基于信任模型的WSNs安全数据融合算法

为了抵御无线传感器网络内部的恶意攻击行为和故障节点的误操作行为对数据融合结果的影响,提出一种基于信任模型的多层不均匀分簇无线传感器网络安全数据融合算法.该算法基于多层不均匀的分簇网络拓扑实现安全数据融合能够有效均衡网络中节点的能耗.通过节点间的通信行为和数据相关性建立信任评估模型,并引入动态的信任整合机制和更新机制,实现簇内和簇间的信任评估,选择可信融合节点并将可信节点所收集的数据进行基于信任值加权的数据融合.仿真实验表明,该算法能够实现精确的信任评估,有效识别内部恶意攻击节点,得到的数据融合结果具有较高的精确度,实现了安全的数据融合.     

A Security-Improved Scheme for Virtual TPM Based on KVM

Virtual trusted platform module(vTPM) is an important part in building trusted cloud environment. Aiming at the remediation of lack of effective security assurances of vTPM instances in the existing virtual TPM architecture, this paper presents a security-improved scheme for virtual TPM based on kernel-based virtual machine(KVM). By realizing the TPM 2.0 specification in hardware and software, we add protection for vTPM's secrets using the asymmetric encryption algorithm of TPM. This scheme supports the safety migration of a TPM key during VM-vTPM migration and the security association for different virtual machines(VMs) with vTPM instances. We implement a virtual trusted platform with higher security based on KVM virtual infrastructure. The experiments show that the proposed scheme can enhance the security of virtual trusted platform and has fewer additional performance loss for the VM migration with vTPM.     

基于身份的强壮门限签密方案

基于椭圆曲线双线性对的特殊性质,提出了一些假定密钥生成中心（PKG）是可信任的身份基密码方案,但在现实环境中这个假设并不总是成立的．为了克服这一缺陷,本文使用门限技术设计了一个安全的身份基签密方案．该方案中,门限技术不仅应用在系统主密钥的管理上,而且还使用在群签名的过程中,因而它能够达到可靠的安全性并能够在一定的门限下抵抗恶意攻击．     

Information transfer model of virtual machine based on storage covert channel

Aiming at the problem that virtual machine information cannot be extracted incompletely, we extend the typical information extraction model of virtual machine and propose a perception mechanism in virtualization system based on storage covert channel to overcome the affection of the semantic gap. Taking advantage of undetectability of the covert channel, a secure channel is established between Guest and virtual machine monitor to pass data directly. The Guest machine can pass the control information of malicious process to virtual machine monitor by using the VMCALL instruction and shared memory. By parsing critical information in process control structure, virtual machine monitor can terminate the malicious processes. The test results show that the proposed mechanism can clear the user-level malicious programs in the virtual machine effectively and covertly. Meanwhile, its performance overhead is about the same as that of other mainstream monitoring mode.     

Certificateless Encryption Scheme Secure in Standard Model

The scheme introduced by Hwang and Liu in 2008 is shown to be insecure against the key replacement attack. A more practical attack model is introduced, and according to this model, an efficient certificateless encryption scheme is presented which is IND-CCA secure against both Type I and Type II attackers without random oracle. This encryption scheme can defend against the malicious key generation center attack, and can reach Girault’s trusted level 3 as in traditional public key infrastructure-based crypto...     

An Extended Hierarchical Trusted Model for Wireless Sensor Networks

0 IntroductionWireless sensor networkis a new wireless networklacking afixedinfrastructure[1 .2].Because of itsinherent character-istic such as low energy and faintish computing ability they areweakto endure attacks which are fromphysical layer to applicationlayer .Single cryptographic or authentication mechanisms can't solvethese problems already. Anumber of methods have been advancedto make wireless sensor network secure and reliable[3 ,4].This paper proposes a novel ,extended,hierarchical …     

A Micro-Payment Based Isolation of Misbehavior Secure Routing for Sensor Network

In this paper, we present a Micro-payment based Isolation of Misbehavior(MIM) secure routing protocol. The protocol contains three parts: micro-payment scheme, routing discovery and malicious nodes detection. The micro-payment scheme proposed in MIM is the first virtual currency system that can be suit for sensor network environment. Based on thc micro-payment scheme, we device an energy aware routing protocol, which forwards packets by auction. Furthermore, the base station can detect and isolate misbehave or non cooperate nodes according to the routing information.     

