To analyze the security of two-step quantum direct communication protocol (QDCP) by using Einstein-Podolsky Rosen pair proposed by Deng et al. [Phys. Rev. A 68 (2003)042317] in collective-rotation noise channel, a...To analyze the security of two-step quantum direct communication protocol (QDCP) by using Einstein-Podolsky Rosen pair proposed by Deng et al. [Phys. Rev. A 68 (2003)042317] in collective-rotation noise channel, an excellent model of noise analysis is proposed. In the security analysis, the method of the entropy theory is introduced, and is compared with QDCP, an error rate point Qo(M : (Q0, 1.0)) is given. In different noise levels, if Eve wants to obtain the same amount of information, the error rate Q is distinguishable. The larger the noise level ~ is, the larger the error rate Q is. When the noise level ~ is lower than 11%, the high error rate is 0.153 without eavesdropping. Lastly, the security of the proposed protocol is discussed. It turns out that the quantum channel will be safe when Q 〈 0.153. Similarly, if error rate Q〉 0.153 = Q0, eavesdropping information I 〉 1, which means that there exist eavesdroppers in the quantum channel, and the quantum channel will not be safe anymore.展开更多
Canetti and Herzog have already proposed universally composable symbolic analysis(UCSA) to analyze mutual authentication and key exchange protocols. However,they do not analyze group key exchange protocol. Therefore,t...Canetti and Herzog have already proposed universally composable symbolic analysis(UCSA) to analyze mutual authentication and key exchange protocols. However,they do not analyze group key exchange protocol. Therefore,this paper explores an approach to analyze group key exchange protocols,which realize automation and guarantee the soundness of cryptography. Considered that there exist many kinds of group key exchange protocols and the participants’ number of each protocol is arbitrary. So this paper takes the case of Burmester-Desmedt(BD) protocol with three participants against passive adversary(3-BD-Passive) . In a nutshell,our works lay the root for analyzing group key exchange protocols automatically without sacrificing soundness of cryptography.展开更多
Mobile ad hoc networks (MANETs) have become a hot issue in the area of wireless networks for their non-infrastructure and mobile features. In this paper, a MANET is modeled so that the length of each link in the net...Mobile ad hoc networks (MANETs) have become a hot issue in the area of wireless networks for their non-infrastructure and mobile features. In this paper, a MANET is modeled so that the length of each link in the network is considered as a birthdeath process and the space is reused for n times in the flooding process, which is named as an n-spatiai reuse birth-death model (n-SRBDM). We analyze the performance of the network under the dynamic source routing protocol (DSR) which is a famous reactive routing protocol. Some performance parameters of the route discovery are studied such as the probability distribution and the expectation of the flooding distance, the probability that a route is discovered by a query packet with a hop limit, the probability that a request packet finds a τ-time-valid route or a symmetric-valid route, and the average time needed to discover a valid route. For the route maintenance, some parameters are introduced and studied such as the average frequency of route recovery and the average time of a route to be valid. We compare the two models with spatial reuse and without spatial reuse by evaluating these parameters. It is shown that the spatial reuse model is much more effective in routing.展开更多
This study focuses on testing and quality measurement and analysis of VoIPv6 performance. A client, server codes were developed using FreeBSD. This is a step before analyzing the Architectures of VoIPv6 in the current...This study focuses on testing and quality measurement and analysis of VoIPv6 performance. A client, server codes were developed using FreeBSD. This is a step before analyzing the Architectures of VoIPv6 in the current internet in order for it to cope with IPv6 traffic transmission requirements in general and specifically voice traffic, which is being attracting the efforts of research, bodes currently. These tests were conducted in the application level without looking into the network level of the network. VoIPv6 performance tests were conducted in the current tunneled and native IPv6 aiming for better end-to-end VoIPv6 performance. The results obtained in this study were shown in deferent codec's for different bit rates in Kilo bits per second, which act as an indicator for the better performance of G.711 compared with the rest of the tested codes.展开更多
Denial of Service Distributed Denial of Service (DOS) attack, especially (DDoS) attack, is one of the greatest threats to Internet. Much research has been done for it by now, however, it is always concentrated in ...Denial of Service Distributed Denial of Service (DOS) attack, especially (DDoS) attack, is one of the greatest threats to Internet. Much research has been done for it by now, however, it is always concentrated in the behaviors of the network and can not deal with the problem exactly. In this paper, we start from the security of the protocol, then we propose a novel theory for security protocol analysis of Denial of Service in order to deal with the DoS attack. We first introduce the conception of weighted graph to extend the strand space model, then we extend the penetrator model and define the goal of anti-DoS attack through the conception of the DoS-stop protocol, finally we propose two kinds of DoS test model and erect the novel formal theory for security protocol analysis of Denial of Service. Our new formal theory is applied in two example protocols. It is proved that the Internet key exchange (IKE) easily suffers from the DoS attacks, and the efficient DoS- resistant secure key exchange protocol (JFK) is resistant against DoS attack for the server, respectively.展开更多
