Content of Network, Communication and Security in our journal

Published in last 1 year |  In last 2 years |  In last 3 years |  All Please wait a minute... For Selected: Download Citations EndNote Ris BibTeX Toggle Thumbnails Select Research on Abnormal Diagnosis Mechanism of CAN Network Dormancy in AUTOSAR Standard GAO Yongfan, LI Chaochao, XU Fengjie, QIU Bensheng, FANG Ling Computer Engineering and Applications    2024, 60 (7): 248-257.   DOI: 10.3778/j.issn.1002-8331.2211-0393 Abstract （18）      PDF（pc） （768KB）（23）       Knowledge map    Save The network management in the car is designed to ensure the synchronization of communication status between nodes and the detection of network faults, it is an important part of a reliable in-vehicle network. Aiming at the problem that it is difficult to locate and reproduce the occasional dormancy abnormality in AUTOSAR network management, a network dormancy abnormality diagnosis mechanism based on wake-up chain is proposed. Correspondingly, by carrying the location information in the network management message, the location of the network node in the wake-up chain is recorded in real time. When an accidental failure occurs, the relevant information is stored in the non-volatile memory, and then the failure is restored by rebuilding the wake-up chain. The wake-up sequence and related operating status information of each node in the network at the time of occurrence help locate the node that caused the fault more accurately and efficiently, and to a certain extent solve the problem that the sleep anomaly is difficult to reproduce and detect. At the same time, the validity of this method is verified on the experimental platform CANoe by using the CAN bus of the controller area network. Reference | Related Articles | Metrics Select Smart Contract Source Code Vulnerability Detection of Graph Isomorphism Network with Multi-Head Attention Mechanism SHI Zitong, SHI Zhibin, LIU Dongming, LEI Haiwei, GONG Xiaoyuan Computer Engineering and Applications    2024, 60 (7): 258-265.   DOI: 10.3778/j.issn.1002-8331.2307-0402 Abstract （23）      PDF（pc） （640KB）（23）       Knowledge map    Save Addressing the challenge of losing syntax and semantics during the conversion of smart contract source code into bytecode, and the existing vulnerability detection methods have low accuracy and high false alarm rate, especially the detection ability of reentrancy vulnerability and timestamp vulnerability is limited, a graph isomorphism network smart contract source code vulnerability detection method with multi-head attention mechanism is proposed. Firstly, the graph structure is constructed and normalized using the smart contract source code while incorporating the distinctive characteristics of reentrancy and timestamp vulnerabilities. Subsequently, the normalized graph structure data is input into the graph isomorphism network for iterative training, harnessing the network’s robust node representation and graph representation capabilities for vulnerability detection. Lastly, this method introduces the multi-head attention mechanism as an enhancement layer to further augment the node representation ability of the graph isomorphism network. Experimental results demonstrate that the proposed method achieves a detection accuracy of 93.08% for reentrancy vulnerabilities and 92.30% for timestamp vulnerabilities. These figures represent improvements of 1.44 and 2.00 percentage points, respectively, when compared to the common graph isomorphism network method. These results firmly establish the superiority of proposed method in terms of detection capability over other existing detection tools. Reference | Related Articles | Metrics Select Research on Optimization of Reward and Punishment Mechanism of PBFT ZHANG Miao, LI Shaowen, WU Yuting, TU Lijing, ZHANG Lei, YANG Shangxiong Computer Engineering and Applications    2024, 60 (7): 266-273.   DOI: 10.3778/j.issn.1002-8331.2211-0144 Abstract （17）      PDF（pc） （607KB）（23）       Knowledge map    Save The Alliance chain is the preferred blockchain scheme in the agricultural traceability industry. Aiming at the problems of low consensus security, high error probability of the primary node, and high communication overhead in the practical Byzantine fault-tolerant consensus algorithm of its core consensus mechanism, an improved practical Byzantine fault-tolerant consensus algorithm based on reward and punishment mechanism is proposed by introducing reward and punishment mechanism and grouping consensus mechanism. Firstly, the nodes are divided into four categories, and the node reputation rules are formulated to enhance the initiative of the nodes and reduce the participation of Byzantine nodes. Secondly, the qualification of malicious nodes to participate in consensus is excluded, and the reputation value and vote number of malicious nodes are counted. The nodes with good reputations are dynamically selected as consensus nodes. Moreover, according to the highest reputation value rule, the primary node is selected to improve the consensus security and reduce the probability of Byzantine nodes being elected as primary nodes. Finally, based on the PBFT consensus, the consensus process is simplified into two stages：intra-group consensus and global consensus. Based on the minimum number of broadcast messages, the optimal grouping is proposed to alleviate the problem of excessive communication caused by the increase of consensus nodes. Experimental results show that the scheme can effectively suppress Byzantine nodes, improve consensus security performance and reduce consensus cost. Reference | Related Articles | Metrics Select Research on Intra-Domain Routing Protection Scheme Based on SRv6 GENG Haijun, ZHANG Qidong Computer Engineering and Applications    2024, 60 (6): 293-300.   DOI: 10.3778/j.issn.1002-8331.2210-0463 Abstract （26）      PDF（pc） （583KB）（23）       Knowledge map    Save Network failures cause a large number of packet losses and seriously affect network performance. How to deal with network failures efficiently and quickly is the basic requirement and main task of designing routing protocols. Currently, the most effective methods for Internet deployment are open shortest path first (OSPF) and intermediate system-to-intermediate system (IS-IS). Network faults are resolved by dynamic routing protocols, but a large number of packets are still discarded during the dynamic convergence of protocols. Therefore, router manufacturers widely adopt the route protection method with better performance to overcome network faults. However, the existing route protection schemes generally have high implementation complexity or low fault protection rate. Aiming at the above problems, this paper realizes the network programmability based on SRv6. In this paper, a research on intra-domain routing protection scheme based on SRv6 (RPSRv6) is proposed. Firstly, the calculation rules of backup paths are proposed. According to the backup path calculation rule, the backup path is calculated for all pairs of source and destination nodes affected by link failure in the incremental shortest path tree generated. On this basis, the calculation rule of Segment List is proposed, that is, the value and number of SIDs in the Segment List are calculated. In the process of calculating the backup path, each node affected by the fault and other nodes can be accessed at most once, so the time complexity of RPSRv6 has good performance. The experimental results show that compared with existing DC (downstream criterion) rules and U-Turn algorithms, RPSRv6 algorithm has better experimental results in fault protection rate and path stretch, reaching 100% fault protection rate and the optimal path in path stretch. Reference | Related Articles | Metrics Select Fair Verifiable Search Encryption Scheme Based on Blockchain LI Yang, WANG Jingyu, LIU Lixin Computer Engineering and Applications    2024, 60 (6): 301-311.   