for Journals by Title or ISSN
for Articles by Keywords
  Subjects -> COMPUTER SCIENCE (Total: 2050 journals)
    - ANIMATION AND SIMULATION (30 journals)
    - AUTOMATION AND ROBOTICS (100 journals)
    - COMPUTER ARCHITECTURE (9 journals)
    - COMPUTER ENGINEERING (10 journals)
    - COMPUTER GAMES (16 journals)
    - COMPUTER PROGRAMMING (27 journals)
    - COMPUTER SCIENCE (1196 journals)
    - COMPUTER SECURITY (46 journals)
    - DATA BASE MANAGEMENT (14 journals)
    - DATA MINING (32 journals)
    - E-BUSINESS (22 journals)
    - E-LEARNING (28 journals)
    - IMAGE AND VIDEO PROCESSING (39 journals)
    - INFORMATION SYSTEMS (109 journals)
    - INTERNET (94 journals)
    - SOCIAL WEB (51 journals)
    - SOFTWARE (34 journals)
    - THEORY OF COMPUTING (8 journals)

COMPUTER SCIENCE (1196 journals)                  1 2 3 4 5 6 | Last

Showing 1 - 200 of 872 Journals sorted alphabetically
3D Printing and Additive Manufacturing     Full-text available via subscription   (Followers: 20)
Abakós     Open Access   (Followers: 4)
ACM Computing Surveys     Hybrid Journal   (Followers: 22)
ACM Journal on Computing and Cultural Heritage     Hybrid Journal   (Followers: 8)
ACM Journal on Emerging Technologies in Computing Systems     Hybrid Journal   (Followers: 11)
ACM Transactions on Accessible Computing (TACCESS)     Hybrid Journal   (Followers: 3)
ACM Transactions on Algorithms (TALG)     Hybrid Journal   (Followers: 15)
ACM Transactions on Applied Perception (TAP)     Hybrid Journal   (Followers: 5)
ACM Transactions on Architecture and Code Optimization (TACO)     Hybrid Journal   (Followers: 9)
ACM Transactions on Autonomous and Adaptive Systems (TAAS)     Hybrid Journal   (Followers: 7)
ACM Transactions on Computation Theory (TOCT)     Hybrid Journal   (Followers: 12)
ACM Transactions on Computational Logic (TOCL)     Hybrid Journal   (Followers: 3)
ACM Transactions on Computer Systems (TOCS)     Hybrid Journal   (Followers: 17)
ACM Transactions on Computer-Human Interaction     Hybrid Journal   (Followers: 14)
ACM Transactions on Computing Education (TOCE)     Hybrid Journal   (Followers: 5)
ACM Transactions on Design Automation of Electronic Systems (TODAES)     Hybrid Journal   (Followers: 3)
ACM Transactions on Economics and Computation     Hybrid Journal  
ACM Transactions on Embedded Computing Systems (TECS)     Hybrid Journal   (Followers: 3)
ACM Transactions on Information Systems (TOIS)     Hybrid Journal   (Followers: 19)
ACM Transactions on Intelligent Systems and Technology (TIST)     Hybrid Journal   (Followers: 7)
ACM Transactions on Interactive Intelligent Systems (TiiS)     Hybrid Journal   (Followers: 3)
ACM Transactions on Multimedia Computing, Communications, and Applications (TOMCCAP)     Hybrid Journal   (Followers: 9)
ACM Transactions on Reconfigurable Technology and Systems (TRETS)     Hybrid Journal   (Followers: 6)
ACM Transactions on Sensor Networks (TOSN)     Hybrid Journal   (Followers: 7)
ACM Transactions on Speech and Language Processing (TSLP)     Hybrid Journal   (Followers: 8)
ACM Transactions on Storage     Hybrid Journal  
ACS Applied Materials & Interfaces     Full-text available via subscription   (Followers: 27)
Acta Automatica Sinica     Full-text available via subscription   (Followers: 2)
Acta Universitatis Cibiniensis. Technical Series     Open Access  
Ad Hoc Networks     Hybrid Journal   (Followers: 11)
Adaptive Behavior     Hybrid Journal   (Followers: 11)
Advanced Engineering Materials     Hybrid Journal   (Followers: 28)
Advanced Science Letters     Full-text available via subscription   (Followers: 9)
Advances in Adaptive Data Analysis     Hybrid Journal   (Followers: 7)
Advances in Artificial Intelligence     Open Access   (Followers: 15)
Advances in Calculus of Variations     Hybrid Journal   (Followers: 2)
Advances in Catalysis     Full-text available via subscription   (Followers: 5)
Advances in Computational Mathematics     Hybrid Journal   (Followers: 18)
Advances in Computer Science : an International Journal     Open Access   (Followers: 15)
Advances in Computing     Open Access   (Followers: 2)
Advances in Data Analysis and Classification     Hybrid Journal   (Followers: 51)
Advances in Engineering Software     Hybrid Journal   (Followers: 27)
Advances in Geosciences (ADGEO)     Open Access   (Followers: 13)
Advances in Human Factors/Ergonomics     Full-text available via subscription   (Followers: 23)
Advances in Human-Computer Interaction     Open Access   (Followers: 19)
Advances in Materials Sciences     Open Access   (Followers: 14)
Advances in Operations Research     Open Access   (Followers: 12)
Advances in Parallel Computing     Full-text available via subscription   (Followers: 6)
