Privacy protection is the key to maintaining the Internet of Things(IoT)communication strategy.Steganography is an important way to achieve covert communication that protects user data privacy.Steganalysis technology ...Privacy protection is the key to maintaining the Internet of Things(IoT)communication strategy.Steganography is an important way to achieve covert communication that protects user data privacy.Steganalysis technology is the key to checking steganography security,and its ultimate goal is to extract embedded messages.Existing methods cannot extract under known cover images.To this end,this paper proposes a method of extracting embedded messages under known cover images.First,the syndrome-trellis encoding process is analyzed.Second,a decoding path in the syndrome trellis is obtained by using the stego sequence and a certain parity-check matrix,while the embedding process is simulated using the cover sequence and parity-check matrix.Since the decoding path obtained by the stego sequence and the correct parity-check matrix is optimal and has the least distortion,comparing the path consistency can quickly filter the coding parameters to determine the correct matrices,and embedded messages can be extracted correctly.The proposed method does not need to embed all possible messages for the second time,improving coding parameter recognition significantly.The experimental results show that the proposed method can identify syndrome-trellis coding parameters in stego images embedded by adaptive steganography quickly to realize embedded message extraction.展开更多
Existing IP geolocation algorithms based on delay similarity often rely on the principle that geographically adjacent IPs have similar delays.However,this principle is often invalid in real Internet environment,which ...Existing IP geolocation algorithms based on delay similarity often rely on the principle that geographically adjacent IPs have similar delays.However,this principle is often invalid in real Internet environment,which leads to unreliable geolocation results.To improve the accuracy and reliability of locating IP in real Internet,a street-level IP geolocation algorithm based on landmarks clustering is proposed.Firstly,we use the probes to measure the known landmarks to obtain their delay vectors,and cluster landmarks using them.Secondly,the landmarks are clustered again by their latitude and longitude,and the intersection of these two clustering results is taken to form training sets.Thirdly,we train multiple neural networks to get the mapping relationship between delay and location in each training set.Finally,we determine one of the neural networks for the target by the delay similarity and relative hop counts,and then geolocate the target by this network.As it brings together the delay and geographical coordinates clustering,the proposed algorithm largely improves the inconsistency between them and enhances the mapping relationship between them.We evaluate the algorithm by a series of experiments in Hong Kong,Shanghai,Zhengzhou and New York.The experimental results show that the proposed algorithm achieves street-level IP geolocation,and comparing with existing typical streetlevel geolocation algorithms,the proposed algorithm improves the geolocation reliability significantly.展开更多
A round function based on chaos is designed combining Feistel structure’s pseudo-randomness, chaotic system’s parameter sensitivity and image data characteristics. The round function composes of two parts--data tran...A round function based on chaos is designed combining Feistel structure’s pseudo-randomness, chaotic system’s parameter sensitivity and image data characteristics. The round function composes of two parts--data transformation based on Feistel(abbreviated as FST) and sampling output based on chaos(abbreviated as SMP). FST bases on Feistel structure and several efficient operations including bitwise xor, permutation and circulating shift. SMP is a chaos based pseudo-random sampling algorithm. It is from theoretical analysis that the round function is a pseudo-random function. The upper bounds of the average maximum differential probability and average maximum linear probability are p^2 and q^2 respectively. Finally, the good pseudo-randomness of the round function is examined with the NIST random test. The design of this round function provides an important cryptographic component for the design of chaotic image encryption algorithm.展开更多