DOI: 10.3778/j.issn.1002-8331.2211-0106 Abstract （33）      PDF（pc） （667KB）（35）       Knowledge map    Save A blockchain-based fair and verifiable search encryption scheme is proposed to address the problem that existing search encryption schemes lack constraints on the behavior of data owners. This scheme provides fair and efficient search and verification. Firstly, vector digital promises are introduced to constrain the behavior of data owners, while blockchain is used to compute hash verification benchmarks to achieve efficient lightweight multi-keyword search result verification and avoid the problem of untrustworthy third-party verification. In addition, the scheme maps keywords into Bloom filters through pairwise encoding algorithm functions and locally sensitive hash functions to achieve fuzzy search while improving the efficiency of transforming keywords into vectors before search. It is experimentally shown that this scheme has higher efficiency of keyword transformation before search and the verification process consumes less time compared with existing verification schemes using public key cryptographic primitives. The security analysis proves that this scheme is secure under the random prediction model. Reference | Related Articles | Metrics Select Blockchain Transaction Legitimacy Discrimination with High Recognition Accuracy CAI Yuanhai, SONG Fuyuan, LI Kai, CHEN Yanyu, FU Zhangjie Computer Engineering and Applications    2024, 60 (5): 271-280.   DOI: 10.3778/j.issn.1002-8331.2211-0395 Abstract （32）      PDF（pc） （1028KB）（18）       Knowledge map    Save Legitimacy discrimination of transactions on the blockchain is of great importance for the regulation of cryptocurrencies. In order to effectively take into account the information of the transaction itself and the topological information in the discriminative process, and to improve the discrimination accuracy, this paper proposes a multi-perspective legitimacy detection method that incorporates the trustworthy deep forest. Firstly, a trustworthy deep forest (TForest) based on generating trustworthy features is designed. It gives sufficient discrimination to subsamples by feature reordering and combines variable sliding windows to extract differentiable subsamples in a balanced and confusion-free manner. The discrimination accuracy of the deep forest is improved on the basis of significantly reducing the dimensionality of generated features. Then, an ensemble strategy is designed. It uses a two-stage layer-by-layer optimization approach to effectively fuse three types of base discriminators, namely trustworthy deep forest, Transformer graph network and ResNet. The strategy is based on the difference of base models for positive and negative samples recognition ability, and utilizes two kinds of information, finally, a high-accuracy multi-perspective analysis model T2Rnet is constituted. The experimental results on the Elliptic dataset show that the F1-score of the model achieves 83.11%, which is 31.6% higher than the baseline graph convolution method. The model has reliable transaction legitimacy discrimination performance. Reference | Related Articles | Metrics Select Optimization Method for Task Offloading Decision and Edge Resource Allocation in Distribution Networks DUO Chunhong, KUANG Zhu, QI Guoliang, MEI Huawei, LI Baogang, LI Yongqian Computer Engineering and Applications    2024, 60 (5): 281-290.   DOI: 10.3778/j.issn.1002-8331.2304-0293 Abstract （31）      PDF（pc） （623KB）（30）       Knowledge map    Save Mobile edge computing can reduce the pressure of massive data transmission and processing in core distribution networks, compared to cloud computing, the computing limitations of edge nodes poses a challenge to the efficient utilization of edge resources. Based on this, a task offloading decision and edge resource allocation optimization method in distribution networks is proposed. First of all, in a distribution network scenario containing multiple edge nodes and multiple user devices, a cloud-edge-end three-layer edge computing offloading and resource allocation model is constructed. Secondly, the optimization process is divided into two stages：computing offloading and resource auction. In computing offloading stage, an online decision algorithm based on DRL is proposed, and in resource auction stage, a multi round iterative auction mechanism based on compensation strategy is designed. Finally, a task offloading and resource allocation optimization method based on improved DQN algorithm is proposed. The simulation results show that the proposes algorithm can effectively improve system computing energy efficiency and edge node efficiency in dynamically changing distribution network scenarios. Reference | Related Articles | Metrics Select 5G Network Security Deduction Based on Digital Twin MA Yuwei, DU Haitao, SU Li, AN Ningyu Computer Engineering and Applications    2024, 60 (5): 291-298.   DOI: 10.3778/j.issn.1002-8331.2210-0248 Abstract （36）      PDF（pc） （702KB）（27）       Knowledge map    Save In order to study the possible attacks on 5G network and the measures to mitigate the attacks, a security deduction model for 5G network is proposed. The model maps the physical network to the twin network through digital twin technology, and builds a virtual-real network deduction environment based on it. According to the designed deduction scenarios, the attack and defense deductions are performed in the twin network and the deductions’ results are applied to the physical network. The results show that the deductions using the twin technology can reduce the impact on the physical network, and the results can be applied to the physical network indiscriminately and have consistent defense effects. Reference | Related Articles | Metrics Select DAE-LSTM-Fused Intelligent Spectrum Sensing Algorithm for Cognitive Internet of Things DUAN Yanyan, XU Lingwei Computer Engineering and Applications    2024, 60 (5): 299-306.   DOI: 10.3778/j.issn.1002-8331.2210-0295 Abstract （29）      PDF（pc） （644KB）（22）       Knowledge map    Save The rise of the fifth-generation (5G) mobile communication, the development of Internet of things (IoT) is promoted. However, with the explosive growth of IoT data transmission volume, the shortage of spectrum resources is becoming more and more severe. Spectrum sensing technology greatly improves the spectrum utilization of the Internet of things. However, the IoT mobile communication environment has the characteristics of high complexity and easy signal distortion, which poses a major challenge to the existing spectrum sensing. Thus, this paper proposes an intelligent spectrum sensing algorithm that fused with denoising autoencoder (DAE) and improved long short term memory (LSTM) neural network. DAE excavates the internal structural features of mobile signals through encoding and decoding. The improved LSTM spectrum sensing classifier model is designed to classify time series signal sequences combined with past moment information features. Finally, the proposed algorithm achieves 45% higher sensing accuracy than support vector machine (SVM), Elman, LeNet5, learning vector quantization (LVQ) and recurrent neural network (RNN) algorithms. Reference | Related Articles | Metrics Select Multi-Scene Continuous Authentication Based on Attention Module for Mobile Devices JIN Yuyao, ZHANG Xiaomei, WANG Yajie Computer Engineering and Applications    2024, 60 (3): 280-291.   DOI: 10.3778/j.issn.1002-8331.2209-0204 Abstract （32）      PDF（pc） （866KB）（21）       Knowledge map    Save In view of the fact that the user may change the scene when interacting with the mobile device, the existing works have limitations on the specific single scene when collecting features and low authentication accuracies, and cannot achieve multi-scene conversion authentication. To overcome these issues，a movement patterns based multi-scene continuous authentication scheme, which combines the attention module with the convolutional neural network (CNN-SACA) is proposed. Under unrestricted usage scenarios and operations, the movement patterns (MP) features are extracted when the user interacts with the mobile device and then hand micro-motion can be captured in dynamic and static scenes, by which the multi-scene authentication is realized. A convolutional neural network including 5 convolutional layers is designed. After the convolution of the first layer, the improved spatial and channel attention sub modules are sequentially passed, and then the weights are inversely distributed after the convolution of the multiple layers to enhance the key feature representation. MP features characterized by the convolution are assigned double attention weights from two dimensions. A public data set is used to verify the effectiveness and feasibility of the proposed method in multi-scene authentication. The experimental results show that the proposed deep learning model based on movement patterns can get over the limitations caused by the single authentication scenario, and achieve accuracy of 99.6%. Meanwhile, comparing with the CNN model alone, the accuracy of the proposed CNN-SACA model is improved by 1.5?percentage points, which effectively improves the authentication capability of mobile devices in multiple scenarios. Reference | Related Articles | Metrics Select Vulnerability Detection Based on Deep Graph Convolutional Network and Attention Mechanism XIAO Peng, ZHANG Xusheng, YANG Fengyu, ZHENG Wei Computer Engineering and Applications    2024, 60 (3): 292-298.   