Chengshan Qian^1,2, Xue Li^1,*, Ning Sun², Yuqing Tian¹

Journal of Cyber Security, Vol.2, No.2, pp. 97-106, 2020, DOI:10.32604/jcs.2020.010548

Abstract With the development of the Internet of Things, the edge devices are increasing. Cyber security issues in edge computing have also emerged and caused great concern. We propose a defense strategy based on Mean field game to solve the security issues of edge user data during edge computing. Firstly, an individual cost function is formulated to build an edge user data security defense model. Secondly, we research the More >

Xiaojun Pan, Zhuoran Wang, Yanbin Sun^*

Journal of Cyber Security, Vol.2, No.2, pp. 69-83, 2020, DOI:10.32604/jcs.2020.010045

Abstract Programmable Logic Controllers (PLC), core of industrial control systems, is widely used in industrial control systems. The security of PLC is the key to the security of industrial control systems. Nowadays, a large number of industrial control systems are connected to the Internet which exposes the PLC equipment to the Internet, and thus raising security concerns. First of all, we introduce the basic principle of PLC in this paper. Then we analyze the PLC code security, firmware security, network security, virus vulnerability and Modbus communication protocol by reviewing the previous related work. Finally, we make a summary of the current… More >

Jie Xu^{1, *}, Qun Wang¹, Yifan Wang¹, Khan Asif²

CMC-Computers, Materials & Continua, Vol.64, No.3, pp. 1819-1844, 2020, DOI:10.32604/cmc.2020.010727

Abstract Host cardinality estimation is an important research field in network management and network security. The host cardinality estimation algorithm based on the linear estimator array is a common method. Existing algorithms do not take memory footprint into account when selecting the number of estimators used by each host. This paper analyzes the relationship between memory occupancy and estimation accuracy and compares the effects of different parameters on algorithm accuracy. The cardinality estimating algorithm is a kind of random algorithm, and there is a deviation between the estimated results and the actual cardinalities. The deviation is affected by some systematical factors,… More >

Juan R. Bermejo Higuera^{1, *}, Javier Bermejo Higuera¹, Juan A. Sicilia Montalvo¹, Javier Cubo Villalba¹, Juan José Nombela Pérez¹

CMC-Computers, Materials & Continua, Vol.64, No.3, pp. 1555-1577, 2020, DOI:10.32604/cmc.2020.010885

Abstract To detect security vulnerabilities in a web application, the security analyst must choose the best performance Security Analysis Static Tool (SAST) in terms of discovering the greatest number of security vulnerabilities as possible. To compare static analysis tools for web applications, an adapted benchmark to the vulnerability categories included in the known standard Open Web Application Security Project (OWASP) Top Ten project is required. The information of the security effectiveness of a commercial static analysis tool is not usually a publicly accessible research and the state of the art on static security tool analyzers shows that the different design and… More >

Jianwei Zhang¹, Ze Qin¹, Shunfeng Wang^{1, *}

Journal of Cyber Security, Vol.2, No.1, pp. 25-36, 2020, DOI:10.32604/jcs.2020.06429

Abstract Digital images have been applied to various areas such as evidence in courts. However, it always suffers from noise by criminals. This type of computer network security has become a hot issue that can’t be ignored. In this paper, we focus on noise removal so as to provide guarantees for computer network security. Firstly, we introduce a well-known denoising method called Expected Patch Log Likelihood (EPLL) with Gaussian Mixture Model as its prior. This method achieves exciting results in noise removal. However, there remain problems to be solved such as preserving the edge and meaningful details in image denoising, cause… More >

Yepeng Liu^{1, 2}, Yongjun Ren^{1, 2, *}, Qirun Wang³, Jinyue Xia⁴

Journal of Cyber Security, Vol.2, No.1, pp. 1-8, 2020, DOI:10.32604/jcs.2020.05878

Abstract With the diversification of electronic devices, cloud-based services have become the link between different devices. As a cryptosystem with secure conversion function, proxy re-encryption enables secure sharing of data in a cloud environment. Proxy re-encryption is a public key encryption system with ciphertext security conversion function. A semi-trusted agent plays the role of ciphertext conversion, which can convert the user ciphertext into the same plaintext encrypted by the principal’s public key. Proxy re-encryption has been a hotspot in the field of information security since it was proposed by Blaze et al. [Blaze, Bleumer and Strauss (1998)]. After 20 years of… More >

Yongjin Hu¹, Yuanbo Guo¹, Junxiu Liu², Han Zhang^{3, *}

CMC-Computers, Materials & Continua, Vol.64, No.2, pp. 1297-1315, 2020, DOI:10.32604/cmc.2020.010855

Abstract In the field of information security, a gap exists in the study of coreference resolution of entities. A hybrid method is proposed to solve the problem of coreference resolution in information security. The work consists of two parts: the first extracts all candidates (including noun phrases, pronouns, entities, and nested phrases) from a given document and classifies them; the second is coreference resolution of the selected candidates. In the first part, a method combining rules with a deep learning model (Dictionary BiLSTM-Attention-CRF, or DBAC) is proposed to extract all candidates in the text and classify them. In the DBAC model,… More >

Zhongxu Yin^{1, *}, Yiran Song², Huiqin Chen³, Yan Cao⁴

CMC-Computers, Materials & Continua, Vol.63, No.2, pp. 1013-1029, 2020, DOI:10.32604/cmc.2020.09345

Abstract Security-sensitive functions are the basis for building a taint-style vulnerability model. Current approaches for extracting security-sensitive functions either don’t analyze data flow accurately, or not conducting pattern analyzing of conditions, resulting in higher false positive rate or false negative rate, which increased manual confirmation workload. In this paper, we propose a security sensitive function mining approach based on preconditon pattern analyzing. Firstly, we propose an enhanced system dependency graph analysis algorithm for precisely extracting the conditional statements which check the function parameters and conducting statistical analysis of the conditional statements for selecting candidate security sensitive functions of the target program.… More >

Shuhong Wang¹, Yipeng Tang^1,*, Crystal Zhang², Wenyue Pan^1,*, Huan Liu¹, Sheng Huang¹

International Journal of Mental Health Promotion, Vol.21, No.2, pp. 45-57, 2019, DOI:10.32604/IJMHP.2019.010744

Abstract Job insecurity has been recognized for its negative effect on employee performance. Nevertheless, this study argues that, under the threat of job insecurity, employees may also be likely to seek to reduce the threat by proactively crafting their tasks and improving performance. Drawing from the perspective of Vroom’s expectancy theory, it is proposed that, only when job security is at moderate level will employees expect it as possible to make such a change to respond to the situation. Accordingly, a curvilinear mediated model is developed that links job insecurity and task performance indirectly through task crafting, and a two-waved time-lagged… More >

Wenfeng Liu^{1, *}, Yu Zhang¹, Wenjia Zhang¹, Lu Liu¹, Hongli Zhang¹, Binxing Fang¹

CMC-Computers, Materials & Continua, Vol.63, No.1, pp. 521-536, 2020, DOI:10.32604/cmc.2020.07982

Abstract As a critical Internet infrastructure, domain name system (DNS) protects the authenticity and integrity of domain resource records with the introduction of security extensions (DNSSEC). DNSSEC builds a single-center and hierarchical resource authentication architecture, which brings management convenience but places the DNS at risk from a single point of failure. When the root key suffers a leak or misconfiguration, top level domain (TLD) authority cannot independently protect the authenticity of TLD data in the root zone. In this paper, we propose self-certificating root, a lightweight security enhancement mechanism of root zone compatible with DNS/DNSSEC protocol. By adding the TLD public… More >