Visualization technology for network security situation adopts images to present the massive abstract data regarding network events. It reduces the workload of data analysis and benefits the manager to grasp the overall network status and trend. Secret information in the visual image requires confidentiality protection while transmitting. Comparing with some conventional methods real zed by compl cated encryptions such as DES and AES, we present a novel multilevel protection scheme based on visual cryptography (VC) with the beauty of decryption done only via the human eyes without using more computing devices. Essentially, a region incrementing VC scheme (RIVCS) is proposed in this paper dealing with the encoding of a secret situation image regarding network security. The secret image includes a number of regions, where each region is allocated with a certain secrecy level. Different secrecy levels can be decoded incrementally when different combinations of participants are gained. Firstly, we develop the model called the general AS (GAS) based RIVCS. Secondly, we design the algorithm for allocating secrecy levels. Thirdly, we construct encoding matrices for sharing the s ret pixels. Experiment results show that our method is more suitable to visualization data protection for network security situation with lower cost, higher reliability and
richer application scenarios.
In the visualization system of network security situation, confidential data protections have to face all kinds of security challenge. How to protect these data from being modified or destructed during transmission becomes an essential issue. Conventionally, confidential data can be protected by classical cryptographic methods, in other words, is the enciphering and deciphering of data and information using cipher text. Network data usually contain some confidential information such as the network topology, device configuration and service vulnerability, which is vulnerable to be the potential attackers. Besides, the situation images of network security such as the risks distribution curves, alerts change charts, threat events frequency diagrams contain sensitive information. Meanwhile, different information usually have different secrecy levels such as the devices information in Outreach access area, which is lower significant compared with the that in the DMZ area, while the devices information in the Trusted area is the most sensitive. Similarity, the historical security data is less sensitive than the real-time data. For page limitation, we just name a few. With the development of information system, XOR operation can be easily available in network communication system with low cost. Meanwhile, XOR and OR operations have the same computational complexity, which does not resist the easy-decryption principle of VCS. Therefore, using XOR operation to decode instead of OR operation is promising for network system in the near future.
Publisher : ELSEVIER
By : Hao Huaa, Yuling Liub一, Yongwei Wanga, Dexian Changa, Qiang Leng
File Information: English Language/ 9 Page / size: 1.97 MB
سال : ۱۳۹۶
ناشر : ELSEVIER
کاری از : هائو هوآا، یولینگ لیوب 一، یونگو وانگا، دکسین چانگا، کیانگ لنگ
اطلاعات فایل : زبان انگلیسی / 9 صفحه / حجم : MB 1.97