DOI: 10.3778/j.issn.1002-8331.2209-0420 Abstract （39）      PDF（pc） （564KB）（37）       Knowledge map    Save To address the problem of incomplete graph structure features due to the lack of contextual information in existing graph neural network-based vulnerability mining methods and the problem of over-smoothing that prevents the model from learning higher-order features of the graph structure resulting in poor prediction performance, a vulnerability detection method based on deep graph convolutional networks and attention mechanism, PSG-GCNIIAT, is proposed. PSG fuses order relational graphs on the basis of program dependency graphs so that code statements have the ability to sense their contextual information, and generates embedding vectors of code lines by abstracting syntax trees to achieve deep structure feature extraction of graph nodes. GCNIIAT uses a deep graph convolutional network, GCNII, combined with a graph attention mechanism to more effectively identify graph structure features of program slices associated with vulnerabilities. The experimental results show that the vulnerability detection model PSG-GCNIIAT has obvious advantages over VulDeePecker, GCN and GGNN in accuracy and F value, and it can effectively improve the performance of program vulnerability detection. Reference | Related Articles | Metrics Select Research on Malware Classification Method Based on Heterogeneous Instruction Graph QIAN Liping, JI Xiaomei Computer Engineering and Applications    2024, 60 (3): 299-308.   DOI: 10.3778/j.issn.1002-8331.2305-0484 Abstract （30）      PDF（pc） （689KB）（21）       Knowledge map    Save Malware is one of the biggest security threats on the Internet today. At present, research on malware classification based on graph deep learning has not taken into account the inherent similarity hidden in the control flow information of malware families. To solve this problem, a malware classification method based on heterogeneous instruction graph(HIG), MCHIG, is proposed, which includes three stages: HIG generation, node embedding and malware classification. Firstly, the MyHIG dataset is generated. Then GraphSAGE is applied to message different types of edges to complete HIG file nodes classification and instruction nodes embedding. Finally the malware classification task is completed based on control flow graph. The effectiveness is validated on the BIG2015 dataset, achieving a classification accuracy of 97.81% in the embedding stage, and the five-fold and ten-fold cross-validation are carried out in the classification stage, among which the performance of the ten-fold cross-verification is better, and the accuracy rate reaches 99.91%, on the BODMAS_ mini few-sample dataset, it reaches 96.53% in the embedding stage and 98.76% in the classification stage, which is better than other advanced malware classification models. Reference | Related Articles | Metrics Select Specific Authenticated Encryption Algorithm Based on SM4 Under Framework of Stream Cipher LI Hu, PENG Changgen, HOU Jinqiu Computer Engineering and Applications    2024, 60 (2): 272-278.   DOI: 10.3778/j.issn.1002-8331.2210-0261 Abstract （41）      PDF（pc） （545KB）（40）       Knowledge map    Save As a symmetric cryptographic primitive, authenticated encryption algorithm can satisfy data privacy and integrity simultaneously, which is widely used in the field of data security. Aiming at the security and efficiency requirements of the authenticated encryption algorithm based on block cipher, a specific authenticated encryption algorithm SMRAE based on SM4 is designed. The algorithm adopts the idea of stream cipher, starts from the bottom part of SM4, and combines the Feistel structure to design the state update function for round transformation. It only needs to call four SM4 round function instructions to process 256 bit messages. First, in the initialization phase, the initial vector and key are iterated for 16 rounds to fully randomize the difference. Second, the generated ciphertext by SM4 is involved in the round transformation to realize the state update and encryption parallel. Finally, the message authentication is performed before decryption to reduce the time consumption and improve the security of the algorithm. The security analysis and experimental results show that SMRAE can resist the mainstream attacks such as forgery attack, differential attack and guess attack. The efficiency of SMRAE is higher than AES-GCM, and it is equivalent to SM4, so SMRAE has certain practicability. Reference | Related Articles | Metrics Select Access Authentication Method of Power Distribution Internet of Things Based on Improved PBFT ZHANG Mingquan, YANG Tian, DUO Chunhong Computer Engineering and Applications    2024, 60 (2): 279-287.   DOI: 10.3778/j.issn.1002-8331.2209-0052 Abstract （42）      PDF（pc） （586KB）（34）       Knowledge map    Save With the deep integration of the Internet of things and the distribution network, the access system of massive terminal equipment brings great challenges to the safe and stable operation of the distribution Internet of things. In view of the current situation that the traditional identity authentication method is too centralized and cannot carried large-scale terminals, a terminal access authentication method based on the blockchain consensus mechanism is designed. The power distribution Internet of things gateway is responsible for the registration of the nodes to be accessed, uses the consensus algorithm for distributed authentication, and stores the legal terminals on the chain. Based on the practical Byzantine fault-tolerant algorithm, a consensus algorithm for the distribution IOT terminal is proposed. The algorithm introduces a weight mechanism, selects authentication nodes according to the weight of terminal nodes, and reduces the scale of consensus. The verifiable random function is introduced to enhance the security of the master node, avoids view switching protocol, and improves the consensus efficiency. Combining with the actual application scenario, the consistency protocol is optimized to reduce the communication overhead. The experimental analysis shows that this method can effectively avoid various network attacks, and the communication overhead and throughput are better than other methods. The system has strong anti-attack ability, and meets the requirements of the distribution Internet of things for authentication efficiency and system reliability. Reference | Related Articles | Metrics Select Real-Time Trajectory Privacy Protection Method Based on Path Obfuscation LI Fengyun, GUO Hao, BI Yuanguo, LI Yining Computer Engineering and Applications    2024, 60 (2): 288-294.   DOI: 10.3778/j.issn.1002-8331.2208-0301 Abstract （34）      PDF（pc） （570KB）（27）       Knowledge map    Save Due to the limitations of traditional trajectory privacy protection algorithms in dealing with real-time problems, a trajectory privacy protection algorithm based on path confusion is proposed for the privacy protection processing of real-time trajectories. The algorithm can solve the problems of insufficient trajectory data or availability of trajectory data in traditional path confusion algorithms. The vehicle trajectories are grouped and selected by the vehicle adaptive time window algorithm, and the privacy protection effect of the trajectories is improved through the obfuscation algorithm. Comparing the availability of trajectory data in experiments, it is verified that the proposed algorithm is more effective in protecting vehicle privacy than other traditional methods, and the obfuscated trajectory data is more available. Reference | Related Articles | Metrics Select Joint Optimization of Energy Consumption and Data Volume Based on UAV Flight Time ZHU Jiang, XIAO Jin Computer Engineering and Applications    2024, 60 (1): 271-280.   