Advances in Porous Media     Full-text available via subscription   (Followers: 5)
Advances in Remote Sensing     Open Access   (Followers: 43)
Advances in Science and Research (ASR)     Open Access   (Followers: 4)
Advances in Technology Innovation     Open Access   (Followers: 5)
AEU - International Journal of Electronics and Communications     Hybrid Journal   (Followers: 8)
African Journal of Information and Communication     Open Access   (Followers: 6)
African Journal of Mathematics and Computer Science Research     Open Access   (Followers: 4)
AI EDAM     Hybrid Journal  
Air, Soil & Water Research     Open Access   (Followers: 11)
AIS Transactions on Human-Computer Interaction     Open Access   (Followers: 5)
Algebras and Representation Theory     Hybrid Journal   (Followers: 1)
Algorithms     Open Access   (Followers: 11)
American Journal of Computational and Applied Mathematics     Open Access   (Followers: 5)
American Journal of Computational Mathematics     Open Access   (Followers: 4)
American Journal of Information Systems     Open Access   (Followers: 5)
American Journal of Sensor Technology     Open Access   (Followers: 4)
Anais da Academia Brasileira de Ciências     Open Access   (Followers: 2)
Analog Integrated Circuits and Signal Processing     Hybrid Journal   (Followers: 7)
Analysis in Theory and Applications     Hybrid Journal   (Followers: 1)
Animation Practice, Process & Production     Hybrid Journal   (Followers: 5)
Annals of Combinatorics     Hybrid Journal   (Followers: 3)
Annals of Data Science     Hybrid Journal   (Followers: 11)
Annals of Mathematics and Artificial Intelligence     Hybrid Journal   (Followers: 12)
Annals of Pure and Applied Logic     Open Access   (Followers: 2)
Annals of Software Engineering     Hybrid Journal   (Followers: 13)
Annual Reviews in Control     Hybrid Journal   (Followers: 6)
Anuario Americanista Europeo     Open Access  
Applicable Algebra in Engineering, Communication and Computing     Hybrid Journal   (Followers: 2)
Applied and Computational Harmonic Analysis     Full-text available via subscription   (Followers: 1)
Applied Artificial Intelligence: An International Journal     Hybrid Journal   (Followers: 13)
Applied Categorical Structures     Hybrid Journal   (Followers: 2)
Applied Clinical Informatics     Hybrid Journal   (Followers: 2)
Applied Computational Intelligence and Soft Computing     Open Access   (Followers: 11)
Applied Computer Systems     Open Access   (Followers: 2)
Applied Informatics     Open Access  
Applied Mathematics and Computation     Hybrid Journal   (Followers: 33)
Applied Medical Informatics     Open Access   (Followers: 10)
Applied Numerical Mathematics     Hybrid Journal   (Followers: 5)
Applied Soft Computing     Hybrid Journal   (Followers: 16)
Applied Spatial Analysis and Policy     Hybrid Journal   (Followers: 4)
Applied System Innovation     Open Access  
Architectural Theory Review     Hybrid Journal   (Followers: 3)
Archive of Applied Mechanics     Hybrid Journal   (Followers: 5)
Archive of Numerical Software     Open Access  
Archives and Museum Informatics     Hybrid Journal   (Followers: 130)
Archives of Computational Methods in Engineering     Hybrid Journal   (Followers: 5)
arq: Architectural Research Quarterly     Hybrid Journal   (Followers: 7)
Artifact     Hybrid Journal   (Followers: 2)
Artificial Life     Hybrid Journal   (Followers: 7)
Asia Pacific Journal on Computational Engineering     Open Access  
Asia-Pacific Journal of Information Technology and Multimedia     Open Access   (Followers: 1)
Asian Journal of Computer Science and Information Technology     Open Access  
Asian Journal of Control     Hybrid Journal  
Assembly Automation     Hybrid Journal   (Followers: 2)
at - Automatisierungstechnik     Hybrid Journal   (Followers: 1)
Australian Educational Computing     Open Access   (Followers: 1)
Automatic Control and Computer Sciences     Hybrid Journal   (Followers: 4)
Automatic Documentation and Mathematical Linguistics     Hybrid Journal   (Followers: 5)
Automatica     Hybrid Journal   (Followers: 11)
Automation in Construction     Hybrid Journal   (Followers: 6)
Autonomous Mental Development, IEEE Transactions on     Hybrid Journal   (Followers: 9)
Basin Research     Hybrid Journal   (Followers: 5)
Behaviour & Information Technology     Hybrid Journal   (Followers: 53)
Big Data and Cognitive Computing     Open Access   (Followers: 2)
Biodiversity Information Science and Standards     Open Access  
Bioinformatics     Hybrid Journal   (Followers: 281)
Biomedical Engineering     Hybrid Journal   (Followers: 15)
Biomedical Engineering and Computational Biology     Open Access   (Followers: 13)
Biomedical Engineering, IEEE Reviews in     Full-text available via subscription   (Followers: 19)
