Current Issue

• 2015, No. 08　Published:25 August 2015 Last issue    Next issue
  Columns in this issue: 论文

• 论文

  An SHA-1/SHA-256/SM3 IP multiplexing circuit
  with small area and high performance

  ZHENG Zhaoxia，TIAN Yuan,WEI Ran,GAO Jun

  2015, 37(08): 1417-1422. doi:

  Abstract ( 186 )   PDF (679KB) ( 371 )   　　

  Abstract:The rapid development of Hash algorithm leads to two problems: one is the replacement of the old algorithms with the new ones when the products are upgraded, and the other is how to choose from different algorithms according to the security of the application environments. To solve the problems mentioned above, we design an SHA-1/SHA-256/SM3 IP multiplexing circuit, which makes use of the  loop unfolding technique and adds pipelines to each circuit. The circuit not only supports a variety of hash algorithms, but also features small area and high performance. The design is first implemented on a Xilinx Virtex-6 FPGA. It requires 776 slices and achieves a maximum throughput of 0.964Gbps. Then we also implement every circuit using the SMIC 0.13μm CMOS technology. The area of the circuit is 30.6k gates, which is reduced by 41.7% than that of the three circuits combined. Besides, the operating frequency of the circuit is 177.62 MHz, and the maximum throughput reaches 1.34Gbps.

  Reconfiguration approaches for faulttolerant
  torus-connected processor arrays  

  ZHU Longting1，WU Jigang1，JIANG Guiyuan2，WANG Chao1

  2015, 37(08): 1423-1429. doi:

  Abstract ( 137 )   PDF (798KB) ( 249 )   　　

  High-efficient fault-tolerant techniques are essential for improving the reliability of multiprocessor systems. It is well known that torus is an important interconnection network for multiprocessor arrays, but no work has been reported on the faulty tolerance of torus-connected processor arrays. In our work, reconfiguring a torus-connected processor array is modeled to be a maximum independent set problem. The nodes on the contradiction graph represent alternatives of the fault processing elements (PEs), and the edge denotes that different alternatives cannot coexist. Three different distributions of redundant PEs are discussed, and three algorithms are proposed to construct contradiction graphs, solve maximum independent set, and generate logic arrays based on the produced maximum independent set. Simulation results show that, the cross distribution and one-row-one-column distribution perform well in reconfiguration for smaller arrays and smaller fault densities. In addition, the reconfiguration ability of the three proposed distribution patterns decreases as the fault density and array size increase, thus other spare distribution patterns should be investigated, or more spare PEs should be integrated. Moreover, torus arrays outperform mesh arrays in terms of fault-tolerance performance.

  A greedy diagnosis algorithm for PMC model 

  XUAN Hengnong1,ZHANG Runchi1,HE Tao2,LIU Lingbo1

  2015, 37(08): 1430-1435. doi:

  Abstract ( 163 )   PDF (601KB) ( 342 )   　　

  We propose a greedy diagnosis algorithm based on the matrix operations called Matrix based Greedy Fault Diagnosis ( MGFD) algorithm under the PMC model. With the "absolute fault base" concept put forward by the authors in paper ［11］, we remove the absolute fault units to obtain a matrix of reduced dimensions and then get the groups accordingly. On the base of the four existing greedy diagnostic algorithms proposed by paper［10］, we define the concepts of inner greed factors, outer greed factors, comprehensive greed factors of each group, and we also design some new greedy criteria. We demonstrate the correctness of the MGFD algorithm, and design several simulation experiments for the algorithm. Experimental results show that the MGFD algorithm has a higher diagnostic accuracy in comparison with the existing greedy diagnostic algorithm proposed by paper ［10］. 

  A general language for decision information
  requirement description on mining big data 

  JIN Xin,ZONG Shiqiang,YAN Jingjing,WANG Heng,LI Youjiang

  2015, 37(08): 1436-1443. doi:

  Abstract ( 133 )   PDF (953KB) ( 362 )   　　

  Important decision making requires allsource data support. However, in the age of big data, collecting decision information becomes even more difficult due to data variety and heterogeneity. To get precise search results, users spend much time on information requirement expression, which causes low efficiency. We design a general language for information requirement description, along with its translation methods for common resources such as databases, publishsubscribe systems and search engines. Thus allsource heterogeneous information can be collected by one request in a unified format. Test results demonstrate that its ability to express requirement semantics can solve the crossarea heterogeneity problem of big data with the aid of ontology techniques, and therefore improves the precision and comprehension of information collection.