DOI: 10.3778/j.issn.1002-8331.2207-0348 Abstract （44）      PDF（pc） （688KB）（44）       Knowledge map    Save The use of UAV communication for data acquisition in wireless sensor networks is a valuable technology. For UAV data collection tasks in limited time, a joint optimization scheme considering system data volume, node transmission energy consumption and UAV flight energy consumption is presented. The decision space of this scheme includes UAV trajectory and transmission scheduling with high complexity. Since the joint optimization is an NP-hard problem, based on the dimensionality reduction of the decision space, the optimization process is divided into two steps：initial trajectory optimization and secondary trajectory optimization. For initial trajectory optimization, an optimization scheme based on greedy algorithm and tabu search algorithm is proposed to achieve node selection and obtain the initial trajectory of the UAV. For quadratic trajectory optimization, the discretization method is used to convert the original problem, and the successive convex approximation algorithm is used to optimize it, and an effective suboptimal solution is obtained. The simulation results show that the optimized scheme can increase the amount of data collected by the UAV and reduce the energy consumption of the UAV and the nodes while meeting the time constraints. Reference | Related Articles | Metrics Select Trust Management Solution for Internet of Vehicles Based on Logistic Regression and Blockchain WANG Chundong, GUO Ruyue Computer Engineering and Applications    2024, 60 (1): 281-288.   DOI: 10.3778/j.issn.1002-8331.2208-0217 Abstract （49）      PDF（pc） （603KB）（37）       Knowledge map    Save The Internet of vehicles enables vehicles to disseminate information to improve traffic safety and efficiency. However, in an untrusted environment, how to effectively implement trust assessment and instantly update consistent trust values among multiple road side units (RSUs) remains a challenging problem. Trust management solution for internet of vehicles based on logistic regression and blockchain is proposed. First, the vehicle can calculate the direct trust value and the recommended trust value for it through the historical behavior of the communication partner, and use the logistic regression algorithm to calculate the comprehensive trust value, and then upload it to the nearby RSU, which will package the data into a block. Second, a hybrid consensus mechanism based on proof of stake (PoS) and practical Byzantine fault tolerance (PBFT) is proposed. RSUs with larger stakes are more likely to be selected as miners, and work together with authorized RSUs to verify the correctness of blocks, making the blocks with large changes in trust value can be published instantly. Finally, safety analysis and performance simulation show that the scheme is effective and feasible in calculating and storing vehicle trust value. Reference | Related Articles | Metrics Select Certificateless Parallel Key-Isolated Aggregate Signature Scheme in Healthcare Networks MENG Tong, GUO Rui, WANG Yicheng, LIU Yingfei Computer Engineering and Applications    2024, 60 (1): 289-300.   DOI: 10.3778/j.issn.1002-8331.2208-0250 Abstract （35）      PDF（pc） （791KB）（29）       Knowledge map    Save The application of wireless sensor networks in the medical field brings great convenience to doctors and patients. The authenticity and integrity of medical data becomes a major problem in the medical industry due to the destruction of patient privacy information during the transmission process. To solve this problem, a certificateless aggregate signature scheme is proposed to protect patient privacy information. However, most schemes cannot resist fully chosen-key attacks and face the key exposure problem. Therefore, this paper proposes a certificateless parallel key-isolated aggregate signature scheme that can resist fully chosen-key attacks. The scheme is based on blockchain technology for data sharing and identity tracking, uses the real-time nature of edge computing to deal with high delay problems in wireless sensor networks, and uses parallel key isolation methods to solve the problem of key exposure. Under the elliptic curve discrete logarithm problem, the scheme is proved to be unforgeable under the random oracle model, and the hash-based strong collision-resistant proofs that the scheme can resist fully chosen-key attacks. Efficiency analysis using MIRACL library shows that this scheme is more efficient than other related schemes in each stage, and has lower communication overhead. Reference | Related Articles | Metrics Select VPN Encrypted Traffic Identification for Joint Capsule and Bidirectional LSTM Networks YANG Zhongfu, CHANG Jun, XU Yan, LUO Jinyan, WU Peng Computer Engineering and Applications    2023, 59 (23): 246-253.   DOI: 10.3778/j.issn.1002-8331.2208-0054 Abstract （38）      PDF（pc） （820KB）（35）       Knowledge map    Save In order to improve the effective management of network resources, encrypted traffic identification has become a major challenge in the field of network security. Most of the current research is based on deep learning methods, but these methods ignore the hierarchical characteristics of network traffic, such as the position of fixed strings and the dislocation caused by the Bit conversion of different protocols into images. In this regard, a deep neural network combining capsule network and bidirectional long short-term memory is proposed to identify encrypted traffic. The model extracts the spatial location features and timing features of encrypted traffic respectively. Finally, it uses the Softmax classifier to identify encrypted traffic services. Among them, the CapsNet is improved by optimizing the original 1-layer 9×9 convolution into 4-layer 3×3 convolution, and a joint loss function is proposed. The method is validated on the ISCX VPN-non VPN public dataset, and the results of three classification experiments show that the classification accuracy, precision, recall and F1 value of the model are all above 98%, which is better than the state-of-the-art encryption traffic classification method. Reference | Related Articles | Metrics Select Distributed Data Access Control and Sharing Scheme Based on CPABE ZHANG Xiaodong, CHEN Taowei, YU Yimin Computer Engineering and Applications    2023, 59 (23): 254-262.   DOI: 10.3778/j.issn.1002-8331.2112-0294 Abstract （57）      PDF（pc） （619KB）（47）       Knowledge map    Save At present, the data sharing scheme with blockchain & CP-ABE（ciphertext-policy attribute-based encryption） still uses one or more authority organizations to generate, manage and distribute keys, which is easy to cause single point failure of authorization agencies, high algorithm overhead and the possibility of secret keys leakage of node users. Therefore, this paper proposes a distributed data access control and sharing scheme based on decentralized CP-ABE to realize privacy protection and its provable data security. First of all, the master key（MSK） of the CPABE based on the block chain is distributed through the proxy key encapsulation mechanism, and in order to improve the efficiency and security of the system, the dual-chain model is adopted to realize the security isolation for the proxy key encapsulation mechanism（PKEM） and CP-ABE algorithm. Secondly, this paper designs the block structure and data format specification to manage the whole processes of PKEM-CPABE algorithm and the audible traceability operation behavior. Finally, the security and experimental analytics shows that the proposed algorithm not only protects data privacy, but also implements an efficient security sharing mechanism. Reference | Related Articles | Metrics Select Research on Tracing Major Public Opinion Events Based on Double-Layer Blockchain LIU Xin, WANG Haiwen, SUN Zhijian, YANG Dawei, PANG Mingjiang Computer Engineering and Applications    2023, 59 (23): 263-272.   