Biomedical Engineering, IEEE Transactions on     Hybrid Journal   (Followers: 35)
Briefings in Bioinformatics     Hybrid Journal   (Followers: 43)
British Journal of Educational Technology     Hybrid Journal   (Followers: 142)
Broadcasting, IEEE Transactions on     Hybrid Journal   (Followers: 10)
c't Magazin fuer Computertechnik     Full-text available via subscription   (Followers: 1)
CALCOLO     Hybrid Journal  
Calphad     Hybrid Journal  
Canadian Journal of Electrical and Computer Engineering     Full-text available via subscription   (Followers: 14)
Capturing Intelligence     Full-text available via subscription  
Catalysis in Industry     Hybrid Journal   (Followers: 1)
CEAS Space Journal     Hybrid Journal   (Followers: 2)
Cell Communication and Signaling     Open Access   (Followers: 2)
Central European Journal of Computer Science     Hybrid Journal   (Followers: 5)
CERN IdeaSquare Journal of Experimental Innovation     Open Access   (Followers: 2)
Chaos, Solitons & Fractals     Hybrid Journal   (Followers: 3)
Chemometrics and Intelligent Laboratory Systems     Hybrid Journal   (Followers: 14)
ChemSusChem     Hybrid Journal   (Followers: 7)
China Communications     Full-text available via subscription   (Followers: 7)
Chinese Journal of Catalysis     Full-text available via subscription   (Followers: 2)
CIN Computers Informatics Nursing     Full-text available via subscription   (Followers: 11)
Circuits and Systems     Open Access   (Followers: 15)
Clean Air Journal     Full-text available via subscription   (Followers: 1)
CLEI Electronic Journal     Open Access  
Clin-Alert     Hybrid Journal   (Followers: 1)
Cluster Computing     Hybrid Journal   (Followers: 1)
Cognitive Computation     Hybrid Journal   (Followers: 4)
COMBINATORICA     Hybrid Journal  
Combinatorics, Probability and Computing     Hybrid Journal   (Followers: 4)
Combustion Theory and Modelling     Hybrid Journal   (Followers: 14)
Communication Methods and Measures     Hybrid Journal   (Followers: 12)
Communication Theory     Hybrid Journal   (Followers: 20)
Communications Engineer     Hybrid Journal   (Followers: 1)
Communications in Algebra     Hybrid Journal   (Followers: 3)
Communications in Computational Physics     Full-text available via subscription   (Followers: 2)
Communications in Partial Differential Equations     Hybrid Journal   (Followers: 3)
Communications of the ACM     Full-text available via subscription   (Followers: 52)
Communications of the Association for Information Systems     Open Access   (Followers: 16)
COMPEL: The International Journal for Computation and Mathematics in Electrical and Electronic Engineering     Hybrid Journal   (Followers: 3)
Complex & Intelligent Systems     Open Access   (Followers: 1)
Complex Adaptive Systems Modeling     Open Access  
Complex Analysis and Operator Theory     Hybrid Journal   (Followers: 2)
Complexity     Hybrid Journal   (Followers: 6)
Complexus     Full-text available via subscription  
Composite Materials Series     Full-text available via subscription   (Followers: 8)
Computación y Sistemas     Open Access  
Computation     Open Access  
Computational and Applied Mathematics     Hybrid Journal   (Followers: 2)
Computational and Mathematical Methods in Medicine     Open Access   (Followers: 2)
Computational and Mathematical Organization Theory     Hybrid Journal   (Followers: 2)
Computational and Structural Biotechnology Journal     Open Access   (Followers: 2)
Computational and Theoretical Chemistry     Hybrid Journal   (Followers: 9)
Computational Astrophysics and Cosmology     Open Access   (Followers: 1)
Computational Biology and Chemistry     Hybrid Journal   (Followers: 11)
Computational Chemistry     Open Access   (Followers: 2)
Computational Cognitive Science     Open Access   (Followers: 2)
Computational Complexity     Hybrid Journal   (Followers: 4)
Computational Condensed Matter     Open Access  
Computational Ecology and Software     Open Access   (Followers: 9)
Computational Economics     Hybrid Journal   (Followers: 9)
Computational Geosciences     Hybrid Journal   (Followers: 15)
Computational Linguistics     Open Access   (Followers: 23)
Computational Management Science     Hybrid Journal  
Computational Mathematics and Modeling     Hybrid Journal   (Followers: 8)
Computational Mechanics     Hybrid Journal   (Followers: 5)
Computational Methods and Function Theory     Hybrid Journal  
Computational Molecular Bioscience     Open Access   (Followers: 2)
Computational Optimization and Applications     Hybrid Journal   (Followers: 7)
Computational Particle Mechanics     Hybrid Journal   (Followers: 1)
Computational Research     Open Access   (Followers: 1)
Computational Science and Discovery     Full-text available via subscription   (Followers: 2)