A trusted mobile payment environment based on trusted computing and virtualization technology

In this paper, we propose a trusted mobile payment environment （TMPE） based on trusted computing and virtualization technology. There are a normal operating system （OS） and a trusted OS （TOS） in TMPE. We store the image of TOS in a memory card to hinder tampering. The integrity of TOS is protected by means of a trusted platform module （TPM）. TOS can only be updated through a trusted third party. In addition, virtualization technology is applied to isolate TOS from normal OS. Users complete ordinary affairs in normal OS and security-sensitive affairs in TOS. TMPE can offer users a highly protected environment for mobile payment. Moreover, TMPE has good compatibility in different hardware architectures of mobile platforms. As the evaluation shows, TMPE satisfies the requirement of mobile payment well.     

A Cluster-Based Secure Active Network Environment

We introduce a cluster-based secure active network environment ((.‘SANE) which separates the processing of IP packets from that of active packets in active routers. In this environment, the active code authorized or trusted by privileged users is executed in the secure execution environment (EE) of the activc router, while others are executed in the sccure EE of the nodes in the distributed shared memory (DSM) cluster. With the supports of a multi-process Java virtual machine and KcyNotc, untrusted active packets are controllcd to securely consume rcsource. The DSM consistency management makes that active packets can be parallelly proccssed in the DSM cluster as if they were processed one by one in ANTS (Active Network Transport System). We demonstrate that CSANE has good security and scalability, but imposing little changes on traditional routcrs.     

可演化网络中移动代理的性能分析及优化方法

针对以移动代理软件方式实现的可演化网络的性能问题,提出了一种快速激活及加载方法.通过对移动代理非执行转发、执行转发及执行各步骤的详细性能测量及分析,发现网络节点的执行环境为移动代理执行所做的准备工作时间消耗较大.该快速方法首先解开移动代理包中的所有程序代码并进行预先加载,在加载主程序时优先搜索已预先加载的代码,从而能够较快地找到程序代码.快速方法通过优化代码加载时的搜索顺序,有效地加快了可演化网络中移动代理的执行过程.测试结果表明,采用快速方法使典型的移动代理平均启动加载时间缩短了3.26 ms,网络节点的吞吐率提高了58%.     

Trusted Attestation Architecture on an Infrastructure-as-a-Service

Trusted attestation is the main obstruction preventing large-scale promotion of cloud computing.How to extend a trusted relationship from a single physical node to an Infrastructure-as-a-Service(IaaS) platform is a problem that must be solved.The IaaS platform provides the Virtual Machine(VM),and the Trusted VM,equipped with a virtual Trusted Platform Module(vTPM),is the foundation of the trusted IaaS platform.We propose a multi-dimensional trusted attestation architecture that can collect and verify trusted attestation information from the computing nodes,and manage the information centrally on a cloud management platform.The architecture verifies the IaaS's trusted attestation by apprising the VM,Hypervisor,and host Operating System's(OS) trusted status.The theory and the technology roadmap were introduced,and the key technologies were analyzed.The key technologies include dynamic measurement of the Hypervisor at the process level,the protection of vTPM instances,the reinforcement of Hypervisor security,and the verification of the IaaS trusted attestation.A prototype was deployed to verify the feasibility of the system.The advantages of the prototype system were compared with the Open CIT(Intel Cloud attestation solution).A performance analysis experiment was performed on computing nodes and the results show that the performance loss is within an acceptable range.     

基于Xen平台的虚拟机交互式性能隔离改进

分析了高整合程度环境下, 虚拟机出现连续性网络延迟峰值的异常现象, 设计并实现 了针对交互式性能隔离的虚拟机调度算法优化方案, 包括协作式抢占、抢占返回和精确核算机制, 这些优化方案不需要对客户操作系统做任何修改。实验表明, 在8台CPU密集型虚拟机同时运行的情况下, 另外8台虚拟机网络延迟的最高5%平均值降低至优化前的0.93%, Firefox浏览邮件延迟的最高5%平均值降低至优化前的56.1%。     

基于品质度量的移动自组织网络安全分簇算法

为解决移动自组织网络中分簇存在的恶意簇首和簇首不稳定问题,通过在簇首选择中引入节点品质度量模型和分布式TA选择机制,提出了一种移动自组织网络安全分簇算法。该算法能生成适应不同通信模式、通信距离和移动速度的稳定簇结构,保持可信权威机构TA成员的相对稳定性。仿真分析表明：SCAQM能抵御外部恶意节点的入侵和内部合谋节点的威胁。相比其他分簇算法,SCAQM能有效抑制节点的恶意行为,以较小的算法控制开销生成更稳定的分簇结构。     

Enhance Confidentiality of Threshold Signature for MANET

The participating wireless mobile node that mobile ad hoc network （MANET） communications need to forward may be malicious. That means not only adversary might be able to acquire some sensitive information of the threshold signatures from the compromised node, but also the partial signatures may be fabricated by malicious node, the advantages of threshold signatures would disappear. Signing and encrypting the sensitive information of the threshold signatures, and only the specified receiver can recover it, which will improve the confidentiality of threshold signatures. The security analysis shows the method is suitable for the secure characteristic of MANET that has the malicious nodes, and the message transmission is secure can against the attack.     