Hybrid Power-line/Visible-light Communication(HPVC)network has been one of the most promising Cooperative Communication(CC)technologies for constructing Smart Home due to its superior communication reliability and har...Hybrid Power-line/Visible-light Communication(HPVC)network has been one of the most promising Cooperative Communication(CC)technologies for constructing Smart Home due to its superior communication reliability and hardware efficiency.Current research on HPVC networks focuses on the performance analysis and optimization of the Physical(PHY)layer,where the Power Line Communication(PLC)component only serves as the backbone to provide power to light Emitting Diode(LED)devices.So designing a Media Access Control(MAC)protocol remains a great challenge because it allows both PLC and Visible Light Communication(VLC)components to operate data transmission,i.e.,to achieve a true HPVC network CC.To solve this problem,we propose a new HPC network MAC protocol(HPVC MAC)based on Carrier Sense Multiple Access/Collision Avoidance(CSMA/CA)by combining IEEE 802.15.7 and IEEE 1901 standards.Firstly,we add an Additional Assistance(AA)layer to provide the channel selection strategies for sensor stations,so that they can complete data transmission on the selected channel via the specified CSMA/CA mechanism,respectively.Based on this,we give a detailed working principle of the HPVC MAC,followed by the construction of a joint analytical model for mathematicalmathematical validation of the HPVC MAC.In the modeling process,the impacts of PHY layer settings(including channel fading types and additive noise feature),CSMA/CA mechanisms of 802.15.7 and 1901,and practical configurations(such as traffic rate,transit buffer size)are comprehensively taken into consideration.Moreover,we prove the proposed analytical model has the solvability.Finally,through extensive simulations,we characterize the HPVC MAC performance under different system parameters and verify the correctness of the corresponding analytical model with an average error rate of 4.62%between the simulation and analytical results.展开更多
MEGA is an end-to-end encrypted cloud storage platform controlled by users.Moreover,the communication between MEGA client and server is carried out under the protection of Transport Layer Security(TLS)encryption,it is...MEGA is an end-to-end encrypted cloud storage platform controlled by users.Moreover,the communication between MEGA client and server is carried out under the protection of Transport Layer Security(TLS)encryption,it is difficult to intercept the key data packets in the process of MEGA registration,login,file data upload,and download.These characteristics of MEGA have brought great difficulties to its forensics.This paper presents a method to attack MEGA to provide an effective method for MEGA’s forensics.By debugging the open-source code of MEGA and analyzing the security white paper published,this paper first clarifies the encryption mechanism of MEGA,including the detailed process of registration,login,and file encryption,studies the encryption mechanism of MEGA from the perspective of protocol analysis,and finds out the vulnerability of MEGA encryption mechanism.On this basis,a method to attack MEGA is proposed,and the secret data stored in the MEGA server can be accessed or downloaded;Finally,the efficiency of the attack method is analyzed,and some suggestions to resist this attack method are put forward.展开更多
Authentication is the basis of the security of IEEE 802.11i standard. The authentication process in 802.11i involves two important protocols: a 4-way handshake and a group key handshake. A formal analysis of authenti...Authentication is the basis of the security of IEEE 802.11i standard. The authentication process in 802.11i involves two important protocols: a 4-way handshake and a group key handshake. A formal analysis of authentication in 802.11i is given via a belief multisets formalism. The analysis shows that the 4-way handshake and the group key handshake may provide satisfactory mutual authentication, key management, and issue of a new group temporal key from an access point to a user device, under the guarantee of mutual possession of a confidential palrwise master key. The analysis also shows that there exists a denial of service attack in the 4-way handshake and some seeming redundancies are useful in the protocol implementation.展开更多
Phase-matching quantum key distribution is a promising scheme for remote quantum key distribution,breaking through the traditional linear key-rate bound.In practical applications,finite data size can cause significant...Phase-matching quantum key distribution is a promising scheme for remote quantum key distribution,breaking through the traditional linear key-rate bound.In practical applications,finite data size can cause significant system performance to deteriorate when data size is below 1010.In this work,an improved statistical fluctuation analysis method is applied for the first time to two decoy-states phase-matching quantum key distribution,offering a new insight and potential solutions for improving the key generation rate and the maximum transmission distance while maintaining security.Moreover,we also compare the influence of the proposed improved statistical fluctuation analysis method on system performance with those of the Gaussian approximation and Chernoff-Hoeffding boundary methods on system performance.The simulation results show that the proposed scheme significantly improves the key generation rate and maximum transmission distance in comparison with the Chernoff-Hoeffding approach,and approach the results obtained when the Gaussian approximation is employed.At the same time,the proposed scheme retains the same security level as the Chernoff-Hoeffding method,and is even more secure than the Gaussian approximation.展开更多
Optimizing the sensor energy is one of the most important concern in Three-Dimensional(3D)Wireless Sensor Networks(WSNs).An improved dynamic hierarchical clustering has been used in previous works that computes optimu...Optimizing the sensor energy is one of the most important concern in Three-Dimensional(3D)Wireless Sensor Networks(WSNs).An improved dynamic hierarchical clustering has been used in previous works that computes optimum clusters count and thus,the total consumption of energy is optimal.However,the computational complexity will be increased due to data dimension,and this leads to increase in delay in network data transmission and reception.For solving the above-mentioned issues,an efficient dimensionality reduction model based on Incremental Linear Discriminant Analysis(ILDA)is proposed for 3D hierarchical clustering WSNs.The major objective of the proposed work is to design an efficient dimensionality reduction and energy efficient clustering algorithm in 3D hierarchical clustering WSNs.This ILDA approach consists of four major steps such as data dimension reduction,distance similarity index introduction,double cluster head technique and node dormancy approach.This protocol differs from normal hierarchical routing protocols in formulating the Cluster Head(CH)selection technique.According to node’s position and residual energy,optimal cluster-head function is generated,and every CH is elected by this formulation.For a 3D spherical structure,under the same network condition,the performance of the proposed ILDA with Improved Dynamic Hierarchical Clustering(IDHC)is compared with Distributed Energy-Efficient Clustering(DEEC),Hybrid Energy Efficient Distributed(HEED)and Stable Election Protocol(SEP)techniques.It is observed that the proposed ILDA based IDHC approach provides better results with respect to Throughput,network residual energy,network lifetime and first node death round.展开更多
