possibly lead to the construction of insecure schemes. Therefore, Fang et al. put forward an enhanced SCF-PEKS construction, which was provably secure in the standard model, however this construction needed a strong and complicated assumption. Then Yang et al. put forward an SCF-PEKS construction under simple assumption, but their construction had a big reduction in efficiency. In this article, we propose an SCF-PEKS construction, which is provably secure under the same assumption as that of Yang et al.'s scheme, however, with better performance. Then we give its full security proof, along with the performance analysis. Finally, we improve the SCF-PEKS construction to resist Keyword guessing attack (KGA) and give its security demonstration.     

分布式DoS攻击检测系统的改进研究

为了对抗分布式DoS攻击,提出了一个改进的分布式DoS攻击检测系统:采用贝叶斯方法,根据第一次连接的状态,计算后验概率,据此对系统检测攻能进行改进;采用被动响应的方式,改进系统响应功能,对检测到的入侵行为,进行实时响应.仿真实验表明,该改进措施减少了误报率和漏报率,提高了系统的实时响应性.     

Surge:一种新型、低资源、高效的轻量级分组密码算法

目前,适合资源约束的轻量级密码算法已成为研究热点。提出一种低资源、高性能与高安全性的新轻量级分组密码算法Surge。Surge密码分组长度为64位,使用64位、80位和128位3种密钥长度,且基于SPN结构。轮函数分为5个模块,密钥扩展模块采用无扩展方式;轮常数加模块采用0到15的数字组合成轮常数,构造高效且高度混淆的轮常数加变换;列混合模块利用易于硬件实现的(0,1,2,4)组合矩阵,从而可以在有限域GF(2⁴)上构造硬件实现友好型矩阵。将Surge算法在FPGA上进行了实现,实验结果表明,相对于目前SPN结构的轻量级密码算法,Surge算法占用的面积资源更小,同时有着良好的加密性能;安全性实验证明了Surge可以有效抗差分与线性攻击、代数攻击。     

基于公私属性的多授权中心加密方案

基于属性的加密方法可以简化云计算环境中的密钥管理和访问控制问题,是适用于云环境的加密方案。文中提出了一种基于公私属性的多授权中心加密方案。该方案将属性分为公有属性和私有属性,将用户的角色权限信息等作为用户的公有属性,将用户登录密码、设备上的标识码等作为用户的私有属性。利用公有属性实现访问控制,在云服务器上安全地共享数据;利用私有属性实现信息流的安全控制,确保只有特定用户在特定设备上使用数据。提出的方案可以实现密钥追踪和属性撤销,基于私有属性的加密还可以实现抗合谋攻击。     

基于本体的关系数据库语义检索

以经济学领域本体为例,首先研究SemSORD基本原理和方法,然后提出基于关系数据库关键词检索(Keyword Search over Relational Databases,KSORD)技术实现的关系数据库语义检索模型,并实现相应的原型系统Si-SEEKER,最后提出该领域的研究挑战和技术发展趋势。     

XML 关键词检索的查询理解

与纯文本文档集相比,使用语义标签标注的半结构化的XML文档集,有助于信息检索系统更好地理解待检索文档.同样,结构化查询,比如SQL,XQuery和Xpath,相对于纯关键词查询更加清晰地表达了用户的查询意图.这二者都能够帮助信息检索系统获得更好的检索精度.但关键词查询因其简单和易用性,仍被广泛使用.提出了XNodeRelation算法,以自动推断关键词查询的结构化信息(条件/目标节点类型).与已有的推断算法相比,综合了XML文档集的模式和统计信息以及查询关键词出现的上下文及其关联关系等推断用户的查询意图.大量的实验验证了该算法的有效性.