http://chineseinput.net/에서 pinyin(병음)방식으로 중국어를 변환할 수 있습니다.
변환된 중국어를 복사하여 사용하시면 됩니다.
Digital Forensics of Microsoft Office 2007–2013 Documents to Prevent Covert Communication
Zhangjie Fu,Xingming Sun,Jie Xi 한국통신학회 2015 Journal of communications and networks Vol.17 No.5
MS Office suit software is the most widely used electronic documents by a large number of users in the world, which has absolute predominance in office software market. MS Office 2007– 2013 documents, which use new office open extensible markup language (OOXML) format, could be illegally used as cover mediums to transmit secret information by offenders, because they do not easily arouse others suspicion. This paper proposes nine forensic methods and an integrated forensic tool for OOXML format documents on the basis of researching the potential information hiding methods. The proposed forensic methods and tool cover three categories; document structure, document content, and document format. The aim is to prevent covert communication and provide security detection technology for electronic documents downloaded by users. The proposed methods can prevent the damage of secret information embedded by offenders. Extensive experiments based on real data set demonstrate the effectiveness of the proposedmethods.
Privacy-preserving Multi-keyword Ranked Search over Encrypted Cloud Data Supporting Dynamic Update
Xingming Sun,Lu Zhou,Zhangjie Fu,Jin Wang 보안공학연구지원센터 2014 International Journal of Security and Its Applicat Vol.8 No.6
With the development of cloud computing, the sensitive information of outsourced data is at risk of unauthorized accesses. To protect data privacy, the sensitive data should be encrypted by the data owner before outsourcing, which makes the traditional and efficient plaintext keyword search technique useless. Hence, it is an especially important thing to explore secure encrypted cloud data search service. Considering the huge number of outsourced data, there are three problems we are focused on to enable efficient search service: multi-keyword search, result relevance ranking and dynamic update. In this paper, we propose a practically efficient and flexible searchable encrypted scheme which supports both multi-keyword ranked search and dynamic update. To support multi-keyword search and result relevance ranking, we adopt Vector Space Model (VSM) to build the searchable index to achieve accurate search result. To improve search efficiency, we design a tree-based index structure which supports insertion and deletion update well without privacy leakage. We propose a secure search scheme to meet the privacy requirements in the threat model. Finally, experiments on real-world dataset are implemented to demonstrate the overall performance of the proposed scheme, which show our scheme is efficient.
Qi Liu,Weidong Cai,Zhangjie Fu,Jian Shen,Nigel Linge 보안공학연구지원센터 2016 International Journal of Grid and Distributed Comp Vol.9 No.2
MapReduce, as a popular programming model for processing large data sets, has been widely applied. MapReduce 2.0 (MRV2) is a newly adopted one, which has a better performance. Those machines which have a lower performance in a cluster usually play a role who pull down the pace of job execution time. Speculative execution known as an approach for dealing with the above problems works by backing up those tasks running on a low performance machine to a higher one. Although multiple speculative execution strategies have been proposed, there are still a lot of pitfalls existing in the strategies. In this paper, Some pitfalls in proposed strategy have been modified and computer hardware has been taken into consideration (HWC-Speculation). In Hadoop-2.6, we have implemented it, called Hadoop-HWC. Experiment results show that our method can find a slow task correctly, also, the performance of MRV2 is improved.
Effective and Secure Access Control for Multi-Authority Cloud Storage Systems
Lin Xin,Xingming Sun,Zhangjie Fu,Liang-Ao Zhang,Jie Xi 보안공학연구지원센터 2016 International Journal of Security and Its Applicat Vol.10 No.2
Ciphertext-Policy Attribute-Based Encryption (CP-ABE) is a promising cryptographic tool to implement access control for secure cloud storage systems. However, most existing access control schemes based on CP-ABE for the multi-authority cloud storage systems rely on a fully trusted global certificate authority. It is just an ideal assumption while there never exists a fully trusted global certificate authority in reality. In this paper, we construct a system with multiple certificate authorities (CA). The parameters of those CAs could be verified when an authority suspects the messages received from the correlative certificate authority. Besides, we construct a verifiable secret sharing (VSS) scheme to realize the decentralization of the certificate authority in our scheme. The scheme adopts the Pedersen commitment in combination with the properties of bilinear-pairs on elliptic curve and bilinear Diffie-Hellman problem. The analysis shows that our scheme is highly efficient, authentic and provably secure under the security model. Our scheme simultaneously supports efficient attribute revocation.