This study proposes a color image steganalysis algorithm that extracts highdimensional rich model features from the residuals of channel differences.First,the advantages of features extracted from channel differences ...This study proposes a color image steganalysis algorithm that extracts highdimensional rich model features from the residuals of channel differences.First,the advantages of features extracted from channel differences are analyzed,and it shown that features extracted in this manner should be able to detect color stego images more effectively.A steganalysis feature extraction method based on channel differences is then proposed,and used to improve two types of typical color image steganalysis features.The improved features are combined with existing color image steganalysis features,and the ensemble classifiers are trained to detect color stego images.The experimental results indicate that,for WOW and S-UNIWARD steganography,the improved features clearly decreased the average test errors of the existing features,and the average test errors of the proposed algorithm is smaller than those of the existing color image steganalysis algorithms.Specifically,when the payload is smaller than 0.2 bpc,the average test error decreases achieve 4%and 3%.展开更多
When dealing with the large-scale program,many automatic vulnerability mining techniques encounter such problems as path explosion,state explosion,and low efficiency.Decomposition of large-scale programs based on safe...When dealing with the large-scale program,many automatic vulnerability mining techniques encounter such problems as path explosion,state explosion,and low efficiency.Decomposition of large-scale programs based on safety-sensitive functions helps solve the above problems.And manual identification of security-sensitive functions is a tedious task,especially for the large-scale program.This study proposes a method to mine security-sensitive functions the arguments of which need to be checked before they are called.Two argument-checking identification algorithms are proposed based on the analysis of two implementations of argument checking.Based on these algorithms,security-sensitive functions are detected based on the ratio of invocation instances the arguments of which have been protected to the total number of instances.The results of experiments on three well-known open-source projects show that the proposed method can outperform competing methods in the literature.展开更多
Due to the characteristics of chaotic systems,different cryptosystems based on chaos have been proposed to satisfy the security of multimedia data.A plain image-related chaotic algorithm is proposed by Luo et al.with ...Due to the characteristics of chaotic systems,different cryptosystems based on chaos have been proposed to satisfy the security of multimedia data.A plain image-related chaotic algorithm is proposed by Luo et al.with high speed and efficiency.Security weaknesses of the cryptosystem are studied in this paper.It is found that the important secret key information is leaked because an important parameter can be obtained after an inverse operation in the last step of the cryptosystems without secret key.Meanwhile,the value zero is processed improperly in quantification algorithm.Based on the weaknesses,chosen plaintext attack on the cryptosystem is proposed,by which,an important parameter,equivalent to secret key,can be calculated with a specific chosen plain image.With the obtained parameter,the plain image of any ciphered image,encrypted by the cryptosystem,can be recovered.Then,an improvement is proposed to solve the problems after modifying the quantification algorithm.It is from the experiments that chosen plaintext attack is valid and improved algorithm possesses better performance.展开更多
The training images with obviously different contents to the detected images will make the steganalysis model perform poorly in deep steganalysis.The existing methods try to reduce this effect by discarding some featu...The training images with obviously different contents to the detected images will make the steganalysis model perform poorly in deep steganalysis.The existing methods try to reduce this effect by discarding some features related to image contents.Inevitably,this should lose much helpful information and cause low detection accuracy.This paper proposes an image steganalysis method based on deep content features clustering to solve this problem.Firstly,the wavelet transform is used to remove the high-frequency noise of the image,and the deep convolutional neural network is used to extract the content features of the low-frequency information of the image.Then,the extracted features are clustered to obtain the corresponding class labels to achieve sample pre-classification.Finally,the steganalysis network is trained separately using samples in each subclass to achieve more reliable steganalysis.We experimented on publicly available combined datasets of Bossbase1.01,Bows2,and ALASKA#2 with a quality factor of 75.The accuracy of our proposed pre-classification scheme can improve the detection accuracy by 4.84%for Joint Photographic Experts Group UNIversal WAvelet Relative Distortion(J-UNIWARD)at the payload of 0.4 bits per non-zero alternating current discrete cosine transform coefficient(bpnzAC).Furthermore,at the payload of 0.2 bpnzAC,the improvement effect is minimal but also reaches 1.39%.Compared with the previous steganalysis based on deep learning,this method considers the differences between the training contents.It selects the proper detector for the image to be detected.Experimental results show that the pre-classification scheme can effectively obtain image subclasses with certain similarities and better ensure the consistency of training and testing images.The above measures reduce the impact of sample content inconsistency on the steganalysis network and improve the accuracy of steganalysis.展开更多