Multi-criteria decision analysis deals with decision problems in which multiple criteria need to be considered. The criteria might be measured on different scales so that comparability is difficult. One approach to he...Multi-criteria decision analysis deals with decision problems in which multiple criteria need to be considered. The criteria might be measured on different scales so that comparability is difficult. One approach to help the user to organize the problem and to reflect on his or her assessment on the decision is Measuring Attractiveness by a Categorical Based Evaluation TecHnique (MACBETH). Here the user needs to provide qualitative judgment about differences of attractiveness regarding pairs of options. MACBETH was implemented in the M-MACBETH software using the additive aggregation model. The present article introduces the software tool “AniFair” which combines the MACBETH approach with the Choquet integral as an aggregation function, because the Choquet integral enables the modeling of interaction between criteria. With the Choquet integral, the user can define constraints on the relative importance of criteria (Shapley value) and the interaction between criteria. In contrast to M-MACBETH, with every instance of “AniFair” the user is made available at least two aggregation level. “AniFair” provides Graphical User Interfaces for the entering of information. The software tool is introduced via an example from the Welfare Quality Assessment protocol for pigs. With this, “AniFair” is applied to real data that were collected from thirteen farms in Northern Germany by an animal welfare expert. The “AniFair” results enabled a division of the farms into five groups of comparable performance concerning the welfare principle “Good feeding”. Hereby, the results differed in how much the interaction between criteria contributed to the Choquet integral values. The shares varied from 5% to 55%. With this, the vulnerability of aggregation results towards relative importance of and interaction between criteria was stressed, as changes in the ranking due to the definition of constraints could be shown. All results were exported to human readable txt or csv files for further analyses, and advice could be given to the farmers on how to improve their welfare situation.展开更多
A methodology integrating correlation,regression(MLR),machine learning(ML),and pattern analysis of long-term weekly net ecosystem exchange(NEE)datasets are applied to four deciduous broadleaf forest(DBF)sites forming ...A methodology integrating correlation,regression(MLR),machine learning(ML),and pattern analysis of long-term weekly net ecosystem exchange(NEE)datasets are applied to four deciduous broadleaf forest(DBF)sites forming part of the AmeriFlux(FLUXNET2015)database.Such analysis effectively characterizes and distinguishes those DBF sites for which long-term NEE patterns can be accurately predicted using the recorded environmental variables,from those sites cannot be so delineated.Comparisons of twelve NEE prediction models(5 MLR;7 ML),using multi-fold cross-validation analysis,reveal that support vector regression generates the most accurate and reliable predictions for each site considered,based on fits involving between 16 and 24 available environmental variables.SVR can accurately predict NEE for datasets for DBF sites US-MMS and US-MOz,but fail to reliably do so for sites CA-Cbo and MX-Tes.For the latter two sites the predicted versus recorded NEE weekly data follow a Y≠X pattern and are characterized by rapid fluctuations between low and high NEE values across leaf-on seasonal periods.Variable influences on NEE,determined by their importance to MLR and ML model solutions,identify distinctive sets of the most and least influential variables for each site studied.Such information is valuable for monitoring and modelling the likely impacts of changing climate on the ability of these sites to serve as long-term carbon sinks.The periodically oscillating NEE weekly patterns distinguished for sites CA-Cbo and MX-Tes are not readily explained in terms of the currently recorded environmental variables.More detailed analysis of the biological processes at work in the forest understory and soil at these sites are recommended to determine additional suitable variables to measure that might better explain such fluctuations.展开更多
Computer analysis of electrocardiograms(ECGs)was introduced more than 50 years ago,with the aim to improve efficiency and clinical workflow.[1,2]However,inaccuracies have been documented in the literature.[3,4]Researc...Computer analysis of electrocardiograms(ECGs)was introduced more than 50 years ago,with the aim to improve efficiency and clinical workflow.[1,2]However,inaccuracies have been documented in the literature.[3,4]Research indicates that emergency department(ED)clinician interruptions occur every 4-10 min,which is significantly more common than in other specialties.[5]This increases the cognitive load and error rates and impacts patient care and clinical effi ciency.[1,2,5]De-prioritization protocols have been introduced in certain centers in the United Kingdom(UK),removing the need for clinician ECG interpretation where ECGs have been interpreted as normal by the machine.展开更多