  Design and implementation of a new user
  recommendation algorithm based on Mahout  

  GAO Xianwei,SHI Zhibin

  2015, 37(08): 1444-1449. doi:

  Abstract ( 220 )   PDF (747KB) ( 87309 )   　　

  Recommendation for new users in big data era is difficult and the efficiency is very low due to the lack of historical data. In order to solve these problems, we propose a new user recommendation algorithm, which combines the collaborative filtering algorithm based on the Mahout and the Top N algorithm based on the MapReduce. We build a new user recommendation system architecture, design and implement the Hadoop Top N algorithm and the collaborative filtering algorithm in the Mahout. Theoretical analysis and experimental results show that the proposed recommendation algorithm for big data processing has better recommended efficiency, scalability and quality than  the collaborative filtering algorithm.

  A bisecting K-means clustering parallel
  recommendation algorithm based on full binary tree 

  CHEN Pinghua,CHEN Chuanyu

  2015, 37(08): 1450-1457. doi:

  Abstract ( 222 )   PDF (735KB) ( 377 )   　　

  K-means clustering algorithms can effectively reduce dimensions when they are applied to recommendation systems. However, the clustering effect is often dependent on the initial centers. And once the target cluster is selected, the recommendation process is executed only according to the target cluster and has nothing to do with other clusters. To solve these problems, we present a bisecting Kmeans clustering parallel recommendation algorithm based on full binary tree. Firstly, the bisecting K-means clustering algorithm is iterated, and during the iterative process the cluster cohesion level serves as the split threshold to form a full binary tree. Then the active users are classified into k leaf nodes (clusters) using the method of level traversal. Lastly, via the MapReduce framework, the process of recommendation prediction can be parallelized onto the k clusters. Experimental results on the MovieLens show that the proposed algorithm can not only greatly improve the accuracy of the recommendation results but also enhance the system scalability.Key words:  

  Research on an APT attack-oriented detection
  model with association analysis  

  LI Jie,LOU Fang,JIN Yuquan,DONG Zhixin

  2015, 37(08): 1458-1464. doi:

  Abstract ( 227 )   PDF (727KB) ( 333 )   　　

  As Flame, Duqu, Stuxnet and other virus attacks have been reported in these years, the whole society has laid more emphasis on APT attacks. Compared with traditional attacks, APT attacks are more targeted, persistent, hidden and complex; they are also destructive and can cause serious consequences. However, because APT attacks can happen in lots of ways and are deeply hidden, and traditional detections, including firewall, antivirus, IDS and so on, can hardly discover APT attacks, or the attack goals have been reached long before the detection. To solve theses problems, we design an APT attack detection model based on the research of the features of APT attacks. Besides, with proper time threshold, we conduct association analysis of the attacks detected by various detection methods, and the attack paths can be matched with the attack detection model. Based on the matching degree of the intrusion paths, we can make a judgment about the existence of APT attacks. And experimental results show that with a relatively complete ATP attack detection model, the detection precision of APT attacks is higher.

  Research on location privacy protection technology
  based on star-graph in road network environment  

  HOU Shijiang1,LIU Guohua2,HOU Ying1

  2015, 37(08): 1465-1471. doi:

  Abstract ( 126 )   PDF (3533KB) ( 309 )   　　

  In recent years, mobile devices and smart phones with GPS and internet access have become extremely common. People obtain information easily via these devices. Although location based services (LBS) are very popular, their usage can also raise severe privacy concerns. For example, revealing users' precise positions may allow an adversary to infer sensitive information. Therefore, the mechanisms for protecting location privacy are mandatory when LBS are used. We propose a general model for privacy-aware mobile services in road networks (StarGraph network model). The protected mode guarantees k-anonymity under the strict reciprocity condition through Hilbert order-based star network expansion and cloaking star choice mechanism. Comprehensive experimental evaluation is conducted to validate the efficiency of the proposed model.

  A novel method of hiding the injected modules

  WU Jian，LIU Xin

  2015, 37(08): 1472-1478. doi:

  Abstract ( 176 )   PDF (846KB) ( 448 )   　　

  In the field of information security,security analysis tools often inject some modules into other process space for monitoring dangerous behaviors, but malwares will scan their own process space and find out the monitor modules to avoid antimonitoring. So security analysis tools should hide the modules that are injected into the target process space. There are many methods for hiding modules, such as disconnecting the LDR_MODULE chain, hooking the function of the enumeration module, erasing the PE header, and so on. But these methods have significant limitations. To make an improvement, we propose a novel method to hide the injected modules. Ordinary module injection is given so they can be neglected by malwares; then the modules are eliminated by themselves, so that malwares cannot detect the presence of the monitoring softwares. Besides, we list out solutions to some typical specific technical problems in practice. Experimental results show that the proposed method has good capability to break through the defense system, it is compatible with various versions of Windows operating systems, and its concealment is better than the traditional methods.

