選擇卷期
- 期刊
With the development of blockchain technology, we can build many different applications on the blockchain. For example, in the financial industry, we can use blockchain's decentralized features to create an encrypted electronic currency system that does not require a third party. The system allows transactions without going through a third party. People can save some transaction costs, such as application fees or transaction fees. However, the system does not have a third party to control the data. It may lead to insufficient security of every wallet in the blockchain. Therefore, we will use public-key certificates and RFID technology to improve security. Use software and hardware two-factor authentication to prevent wallet theft. Blockchain is also a distributed ledger that anyone can see. All transaction information and smart contracts on the blockchain are entirely public. It also means that anyone can view transaction records and contract the content. It may lead to the abuse of data by illegal users. In this regard, we will use a multicast mechanism to protect private data on the blockchain and prevent data leakage. Finally, there are more and more transactions and smart contracts in the blockchain. In Bitcoin, all transaction data exceeds 80 G.B. It may cause a significant burden on some computers. In this regard, we will propose a new consensus algorithm to improve the performance of the blockchain. Transactions in the blockchain can be more efficient and faster.
- 期刊
With the increasing development of computer and network technology, blind signature scheme has been widely used in electronic cash, electronic election, casual transmission and other fields. It can resolve the conflict between anonymity and controllability, protecting user's privacy while tracing their identities. The traditional blind signature scheme has many problems, such as high storage cost and communication cost. To solve the above problems, a blind signature scheme based on elliptic curve-identity is proposed, which adopts the dot product operation on elliptic curve to replace the bilinear pair operation and reduces the computational overhead. Under the random oracle model, the unforgeability attack is proved. And we give the security analysis of the new scheme.
- 期刊
A Sensitive-Information Hiding Treatment in Quick-Response Codes Based on Error-Correcting Framework
Quick Responding codes, namely QR codes, are widely used in various communication applications and electronic transactions such as electronic payments and information integrations, since they provide excellent characteristics such as large data capacity, widely coding domain, and stronger error correction ability etc. However, as the QR code is transmitted on public channel and can be scanned by any QR reader, one can obtain the data from the encoded QR code. Simultaneously, the encoding and decoding algorithms are public, the sensitive data such as paying account and password will be revealed to the QR reader, which might incubate the risk of privacy leakage. For solving this problem, this paper proposes a novel approach to protect the private data in QR code. In our method, the secret information is embedded in the random position of a QR code matrix by utilizing an error-correcting mechanism, and only authorized user in possession of required keys will be able to retrieve and recover this secret data embedded and hidden in the QR code. The user without the secret key can only decode public information from the QR code. Although our hiding scheme will decrease the rate of error-correctness of QR decoding, we indicate that the analysis shows that scheme is effect om practical applications. Compared with related schemes, the proposed scheme provides higher security that is less likely to attract the attention of potential attackers.
- 期刊
Big data system has the features of dynamic, complexity and uncertainty. Privacy risk assessment can be used to discover the factors that threaten privacy, determine the degree of privacy leakage, and estimate the trend of privacy leakage development. In this paper, intuitionistic fuzzy set pair analysis (IFSPA) is proposed by combining intuitionistic fuzzy and set pair analysis theory. Relevant concepts, algorithms and ranking methods are defined. In order to improve the information aggregation effect, IFSPA weighted average operator (IFSPAWA), IFSPA weighted geometric operator (IFSPAWG), IFSPA ordered weighted average operator (IFSPAOWA), IFSPA ordered weighted geometric operator (IFSPAOWG), IFSPA hybrid average operator (IFSPAHA), IFSPA hybrid geometric operator (IFSPAHG) and their properties are designed. A multi-attribute privacy risk decision-making approach is proposed. Finally, the feasibility and effectiveness of this method are verified through the analysis of specific examples.
- 期刊
An android smartphone has various types of sensors in its device. All of these sensors produce data based on environmental condition that exists around the device. These data have the potential to be used as the random number because of its non-deterministic component. To realize it, some steps need to be carried out, such as knowing the characteristic of the sensor, estimating the entropy value possessed by the sensor data, and so on. As a proof-of-concept, this research is conducted to design and implement the entropy source and pseudorandom number generator based on the android sensor. The research result shows that by using accelerometer data with XOR result as the input of entropy source and HMAC DRBG as the pseudorandom number generator, so the high quality of random number based on the android sensor can be obtained.
