Applied Mechanics and Materials Vols. 263-266

Abstract: With the great increasing of high-speed networks,the traditional network intrusion detection system(NIDS) has a serious problem with handling heavy traffic loads in real-time ,which may result in packets loss and error detection . In this paper we will introduce the efficient load balancing scheme into NIDS and improve rule sets of the detection engine so as to make NIDS more suitable to high-speed networks environment.

Abstract: We present a fully secure ciphertext-policy attribute-based encryption (CP-ABE) scheme in prime order group by using a tool which can convert composite order paring-based encryption scheme into prime order one. Although, a fully secure CP-ABE scheme in prime order group has been proposed recently, our scheme needs less master secret key size and can be seen as a different version of it. Besides, the sketch of our scheme's security proof is also given.

Abstract: In this paper, some scholars’ idea of applying neural network technology in the design of hacker intrusion detection system model and making a hacker intrusion detection system model based on artificial neural network is adopted. This study selects KDDCup’99 for network intrusion detection data set to learn the characteristics of the intrusion accurately; completes the normalization of all characteristics to achieve rapid convergence of the artificial neural network; analyses the advantages and disadvantages of different neural network training functions; achieves a high accuracy rate for intrusion detection successfully.

Abstract: SIP is one of the mainstream protocols in the VoIP. A majority of SIP’s security mechanism only provides a single direction authentication from server to client such as HTTP digest authentication. To improve the present situation, a new security mechanism of SIP based on the improved HTTP digest authentication is put forward in this study. This improved security mechanism not only provides a double direction authentication between the server and client but also reduces the expenses of the server and increases the authentication efficiency thanks to its low computational complexity.

Abstract: Aiming to the problems in the existing JPEG steganalysis schemes, such as high redundancy in features and failure to make good use of the complementarities among them, this study proposed a JPEG steganalysis approach based on feature fusion by the principal component analysis (PCA) and analysis of the complementarities among features. The study fused complementary features and isolated redundant components by PCA, and finally used RBaggSVM classifier for classification. Experimental results show that this scheme effectively improves the detection rate of steganalysis in JPEG images and achieves faster speed of image classification.

Abstract: In this paper, we propose a Multi-Copy Dynamic Data Possession (MC-DDP) protocols based on index hash-table, which extends DPDP model to support provable update to outsourced multi-copy data and timely anomaly detection. Through security analysis, the proposed protocol is shown to be secure and very suitable for cloud storage systems.

Abstract: The Ad hoc network is a mobile wireless self-organized network whose security is likely to be endangered owing to its dynamic topology and wireless communication. The security of the Ad hoc network is based on the key management. This paper covers self-organized key management of the Ad hoc network, and presents a Zero knowledge and Fiat-Shamir protocol based self-organized key management algorithm to secure it.

Abstract: Along with the development of Internet of Things (IOT), there are a lot of increasingly serious security problems. The traditional intrusion detection method cannot adapt to the requirement of IOT. In this paper we advance a new intrusion detection method which can adapt to IOT. It is based on Hidden Markov Model (HMM), which is named as Hidden Markov state time delay sequence embedding (HMMSTdse) method.

Abstract: Based on ElGamal system, a general authenticated encryption scheme characterized by (k, l) joint verification was put forward through integrating (t, n) threshold signature scheme and message recovery technique together. After being signed by any t ones from a company with n members, message m was transmitted to a particular verifier company with l members, and then recovered through the cooperation of any k ones from the verifier company, so as to realize a directional transmission between different companies. The security of this scheme is based on threshold scheme of Shamir and ElGamal system, and the scheme enjoys the characteristics of lower bandwidth and reduced communication cost, etc.

Abstract: The application of OTP user authentication technology to the FTP proxy server on the firewall can further improve the security of user login. On the basis of the OTP, a more secure and reliable improved method of OTP authentication appears, which will add the client's MAC address and port number to the uncertainty factors so as to make it difficult for the attacker to masquerade as a normal user login and consequently make process more secure.