DOI: 10.3778/j.issn.1002-8331.2306-0229 Abstract （59）      PDF（pc） （813KB）（41）       Knowledge map    Save The future metaverse is a fully developed and personalized world based on trusted social networks. However, the information in social networks is multi-source and easy to be tampered with, making major public opinion events difficult to trace. To solve the above problems, a double-layer blockchain is constructed to realize the traceability of public opinion events. Firstly, Sentence-BERT model is used to extract sentence vectors of comments and the interest similarity among users is evaluated. Leiden algorithm is used for discovering the interest community. The comments chain is constructed with the users of interest communities as the nodes to store the tracking information, and using the community leaders as nodes to construct an interest community chain for storing the key words of the highest influence users. Then, a multi-source traceability evidence chain is formed based on the comments along with tracking information stored on the blockchain. Finally, the experimental results and the security analysis show that the average query delay of the blockchain is 110 ms and throughput is greater than 550 TPS, the proposed method is feasible in the trusted management of public opinion data and the traceability of major public opinion events. Reference | Related Articles | Metrics Select Cross-Chain Supervision Mechanism for Consortium Blockchain Based on Relay-Chain Technology LU Yiren, ZHU Youwen Computer Engineering and Applications    2023, 59 (22): 268-275.   DOI: 10.3778/j.issn.1002-8331.2206-0466 Abstract （66）      PDF（pc） （782KB）（52）       Knowledge map    Save The consortium chain has played a major role in the fields of logistics traceability and data transactions. However, the differences in the underlying implementation of the consortium chains make it hard to form an effective data sharing way between chains, cross-chain technology is an important method to solve the  “Isolated Data Island” problem of consortium chains. The existing cross-chain schemes cannot satisfy the needs of supervision for consortium chains, and there is no clear division of authority for cross-chain requests and inter-chain interoperability, cross-contract calls between chains may lead to malicious tampering of blockchain data during the cross-chain process, and thus they cannot be applied to cross-chain supervision scenarios. To solve the above problems, this paper proposes a cross-chain supervision mechanism based on the relay chain technology for on-chain computation in consortium-chains, which ensures the security of cross-chain operations by classifying the identity of the accessed chains, and uses modular design to achieve the scalability of cross-chain framework. Besides, this paper also proposes a communication message protocol that can ensure the security of the cross-chain supervision process. Finally, this paper analyzes and compares the proposed scheme with existing mechanisms, and validates the practicality of the proposed scheme through simulation experiments. Reference | Related Articles | Metrics Select Deepfake Video Detection Method Improved by GRU and Involution LIU Yalin, LU Tianliang Computer Engineering and Applications    2023, 59 (22): 276-283.   DOI: 10.3778/j.issn.1002-8331.2206-0510 Abstract （32）      PDF（pc） （748KB）（30）       Knowledge map    Save In recent years, the wide spread of deepfake video on the network has caused a negative impact. In order to solve the problems of low accuracy of existing detection models and insufficient and comprehensive information extraction, an improved deepfake video detection method based on gated recurrent unit（GRU） and Involution is proposed. Firstly, a feature extraction network is constructed based on Involution operator to extract global feature information, which enhances the spatial modeling ability of face image from spatial and channel information. Then, the temporal features are extracted through the location and inter-frame information of the main capsule layer and GRU concern features. Finally, focalloss is used as the loss function to balance the samples in the training model phase. The method is tested in Deepfakes, FaceSwap and Celeb-DF datasets, and the experimental results show that the method is better than the mainstream detection methods. The improved comparative experiments further prove the effectiveness of the detection method. Reference | Related Articles | Metrics Select Lightweight In-Vehicle Network Intrusion Detection Method Based on Deep Learning JIANG Yuchang, XU Yang, LI Kezi, QIN Qingkai, ZHANG Sicong Computer Engineering and Applications    2023, 59 (22): 284-292.   DOI: 10.3778/j.issn.1002-8331.2206-0474 Abstract （90）      PDF（pc） （636KB）（78）       Knowledge map    Save Existing deep learning-based in-vehicle network intrusion detection methods have problems of high computing resource consumption and delay. In order to reduce the detection delay and improve the detection effect, a lightweight in-vehicle network intrusion detection model based on visualization and improved MobileNet model is constructed, combined with transfer learning. The attack traffic is visualized as a color graph, and then the image is enlarged by bilinear interpolation to enhance the dataset and prevent model overfitting. Finally, MoblieNet is improved and the model is fine-tuned by transfer learning in order to reduce parameters and resource consumption during training. Experimental results show that the test accuracy, precision, recall and F1-score of Car-Hacking and OTIDS datasets can reach 100% on raspberry PI devices with limited computing power, and the average response time is 2.5 ms and 2.9 ms, respectively. Compared with classical deep learning models such as ResNet-18, the response time is reduced by at least 40%. Compared with detection methods such as Confidence Averaging, the consumption of training resources is reduced and the detection effect and time are ensured. Reference | Related Articles | Metrics Select Source Code Vulnerability Detection Based on Residual Gated Graph Convolutional Networks ZHANG Jun, LI Shanshan, LI Lei, WANG Haoyu Computer Engineering and Applications    2023, 59 (22): 293-299.   DOI: 10.3778/j.issn.1002-8331.2207-0361 Abstract （52）      PDF（pc） （574KB）（34）       Knowledge map    Save Software vulnerabilities are an important factor leading to network security incidents. To address the problem of high false positive and false negative rates of existing static code analysis tools, an automated vulnerability detection method based on residual gated graph convolutional networks is proposed. Firstly, the source code is converted into code graph data containing semantic and syntactic feature information, then a residual gated graph convolutional neural network is used to learn the representation of the graph structure data, and finally a neural network model is trained to predict code vulnerabilities, enabling automatic vulnerability detection of C/C++ function code. In this paper, the method uses VDISC dataset to verify the effectiveness of the method, and the F1 value （CWE-119 vulnerability type） of the detection result reaches 76.60%, and compared with the baseline methods, the F1 value is improved by 9.46 percentage points, 7.24 percentage points, 5.67 percentage points and 8.42 percentage points respectively, and the proposed method effectively improves the vulnerability detection ability. The effectiveness of the method is proved. Reference | Related Articles | Metrics Select Malicious Traffic Detection Method Based on Decision Tree-SNN Under Small Sample LI Daoquan, LI Yuxiu , REN Dayong Computer Engineering and Applications    2023, 59 (21): 258-266.   DOI: 10.3778/j.issn.1002-8331.2207-0128 Abstract （47）      PDF（pc） （624KB）（29）       Knowledge map    Save Aiming at the low accuracy, insufficient feature extraction, and model overfitting problems of the current malicious traffic detection method under small samples, a malicious traffic detection algorithm based on an improved decision tree-siamese neural network（SNN） under small samples is proposed. To reduce the difficulty of multi-classification tasks under small samples, a binary decision tree is constructed using the center distance between classes to convert multi-class problems into binary classification problems. The comparative branch of SNN is designed as a parallel structure of three one-dimensional convolutional neural networks to solve the problem of insufficient feature extraction under small samples. The squeeze-and-excitation module optimized by pooling strategies and one-dimensional convolution operations is introduced to reduce the problem of model overfitting under small samples. Malicious traffic detection is achieved by comparing the similarity of samples. The experimental results show that the proposed method effectively detects malicious traffic under small samples. Reference | Related Articles | Metrics Select ACT-BFT：Byzantine Fault Tolerant Consensus Mechanism Based on Adaptive Communication Topology DENG Xiaohong, WANG Zhiqiang, LI Kangting, LUO Zhiqiong Computer Engineering and Applications    2023, 59 (21): 267-277.   