Previous research on deep-space networks based on delay-tolerant networking(DTN)has mainly focused on the performance of DTN protocols in simple networks;hence,research on complex networks is lacking.In this paper,we ...Previous research on deep-space networks based on delay-tolerant networking(DTN)has mainly focused on the performance of DTN protocols in simple networks;hence,research on complex networks is lacking.In this paper,we focus on network evaluation and protocol deployment for complex DTNbased deep-space networks and apply the results to a novel complex deep-space network based on the Universal Interplanetary Communication Network(UNICON-CDSN)proposed by the National Space Science Center(NSSC)for simulation and verification.A network evaluation method based on network capacity and memory analysis is proposed.Based on a performance comparison between the Licklider Transmission Protocol(LTP)and the Transmission Control Protocol(TCP)with the Bundle Protocol(BP)in various communication scenarios,a transport protocol configuration proposal is developed and used to construct an LTP deployment scheme for UNICON-CDSN.For the LTP deployment scheme,a theoretical model of file delivery time over complex deep-space networks is built.A network evaluation with the method proposed in this paper proves that UNICONCDSN satisfies the requirements for the 2020 Mars exploration mission Curiosity.Moreover,simulation results from a universal space communication network testbed(USCNT)designed by us show that the LTP deployment scheme is suitable for UNICON-CDSN.展开更多
IEEE 802.16e, as an amendment and corrigendum to the IEEE 802.16-2004, published on 28 February 2006, and intended to update and expand IEEE 802.16-2004 to allow for mobile subscriber stations. This paper summarizes t...IEEE 802.16e, as an amendment and corrigendum to the IEEE 802.16-2004, published on 28 February 2006, and intended to update and expand IEEE 802.16-2004 to allow for mobile subscriber stations. This paper summarizes the key management protocol belonging to security part of the IEEE 802.16e, which includes security negotiation, authorization, key derivation, handshake, and key transportation. While these building blocks are well designed, we point out some unwelcome features for these building blocks. We also give out suggestions to diminish the proposed problems.展开更多
Fair exchange protocols play a critical role in enabling two distrustful entities to conduct electronic data exchanges in a fair and secure manner.These protocols are widely used in electronic payment systems and elec...Fair exchange protocols play a critical role in enabling two distrustful entities to conduct electronic data exchanges in a fair and secure manner.These protocols are widely used in electronic payment systems and electronic contract signing,ensuring the reliability and security of network transactions.In order to address the limitations of current research methods and enhance the analytical capabilities for fair exchange protocols,this paper proposes a formal model for analyzing such protocols.The proposed model begins with a thorough analysis of fair exchange protocols,followed by the formal definition of fairness.This definition accurately captures the inherent requirements of fair exchange protocols.Building upon event logic,the model incorporates the time factor into predicates and introduces knowledge set axioms.This enhancement empowers the improved logic to effectively describe the state and knowledge of protocol participants at different time points,facilitating reasoning about their acquired knowledge.To maximize the intruder’s capabilities,channel errors are translated into the behaviors of the intruder.The participants are further categorized into honest participants and malicious participants,enabling a comprehensive evaluation of the intruder’s potential impact.By employing a typical fair exchange protocol as an illustrative example,this paper demonstrates the detailed steps of utilizing the proposed model for protocol analysis.The entire process of protocol execution under attack scenarios is presented,shedding light on the underlying reasons for the attacks and proposing corresponding countermeasures.The developedmodel enhances the ability to reason about and evaluate the security properties of fair exchange protocols,thereby contributing to the advancement of secure network transactions.展开更多
The dynamic characteristics of eplicit control protocol (XCP) were investigated with single bottleneck on the microscopic time-scale. Analysis and simulation results show that the bandwidth utilization of an XCP bottl...The dynamic characteristics of eplicit control protocol (XCP) were investigated with single bottleneck on the microscopic time-scale. Analysis and simulation results show that the bandwidth utilization of an XCP bottleneck link converges to 1 at exponential rate, persistent congestion cannot occur at the bottleneck link, and throughput of an arbitrary subset of XCP flows at the bottleneck link converges to its fair share in exponential rate. The XCP has high bandwidth utilization and good fairness properties.展开更多
The Internet Control Message Protocol(ICMP)covert tunnel refers to a network attack that encapsulates malicious data in the data part of the ICMP protocol for transmission.Its concealment is stronger and it is not eas...The Internet Control Message Protocol(ICMP)covert tunnel refers to a network attack that encapsulates malicious data in the data part of the ICMP protocol for transmission.Its concealment is stronger and it is not easy to be discovered.Most detection methods are detecting the existence of channels instead of clarifying specific attack intentions.In this paper,we propose an ICMP covert tunnel attack intent detection framework ICMPTend,which includes five steps:data collection,feature dictionary construction,data preprocessing,model construction,and attack intent prediction.ICMPTend can detect a variety of attack intentions,such as shell attacks,sensitive directory access,communication protocol traffic theft,filling tunnel reserved words,and other common network attacks.We extract features from five types of attack intent found in ICMP channels.We build a multi-dimensional dictionary of malicious features,including shell attacks,sensitive directory access,communication protocol traffic theft,filling tunnel reserved words,and other common network attack keywords.For the high-dimensional and independent characteristics of ICMP traffic,we use a support vector machine(SVM)as a multi-class classifier.The experimental results show that the average accuracy of ICMPTend is 92%,training ICMPTend only takes 55 s,and the prediction time is only 2 s,which can effectively identify the attack intention of ICMP.展开更多