Computational Science and Techniques     Open Access  
Computational Statistics     Hybrid Journal   (Followers: 14)
Computational Statistics & Data Analysis     Hybrid Journal   (Followers: 30)
Computer     Full-text available via subscription   (Followers: 94)
Computer Aided Surgery     Hybrid Journal   (Followers: 6)
Computer Applications in Engineering Education     Hybrid Journal   (Followers: 8)
Computer Communications     Hybrid Journal   (Followers: 10)
Computer Engineering and Applications Journal     Open Access   (Followers: 5)
Computer Journal     Hybrid Journal   (Followers: 9)
Computer Methods in Applied Mechanics and Engineering     Hybrid Journal   (Followers: 23)
Computer Methods in Biomechanics and Biomedical Engineering     Hybrid Journal   (Followers: 12)
Computer Methods in the Geosciences     Full-text available via subscription   (Followers: 2)
Computer Music Journal     Hybrid Journal   (Followers: 19)

        1 2 3 4 5 6 | Last

Journal Cover China Communications
  [SJR: 0.231]   [H-I: 9]   [7 followers]  Follow
   Full-text available via subscription Subscription journal
   ISSN (Online) 1673-5447
   Published by IEEE Homepage  [191 journals]
  • Cover page
    • Abstract: Presents the front cover for this issue of the publication.
      PubDate: Feb. 2018
      Issue No: Vol. 15, No. 2 (2018)
  • Cyberspace security: For a better life and work
    • Authors: Huanguo Zhang;
      Abstract: With the development and widespread application of information technology and industry, the human society has entered into the information age and people live and work in cyberspace. Cyberspace is the information environment in which mankind lives in the information age and is a collection of all information systems. Therefore, to ensure cyberspace security has become the basic needs of people's normal life and work.
      PubDate: Feb. 2018
      Issue No: Vol. 15, No. 2 (2018)
  • T-IP: A self-trustworthy and secure Internet protocol
    • Authors: Xiaofeng Wang;Huan Zhou;Jinshu Su;Baosheng Wang;Qianqian Xing;Pengkun Li;
      Pages: 1 - 14
      Abstract: IPsec has become an important supplement of IP to provide security protection. However, the heavyweight IPsec has a high transmission overhead and latency, and it cannot provide the address accountability. We propose the self-trustworthy and secure Internet protocol (T-IP) for authenticated and encrypted network layer communications. T-IP has the following advantages: (1) Self-Trustworthy IP address. (2) Low connection latency and transmission overhead. (3) Reserving the important merit of IP to be stateless. (4) Compatible with the existing TCP/IP architecture. We theoretically prove the security of our shared secret key in T-IP and the resistance to the known session key attack of our security-enhanced shared secret key calculation. Moreover, we analyse the possibility of the application of T-IP, including its resilience against the man-in-the-middle attack and DoS attack. The evaluation shows that T-IP has a much lower transmission overhead and connection latency compared with IPsec.
      PubDate: Feb. 2018
      Issue No: Vol. 15, No. 2 (2018)
  • Advertisement
    • Pages: 1 - 1
      Abstract: Advertisement.
      PubDate: Feb. 2018
      Issue No: Vol. 15, No. 2 (2018)
  • Editorial list
    • Pages: 1 - 1
      Abstract: Presents a listing of the editorial board, board of governors, current staff, committee members, and/or society editors for this issue of the publication.
      PubDate: Feb. 2018
      Issue No: Vol. 15, No. 2 (2018)
  • A learning evasive email-based P2P-like botnet
    • Authors: Zhi Wang;Meilin Qin;Mengqi Chen;Chunfu Jia;Yong Ma;
      Pages: 15 - 24
      Abstract: Nowadays, machine learning is widely used in malware detection system as a core component. The machine learning algorithm is designed under the assumption that all datasets follow the same underlying data distribution. But the real-world malware data distribution is not stable and changes with time. By exploiting the knowledge of the machine learning algorithm and malware data concept drift problem, we show a novel learning evasive botnet architecture and a stealthy and secure C&C mechanism. Based on the email communication channel, we construct a stealthy email-based P2P-like botnet that exploit the excellent reputation of email servers and a huge amount of benign email communication in the same channel. The experiment results show horizontal correlation learning algorithm is difficult to separate malicious email traffic from normal email traffic based on the volume features and time-related features with enough confidence. We discuss the malware data concept drift and possible defense strategies.