IP geolocation is essential for the territorial analysis of sensitive network entities,location-based services(LBS)and network fraud detection.It has important theoretical significance and application value.Measuremen...IP geolocation is essential for the territorial analysis of sensitive network entities,location-based services(LBS)and network fraud detection.It has important theoretical significance and application value.Measurement-based IP geolocation is a hot research topic.However,the existing IP geolocation algorithms cannot effectively utilize the distance characteristics of the delay,and the nodes’connection relation,resulting in high geolocation error.It is challenging to obtain the mapping between delay,nodes’connection relation,and geographical location.Based on the idea of network representation learning,we propose a representation learning model for IP nodes(IP2vec for short)and apply it to street-level IP geolocation.IP2vec model vectorizes nodes according to the connection relation and delay between nodes so that the IP vectors can reflect the distance and topological proximity between IP nodes.The steps of the street-level IP geolocation algorithm based on IP2vec model are as follows:Firstly,we measure landmarks and target IP to obtain delay and path information to construct the network topology.Secondly,we use the IP2vec model to obtain the IP vectors from the network topology.Thirdly,we train a neural network to fit the mapping relation between vectors and locations of landmarks.Finally,the vector of target IP is fed into the neural network to obtain the geographical location of target IP.The algorithm can accurately infer geographical locations of target IPs based on delay and topological proximity embedded in the IP vectors.The cross-validation experimental results on 10023 target IPs in New York,Beijing,Hong Kong,and Zhengzhou demonstrate that the proposed algorithm can achieve street-level geolocation.Compared with the existing algorithms such as Hop-Hot,IP-geolocater and SLG,the mean geolocation error of the proposed algorithm is reduced by 33%,39%,and 51%,respectively.展开更多
基金upported by the National Natural Science Foundation of China(No.U1804263,61772549,62172435)the Zhongyuan Science and Technology Innovation Leading Talent Project(No.214200510019)Thanks to the recommendation of SPDE2020,which gives us the opportunity to publish an expanded and full version of this paper.
文摘Privacy protection is the key to maintaining the Internet of Things(IoT)communication strategy.Steganography is an important way to achieve covert communication that protects user data privacy.Steganalysis technology is the key to checking steganography security,and its ultimate goal is to extract embedded messages.Existing methods cannot extract under known cover images.To this end,this paper proposes a method of extracting embedded messages under known cover images.First,the syndrome-trellis encoding process is analyzed.Second,a decoding path in the syndrome trellis is obtained by using the stego sequence and a certain parity-check matrix,while the embedding process is simulated using the cover sequence and parity-check matrix.Since the decoding path obtained by the stego sequence and the correct parity-check matrix is optimal and has the least distortion,comparing the path consistency can quickly filter the coding parameters to determine the correct matrices,and embedded messages can be extracted correctly.The proposed method does not need to embed all possible messages for the second time,improving coding parameter recognition significantly.The experimental results show that the proposed method can identify syndrome-trellis coding parameters in stego images embedded by adaptive steganography quickly to realize embedded message extraction.
基金the National Key R&D Program of China 2016YFB0801303(F.L.received the grant,the sponsors’website is https://service.most.gov.cn/)by the National Key R&D Program of China 2016QY01W0105(X.L.received the grant,the sponsors’website is https://service.most.gov.cn/)+5 种基金by the National Natural Science Foundation of China U1636219(X.L.received the grant,the sponsors’website is http://www.nsfc.gov.cn/)by the National Natural Science Foundation of China 61602508(J.L.received the grant,the sponsors’website is http://www.nsfc.gov.cn/)by the National Natural Science Foundation of China 61772549(F.L.received the grant,the sponsors’website is http://www.nsfc.gov.cn/)by the National Natural Science Foundation of China U1736214(F.L.received the grant,the sponsors’website is http://www.nsfc.gov.cn/)by the National Natural Science Foundation of China U1804263(X.L.received the grant,the sponsors’website is http://www.nsfc.gov.cn/)by the Science and Technology Innovation Talent Project of Henan Province 184200510018(X.L.received the grant,the sponsors’website is http://www.hnkjt.gov.cn/).