Data center networks may comprise tens or hundreds of thousands of nodes,and,naturally,suffer from frequent software and hardware failures as well as link congestions.Packets are routed along the shortest paths with s...Data center networks may comprise tens or hundreds of thousands of nodes,and,naturally,suffer from frequent software and hardware failures as well as link congestions.Packets are routed along the shortest paths with sufficient resources to facilitate efficient network utilization and minimize delays.In such dynamic networks,links frequently fail or get congested,making the recalculation of the shortest paths a computationally intensive problem.Various routing protocols were proposed to overcome this problem by focusing on network utilization rather than speed.Surprisingly,the design of fast shortest-path algorithms for data centers was largely neglected,though they are universal components of routing protocols.Moreover,parallelization techniques were mostly deployed for random network topologies,and not for regular topologies that are often found in data centers.The aim of this paper is to improve scalability and reduce the time required for the shortest-path calculation in data center networks by parallelization on general-purpose hardware.We propose a novel algorithm that parallelizes edge relaxations as a faster and more scalable solution for popular data center topologies.展开更多
基金Supported by the National Natural Science Foundation of China under Grant Nos 61472048,61402058,61272511,61472046,61202082 and 61370194the Beijing Natural Science Foundation under Grant No 4152038the China Postdoctoral Science Foundation Funded Project under Grant No 2014M561826
文摘To analyze the security of two-step quantum direct communication protocol (QDCP) by using Einstein-Podolsky Rosen pair proposed by Deng et al. [Phys. Rev. A 68 (2003)042317] in collective-rotation noise channel, an excellent model of noise analysis is proposed. In the security analysis, the method of the entropy theory is introduced, and is compared with QDCP, an error rate point Qo(M : (Q0, 1.0)) is given. In different noise levels, if Eve wants to obtain the same amount of information, the error rate Q is distinguishable. The larger the noise level ~ is, the larger the error rate Q is. When the noise level ~ is lower than 11%, the high error rate is 0.153 without eavesdropping. Lastly, the security of the proposed protocol is discussed. It turns out that the quantum channel will be safe when Q 〈 0.153. Similarly, if error rate Q〉 0.153 = Q0, eavesdropping information I 〉 1, which means that there exist eavesdroppers in the quantum channel, and the quantum channel will not be safe anymore.
基金supported by National Natural Science Foundation of China No.61003262,National Natural Science Foundation of China No.60873237Doctoral Fund of Ministry of Education of China No.20070007071
文摘Canetti and Herzog have already proposed universally composable symbolic analysis(UCSA) to analyze mutual authentication and key exchange protocols. However,they do not analyze group key exchange protocol. Therefore,this paper explores an approach to analyze group key exchange protocols,which realize automation and guarantee the soundness of cryptography. Considered that there exist many kinds of group key exchange protocols and the participants’ number of each protocol is arbitrary. So this paper takes the case of Burmester-Desmedt(BD) protocol with three participants against passive adversary(3-BD-Passive) . In a nutshell,our works lay the root for analyzing group key exchange protocols automatically without sacrificing soundness of cryptography.
基金Project supported by the National Natural Science Foundation of China (Nos.10471088 and 60572126)the Science Foundation of Shanghai Municipal Commission of Education (No.06ZZ84)
文摘Mobile ad hoc networks (MANETs) have become a hot issue in the area of wireless networks for their non-infrastructure and mobile features. In this paper, a MANET is modeled so that the length of each link in the network is considered as a birthdeath process and the space is reused for n times in the flooding process, which is named as an n-spatiai reuse birth-death model (n-SRBDM). We analyze the performance of the network under the dynamic source routing protocol (DSR) which is a famous reactive routing protocol. Some performance parameters of the route discovery are studied such as the probability distribution and the expectation of the flooding distance, the probability that a route is discovered by a query packet with a hop limit, the probability that a request packet finds a τ-time-valid route or a symmetric-valid route, and the average time needed to discover a valid route. For the route maintenance, some parameters are introduced and studied such as the average frequency of route recovery and the average time of a route to be valid. We compare the two models with spatial reuse and without spatial reuse by evaluating these parameters. It is shown that the spatial reuse model is much more effective in routing.
文摘This study focuses on testing and quality measurement and analysis of VoIPv6 performance. A client, server codes were developed using FreeBSD. This is a step before analyzing the Architectures of VoIPv6 in the current internet in order for it to cope with IPv6 traffic transmission requirements in general and specifically voice traffic, which is being attracting the efforts of research, bodes currently. These tests were conducted in the application level without looking into the network level of the network. VoIPv6 performance tests were conducted in the current tunneled and native IPv6 aiming for better end-to-end VoIPv6 performance. The results obtained in this study were shown in deferent codec's for different bit rates in Kilo bits per second, which act as an indicator for the better performance of G.711 compared with the rest of the tested codes.
基金This work is supported by National Natural Science Foundation of China under contract 60902008.
文摘Denial of Service Distributed Denial of Service (DOS) attack, especially (DDoS) attack, is one of the greatest threats to Internet. Much research has been done for it by now, however, it is always concentrated in the behaviors of the network and can not deal with the problem exactly. In this paper, we start from the security of the protocol, then we propose a novel theory for security protocol analysis of Denial of Service in order to deal with the DoS attack. We first introduce the conception of weighted graph to extend the strand space model, then we extend the penetrator model and define the goal of anti-DoS attack through the conception of the DoS-stop protocol, finally we propose two kinds of DoS test model and erect the novel formal theory for security protocol analysis of Denial of Service. Our new formal theory is applied in two example protocols. It is proved that the Internet key exchange (IKE) easily suffers from the DoS attacks, and the efficient DoS- resistant secure key exchange protocol (JFK) is resistant against DoS attack for the server, respectively.