  A trusted connection establishment method
  based on enhanced RSVP-TE   

  LIANG Hongquan，WU Wei

  2015, 37(08): 1479-1485. doi:

  Abstract ( 143 )   PDF (1039KB) ( 239 )   　　

  Trusted connection establishment methods are critical for trusted networks. Based on enhanced RSVP-TE trusted connection control protocol, combined with trusted evaluation, CPK-based protocol security authentication and trusted routing, we propose a trusted connection establishment method which guarantees trusted evaluation, bandwidth and priority, and in turn  information transmission services with high security are provided during data transmission in the network. Simulation results show that the proposed method can reflect the changes in node status, find out the malicious attacks effectively and sensitively, and guarantee the security and credibility of network connection with dynamic response capability and anti-attack capability.

  Research and design of copyright protection
  of digital products based on DCI          

  WU Jieming,WANG Shuai

  2015, 37(08): 1486-1491. doi:

  Abstract ( 148 )   PDF (704KB) ( 222 )   　　

  With the development of internet, copyright protection of digital products is facing a historic challenge, the solution to which plays a crucial role in the development of copyright industry. To effectively protect the product copyright in digital network environment, we design a digital product copyright protection scheme. Every digital product gets a Digital Copyright Identifier (DCI) on the digital product copyright register platform, which can identify their copyright. Extracting DCI codes from the products by a specific watermark detection algorithm can get the copyright of the digital producst, which helps verify the copyright authenticity of the products and lay a foundation for detection, tracking, forensics, and preserving digital products’ copyright.

  A routing protocol based on uneven clustering and
  path optimization in wireless sensor networks

  LIU Guofan1,XU Duo2

  2015, 37(08): 1492-1497. doi:

  Abstract ( 123 )   PDF (885KB) ( 246 )   　　

  Due to the limited energy of sensor nodes in wireless sensor networks, how to use energy efficiently has become a hot topic. The random selection of the LEACH’s cluster heads leads to unreasonable cluster composition, accelerates the death of cluster heads, and the communication between cluster heads and the base station causes huge energy consumption. To solve the problems listed above, in this paper we put forward a routing protocol with higher energy efficiency, in which the area is divided based on the number of the best cluster heads. The cluster heads are selected with comprehensive consideration of the energy consumption within cluster heads and the rest energy of the nodes, and the energy is transmitted by multihops. Simulation results show that the improved protocol can reduce the energy consumption of the whole network dramatically and effectively prolong the network’s lifetime.

  Research on model driven safety verification
  for embedded system designs 

  LIU Xue1,HU Jun1,2,HUANG Zhiqiu1,MA Jinjing1,CHENG Zhen1,SHI Jiaojie1

  2015, 37(08): 1498-1509. doi:

  Abstract ( 164 )   PDF (8028KB) ( 261 )   　　

  In recent years the model based safety analysis and verification method for embedded systems is an important research hotspot in the field of safety critical systems engineering. We put forward a system safety verification method based on the model driven architecture, which is SysML/MARTE state machine oriented, including the construction of both the state machine metamodel which has SysML/MARTE extension semantics, and the GTS metamodel which is the semantic model of AltaRica (ie.safety modeling and analysis language). We then establish semantic mapping model transformation rules from a SysML/MARTE state machine model to the timed automata model and to the AltaRica model respectively. Thirdly, based on the platform of the AMMA and the timed automata verification tools UPPAAL we design and realize the model transformation of the SysML/MARTE state machine and the framework for system safety formal verification. Finally a safety verification example about aircraft landing control system design model is analyzed.

  Research on rule editing and code generation for
  the high-level decision system of unmanned vehicles  

  LAN Yun1,LIU Wanwei1,DONG Wei1,LIU Binbin1,FU Chen2,LIU Daxue3

  2015, 37(08): 1510-1516. doi:

  Abstract ( 168 )   PDF (1153KB) ( 339 )   　　

  High-level decision systems are the central module of unmanned vehicles. Due to the extremely large amount of states and signals, the development process of the intelligence decision system is very complex, and maintaining such a system will encounter great difficulties. To overcome these problems, we design and implement a rule editing and code generation tool, called UNMANNED_RULE_EDIT.  It features GUIbased editing and automatic code generation and can help developers to generate controlling codes via editing a series of statetransition rules rather than writing codes, thus great succinctness and intuitiveness can be yielded. The paper mainly focuses on the discussion of the rule language and the code generation algorithm. As a preliminary application, this tool has been used in an unmanned vehicle system in China and facilitated the development of its decision system.