DOI: 10.3778/j.issn.1002-8331.2206-0266 Abstract （39）      PDF（pc） （651KB）（27）       Knowledge map    Save Consensus mechanism studies how to achieve data consistency in distributed nodes.As the core technology of blockchain, it directly affects the performance of blockchain system. Byzantine fault tolerant consensus mechanism is the mainstream consensus algorithm of consortium chain, but it has the problems of poor security of accounting node selection and high communication complexity. To address the above problems, firstly, a node reputation value evaluation mechanism based on BP neural network is proposed. Through training, the weight of node reputation value evaluation index is optimized to obtain the node reputation value more accurately. The accounting node is selected according to the reputation value, which can improve the consensus efficiency and reduce the risk of malicious nodes become into accounting nodes, accordingly improve the safety of consensus. Secondly, an adaptive tree communication topology is designed. According to the information entropy of node reputation value, the fork degree of the tree structure is adjusted adaptively to reduce the communication complexity in the traditional P2P topology. In addition, the free fork structure increases the scalability of the communication structure and reduces the negative impact of malicious behavior of node. Finally, the effectiveness of this algorithm is verified by a large number of experimental analysis. When the number of nodes in the blockchain network increases to 500, the throughput of the proposed algorithm is three times that of similar methods, and the delay is only 1/7. At the same time, in the case of continuous switching of accounting nodes and node evil, the throughput of this algorithm is stable and can effectively reduce the impact of node evil. The proposed algorithm has high throughput, low delay and high security, and is suitable for consensus in distributed systems. Reference | Related Articles | Metrics Select Research on Text-Based Adversarial CAPTCHA LI Jianming, YAN Qiao Computer Engineering and Applications    2023, 59 (21): 278-286.   DOI: 10.3778/j.issn.1002-8331.2206-0359 Abstract （36）      PDF（pc） （660KB）（16）       Knowledge map    Save The development of deep learning techniques such as image recognition has made traditional text CAPTCHAs less secure. It is of great significance to enhance the security of text-based CAPTCHAs by using adversarial examples, the defects of deep neural networks. This paper generates text adversarial CAPTCHAs by applying multiple adversarial example generation algorithms to text CAPTCHA and measures the actual effectivenessin terms of multiple aspects such as time consumption, disturbance size, black and white box recognition rate. Based on the characteristics of the application scenario with high frequency of CAPTCHA generation, a scheme of applying universal adversarial perturbation to text CAPTCHAs is screened. In applying the fast universal adversarial perturbation（fast-UAP） algorithm, the I-FUAP（initialized-FUAP） algorithms is proposed to overcome the instability of Fast-UAP by using universal adversarial perturbation for initialization. Experiments show that the improved algorithm can generate UAP faster than the original Fast-UAP. The generation time is reduced by about 30.22% without significantly affecting the perturbation success rate and the effectiveness of the adversarial example attack. Reference | Related Articles | Metrics Select Android Malware Detection Based on Feature Selection PAN Jianwen, ZHANG Zhihua, LIN Gaoyi, CUI Zhanqi Computer Engineering and Applications    2023, 59 (21): 287-295.   DOI: 10.3778/j.issn.1002-8331.2206-0408 Abstract （55）      PDF（pc） （576KB）（36）       Knowledge map    Save With the rapid development of the mobile Internet and the Android operating system, applications running on the Android system have also grows rapidly, but malware hidden in them poses a serious threat to users’ property and privacy. Because of the excessive number of Android application features, which affects the efficiency and accuracy of malware detection. Droid-TF-IDF, an Android malware detection approach based on feature selection, select representative features in benign application and malware according to difference of TF-IDF, is proposed. Firstly, APK files are statically analyzed to extract three types of features：permission, API, and opcode to compose a set of features. Then, the Droid-TF-IDF values of different features are calculated and ranked. Finally, a subset of features with greater Droid-TF-IDF values are selected from the feature set to build models such as random forest, support vector machine（SVM） and convolutional neural networks（CNN） to detect Android malware. A prototype tool is implemented based on the proposed approach, and experiments are carried on 3?006 Android applications. The experimental results show that Droid-TF-IDF can be used for three types of features：permission, API, and opcode, and effectively reduce the dimension of features and improve the performances and efficiency of malware detection. After feature selection, the F1 value for detecting Android malware increased by 0.6 percentage points at most, and the time consumption decreased by 35% at most. Reference | Related Articles | Metrics Select Differential Attack on Lightweight PFP Algorithm LI Yanjun, LI Yinshuang, YANG Minghua, ZHANG Lixian, LIU Jian Computer Engineering and Applications    2023, 59 (21): 296-302.   DOI: 10.3778/j.issn.1002-8331.2305-0193 Abstract （46）      PDF（pc） （522KB）（29）       Knowledge map    Save The PFP algorithm is a lightweight block cipher algorithm proposed in 2017 based on the design idea of the international standard PRESENT algorithm, designed based on the Feistel-SP structure with bit substitution, which has higher efficiency of hardware and software implementation compared to the PRESENT algorithm. In order to perform a new evaluation of the ability of algorithm to resist differential analysis, the S-box and the overall structure are first modeled based on the mixed integer linear programming（MILP） method, and a 4-round iterative differential path with probability 2?11 is searched for the PFP algorithm, and a 22-round differential distinguisher with probability 2?59 is constructed; further, 2 rounds are added before and after the distinguisher to obtain 26 rounds, and by studying the characteristics of the added 4-round key arrangement, the guessing sequence of the key bits is optimized, and at the same time, the 26-round key recovery of the PFP algorithm is performed for the first time by using the early abort technique. The data complexity required for the whole differential attack process is 260 plaintexts, and the time complexity is 254.3 times 26 rounds of encryption, which still has sufficient security redundancy compared with the overall 34-round PFP algorithm. Reference | Related Articles | Metrics Select Model of Online Public Opinion Dissemination of Negative Corporate Events Based on Cross-Platform Networks CHEN Shuqin, WANG Xiaoli, ZHAO Laijun, ZHANG Jing, QIAN Mengdi Computer Engineering and Applications    2023, 59 (19): 220-228.   