基金supported by the National Natural Science Foundation of China(No.61772386)National Key Research and Development Project(No.2018YFB1305001)Fundamental Research Funds for the Central Universities(No.KJ02072021-0119).
文摘Hybrid Power-line/Visible-light Communication(HPVC)network has been one of the most promising Cooperative Communication(CC)technologies for constructing Smart Home due to its superior communication reliability and hardware efficiency.Current research on HPVC networks focuses on the performance analysis and optimization of the Physical(PHY)layer,where the Power Line Communication(PLC)component only serves as the backbone to provide power to light Emitting Diode(LED)devices.So designing a Media Access Control(MAC)protocol remains a great challenge because it allows both PLC and Visible Light Communication(VLC)components to operate data transmission,i.e.,to achieve a true HPVC network CC.To solve this problem,we propose a new HPC network MAC protocol(HPVC MAC)based on Carrier Sense Multiple Access/Collision Avoidance(CSMA/CA)by combining IEEE 802.15.7 and IEEE 1901 standards.Firstly,we add an Additional Assistance(AA)layer to provide the channel selection strategies for sensor stations,so that they can complete data transmission on the selected channel via the specified CSMA/CA mechanism,respectively.Based on this,we give a detailed working principle of the HPVC MAC,followed by the construction of a joint analytical model for mathematicalmathematical validation of the HPVC MAC.In the modeling process,the impacts of PHY layer settings(including channel fading types and additive noise feature),CSMA/CA mechanisms of 802.15.7 and 1901,and practical configurations(such as traffic rate,transit buffer size)are comprehensively taken into consideration.Moreover,we prove the proposed analytical model has the solvability.Finally,through extensive simulations,we characterize the HPVC MAC performance under different system parameters and verify the correctness of the corresponding analytical model with an average error rate of 4.62%between the simulation and analytical results.
基金This work was supported by the Key Laboratory of confidential communication Fund Project(No.6142103190308).
文摘MEGA is an end-to-end encrypted cloud storage platform controlled by users.Moreover,the communication between MEGA client and server is carried out under the protection of Transport Layer Security(TLS)encryption,it is difficult to intercept the key data packets in the process of MEGA registration,login,file data upload,and download.These characteristics of MEGA have brought great difficulties to its forensics.This paper presents a method to attack MEGA to provide an effective method for MEGA’s forensics.By debugging the open-source code of MEGA and analyzing the security white paper published,this paper first clarifies the encryption mechanism of MEGA,including the detailed process of registration,login,and file encryption,studies the encryption mechanism of MEGA from the perspective of protocol analysis,and finds out the vulnerability of MEGA encryption mechanism.On this basis,a method to attack MEGA is proposed,and the secret data stored in the MEGA server can be accessed or downloaded;Finally,the efficiency of the attack method is analyzed,and some suggestions to resist this attack method are put forward.
基金the National High Technology Research and Development Program(863)of China(No.2006AA01Z422)the National Natural Science Foundation of China(Nos.60573030,90704004)
文摘Authentication is the basis of the security of IEEE 802.11i standard. The authentication process in 802.11i involves two important protocols: a 4-way handshake and a group key handshake. A formal analysis of authentication in 802.11i is given via a belief multisets formalism. The analysis shows that the 4-way handshake and the group key handshake may provide satisfactory mutual authentication, key management, and issue of a new group temporal key from an access point to a user device, under the guarantee of mutual possession of a confidential palrwise master key. The analysis also shows that there exists a denial of service attack in the 4-way handshake and some seeming redundancies are useful in the protocol implementation.
文摘Phase-matching quantum key distribution is a promising scheme for remote quantum key distribution,breaking through the traditional linear key-rate bound.In practical applications,finite data size can cause significant system performance to deteriorate when data size is below 1010.In this work,an improved statistical fluctuation analysis method is applied for the first time to two decoy-states phase-matching quantum key distribution,offering a new insight and potential solutions for improving the key generation rate and the maximum transmission distance while maintaining security.Moreover,we also compare the influence of the proposed improved statistical fluctuation analysis method on system performance with those of the Gaussian approximation and Chernoff-Hoeffding boundary methods on system performance.The simulation results show that the proposed scheme significantly improves the key generation rate and maximum transmission distance in comparison with the Chernoff-Hoeffding approach,and approach the results obtained when the Gaussian approximation is employed.At the same time,the proposed scheme retains the same security level as the Chernoff-Hoeffding method,and is even more secure than the Gaussian approximation.
