At present,there is a problem of false positives caused by the too vast mimic scope in mimic transformation technology.Previous studies have focused on the“compensation”method to deal with this problem,which is expe...At present,there is a problem of false positives caused by the too vast mimic scope in mimic transformation technology.Previous studies have focused on the“compensation”method to deal with this problem,which is expensive and cannot fundamentally solve it.This paper provides new insights into coping with the situation.Firstly,this study summarizes the false-positive problem in the mimic transformation,analyzes its possible harm and the root causes.Secondly,three properties about the mimic scope are proposed.Based on the three properties and security quantification technology,the best mimic component set theory is put forward to solve the false-positive problem.There are two algorithms,the supplemental method and the subtraction method.The best mimic component set obtained by these two algorithms can fundamentally solve the mimic system’s false-positive problem but reduce the cost of mimic transformation.Thus make up for the lack of previous researches.展开更多
In a recent paper, Hu et al. defined the complete weight distributions of quantum codes and proved the Mac Williams identities, and as applications they showed how such weight distributions may be used to obtain the s...In a recent paper, Hu et al. defined the complete weight distributions of quantum codes and proved the Mac Williams identities, and as applications they showed how such weight distributions may be used to obtain the singleton-type and hamming-type bounds for asymmetric quantum codes. In this paper we extend their study much further and obtain several new results concerning the complete weight distributions of quantum codes and applications. In particular, we provide a new proof of the Mac Williams identities of the complete weight distributions of quantum codes. We obtain new information about the weight distributions of quantum MDS codes and the double weight distribution of asymmetric quantum MDS codes. We get new identities involving the complete weight distributions of two different quantum codes. We estimate the complete weight distributions of quantum codes under special conditions and show that quantum BCH codes by the Hermitian construction from primitive, narrow-sense BCH codes satisfy these conditions and hence these estimate applies.展开更多
As an active defenses technique,multivariant execution(MVX)can detect attacks by monitoring the consistency of heterogeneous variants with parallel execution.Compared with patch-style passive defense,MVX can defend ag...As an active defenses technique,multivariant execution(MVX)can detect attacks by monitoring the consistency of heterogeneous variants with parallel execution.Compared with patch-style passive defense,MVX can defend against known and even unknown vulnerability-based attacks without relying on attack feature information.However,variants generated with software diversity technologies will introduce new vulnerabilities when they execute in parallel.First,we analyze the security of MVX theory from the perspective of formal description.Then we summarize the general forms and techniques for attacks against MVX,and analyze the new vulnerabilities arising from the combination of variant generation technologies.We propose SecMVX,a secure MVX architecture and variant generation technology.Experimental evaluations based on CVEs and SPEC 2006 benchmark show that SecMVX introduces 11.29%of the average time overhead,and avoids vulnerabilities caused by the improper combination of variant generation technologies while keeping the defensive ability of MVX.展开更多
In order to provide a practicable solution to data confidentiality in cloud storage service,a data assured deletion scheme,which achieves the fine grained access control,hopping and sniffing attacks resistance,data dy...In order to provide a practicable solution to data confidentiality in cloud storage service,a data assured deletion scheme,which achieves the fine grained access control,hopping and sniffing attacks resistance,data dynamics and deduplication,is proposed.In our scheme,data blocks are encrypted by a two-level encryption approach,in which the control keys are generated from a key derivation tree,encrypted by an All-OrNothing algorithm and then distributed into DHT network after being partitioned by secret sharing.This guarantees that only authorized users can recover the control keys and then decrypt the outsourced data in an ownerspecified data lifetime.Besides confidentiality,data dynamics and deduplication are also achieved separately by adjustment of key derivation tree and convergent encryption.The analysis and experimental results show that our scheme can satisfy its security goal and perform the assured deletion with low cost.展开更多
The theory of quantum error correcting codes is a primary tool for fighting decoherence and other quantum noise in quantum communication and quantum computation. Recently, the theory of quantum error correcting codes ...The theory of quantum error correcting codes is a primary tool for fighting decoherence and other quantum noise in quantum communication and quantum computation. Recently, the theory of quantum error correcting codes has developed rapidly and been extended to protect quantum information over asymmetric quantum channels, in which phase-shift and qubit-flip errors occur with different probabilities. In this paper, we generalize the construction of symmetric quantum codes via graphs (or matrices) to the asymmetric case, converting the construction of asymmetric quantum codes to finding matrices with some special properties. We also propose some asymmetric quantum Maximal Distance Separable (MDS) codes as examples constructed in this way.展开更多
基金This work was supported by National Key Research and Development Program of China(Grant No.2018YF0804001).
