Applied Mechanics and Materials Vols. 263-266

Abstract: The attack of SQL injection is a well-known threat to web applications, which leads to great damages of confidentiality and integrity of information in databases. Therefore, it is essential for each web applications to detect SQL injection vulnerabilities and eliminate the hidden danger. In this paper, an approach based on penetration testing named YUKIER is proposed to achieve higher effectiveness and preciseness on identifying security vulnerabilities. We compare YUKIER with SQLiX and Paros Proxy, and the experiment results demonstrate that our proposed approach has the higher performances with respect to the existing circumstance.

Abstract: In order to reduce the false matching rate when detecting copy-move forgeries, an improved method based on SIFT and gray level was proposed in this study. Firstly, extract SIFT key points, and establish SIFT feature vector for every key point; Secondly, extract the gray level feature and combine it with SIFT feature to found a feature vector with size of 129D; Finally, match the above feature vector between every two different key points and then the copy-move regions would be detected. The experimental results showed that the improved algorithm reduced false matching rate even when an image was distorted by Gaussian blur.

Abstract: Clustering analysis is a typical unsupervised learning technology in data mining, which can improve the efficiency of intrusion detection system. LEGClust cluster algorithm is a new clustering analysis technique and it can effectively find the arbitrary shape clusters hidden in the data. We apply this algorithm to the intrusion detection field and present an intrusion detection method. We introduce the real dissimilarity among data into the determination of data connection relationship. Experiment results on KDD CUP1999 Dataset show that LEGClust algorithm is an effective technique for intrusion detection and the improved LEGClust performs even better.

Abstract: Currently, the malware behavior analysis technique spends a lot of time to generate test data. To improve it, this paper proposes a method of malware behavior analysis based on approach to sensitive behavior function. And the techniques of sensitive behavior function identification, sensitive path search and approaching sensitive behavior function are discussed in this paper. This method detects and analyzes the malware behavior by combining the concrete execution and symbolic execution together. It shows that this method can improve the efficiency of malware behavior detection by comparing it with fuzz and full path traversing technique.

Abstract: Many websites use CAPTCHAs ("Completely Automated Public Turing tests to tell Computers and Humans Apart") in an attempt to block automated interactions with their sites. However, widely deployed schemes can be broken with simple but novel attacks. As safety problem has always been very important, in order to meet safety requirements, we through reading many related articles and finding the existing problem of the CAPTCHA. To solve these problems, we developed a new chinese character scheme adding more human participation. This new scheme can increase the robustness of CAPTCHA and effectively prevent the automatic program attacks.

Abstract: Certificateless Public Key Cryptography (CL-PKC) overcomes not only the key escrow problem in public key cryptography but also the cost of the certificate publishing and management in the Certificateless Public Key Cryptography (CL-PKC). No certificate public key cryptosystem just meet the requirements of this, but it relies on a special authentication server, which has high operating costs and lack of flexibility and it cannot meet the requirements of wireless sensor networks directly. Considering these problems, a multi-node of synergy certificateless authentication approach is proposed for WSN. The certificate of the nodes would be done by the certification set. And the set was consited of trusted neighbor nodes. Analysis indicates that this certification meets the security requirements of general wireless sensor networks and has advantages of low-cost and high efficiency.

Abstract: Based on the newly introduced d-decisional Diffie-Hellman (d-DDH) intractable problem, a signature scheme and a multi-signature scheme are proposed. The main method in the constructions is a transformation of a knowledge proof on the equality of two discrete logarithms. The two schemes are proved secure in the random oracle model and the security reductions to the d-DDH problem are tight. Moreover, one can select different d for different security demand of applications. Thus the schemes are secure, efficient and practical.

Abstract: A VPA algorithm is proposed to mining the association rules in the privacy preserving data mining, where data is vertically partitioned. The VSS protocol was used to encrypt the vertically data, which was owned by different parties. And the private comparing protocol was adopted to generate the frequent itemset. In VPA the ID numbers of the recordings were employed to keep the consistency of the data among different parties, which were saved in ID index array. The VPA algorithm can generate association rules without violating the privacy. The performance of the scheme is validated against representative real and synthetic datasets. The results reveal that the VPA algorithm can do the same in finding frequent itemset and generating the consistent rules, as it did in Apriori algorithm, in which the data were vertically partitioned and totally encrypted.

Abstract: How to achieve secure access control in multi-domain is a hot research topic in the information security field. The access control policy for confidential information system is different from that for ordinary commercial information system, because the former concerns about the confidentiality of the data and the latter concerns about the integrity. Emphatically discusses the access control policies for confidential information system, including single-domain and multi-domain environment, and presents two useful access control policies for multi-domain.

Abstract: It is much easier to store data with cloud storage. However, the development of cloud storage was restricted to many security factors. This paper introduces the basic concept of cloud storage, proposes a security framework in architecture of cloud storage, analyzes existing security problems in architecture of cloud storage, and reviews the current research progress. Cloud storage will be inestimable if we resolve security problems of cloud storage.