文摘Optimizing the sensor energy is one of the most important concern in Three-Dimensional(3D)Wireless Sensor Networks(WSNs).An improved dynamic hierarchical clustering has been used in previous works that computes optimum clusters count and thus,the total consumption of energy is optimal.However,the computational complexity will be increased due to data dimension,and this leads to increase in delay in network data transmission and reception.For solving the above-mentioned issues,an efficient dimensionality reduction model based on Incremental Linear Discriminant Analysis(ILDA)is proposed for 3D hierarchical clustering WSNs.The major objective of the proposed work is to design an efficient dimensionality reduction and energy efficient clustering algorithm in 3D hierarchical clustering WSNs.This ILDA approach consists of four major steps such as data dimension reduction,distance similarity index introduction,double cluster head technique and node dormancy approach.This protocol differs from normal hierarchical routing protocols in formulating the Cluster Head(CH)selection technique.According to node’s position and residual energy,optimal cluster-head function is generated,and every CH is elected by this formulation.For a 3D spherical structure,under the same network condition,the performance of the proposed ILDA with Improved Dynamic Hierarchical Clustering(IDHC)is compared with Distributed Energy-Efficient Clustering(DEEC),Hybrid Energy Efficient Distributed(HEED)and Stable Election Protocol(SEP)techniques.It is observed that the proposed ILDA based IDHC approach provides better results with respect to Throughput,network residual energy,network lifetime and first node death round.
文摘Multi-criteria decision analysis deals with decision problems in which multiple criteria need to be considered. The criteria might be measured on different scales so that comparability is difficult. One approach to help the user to organize the problem and to reflect on his or her assessment on the decision is Measuring Attractiveness by a Categorical Based Evaluation TecHnique (MACBETH). Here the user needs to provide qualitative judgment about differences of attractiveness regarding pairs of options. MACBETH was implemented in the M-MACBETH software using the additive aggregation model. The present article introduces the software tool “AniFair” which combines the MACBETH approach with the Choquet integral as an aggregation function, because the Choquet integral enables the modeling of interaction between criteria. With the Choquet integral, the user can define constraints on the relative importance of criteria (Shapley value) and the interaction between criteria. In contrast to M-MACBETH, with every instance of “AniFair” the user is made available at least two aggregation level. “AniFair” provides Graphical User Interfaces for the entering of information. The software tool is introduced via an example from the Welfare Quality Assessment protocol for pigs. With this, “AniFair” is applied to real data that were collected from thirteen farms in Northern Germany by an animal welfare expert. The “AniFair” results enabled a division of the farms into five groups of comparable performance concerning the welfare principle “Good feeding”. Hereby, the results differed in how much the interaction between criteria contributed to the Choquet integral values. The shares varied from 5% to 55%. With this, the vulnerability of aggregation results towards relative importance of and interaction between criteria was stressed, as changes in the ranking due to the definition of constraints could be shown. All results were exported to human readable txt or csv files for further analyses, and advice could be given to the farmers on how to improve their welfare situation.
文摘A methodology integrating correlation,regression(MLR),machine learning(ML),and pattern analysis of long-term weekly net ecosystem exchange(NEE)datasets are applied to four deciduous broadleaf forest(DBF)sites forming part of the AmeriFlux(FLUXNET2015)database.Such analysis effectively characterizes and distinguishes those DBF sites for which long-term NEE patterns can be accurately predicted using the recorded environmental variables,from those sites cannot be so delineated.Comparisons of twelve NEE prediction models(5 MLR;7 ML),using multi-fold cross-validation analysis,reveal that support vector regression generates the most accurate and reliable predictions for each site considered,based on fits involving between 16 and 24 available environmental variables.SVR can accurately predict NEE for datasets for DBF sites US-MMS and US-MOz,but fail to reliably do so for sites CA-Cbo and MX-Tes.For the latter two sites the predicted versus recorded NEE weekly data follow a Y≠X pattern and are characterized by rapid fluctuations between low and high NEE values across leaf-on seasonal periods.Variable influences on NEE,determined by their importance to MLR and ML model solutions,identify distinctive sets of the most and least influential variables for each site studied.Such information is valuable for monitoring and modelling the likely impacts of changing climate on the ability of these sites to serve as long-term carbon sinks.The periodically oscillating NEE weekly patterns distinguished for sites CA-Cbo and MX-Tes are not readily explained in terms of the currently recorded environmental variables.More detailed analysis of the biological processes at work in the forest understory and soil at these sites are recommended to determine additional suitable variables to measure that might better explain such fluctuations.
文摘Computer analysis of electrocardiograms(ECGs)was introduced more than 50 years ago,with the aim to improve efficiency and clinical workflow.[1,2]However,inaccuracies have been documented in the literature.[3,4]Research indicates that emergency department(ED)clinician interruptions occur every 4-10 min,which is significantly more common than in other specialties.[5]This increases the cognitive load and error rates and impacts patient care and clinical effi ciency.[1,2,5]De-prioritization protocols have been introduced in certain centers in the United Kingdom(UK),removing the need for clinician ECG interpretation where ECGs have been interpreted as normal by the machine.
基金supported by the Strategic leading project of the Chinese Academy of Sciences (Grant No. XDA15014603)。
文摘Previous research on deep-space networks based on delay-tolerant networking(DTN)has mainly focused on the performance of DTN protocols in simple networks;hence,research on complex networks is lacking.In this paper,we focus on network evaluation and protocol deployment for complex DTNbased deep-space networks and apply the results to a novel complex deep-space network based on the Universal Interplanetary Communication Network(UNICON-CDSN)proposed by the National Space Science Center(NSSC)for simulation and verification.A network evaluation method based on network capacity and memory analysis is proposed.Based on a performance comparison between the Licklider Transmission Protocol(LTP)and the Transmission Control Protocol(TCP)with the Bundle Protocol(BP)in various communication scenarios,a transport protocol configuration proposal is developed and used to construct an LTP deployment scheme for UNICON-CDSN.For the LTP deployment scheme,a theoretical model of file delivery time over complex deep-space networks is built.A network evaluation with the method proposed in this paper proves that UNICONCDSN satisfies the requirements for the 2020 Mars exploration mission Curiosity.Moreover,simulation results from a universal space communication network testbed(USCNT)designed by us show that the LTP deployment scheme is suitable for UNICON-CDSN.