  A system dependability modeling method
  using  AADL and IMC  

  CHENG Yihan,HUANG Zhiqiu,KAN Shuanglong

  2015, 37(08): 1517-1524. doi:

  Abstract ( 134 )   PDF (4315KB) ( 285 )   　　

  As embedded software is widely used in safety-critical areas, its scale, complexity and performance demand increase，so system reliability becomes increasingly important. Architecture analysis and design language (AADL) is an important way for architecture modeling, analysis, and verification in the field of embedded systems and it has gradually become the industry standard. Because AADL is not a full formal model, accurate description of its semantics is required to do quantitative analysis. In this paper we propose an AADLbased software system reliability modeling and evaluation framework. We generate an AADL dependability model based on the AADL model and the AADL error model. The basic elements and the special elements (e.g. error propagation) of the AADL dependability model are transformed into the interactive Markov chains (IMC) model by applying model transformation rules and the resulting IMC quantitative analysis is conducted. The modeling approach is applied to a subsystem of the French Air Traffic Control System, and its feasibility and effectiveness are proved.

  Application of the GO methodology in reliability
  analysis of software architecture  

  HE Huilin

  2015, 37(08): 1525-1532. doi:

  Abstract ( 188 )   PDF (7714KB) ( 239 )   　　

  The GO methodology is a method of system reliability analysis, which is applied in the reliability analysis of software architecture. Based on the characteristics of software architecture and the relationship among components, we build GO models with six basic structures, and conduct quantitative GO operations. We demonstrate the whole process of reliability analysis of software architecture using the GO methodology through an example. The practice indicates that the reliability of software architecture can be calculated through quantitative GO operations. The importance of components and connectors can be evaluated via qualitative GO analysis, which has a certain guiding significance for the design and development of the system.

  Multi-area economic dispatch of power system
  based on artificial bee colony optimization  

  ZHENG Xiaojing

  2015, 37(08): 1533-1539. doi:

  Abstract ( 159 )   PDF (610KB) ( 351 )   　　

  Aiming at the problems of multiarea economic dispatch( MAED ) of the power system, such as tie line transmission losses ,multiple fuels, valvepoint loading and prohibited operating zones, we design a mathematical model in which  the requirement of the minimum cost of multiarea power load is taken into account and the artificial bee colony optimization is utilized to quickly search for the global optimal solution. The effectiveness and feasibility of the proposed algorithm have been verified on two different test systems, both small and large, involving varying degrees of complexity. Compared with algorithms including differential evolution, evolutionary programming and real coded genetic algorithm, the proposed algorithm is a promising alternative approach for solving the MAED problems in practical power system. 

  A method for solving semi-physical
  simulation declarative models  

  XIONG Tao,DING Jianwan,CHEN Liping

  2015, 37(08): 1540-1545. doi:

  Abstract ( 134 )   PDF (670KB) ( 265 )   　　

  We propose a new method for solving semi-physical simulation models using a mixed symbolic and numeric approach. In order to meet the real-time requirement of semi-physical simulations, implicit discretization formulae representing the numerical integration algorithm are inserted into the DAEs symbolically at compile stage. Then nonlinear equations will appear in the augmented equation system and all these nonlinear equations should be solved together at each integration step. In order to meet the fine granularity required for solving the models in real-time, tearing algebraic loop is introduced. After that the dimensions of nonlinear equation blocks can be reduced as the time complexity of calculating nonlinear equations increases exponentially with the growth of dimensions. Finally, an example is given to show that the proposed method is not only easy to implement but also efficient.

  Non-local means denoising based on wavelet threshold 

  LI Jialang,LI Huajun,XU Qing

  2015, 37(08): 1546-1550. doi:

  Abstract ( 178 )   PDF (432KB) ( 292 )   　　

  The non-local means denoising algorithm can use the globe information of the picture, therefore it has better denoising effect than other traditional algorithms. However, since its time complexity is high, we put forth a new non-local means denoising algorithm based on wavelet threshold filter, which use much less data than the traditional non-local means.  Experimental results show that compared to the traditional non-local means, the denoising effect of our algorithm is basically the same, but the running speed is faster.

  An image matching algorithm
  based on binary feature descriptor  

  JIANG Feng1，ZHOU Lili2，LI Cong1

  2015, 37(08): 1551-1557. doi:

  Abstract ( 136 )   PDF (1237KB) ( 304 )   　　

  A large number of vision applications rely on matching keypoints across images. To overcome the shortcomings of the Features from Accelerated Segment Test (FAST ) and the Binary Robust Independent Elementary Features (BRIEF ), we propose an improved image matching algorithm. Firstly, simple mask is applied in the FAST algorithm to extract image keypoints, and scale invariance is achieved by the image pyramid. The sampling pattern in the BRIEF is modified according to the principles of the human visual system, and the keypoints with rotation invariance are achieved by the orientation estimation. Furthermore, the keypoints descriptor similarities are evaluated by using the Hamming distance, which is very efficient to compute. Experimental results show that the proposed algorithm is not only faster to compute and also more robust than other algorithms.