文摘Existing IP geolocation algorithms based on delay similarity often rely on the principle that geographically adjacent IPs have similar delays.However,this principle is often invalid in real Internet environment,which leads to unreliable geolocation results.To improve the accuracy and reliability of locating IP in real Internet,a street-level IP geolocation algorithm based on landmarks clustering is proposed.Firstly,we use the probes to measure the known landmarks to obtain their delay vectors,and cluster landmarks using them.Secondly,the landmarks are clustered again by their latitude and longitude,and the intersection of these two clustering results is taken to form training sets.Thirdly,we train multiple neural networks to get the mapping relationship between delay and location in each training set.Finally,we determine one of the neural networks for the target by the delay similarity and relative hop counts,and then geolocate the target by this network.As it brings together the delay and geographical coordinates clustering,the proposed algorithm largely improves the inconsistency between them and enhances the mapping relationship between them.We evaluate the algorithm by a series of experiments in Hong Kong,Shanghai,Zhengzhou and New York.The experimental results show that the proposed algorithm achieves street-level IP geolocation,and comparing with existing typical streetlevel geolocation algorithms,the proposed algorithm improves the geolocation reliability significantly.
基金the National Natural Science Foundation of China (Grant No. 61601517)basic and advanced technology research project of Henan Province, China (Grant No. 2014302703)
文摘A round function based on chaos is designed combining Feistel structure’s pseudo-randomness, chaotic system’s parameter sensitivity and image data characteristics. The round function composes of two parts--data transformation based on Feistel(abbreviated as FST) and sampling output based on chaos(abbreviated as SMP). FST bases on Feistel structure and several efficient operations including bitwise xor, permutation and circulating shift. SMP is a chaos based pseudo-random sampling algorithm. It is from theoretical analysis that the round function is a pseudo-random function. The upper bounds of the average maximum differential probability and average maximum linear probability are p^2 and q^2 respectively. Finally, the good pseudo-randomness of the round function is examined with the NIST random test. The design of this round function provides an important cryptographic component for the design of chaotic image encryption algorithm.
基金This work was supported by the National Natural Science Foundation of China(Nos.61772549,61872448,U1736214,61602508,61601517,U1804263).
文摘This study proposes a color image steganalysis algorithm that extracts highdimensional rich model features from the residuals of channel differences.First,the advantages of features extracted from channel differences are analyzed,and it shown that features extracted in this manner should be able to detect color stego images more effectively.A steganalysis feature extraction method based on channel differences is then proposed,and used to improve two types of typical color image steganalysis features.The improved features are combined with existing color image steganalysis features,and the ensemble classifiers are trained to detect color stego images.The experimental results indicate that,for WOW and S-UNIWARD steganography,the improved features clearly decreased the average test errors of the existing features,and the average test errors of the proposed algorithm is smaller than those of the existing color image steganalysis algorithms.Specifically,when the payload is smaller than 0.2 bpc,the average test error decreases achieve 4%and 3%.
基金This study was supported in part by the National Natural Science Foundation of China(Nos.61401512,61602508,61772549,U1636219 and U1736214)the National Key R&D Program of China(No.2016YFB0801303 and 2016QY01W0105)+1 种基金the Key Technologies R&D Program of Henan Province(No.162102210032)and the Key Science and Technology Research Project of Henan Province(No.152102210005).
文摘When dealing with the large-scale program,many automatic vulnerability mining techniques encounter such problems as path explosion,state explosion,and low efficiency.Decomposition of large-scale programs based on safety-sensitive functions helps solve the above problems.And manual identification of security-sensitive functions is a tedious task,especially for the large-scale program.This study proposes a method to mine security-sensitive functions the arguments of which need to be checked before they are called.Two argument-checking identification algorithms are proposed based on the analysis of two implementations of argument checking.Based on these algorithms,security-sensitive functions are detected based on the ratio of invocation instances the arguments of which have been protected to the total number of instances.The results of experiments on three well-known open-source projects show that the proposed method can outperform competing methods in the literature.
基金this paper was partially supported by the National Natural Science Foundation of China(Grant No.61601517)basic and advanced technology research project of Henan Province,China(Grant No.2014302703).