      PubDate: Feb. 2018
      Issue No: Vol. 15, No. 2 (2018)
  • Quantum polynomial-time fixed-point attack for RSA
    • Authors: Yahui Wang;Huanguo Zhang;Houzhen Wang;
      Pages: 25 - 32
      Abstract: Security analysis of public-key cryptosystems is of fundamental significance for both theoretical research and applications in cryptography. In particular, the security of widely used public-key cryptosystems merits deep research to protect against new types of attacks. It is therefore highly meaningful to research cryptanalysis in the quantum computing environment. Shor proposed a well-known factoring algorithm by finding the prime factors of a number n = pq, which is exponentially faster than the best known classical algorithm. The idea behind Shor's quantum factoring algorithm is a straightforward programming consequence of the following proposition: to factor n, it suffices to find the order r; once such an r is found, one can compute gcd(ar/2 ± 1, n) = p or q. For odd values of r it is assumed that the factors of n cannot be found (since ar/2 is not generally an integer). That is, the order r must be even. This restriction can be removed, however, by working from another angle. Based on the quantum inverse Fourier transform and phase estimation, this paper presents a new polynomial-time quantum algorithm for breaking RSA, without explicitly factoring the modulus n. The probability of success of the new algorithm is greater than 4φ(r)/π2r, exceeding that of the existing quantum algorithm for attacking RSA based on factorization. In constrast to the existing quantum algorithm for attacking RSA, the order r of the fixed point C for RSA does not need to be even. It changed the practices that cryptanalysts try to recover the private-key, directly from recovering the plaintext M to start, a ciphertext-only attack attacking RSA is proposed.
      PubDate: Feb. 2018
      Issue No: Vol. 15, No. 2 (2018)
  • Quantum key distribution network: Optimal secret-key-aware routing method
           for trust relaying
    • Authors: Chao Yang;Hongqi Zhang;Jinhai Su;
      Pages: 33 - 45
      Abstract: Since the QKD network can overcome the distance limitation and expand the point-to-point QKD system to a multi-user key distribution system, some testing QKD networks have been built. However, all of this previous research seldom focused on the routing mechanism of QKD network in detail. Therefore, this paper focuses on the routing issue in trust relaying QKD network, builds a model of the trust relaying QKD network and proposes a secret-key-aware routing method. In our method, a dynamic model for the residual local key is proposed to forecast the residual local key quantity of each QKD link more accurately, and the cost of QKD link and relaying path are defined by multiple affecting factors, e.g. the generation, consumption rate and the local key depletion index. The proposed method is implemented and evaluated in a simulation environment. The simulation results show that our routing method can increase the success rate of key exchange, make all the QKD links participate key exchange with almost equal opportunity to achieve load balance, and trade off the local key generation and consumption of each QKD link. Therefore, our proposed method can contribute to effectively improve the holistic performance of the trust relaying QKD network.
      PubDate: Feb. 2018
      Issue No: Vol. 15, No. 2 (2018)
  • Collision attacks against AEZ-PRF for authenticated encryption AEZ
    • Authors: Tairong Shi;Chenhui Jin;Jie Guan;
      Pages: 46 - 53
      Abstract: AEZ is an AES-based authenticated encryption submitted to the ongoing CAESAR competition and was presented at Eurocrypt 2015 with AEZ v3. There are three models for AEZ, AEZ-core, AEZ-tiny and AEZ-prf. In this paper, we consider the security of AEZ-prf for AEZ v4.2, the latest version of AEZ. Our major finding is a collision of any 256-bit associated data for AES-prf. Then we launch collision attacks in a quantum setting and a classical setting respectively under different assumptions. In the quantum setting, by Simon's quantum algorithm, we amount a forgery with O(n) quantum superposition queries and an overwhelming probability close to 1. In the classical setting, one with the key of AEZ-prf can also construct the forgeries. Our results show that the AEZ-prf models of AEZ v4.2 is not secure in both the quantum setting and classical world. Furthermore, our results can also be applied to AEZ v3, which has been published on Eurocrypt 2015. As far as we know, no cryptanalysis of AEZ v4.2 has been published so far.