DOI: 10.3778/j.issn.1002-8331.2207-0491 Abstract （39）      PDF（pc） （765KB）（28）       Knowledge map    Save The rapid development of cross-platform“two micro media and one client”, including WeChat, Weibo and news clients, has further aggravated the complexity and variability of online opinion dissemination of negative corporate events. It is helpful for decision makers to propose effective measures to deal with the online public opinion of negative corporate events. Firstly, this paper constructs an online opinion dissemination model of negative corporate events based on the classical SIR dissemination model, considering the influence of corporate pre-publicity strategy, corporate response strategy and platform environment on the online opinion dissemination process of negative corporate events. Then, it explores the effectiveness of the enterprise’s pre-publicity strategy through the stability analysis of the online opinion dissemination system and solves the threshold value of the online opinion dissemination of negative events. Finally, the “two micro media and one client” network environment is constructed based on the scale-free network, and the main parameters are numerically simulated in the single-layer scale-free network and the cross-platform network of “two micro media and one client”, respectively. The results show that the main parameters of the paper are numerically simulated in the single-layer scale-free network and the cross-platform network of “two micro-palaces”. The results show that the “two microblogs” network opinion dissemination model constructed in this paper can accurately describe the network opinion dissemination process in the real environment, the enterprise pre-publicity strategy, the enterprise purification mechanism and the platform environment can significantly influence the network opinion dissemination process of negative enterprise events, and the enterprise pre-publicity strategy and the enterprise purification mechanism can effectively suppress the spread of negative enterprise events. The pre-publicity strategy, enterprise purification mechanism and platform environment all significantly influence the process of spreading negative online public opinion. Reference | Related Articles | Metrics Select Node Consistency Consensus Algorithm for Malicious Node Attacks in Internet of Vehicles YANG Changchun, ZHANG Yang, CHEN Yourong, MIAO Kelei, REN Tiaojuan, WANG Zhangquan Computer Engineering and Applications    2023, 59 (19): 229-236.   DOI: 10.3778/j.issn.1002-8331.2209-0469 Abstract （55）      PDF（pc） （673KB）（42）       Knowledge map    Save Aiming at the nodes in the internet of vehicles（IoV）, they are vulnerable to malicious node attacks during the consensus process, resulting in low transaction throughput and long transaction delays of the blockchain consensus algorithm. Therefore, the paper proposes a node consistency consensus algorithm for malicious node attacks in the IoV（NCCA）. Firstly, NCCA divides the network of the IoV into several cellular single regions. It determines the list of trusted nodes based on the credit score of nodes and updates the verification nodes periodically. Secondly, NCCA proposes a voting mechanism with different weights of voting types to calculate the voting number of transactions and select the set of transactions requiring consensus. It also improves the node selection of block verification in the process of consensus and selects high-credit value verification nodes to complete consensus. Finally, NCCA proposes a two-round detection mechanism of malicious nodes for the active detection of malicious node attacks, which combines multi-area cooperative detection and local detection in a single area, and implements the operations of empowering and stopping the detected nodes. Experimental results show that NCCA can efficiently detect malicious nodes and reduce the impact of poor performance nodes and malicious nodes on the efficiency of block consensus. NCCA can improve transaction throughput, reduce the average transaction delay and average node communication overhead, and realize efficient consensus under malicious node attacks. Reference | Related Articles | Metrics Select Blockchain Transaction Fraud Detection Based on Modular Decision Forest TIAN Hongpeng, WEI Tian Computer Engineering and Applications    2023, 59 (19): 237-246.   DOI: 10.3778/j.issn.1002-8331.2205-0561 Abstract （60）      PDF（pc） （16214KB）（56）       Knowledge map    Save The blockchain technology is widely used in industries such as digital assets and electronic transactions, thus, there is a lot of frauds. To effectively control the fraud loss of bitcoin transactions, the existing fraud detection methods mainly include learning model prediction and rule matching, etc. However, this method is ineffective and fraudsters are easy to bypass the rules. In view of the above problems, firstly, it proposes an improved denoising sparse autoencoder to reduce the feature dimension of virtual currency transaction data, and then proposes a modular decision forest model combined with the method of“divide and conquer”. Modular decision forest is based on peak density fast fuzzy clustering to decompose data into multiple groups of small data, each group of data will be learned by a decision tree. Secondly, the fuzzy boundary is determined according to the membership degree, and a set of decision trees are added to the boundary fuzzy samples for learning. For the samples which are still difficult to classify, the strategy of multiple partitions is adopted, and the parent decision tree and multiple sub-decision trees are learned together. Finally, in the experimental verification part, the performance of the modular decision forest model is verified by using the digital image dataset Optdigits, virtual currency transaction dataset Elliptic and Ethereum, and compared with graph neural network, logistic regression, random forest, and other models. The results show that the accuracy, recall, and F1-score of the modular decision forest model are significantly improved. Reference | Related Articles | Metrics Select APT Attack Detection Method Combining Dynamic Behavior and Static Characteristics LIANG He, LI Xin, YIN Nannan, LI Chao Computer Engineering and Applications    2023, 59 (18): 249-259.   DOI: 10.3778/j.issn.1002-8331.2204-0239 Abstract （61）      PDF（pc） （766KB）（40）       Knowledge map    Save Aiming at the problem that the network traffic of APT attack is difficult to obtain and the simulated data is difficult to match with the reality, this paper proposes an APT attack detection method based on the combination of dynamic behavior and static characteristics. Firstly, Noriben sandbox is used to extract the process behavior, file behavior, registry behavior and network behavior of the software to be tested to build a dynamic behavior feature set. The accuracy of identifying APT malware based on Transformer-Encoder algorithm is 95.8%. Then this paper classifies the identified APT malware, extracts the DLL（dynamic link library）and API（application programming interface）called by the software, and combines them into the characteristic form of DLL： API. The accuracy of applying 1D-CNN（one dimensional convolutional neural networks） algorithm to APT malware organization classification has reached 98.7%, which is 5 percentage points higher than the previous method. Finally, compared with the experimental results of popular deep learning algorithms and machine learning algorithms, the data show that the accuracy of this method is greatly improved compared with other methods. Reference | Related Articles | Metrics Select Optimized Gradient Boosting Black-Box Adversarial Attack Algorithm LIU Mengting, LING Jie Computer Engineering and Applications    2023, 59 (18): 260-267.   DOI: 10.3778/j.issn.1002-8331.2205-0051 Abstract （63）      PDF（pc） （682KB）（38）       Knowledge map    Save Adversarial examples can make deep neural networks output wrong results with higher confidence. Adversarial examples are divided into white-box attacks and black-box attacks. White-box attacks have achieved a high success rate at present, while black-box attacks have a low attack success rate due to unknown models and parameters. In order to improve the success rate of black-box attacks, this paper proposes a optimized gradient boosting black-box adversarial attack algorithm. Firstly, the method in this paper uses the mixed image method to mix the image samples of other categories and obtain the mixed gradient with the information of other categories. Secondly, the gradient variance in the last iteration process is used to adjust the gradient of the current image sample to obtain the optimized gradient. Then, the optimized gradient is combined with the Adam optimization algorithm to perform iterative optimization to generate highly transferable adversarial examples. Experiments on the ImageNet dataset show that the proposed algorithm can effectively improve the black-box attack of adversarial examples. The average attack success rate of single model attack and integrated model attack is 71.7% and 88.3% respectively. The average attack success rate has reached 96.8% after the fusion of three transform-based anti-attack algorithms. In addition, the average success rate of attacking the five existing adversarial defense models is 92.7%, which is better than the current attack method based on input transformation and gradient attack method. Reference | Related Articles | Metrics Select Lightweight Bidirectional Authentication Protocol for RFID HE Jiaqi, PENG Changgen, FU Zhangjie, XU Dequan, TANG Hanlin Computer Engineering and Applications    2023, 59 (18): 268-277.   