- 期刊
Social Internet of Things (SloT), as a new carrier of integration of social and Internet of Things, applies the research results of social networks from different aspects of the Internet of Things. Different types of connected intelligent objects interact socially, compared with random data access between them, access control technology is more stringent. This paper integrates social attributes into attribute-based access control of Internet of Things, initializes relational attribute tags, and labels social interest attributes for different objects, then quantifies tag similarity and implements initial access control authorization, integrates social attributes into game theory to dynamically adjust access control policies, so the adaptive fine-grained division of access control under the Social Internet of Things is effectively realized. The experimental results show that our method can not only effectively carry out initial authorization according to tag similarity, but also further adaptively adjust the permission policy according to social attributes, and further meet the fine-grained partition requirements of access control, which is ensure the effective implementation of access control under the Social Internet of things.
- 期刊
In order to ensure the anonymity and non-traceability of the identity of Internet of things devices across administrative domains, an anonymous communication scheme based on alliance blockchain is proposed. Centralized identity authentication and decentralized message communication mechanisms are implemented by dividing the base domain and the interconnect domain. The zero-knowledge proof of identity is based on the identity authentication mechanism of the Merkle-tree. Further, the aggregation signature privacy protection scheme based on the CoinJoin idea is proposed to confuse the domain manager node identity to resist the identity association analysis attack. Finally, a consensus mechanism based on reputation evaluation strategy is proposed for message consistency. Security and efficiency analysis show that the proposed solution can protect identity privacy with lower storage and computational overhead.
- 期刊
In order to solve the problem of out-off-balance caused by accuracy of location information between privacy protection security and query service quality, considering basic information comprehensively such as the environment and geographical features and so on, and adopting k- anonymous privacy protection mechanism, we present a k-anonymous location privacy protection method of polygon based on density distribution. Firstly, a k-anonymous irregular polygon region is structured in whole area. Then, according to the preset anonymous region and density threshold, the better effects of anonymous are obtained by expanding the region or adding the random dummy locations. Experimental results show that the proposed method improves the efficiency of anonymous and query accuracy. The balance between privacy protection security and query quality is achieved.
- 期刊
Applying Permutations and Cuckoo Search for Obtaining a New Steganography Approach in Spatial Domain
Video Steganography is an art and science of embedding secret information into a carrying video file in such a way that others cannot observe the embedded information. Cuckoo Search (CS) is a meta-heuristic algorithm which has been developed by Xin-She Yang and Suash Deb in 2009. CS is very effective in solving many optimization problems that have been found in previous literature. In this paper, a new efficient approach for embedding a secret image in a digital video is proposed. Generally, any colored image consists of three color components (Red, Green, and Blue). So, an image's pixel has three bytes; each of which belongs to one different color component. For security purposes, each secret image's color component is embedded separately into a selected cover video's frame. The proposed approach is based on the permutations on 3 sections of a secret byte, 3-3-2 bits. These three sections are permuted to obtain five different patterns of a specified secret byte. Then, the population of five different pairs is built; each pair consists of one different pattern repeated twice. Good pixels are so chosen via using CS algorithm to achieve the minimum distortion in carrier pixels due to embedding. The sum of absolute values of sectional differences is used as an objective function to compare all the distances between the 3-3-2 Least Significant Bit (LSB) values of a cover frame's pixel and the generated different patterns of a specified secret byte. Experimental results show that the efficiency of the suggested approach is successful since the Peak Signal to Noise Ratio (PSNR) is above 52 decibels.
- 期刊
Mobile ad hoc networks (MANETs) are surrounded by various vulnerabilities and attacks due to open medium, dynamic topology, limited energy, and absence of central control. In MANET, each attack has different behavior and aftermaths. DoS attack is one of the serious attacks in MANET, which disturbs the normal routing process. Jellyfish (JF) attack is a type of DoS attack in MANET, whose dynamic behavior makes it quite difficult to detect such attacks. In this paper, we propose a technique to detect the jellyfish attack in MANET. The proposed technique combines the authentication and trustworthiness of nodes and the kNN algorithm for the identification of jellyfish attacks in which each and every node calculates the primary and secondary trust values to detect the attacking node by the recommendation of neighboring nodes and trust metrics. The kNN algorithm separates the jellyfish nodes from other legitimate nodes based on the differences in their behavior. The proposed technique would then pick reliable nodes by the hierarchical trust assessment property of nodes to perform packet routing. The experiment shows that the proposed technique could decrease delay and increase the throughput of the network by avoiding jellyfish nodes.