An Optimization Scheme in MapReduce for Reduce Stage
Qi Liu,Weidong Cai,Baowei Wang,Zhangjie Fu,Nigel Linge 보안공학연구지원센터 2016 International Journal of Grid and Distributed Comp Vol.9 No.8
As a widely used programming model for the purposes of processing large data sets, MapReduce (MR) becomes inevitable in data clusters or grids, e.g. a Hadoop environment. Load balancing as a key factor affecting the performance of map resource distribution, has recently gained high concerns to optimize. Current MR processes in the realization of distributed tasks to clusters use hashing with random modulo operations, which can lead to uneven data distribution and inclined loads, thereby obstruct the performance of the entire distribution system. In this paper, a virtual partition consistent hashing (VPCH) algorithm is proposed for the reduce stage of MR processes, in order to achieve such a trade-off on job allocation. Besides, experienced programmers are needed to decide the number of reducers used during the reduce phase of the MR, which makes the quality of MR scripts differ. So, an extreme learning method is employed to recommend potential number of reducer a mapped task needs. Execution time is also predicted for user to better arrange their tasks. According to the results, VPCH can lead to load balancing and our prediction model can provide fast prediction than SVM with similar accuracy maintained.
Access-Authorizing and Privacy-Preserving Auditing with Group Dynamic for Shared Cloud Data
( Wenting Shen ),( Jia Yu ),( Guangyang Yang ),( Yue Zhang ),( Zhangjie Fu ),( Rong Hao ) 한국인터넷정보학회 2016 KSII Transactions on Internet and Information Syst Vol.10 No.7
Cloud storage is becoming more and more popular because of its elasticity and pay-as-you-go storage service manner. In some cloud storage scenarios, the data that are stored in the cloud may be shared by a group of users. To verify the integrity of cloud data in this kind of applications, many auditing schemes for shared cloud data have been proposed. However, all of these schemes do not consider the access authorization problem for users, which makes the revoked users still able to access the shared cloud data belonging to the group. In order to deal with this problem, we propose a novel public auditing scheme for shared cloud data in this paper. Different from previous work, in our scheme, the user in a group cannot any longer access the shared cloud data belonging to this group once this user is revoked. In addition, we propose a new random masking technique to make our scheme preserve both data privacy and identity privacy. Furthermore, our scheme supports to enroll a new user in a group and revoke an old user from a group. We analyze the security of the proposed scheme and justify its performance by concrete implementations.
De-cloaking Malicious Activities in Smartphones Using HTTP Flow Mining
( Xin Su ),( Xuchong Liu ),( Jiuchuang Lin ),( Shiming He ),( Zhangjie Fu ),( Wenjia Li ) 한국인터넷정보학회 2017 KSII Transactions on Internet and Information Syst Vol.11 No.6
Android malware steals users` private information, and embedded unsafe advertisement (ad) libraries, which execute unsafe code causing damage to users. The majority of such traffic is HTTP and is mixed with other normal traffic, which makes the detection of malware and unsafe ad libraries a challenging problem. To address this problem, this work describes a novel HTTP traffic flow mining approach to detect and categorize Android malware and unsafe ad library. This work designed AndroCollector, which can automatically execute the Android application (app) and collect the network traffic traces. From these traces, this work extracts HTTP traffic features along three important dimensions: quantitative, timing, and semantic and use these features for characterizing malware and unsafe ad libraries. Based on these HTTP traffic features, this work describes a supervised classification scheme for detecting malware and unsafe ad libraries. In addition, to help network operators, this work describes a fine-grained categorization method by generating fingerprints from HTTP request methods for each malware family and unsafe ad libraries. This work evaluated the scheme using HTTP traffic traces collected from 10778 Android apps. The experimental results show that the scheme can detect malware with 97% accuracy and unsafe ad libraries with 95% accuracy when tested on the popular third-party Android markets.