基金Supported by the National Natural Science Foundation of China (60473027)
文摘IEEE 802.16e, as an amendment and corrigendum to the IEEE 802.16-2004, published on 28 February 2006, and intended to update and expand IEEE 802.16-2004 to allow for mobile subscriber stations. This paper summarizes the key management protocol belonging to security part of the IEEE 802.16e, which includes security negotiation, authorization, key derivation, handshake, and key transportation. While these building blocks are well designed, we point out some unwelcome features for these building blocks. We also give out suggestions to diminish the proposed problems.
基金the National Natural Science Foundation of China(Nos.61562026,61962020)Academic and Technical Leaders of Major Disciplines in Jiangxi Province(No.20172BCB22015)+1 种基金Special Fund Project for Postgraduate Innovation in Jiangxi Province(No.YC2020-B1141)Jiangxi Provincial Natural Science Foundation(No.20224ACB202006).
文摘Fair exchange protocols play a critical role in enabling two distrustful entities to conduct electronic data exchanges in a fair and secure manner.These protocols are widely used in electronic payment systems and electronic contract signing,ensuring the reliability and security of network transactions.In order to address the limitations of current research methods and enhance the analytical capabilities for fair exchange protocols,this paper proposes a formal model for analyzing such protocols.The proposed model begins with a thorough analysis of fair exchange protocols,followed by the formal definition of fairness.This definition accurately captures the inherent requirements of fair exchange protocols.Building upon event logic,the model incorporates the time factor into predicates and introduces knowledge set axioms.This enhancement empowers the improved logic to effectively describe the state and knowledge of protocol participants at different time points,facilitating reasoning about their acquired knowledge.To maximize the intruder’s capabilities,channel errors are translated into the behaviors of the intruder.The participants are further categorized into honest participants and malicious participants,enabling a comprehensive evaluation of the intruder’s potential impact.By employing a typical fair exchange protocol as an illustrative example,this paper demonstrates the detailed steps of utilizing the proposed model for protocol analysis.The entire process of protocol execution under attack scenarios is presented,shedding light on the underlying reasons for the attacks and proposing corresponding countermeasures.The developedmodel enhances the ability to reason about and evaluate the security properties of fair exchange protocols,thereby contributing to the advancement of secure network transactions.
基金The National Natural Science Foundation of China (No. 60503049)
文摘The dynamic characteristics of eplicit control protocol (XCP) were investigated with single bottleneck on the microscopic time-scale. Analysis and simulation results show that the bandwidth utilization of an XCP bottleneck link converges to 1 at exponential rate, persistent congestion cannot occur at the bottleneck link, and throughput of an arbitrary subset of XCP flows at the bottleneck link converges to its fair share in exponential rate. The XCP has high bandwidth utilization and good fairness properties.
基金This research was supported by National Natural Science Foundation of China(Grant Nos.61972048,62072051).
文摘The Internet Control Message Protocol(ICMP)covert tunnel refers to a network attack that encapsulates malicious data in the data part of the ICMP protocol for transmission.Its concealment is stronger and it is not easy to be discovered.Most detection methods are detecting the existence of channels instead of clarifying specific attack intentions.In this paper,we propose an ICMP covert tunnel attack intent detection framework ICMPTend,which includes five steps:data collection,feature dictionary construction,data preprocessing,model construction,and attack intent prediction.ICMPTend can detect a variety of attack intentions,such as shell attacks,sensitive directory access,communication protocol traffic theft,filling tunnel reserved words,and other common network attacks.We extract features from five types of attack intent found in ICMP channels.We build a multi-dimensional dictionary of malicious features,including shell attacks,sensitive directory access,communication protocol traffic theft,filling tunnel reserved words,and other common network attack keywords.For the high-dimensional and independent characteristics of ICMP traffic,we use a support vector machine(SVM)as a multi-class classifier.The experimental results show that the average accuracy of ICMPTend is 92%,training ICMPTend only takes 55 s,and the prediction time is only 2 s,which can effectively identify the attack intention of ICMP.
基金This work was supported by the Serbian Ministry of Science and Education(project TR-32022)by companies Telekom Srbija and Informatika.
文摘Data center networks may comprise tens or hundreds of thousands of nodes,and,naturally,suffer from frequent software and hardware failures as well as link congestions.Packets are routed along the shortest paths with sufficient resources to facilitate efficient network utilization and minimize delays.In such dynamic networks,links frequently fail or get congested,making the recalculation of the shortest paths a computationally intensive problem.Various routing protocols were proposed to overcome this problem by focusing on network utilization rather than speed.Surprisingly,the design of fast shortest-path algorithms for data centers was largely neglected,though they are universal components of routing protocols.Moreover,parallelization techniques were mostly deployed for random network topologies,and not for regular topologies that are often found in data centers.The aim of this paper is to improve scalability and reduce the time required for the shortest-path calculation in data center networks by parallelization on general-purpose hardware.We propose a novel algorithm that parallelizes edge relaxations as a faster and more scalable solution for popular data center topologies.