      PubDate: Feb. 2018
      Issue No: Vol. 15, No. 2 (2018)
  • Automatic search of impossible differentials and zero-correlation linear
           hulls for ARX ciphers
    • Authors: Kai Zhang;Jie Guan;Bin Hu;
      Pages: 54 - 66
      Abstract: In lightweight cryptographic primitives, round functions with only simple operations XOR, modular addition and rotation are widely used nowadays. This kind of ciphers is called ARX ciphers. For ARX ciphers, impossible differential cryptanalysis and zero-correlation linear cryptanalysis are among the most powerful attacks, and the key problems for these two attacks are discovering more and longer impossible differentials (IDs) and zero-correlation linear hulls (ZCLHs). However, finding new IDs and ZCLHs for ARX ciphers has been a manual work for a long time, which has been an obstacle in improving these two attacks. This paper proposes an automatic search method to improve the efficiency of finding new IDs and ZCLHs for ARX ciphers. In order to prove the efficiency of this new tool, we take HIGHT, LEA, SPECK three typical ARX algorithms as examples to explore their longer and new impossible differentials and zero-correlation linear hulls. To the best of our knowledge, this is the first application of automatic search method for ARX ciphers on finding new IDs and ZCLHs. For HIGHT, we find more 17 round IDs and multiple 17 round ZCLHs. This is the first discovery of 17 round ZCLHs for HIGHT. For LEA, we find extra four 10 round IDs and several 9 round ZCLHs. In the specification of LEA, the designers just identified three 10 round IDs and one 7 round ZCLH. For SPECK, we find thousands of 6 round IDs and forty-four 6 round ZCLHs. Neither IDs nor ZCLHs of SPECK has been proposed before. The successful application of our new tool shows great potential in improving the impossible differential cryptanalysis and zero-correlation linear cryptanalysis on ARX ciphers.
      PubDate: Feb. 2018
      Issue No: Vol. 15, No. 2 (2018)
  • Cryptanalysis of a cryptosystem with non-commutative platform groups
    • Authors: Jinhui Liu;Jianwei Jia;Huanguo Zhang;Rongwei Yu;Yong Yu;Wangqing Wu;
      Pages: 67 - 73
      Abstract: A cryptosystem with non-commutative platform groups based on conjugator search problem was recently introduced at Neural Computing and Applications 2016. Its versatility was illustrated by building a public-key encryption scheme. We propose an algebraic key-recovery attack in the polynomial computational complexity. Furthermore, we peel off the encryption and decryption process and propose attack methods for solving the conjugator search problem over the given non-abelian group. Finally, we provide corresponding practical attack examples to illustrate the attack methods in our cryptanalysis, and provide some improved suggestions.
      PubDate: Feb. 2018
      Issue No: Vol. 15, No. 2 (2018)
  • Cost sharing based truthful spectrum auction with collusion-proof
    • Authors: Deming Pang;Zhigang Deng;Gang Hu;Yingwen Chen;Ming Xu;
      Pages: 74 - 87
      Abstract: Spectrum auction is an important approach of spectrum distribution in cognitive radio networks. However, a single secondary user (SU) probably can't afford the price of spectrum. Multiple SUs grouping together to participate in the auction as a whole is helpful to increase purchasing power. However, SUs could suffer from a new group cheating problem, i.e., parts of users conspire to manipulate the auction by submitting untruthful bids. Existing auction mechanisms were mainly designed to be strategy-proof only for individual user and can't deal with group cheating. In this paper, a novel spectrum auction mechanism called COSTAG (COst Sharing based Truthful Auction with Group-buying) is proposed to address the group cheating problem. COSTAG consists of a grouping rule to perform grouping and a payment rule to determine the market-clearing price in the spectrum auction. Different from single-echelon pricing approach employed in existing works, a multi-echelon pricing strategy is designed to increase the transaction rate and optimize social profit for the auction. Comprehensive theoretical analysis shows that COSTAG can satisfy the crucial economic robustness properties, both individual and group truthfulness. Simulations demonstrate that comparing with existing works, COSTAG can improve the system performance significantly.
      PubDate: Feb. 2018
      Issue No: Vol. 15, No. 2 (2018)
  • Dynamic integrity measurement model based on vTPM
    • Authors: Ruizhong Du;Wangyang Pan;Junfeng Tian;
      Pages: 88 - 99
      Abstract: With the development of cloud computing, virtualization technology has been widely used in our life. Meanwhile, it became one of the key targets for some attackers. The integrity measurement in virtual machine has become an urgent problem. Some of the existing virtualization platform integrity measurement mechanism introduces the trusted computing technology, according to a trusted chain that the Trusted Platform Module (TPM) established for trusted root to measure the integrity of process in static. But this single chain static measurement cannot ensure the dynamic credible in platform running. To solve the problem that the virtual trusted platform can not guarantee the dynamic credibility, this paper put forward Dynamic Integrity Measurement Model (DIMM) based on virtual Trusted Platform Module (vTPM) which had been implemented with typical virtual machine monitor Xen as an example. DIMM combined with virtual machine introspection and event capture technology to ensure the security of the entire user domain. Based on the framework, this paper put forward Self-modify dynamic measurement strategy which can effectively reduce the measurement frequency and improve the measurement performance. Finally, it is proved that the validity and feasibility of the proposed model with comparison experiments.