文摘Due to the characteristics of chaotic systems,different cryptosystems based on chaos have been proposed to satisfy the security of multimedia data.A plain image-related chaotic algorithm is proposed by Luo et al.with high speed and efficiency.Security weaknesses of the cryptosystem are studied in this paper.It is found that the important secret key information is leaked because an important parameter can be obtained after an inverse operation in the last step of the cryptosystems without secret key.Meanwhile,the value zero is processed improperly in quantification algorithm.Based on the weaknesses,chosen plaintext attack on the cryptosystem is proposed,by which,an important parameter,equivalent to secret key,can be calculated with a specific chosen plain image.With the obtained parameter,the plain image of any ciphered image,encrypted by the cryptosystem,can be recovered.Then,an improvement is proposed to solve the problems after modifying the quantification algorithm.It is from the experiments that chosen plaintext attack is valid and improved algorithm possesses better performance.
基金supported by the National Natural Science Foundation of China(Nos.61872448,62172435,62072057)the Science and Technology Research Project of Henan Province in China(No.222102210075).
文摘The training images with obviously different contents to the detected images will make the steganalysis model perform poorly in deep steganalysis.The existing methods try to reduce this effect by discarding some features related to image contents.Inevitably,this should lose much helpful information and cause low detection accuracy.This paper proposes an image steganalysis method based on deep content features clustering to solve this problem.Firstly,the wavelet transform is used to remove the high-frequency noise of the image,and the deep convolutional neural network is used to extract the content features of the low-frequency information of the image.Then,the extracted features are clustered to obtain the corresponding class labels to achieve sample pre-classification.Finally,the steganalysis network is trained separately using samples in each subclass to achieve more reliable steganalysis.We experimented on publicly available combined datasets of Bossbase1.01,Bows2,and ALASKA#2 with a quality factor of 75.The accuracy of our proposed pre-classification scheme can improve the detection accuracy by 4.84%for Joint Photographic Experts Group UNIversal WAvelet Relative Distortion(J-UNIWARD)at the payload of 0.4 bits per non-zero alternating current discrete cosine transform coefficient(bpnzAC).Furthermore,at the payload of 0.2 bpnzAC,the improvement effect is minimal but also reaches 1.39%.Compared with the previous steganalysis based on deep learning,this method considers the differences between the training contents.It selects the proper detector for the image to be detected.Experimental results show that the pre-classification scheme can effectively obtain image subclasses with certain similarities and better ensure the consistency of training and testing images.The above measures reduce the impact of sample content inconsistency on the steganalysis network and improve the accuracy of steganalysis.
基金the National Natural Science Foundation of China(Grant Nos.U1804263,U1736214,62172435)the Zhongyuan Science and Technology Innovation Leading Talent Project(No.214200510019)。
文摘IP geolocation is essential for the territorial analysis of sensitive network entities,location-based services(LBS)and network fraud detection.It has important theoretical significance and application value.Measurement-based IP geolocation is a hot research topic.However,the existing IP geolocation algorithms cannot effectively utilize the distance characteristics of the delay,and the nodes’connection relation,resulting in high geolocation error.It is challenging to obtain the mapping between delay,nodes’connection relation,and geographical location.Based on the idea of network representation learning,we propose a representation learning model for IP nodes(IP2vec for short)and apply it to street-level IP geolocation.IP2vec model vectorizes nodes according to the connection relation and delay between nodes so that the IP vectors can reflect the distance and topological proximity between IP nodes.The steps of the street-level IP geolocation algorithm based on IP2vec model are as follows:Firstly,we measure landmarks and target IP to obtain delay and path information to construct the network topology.Secondly,we use the IP2vec model to obtain the IP vectors from the network topology.Thirdly,we train a neural network to fit the mapping relation between vectors and locations of landmarks.Finally,the vector of target IP is fed into the neural network to obtain the geographical location of target IP.The algorithm can accurately infer geographical locations of target IPs based on delay and topological proximity embedded in the IP vectors.The cross-validation experimental results on 10023 target IPs in New York,Beijing,Hong Kong,and Zhengzhou demonstrate that the proposed algorithm can achieve street-level geolocation.Compared with the existing algorithms such as Hop-Hot,IP-geolocater and SLG,the mean geolocation error of the proposed algorithm is reduced by 33%,39%,and 51%,respectively.