文摘At present,there is a problem of false positives caused by the too vast mimic scope in mimic transformation technology.Previous studies have focused on the“compensation”method to deal with this problem,which is expensive and cannot fundamentally solve it.This paper provides new insights into coping with the situation.Firstly,this study summarizes the false-positive problem in the mimic transformation,analyzes its possible harm and the root causes.Secondly,three properties about the mimic scope are proposed.Based on the three properties and security quantification technology,the best mimic component set theory is put forward to solve the false-positive problem.There are two algorithms,the supplemental method and the subtraction method.The best mimic component set obtained by these two algorithms can fundamentally solve the mimic system’s false-positive problem but reduce the cost of mimic transformation.Thus make up for the lack of previous researches.
基金the National Natural Science Foundation of China (Grant Nos. 61972413, 61901525, and 62002385)the National Key R&D Program of China (Grant No. 2021YFB3100100)RGC under Grant No. N HKUST619/17 from Hong Kong, China。
文摘In a recent paper, Hu et al. defined the complete weight distributions of quantum codes and proved the Mac Williams identities, and as applications they showed how such weight distributions may be used to obtain the singleton-type and hamming-type bounds for asymmetric quantum codes. In this paper we extend their study much further and obtain several new results concerning the complete weight distributions of quantum codes and applications. In particular, we provide a new proof of the Mac Williams identities of the complete weight distributions of quantum codes. We obtain new information about the weight distributions of quantum MDS codes and the double weight distribution of asymmetric quantum MDS codes. We get new identities involving the complete weight distributions of two different quantum codes. We estimate the complete weight distributions of quantum codes under special conditions and show that quantum BCH codes by the Hermitian construction from primitive, narrow-sense BCH codes satisfy these conditions and hence these estimate applies.
基金National Key Research and Development Program of China(Grant No.2018YF0804003)the National Key Research and Development Program of China under Grant No.2017YFB0803204.
文摘As an active defenses technique,multivariant execution(MVX)can detect attacks by monitoring the consistency of heterogeneous variants with parallel execution.Compared with patch-style passive defense,MVX can defend against known and even unknown vulnerability-based attacks without relying on attack feature information.However,variants generated with software diversity technologies will introduce new vulnerabilities when they execute in parallel.First,we analyze the security of MVX theory from the perspective of formal description.Then we summarize the general forms and techniques for attacks against MVX,and analyze the new vulnerabilities arising from the combination of variant generation technologies.We propose SecMVX,a secure MVX architecture and variant generation technology.Experimental evaluations based on CVEs and SPEC 2006 benchmark show that SecMVX introduces 11.29%of the average time overhead,and avoids vulnerabilities caused by the improper combination of variant generation technologies while keeping the defensive ability of MVX.
基金supported by the National Key Basic Research Program of China(973 program) under Grant No.2012CB315901
文摘In order to provide a practicable solution to data confidentiality in cloud storage service,a data assured deletion scheme,which achieves the fine grained access control,hopping and sniffing attacks resistance,data dynamics and deduplication,is proposed.In our scheme,data blocks are encrypted by a two-level encryption approach,in which the control keys are generated from a key derivation tree,encrypted by an All-OrNothing algorithm and then distributed into DHT network after being partitioned by secret sharing.This guarantees that only authorized users can recover the control keys and then decrypt the outsourced data in an ownerspecified data lifetime.Besides confidentiality,data dynamics and deduplication are also achieved separately by adjustment of key derivation tree and convergent encryption.The analysis and experimental results show that our scheme can satisfy its security goal and perform the assured deletion with low cost.
基金supported by the National High Technology Research and Development Program of China under Grant No. 2011AA010803
文摘The theory of quantum error correcting codes is a primary tool for fighting decoherence and other quantum noise in quantum communication and quantum computation. Recently, the theory of quantum error correcting codes has developed rapidly and been extended to protect quantum information over asymmetric quantum channels, in which phase-shift and qubit-flip errors occur with different probabilities. In this paper, we generalize the construction of symmetric quantum codes via graphs (or matrices) to the asymmetric case, converting the construction of asymmetric quantum codes to finding matrices with some special properties. We also propose some asymmetric quantum Maximal Distance Separable (MDS) codes as examples constructed in this way.