      PubDate: Feb. 2018
      Issue No: Vol. 15, No. 2 (2018)
  • A trusted attestation mechanism for the sensing nodes of Internet of
           Things based on dynamic trusted measurement
    • Authors: Bei Gong;Yubo Wang;Xiangang Liu;Fazhi Qi;Zhihui Sun;
      Pages: 100 - 121
      Abstract: Internet of things has been widely applied to industrial control, smart city and environmental protection, in these application scenarios, sensing node needs to make real-time response to the feedback control of the application layer. Therefore, it is necessary to monitor whether or not awareness nodes are trusted in real time, but the existing mechanisms for trusted certification lack the real-time measurement and tracking of the sensing node. To solve the above problems, this paper proposes a dynamic metric based authentication mechanism for sensing nodes of Internet of things. Firstly, the dynamic trustworthiness measure of the sensing nodes is carried out by introducing the computational function such as the trust function, the trustworthiness risk assessment function, the feedback control function and the active function of the sensing node. The dynamic trustworthiness measure of sensing nodes from multiple dimensions can effectively describe the change of trusted value of sensing nodes. Then, on the basis of this, a trusted attestation based on node trusted measure is realized by using the revocable group signature mechanism of local verifier. The mechanism has anonymity, unforgeability and traceability, which is proved the security in the standard model. Simulation experiments show that the proposed trusted attestation mechanism is flexible, practical and efficient and has better attack resistance. It can effectively guarantee the reliable data transmission of nodes and realize the dynamic tracking of node reliability, which has a lower impact on system performance.
      PubDate: Feb. 2018
      Issue No: Vol. 15, No. 2 (2018)
  • TPTVer: A trusted third party based trusted verifier for multi-layered
           outsourced big data system in cloud environment
    • Authors: Jing Zhan;Xudong Fan;Lei Cai;Yaqi Gao;Junxi Zhuang;
      Pages: 122 - 137
      Abstract: Cloud computing is very useful for big data owner who doesn't want to manage IT infrastructure and big data technique details. However, it is hard for big data owner to trust multi-layer outsourced big data system in cloud environment and to verify which outsourced service leads to the problem. Similarly, the cloud service provider cannot simply trust the data computation applications. At last, the verification data itself may also leak the sensitive information from the cloud service provider and data owner. We propose a new three-level definition of the verification, threat model, corresponding trusted policies based on different roles for outsourced big data system in cloud. We also provide two policy enforcement methods for building trusted data computation environment by measuring both the MapReduce application and its behaviors based on trusted computing and aspect-oriented programming. To prevent sensitive information leakage from verification process, we provide a privacy-preserved verification method. Finally, we implement the TPTVer, a Trusted third Party based Trusted Verifier as a proof of concept system. Our evaluation and analysis show that TPTVer can provide trusted verification for multi-layered outsourced big data system in the cloud with low overhead.
      PubDate: Feb. 2018
      Issue No: Vol. 15, No. 2 (2018)
  • Decentralized attribute-based encryption and data sharing scheme in cloud
    • Authors: Xiehua Li;Yanlong Wang;Ming Xu;Yaping Cui;
      Pages: 138 - 152
      Abstract: In this paper, we consider the problems of data sharing between multiple distrusted authorities. Prior solutions rely on trusted third parties such as CAs, or are susceptible to collusion between malicious authorities, which can comprise the security of honest ones. In this paper, we propose a new multi-authority data sharing scheme - Decentralized Multi-Authority ABE (DMA), which is derived from CP-ABE that is resilient to these types of misbehavior. Our system distinguishes between a data owner (DO) principal and attribute authorities (AAs): the DO owns the data but allows AAs to arbitrate access by providing attribute labels to users. The data is protected by policy encryption over these attributes. Unlike prior systems, attributes generated by AAs are not user-specific, and neither is the system susceptible to collusion between users who try to escalate their access by sharing keys. We prove our scheme correct under the Decisional Bilinear Diffie-Hellman (DBDH) assumption; we also include a complete end-to-end implementation that demonstrates the practical efficacy of our technique.
      PubDate: Feb. 2018
      Issue No: Vol. 15, No. 2 (2018)
  • CAPT: Context-aware provenance tracing for attack investigation
    • Authors: Cheng Tan;Lei Zhao;Weijie Liu;Lai Xu;Lina Wang;
      Pages: 153 - 169
      Abstract: APT attacks are prolonged and have multiple stages, and they usually utilize zero-day or one-day exploits to be penetrating and stealthy. Among all kinds of security techniques, provenance tracing is regarded as an important approach to attack investigation, as it discloses the root cause, the attacking path, and the results of attacks. However, existing techniques either suffer from the limitation of only focusing on the log type, or are highly susceptible to attacks, which hinder their applications in investigating APT attacks. We present CAPT, a context-aware provenance tracing system that leverages the advantages of virtualization technologies to transparently collect system events and network events out of the target machine, and processes them in the specific host which introduces no space cost to the target. CAPT utilizes the contexts of collected events to bridge the gap between them, and provides a panoramic view to the attack investigation. Our evaluation results show that CAPT achieves the effective provenance tracing to the attack cases, and it only produces 0.21 MB overhead in 8 hours. With our newly-developed technology, we keep the run-time overhead averages less than 4%.