面向Windows环境进程主动动态度量方法

在对Windows用户层恶意行为分类研究的基础上,提出了一种面向Windows环境的进程可信度量方法。针对现有的可信度量基准值通过进程执行流获取时,不能免疫加载的挂钩攻击的问题,通过对比分析进程内存映像和可执行文件执行流的基准值,判断进程是否遭受恶意攻击,并自动修复被恶意程序篡改的内容,确保进程的正常执行。     

基于SHA-1模块的可信嵌入式系统安全启动方法

在可信嵌入式系统中,嵌入式设备启动过程的安全是运行状态安全的基础,因此提出了一种可信嵌入式系统安全启动方法。针对可信嵌入式系统中的嵌入式设备原有硬件结构不改变的情况,在嵌入式设备上电后进行交互验证,然后再利用SHA-1模块对启动过程中的程序代码进行完整性度量。实验结果表明,设计的SHA-1模块功能可靠,能够应用在可信嵌入式系统中实现完整性度量,从而结合系统上电交互验证过程实现嵌入式设备的安全启动。该方法能够保持现有嵌入式设备的原有硬件结构不变,具有普遍的适应性。     

基于TPM的资源共享模型及访问机制

传统的资源共享模式存在资源本身的不安全和过于简单的访问控制等问题,从而造成共享资源的恶意泄露.基于此,本文在传统资源共享模型的基础上,引入了可信平台模块(trusted platform module),利用TPM的安全数据存储功能对共享资源进行密封存储,并利用(usage control)模型对共享资源进行访问控制,从而构建了基于可信平台模块TPM的高度安全的层次化资源共享模型.     

一种面向安全SOC的可信体系结构

提出了面向安全SOC的可信体系结构,以解决其面临的诸多安全问题,可信体系结构的核心是安全域划分和安全审核硬件单元.安全域包括可信基、安全OS、可信应用以及非可信应用,各不同安全域具有静态和动态隔离性;安全SOC中的安全规则最终由安全审核单元在硬件层面来保障.在可信体系结构基础上,讨论了怎样进行安全扩展以获得更全面的安全性,即抗旁路攻击、物理攻击、防止芯片被复制伪造以及因被盗而造成安全危害.     

路径条件驱动的混淆恶意代码检测

代码混淆是恶意代码隐藏自身的主要手段之一.本文提出了一种新的动态检测方法,能够有效检测混淆后的恶意代码.该方法能够利用ISR进行动态调试.在调试过程中通过对路径条件的约束求解,驱动恶意代码执行不同的路径更深入地检测隐藏恶意代码.此外,对于需要读取外部资源的恶意代码,恶意行为往往需要结合外部资源才能检测.本文方法能够准确定位外部资源并结合原始恶意代码进行检测,提高检测的准确性.在原型系统的测试中,与12种杀毒软件的横向测试表明,该方法在对混淆恶意代码检测中能有效地降低漏报率.     

The theory and practice in the evolution of trusted computing

Trusted computing （TC） is an emerging tech- nology to enhance the security of various computing plat- forms by a dedicated secure chip （TPM/TCM）, which is widely accepted by both the industrial and academic world. This paper attempts to sketch the evolution of TC from the view of our theoretical and engineering work. In theory, we focus on protocol design and security analysis. We have proposed the first ECDAA protocol scheme based on q-SDH assumption, which highlights a new way to design direct anonymous attestation scheme. In technical evolu- tion, we discuss the key technologies of trust chain, trusted network connection and TC testing and evaluation. We break through several key technologies such as trusted boot, OS measurement and remote attestation, and imple- ment a TC system from TPM/TCM to network. We also design and implement a testing and evaluation system of TC platform, which is the first one put into practical application in China. Finally, with the rapid development of cloud computing and mobile applications, TC is moving toward some new directions, such as the trust in cloud and mobile environments, new TPM standard, and flexible trust execution environment trust establishment method.