Wearable devices usually work together with smart phones.To ensure only legitimate smart phones can read the data,they must conduct pairing to establish a shared key.Traditional pairing methods require that the pairing devices have a keyboard or screen for user interaction.However,due to the size limitation,keyboards or screens are hard to be installed in the wearable devices.To solve this problem,we propose a novel pairing method by using ambient sound and light.In this new scheme,any pairing request from smart phone will trigger wearable device vibration.Only after users press the confirm key on the device can the pairing process continues.Then pairing devices collect ambient sound and light at the predetermined time and establish a shared key by using the Diffie-Hellman protocol.To protect against potential man-in-the-middle attacks in the key establishment process,an improved interlock protocol with sound and light comparison is conducted to authenticate the key.If both the sound and light collected by the pairing devices are similar enough,the key is accepted.Otherwise,it is rejected.Compared with current context based pairing methods,our scheme does not impose strict synchronization on devices to collect ambient context data.Moreover,our scheme need not collect and exchange contextual information for multiple times to resist offline brute force attacks.The experimental results and security analysis prove the effectiveness of our scheme.
LIU DongCHEN JingDENG QisiArouna KONATETIAN Zairong
应用软件一般需要输入和处理敏感信息,如密码,以实现用户和远程服务器之间的可靠认证和安全交互.定量度量敏感信息在敏感信息处理中的安全性是目前研究的难点.根据敏感信息处理的流程和敏感信息出现点的上下文,定义敏感信息处理的固有属性、可变属性和推求属性,设计了从固有属性和可变属性到数据操作的映射规则,提出了基于层次分析法(analytic hierarchy process,AHP)及折中型多属性决策(technique for order preference by similarity to an ideal solution,TOPSIS)的敏感度计算方法,从而实现敏感度的定量计算,展示在敏感信息处理中敏感度的动态变化规律,为敏感信息处理的安全防护提供支持.该方法可以应用于可信软件的安全分析和可信度量,最后,实验分析了3种敏感信息在处理中的敏感度变化,发现了敏感信息处理的潜在危险点,从而证实了该方法的有效性.
The global growth of the Internet and the rapid expansion of social networks such as Facebook make multilingual sentiment analysis of social media content very necessary. This paper performs the first sentiment analysis on code-mixed Bambara-French Facebook comments. We develop four Long Short-term Memory(LSTM)-based models and two Convolutional Neural Network(CNN)-based models, and use these six models, Na?ve Bayes, and Support Vector Machines(SVM) to conduct experiments on a constituted dataset. Social media text written in Bambara is scarce. To mitigate this weakness, this paper uses dictionaries of character and word indexes to produce character and word embedding in place of pre-trained word vectors. We investigate the effect of comment length on the models and perform a comparison among them. The best performing model is a one-layer CNN deep learning model with an accuracy of 83.23 %.
The distributed detection of botnets may induce heavy computation and communication costs to network devices. Each device in related scheme only has a regional view of Internet, so it is hard to detect botnet comprehensively. In this paper, we propose a lightweight real-time botnet detection framework called Bot-Guard, which uses the global landscape and flexible configurability of software defined network (SDN) to identify botnets promptly. SDN, as a new network framework, can make centralized control in botnet detection, but there are still some challenges in such detections. We give a convex lens imaging graph (CLI-graph) to depict the topology characteristics of botnet, which allows SDN controller to locate attacks separately and mitigate the burden of network devices. The theoretical and experimental resuits prove that our scheme is capable of timely botnet detecting in SDNs with the accuracy higher than 90% and the delay less than 56 ms.
Self-certified signcryption can remove key escrow problem and certification management problem. Based on Boneh and Boyen's short signature scheme, a secure self-certified sign- cryption scheme is proposed. Under the strong Diffie-Hellman assumption, the new scheme is proved secure, in which it satisfies public verifiability and existential unforgeablity. Furthermore, performance analysis shows that the proposed scheme only re- quires two pairing evaluations, so it can be used in the power and bandwidth limited environments.
蜜罐服务的负载均衡是保障蜜场系统稳定运行的关键技术之一.蜜场环境下网络流量具有突发性强、流量大等特点,现有负载均衡算法往往需要动态且频繁地查询采集服务器的负载信息,会增加大量额外的开销.本文提出了一种面向蜜场环境的负载均衡算法(a load balanc algorithm towards the Honey farm environment,LBHF),该算法通过设计预警收敛流量分配策略、主动抢占式反馈策略以及基于排队模型的等待队列动态调整策略,有效地实现了蜜场环境下的负载均衡.实验结果显示,与Pick-KX算法相比LBHF具有良好的性能表现.