      PubDate: Feb. 2018
      Issue No: Vol. 15, No. 2 (2018)
  • Powermitter: Data exfiltration from air-gapped computer through switching
           power supply
    • Authors: Bo Zhao;Mingtao Ni;Peiru Fan;
      Pages: 170 - 189
      Abstract: Air-gapped computers are isolated both logically and physically from all kinds of existing common communication channel, such as USB ports, wireless and wired networks. Although the feasibility of infiltrating an air-gapped computer has been proved in recent years, data exfiltration from such systems is still considered to be a challenging task. In this paper we present Powermitter, a novel approach that can exfiltrate data through an air-gapped computer via its power adapter. Our method utilizes the switched-mode power supply, which exists in all of the laptops, desktop computers and servers nowadays. We demonstrate that a malware can indirectly control the electromagnetic emission frequency of the power supply by leveraging the CPU utilization. Furthermore, we show that the emitted signals can be received and demodulated by a dedicated device. We present the proof of concept design of the power covert channel and implement a prototype of Powermitter consisting of a transmitter and a receiver. The transmitter leaks out data by using a variant binary frequency shift keying modulation, and the emitted signal can be captured and decoded by software based virtual oscilloscope through such covert channel. We tested Powermitter on three different computers. The experiment results show the feasibility of this power covert channel. We show that our method can also be used to leak data from different types of embedded systems which use switching power supply.
      PubDate: Feb. 2018
      Issue No: Vol. 15, No. 2 (2018)
  • An integration testing framework and evaluation metric for vulnerability
           mining methods
    • Authors: Jin Li;Jinfu Chen;Minhuan Huang;Minmin Zhou;Wanggen Xie;Zhifeng Zeng;Shujie Chen;Zufa Zhang;
      Pages: 190 - 208
      Abstract: Software vulnerability mining is an important way to detect whether there are some loopholes existing in the software, and also is an important way to ensure the security of information systems. With the rapid development of information technology and software industry, most of the software has not been rigorously tested before being put in use, so that the hidden vulnerabilities in software will be exploited by the attackers. Therefore, it is of great significance for us to actively detect the software vulnerabilities in the security maintenance of information systems. In this paper, we firstly studied some of the commonly used vulnerability detection methods and detection tools, and analyzed the advantages and disadvantages of each method in different scenarios. Secondly, we designed a set of evaluation criteria for different mining methods in the loopholes evaluation. Thirdly, we also proposed and designed an integration testing framework, on which we can test the typical static analysis methods and dynamic mining methods as well as make the comparison, so that we can obtain an intuitive comparative analysis for the experimental results. Finally, we reported the experimental analysis to verify the feasibility and effectiveness of the proposed evaluation method and the testing framework, with the results showing that the final test results will serve as a form of guidance to aid the selection of the most appropriate and effective method or tools in vulnerability detection activity.
      PubDate: Feb. 2018
      Issue No: Vol. 15, No. 2 (2018)
  • A cloud-assisted malware detection and suppression framework for wireless
           multimedia system in IoT based on dynamic differential game
    • Authors: Weiwei Zhou;Bin Yu;
      Pages: 209 - 223
      Abstract: As a novel dynamic network service infrastructure, Internet of Things (IoT) has gained remarkable popularity with obvious superiorities in the interoperability and real-time communication. Despite of the convenience in collecting information to provide the decision basis for the users, the vulnerability of embedded sensor nodes in multimedia devices makes the malware propagation a growing serious problem, which would harm the security of devices and their users financially and physically in wireless multimedia system (WMS). Therefore, many researches related to the malware propagation and suppression have been proposed to protect the topology and system security of wireless multimedia network. In these studies, the epidemic model is of great significance to the analysis of malware propagation. Considering the cloud and state transition of sensor nodes, a cloud-assisted model for malware detection and the dynamic differential game against malware propagation are proposed in this paper. Firstly, a SVM based malware detection model is constructed with the data sharing at the security platform in the cloud. Then the number of malware-infected nodes with physical infectivity to susceptible nodes is calculated precisely based on the attributes of WMS transmission. Then the state transition among WMS devices is defined by the modified epidemic model. Furthermore, a dynamic differential game and target cost function are successively derived for the Nash equilibrium between malware and WMS system. On this basis, a saddle-point malware detection and suppression algorithm is presented depending on the modified epidemic model and the computation of optimal strategies. Numerical results and comparisons show that the proposed algorithm can increase the utility of WMS efficiently and effectively.
      PubDate: Feb. 2018
      Issue No: Vol. 15, No. 2 (2018)
School of Mathematical and Computer Sciences
Heriot-Watt University
Edinburgh, EH14 4AS, UK
Tel: +00 44 (0)131 4513762
Fax: +00 44 (0)131 4513327
Home (Search)
Subjects A-Z
Publishers A-Z
Your IP address:
About JournalTOCs
News (blog, publications)
JournalTOCs on Twitter   JournalTOCs on Facebook

JournalTOCs © 2009-