DOI: 10.3778/j.issn.1002-8331.2205-0362 Abstract （63）      PDF（pc） （591KB）（35）       Knowledge map    Save In order to improve the efficiency of identifying authentication in radio frequency identification（RFID） system and solve the problem of protecting privacy of communication participants, a novel lightweight RFID bidirectional authentication protocol is proposed. The protocol adopts ECC cryptographic algorithm and Hash function. Firstly, based on Hash function, ECC cryptographic algorithm and or operation, the random number generator is used to generate the unpredictable message authentication code to ensure the freshness of transmitted information during bidirectional authentication. Then, the real identity of the communication participants is hidden via using elliptic curve encryption algorithm. Based on ECDLP difficult problem and ensuring the identity privacy, the protocol adopted two rounds of message interaction mode for the communication participants to verify the fresh message authentication code, so as to achieve the bidirectional authentication. Finally, the shared session key of the tag and server is negotiated by specifying the key seed. The automatic rekeying mechanism is designed to realize the key synchronization between the two participants. In comparison with some typical bidirectional authentication protocols, the proposed bidirectional authentication protocol can save the computation time by up to 40% and the storage space by up to 25%. In addition, it can support the multiple security requirements and resist different malicious attacks. Reference | Related Articles | Metrics Select Hardware Trojan Detection for Gate-Level Netlists Based on Multidimensional Features LI Linyuan, XU Jinfu, YAN Yingjian, ZHAO Conghui, LIU Yanjiang Computer Engineering and Applications    2023, 59 (18): 278-284.   DOI: 10.3778/j.issn.1002-8331.2206-0101 Abstract （43）      PDF（pc） （497KB）（21）       Knowledge map    Save Hardware Trojans have become one of the main security threats to the integrated circuits. However, the existing safety analysis methods describe the features of hardware Trojans from a single point of view. The detection accuracy is low, which is difficult to be applied to practical detection. In this paper, the essential attributes and typical structures of hardware Trojans are analyzed, and the 13-dimensional feature vector is proposed, which can cover all known types of hardware Trojans. SMOTETomek is introduced to reduce the imbalance of the train set. The importance of Trojan features are evaluated by random forest, and the feature vector is optimized according to the importance ranking and model scoring. The classifier is established based on the optimal feature vector to identify the Trojan signals. 21 benchmark circuits from the Trust-hub are used to validate the efficacy of the proposed approach. The recognition rate of Trojan signals reaches 99.22%, and the misjudgment rate is only 0.01%. Compared with the existing literatures, the detection ability has been greatly improved. Reference | Related Articles | Metrics Select High-Performance Kernel-Level In-Network Caching for Named Data Networking YANG Jike, SONG Tian, LI Tianlong, YANG Yating Computer Engineering and Applications    2023, 59 (16): 240-247.   DOI: 10.3778/j.issn.1002-8331.2204-0068 Abstract （41）      PDF（pc） （638KB）（31）       Knowledge map    Save Named data networking（NDN） is a new information-centric network architecture. In-network caching is one of core functions in NDN. Current cache modules are mainly deployed in user-level, which brings issues of network operation efficiency, compatibility among devices and limitation of deployment location. Comparing to user-level cache module, kernel-level cache module can be directly and widely deployed on general net devices, so it can boost the large-scale deployment of in-network caching and the practical use of NDN solutions. However, due to the frequent per-packet caching operations in NDN, introducing cache into kernel may cause performance issues. To solve these performance issues, this paper designs and implements a kernel-level cache method. The cache method uses a hash table for exact cache lookup and utilizes the naming conventions of NDN to construct a trie for prefix cache lookup. Furthermore, this paper presents an approach of using fine-grained per-slot locks for lookup table and atomic operations for replacement queues to parallelize cache operations. The multi-thread cache module is implemented in the Linux kernel. The experimental results show that the proposed cache scheme reduces the lookup latency by half comparing to current solutions, and boosts the throughput up to 6.785 Mpacket/s via multithreading. Reference | Related Articles | Metrics Select Efficient Task Offloading Scheme of Body Area Networks in Mobile Edge Computing Environment ZHU Changhong, LIAO Dongsen, YU Qiqi, REN Junyu, WAN Haibin, QIN Tuanfa Computer Engineering and Applications    2023, 59 (16): 248-255.   DOI: 10.3778/j.issn.1002-8331.2204-0005 Abstract （52）      PDF（pc） （600KB）（57）       Knowledge map    Save Mobile edge computing（MEC） has become one of the popular methods to solve the lack of computing resources in wireless body area networks（WBAN） in recent years. However, in the existing research work, the computing resources around the patients have not been fully utilized, which may easily cause network congestion. Under this circumstance, an efficient task offloading scheme is proposesd, combining cellular, WiFi network and device to device（D2D） communication, which makes full use of various computing resources in WBAN application scenarios, effectively reduces the load of cellular network and improves the reliability of the system. A low-complexity genetic algorithm is designed to obtain the minimum total unloading cost of the system under the condition of considering the patient’s delay, energy consumption and economical expenses at the same time. The experimental simulation results show that compared with random offloading, cellular offloading, offloading without WiFi, and offloading without D2D, the proposed scheme can more effectively reduce the total system cost and provide patients with higher service quality. Reference | Related Articles | Metrics Select Enhanced Supervised Cross-Domain Protocol Defect Prediction Algorithm ZHOU Chao, WANG Zhen, QIN Futong, LIU Yi Computer Engineering and Applications    2023, 59 (16): 256-261.   DOI: 10.3778/j.issn.1002-8331.2204-0442 Abstract （29）      PDF（pc） （485KB）（26）       Knowledge map    Save Defect prediction for software code is a common research problem, but protocol-based code defect prediction is an unknown problem for the time being. In this paper, an enhanced supervised cross-domain protocol defect prediction（ESCPDP） algorithm is proposed to solve class imbalance and feature redundancy problems in the cross-domain defect prediction. Firstly, mean-RESMOTE is proposed to solve the problem of class imbalance in the dataset. Secondly, Hybrid-RFE+ is proposed to solve the problem of feature selection carried out on the over-sampled data for getting the optimal subset. Finally, support vector machine（SVM） is used to build a supervised defect prediction model. Acc, Recall and F1 values are used as evaluation indexes to verify the proposed model on the NASA dataset and the Net protocol defect dataset independently collected and constructed. Experimental results show that ESCPDP algorithm is superior to other classical algorithms and has better prediction effect. Reference | Related Articles | Metrics page Page 1 of 3 Total 97 records First page Prev page Next page Last page