Trusted computing and information security

Weili Han

Liehuang Zhu

Fei Yan (Eds.)

13th Chinese Conference, CTCIS 2019

Shanghai, China, October 24–27, 2019

Revised Selected Papers

Trusted Computing

and Information Security

Communications in Computer and Information Science 1149

Communications

in Computer and Information Science 1149

Commenced Publication in 2007

Founding and Former Series Editors:

Phoebe Chen, Alfredo Cuzzocrea, Xiaoyong Du, Orhun Kara, Ting Liu,

Krishna M. Sivalingam, Dominik Ślęzak, Takashi Washio, Xiaokang Yang,

and Junsong Yuan

Editorial Board Members

Simone Diniz Junqueira Barbosa

Pontifical Catholic University of Rio de Janeiro (PUC-Rio),

Rio de Janeiro, Brazil

Joaquim Filipe

Polytechnic Institute of Setúbal, Setúbal, Portugal

Ashish Ghosh

Indian Statistical Institute, Kolkata, India

Igor Kotenko

St. Petersburg Institute for Informatics and Automation of the Russian

Academy of Sciences, St. Petersburg, Russia

Lizhu Zhou

Tsinghua University, Beijing, China

More information about this series at http://www.springer.com/series/7899

Weili Han • Liehuang Zhu • Fei Yan (Eds.)

Trusted Computing

and Information Security

13th Chinese Conference, CTCIS 2019

Shanghai, China, October 24–27, 2019

Revised Selected Papers

123

Editors

Weili Han

Fudan University

Shanghai, China

Liehuang Zhu

Beijing Institute of Technology

Beijing, China

Fei Yan

Wuhan University

Wuhan, China

ISSN 1865-0929 ISSN 1865-0937 (electronic)

Communications in Computer and Information Science

ISBN 978-981-15-3417-1 ISBN 978-981-15-3418-8 (eBook)

https://doi.org/10.1007/978-981-15-3418-8

© Springer Nature Singapore Pte Ltd. 2020

This work is subject to copyright. All rights are reserved by the Publisher, whether the whole or part of the

material is concerned, specifically the rights of translation, reprinting, reuse of illustrations, recitation,

broadcasting, reproduction on microfilms or in any other physical way, and transmission or information

storage and retrieval, electronic adaptation, computer software, or by similar or dissimilar methodology now

known or hereafter developed.

The use of general descriptive names, registered names, trademarks, service marks, etc. in this publication

does not imply, even in the absence of a specific statement, that such names are exempt from the relevant

protective laws and regulations and therefore free for general use.

The publisher, the authors and the editors are safe to assume that the advice and information in this book are

believed to be true and accurate at the date of publication. Neither the publisher nor the authors or the editors

give a warranty, expressed or implied, with respect to the material contained herein or for any errors or

omissions that may have been made. The publisher remains neutral with regard to jurisdictional claims in

published maps and institutional affiliations.

This Springer imprint is published by the registered company Springer Nature Singapore Pte Ltd.

The registered company address is: 152 Beach Road, #21-01/04 Gateway East, Singapore 189721,

Singapore

Preface

The 13th Chinese Conference on Trusted Computing and Information Security

(CTCIS 2019) continued in a series of events dedicated to trusted computing and

information security, focusing on new theories, mechanisms, infrastructures, services,

tools, and benchmarks. CTCIS provides a forum for researchers and developers in

academia, industry, and government to share their excellent ideas and experiences in

the areas of trusted computing and information security in the broad context of cloud

computing, big data, Internet of Things, etc.

This year, CTCIS received 247 submissions. After a thorough reviewing process,

38 English papers and 28 Chinese papers were selected for presentation as full papers,

with an acceptance rate of 26.7%. This volume contains the 22 English full papers

presented at CTCIS 2019.

The high-quality program would not have been possible without the authors who

chose CTCIS 2019 as a venue for their publications. We are also very grateful to the

Program Committee members and Organizing Committee members, who put a

tremendous amount of effort into soliciting and selecting research papers with a balance

of high quality and new ideas and new applications.

We hope that you enjoy reading and benefit from the proceedings of CTCIS 2019.

October 2019 Weili Han

Liehuang Zhu

Fei Yan

Organization

CTCIS 2019 was organized by the China Computer Federation, Fudan University.

Organizing Committee

Conference Chair

Changxiang Shen Chinese Academy of Engineering, China

Conference Associate Chairs

Xiaoyang Wang Fudan University, China

Huanguo Zhang Wuhan University, China

Conference Chair Assistant

Bo Zhao Wuhan University, China

Program Chair

Weili Han Fudan University, China

Program Associate Chairs

Liehuang Zhu Beijing Institute of Technology, China

Fei Yan Wuhan University, China

Publicity Chair

Chao Shen Xi’an Jiaotong University, China

Local Arrangement Chair

Chen Chen Fudan University, China

Steering Committee

Changxiang Shen Chinese Academy of Engineering, China

Huanguo Zhang Wuhan University, China

Zhong Chen Peking University, China

Kefei Chen Hangzhou Normal University, China

Dengguo Feng Beijing Science Technology Academy, China

Zhen Han Beijing Jiaotong University, China

Yeping He Chinese Academy of Sciences, China

Jiwu Huang Shenzhen University, China

Jiwu Jing Institute of Information Engineering, Chinese Academy

of Sciences, China

Jianhua Li Shanghai Jiao Tong University, China

Jianwei Liu Beihang University, China

Zhoujun Li Beihang University, China

Jianfeng Ma Xidian University, China

Zhiguang Qin University of Electronic Science and Technology

of China, China

Jinshu Su National University of Defense Technology, China

Wenchang Shi Renmin University of China, China

Qingxian Wang Information Engineering University, China

Xiaoyun Wang Tsinghua University, China

Zhiying Wang National University of Defense Technology, China

Xiaoyao Xie Guizhou Normal University, China

Xiaoyuan Yang Engineering University of CAPF, China

Yixian Yang Beijing University of Posts and Telecommunications,

China

Zhiqiang Zhu Information Engineering University, China

Program Committee

Zuling Chang Zhengzhou University, China

Fei Chen Shenzhen University, China

Qingfeng Cheng Information Engineering University, China

Zhongrui Du Hebei University, China

Xiutao Feng The System Science Institute of China Science

Academy, China

ShaoJing Fu National University of Defense Technology, China

Jianming Fu Wuhan University, China

Huifang Guo Huanghe Science and Technology College, China

Shanqing Guo Shandong University, China

Yuanbo Guo Information Engineering University, China

Debiao He Wuhan University, China

Xinfeng He Hebei University, China

Wei Hu PLA Naval University of Engineering, China

Yupeng Hu Hunan University, China

Qiang Huang Naval Research Academy, China

Qiong Huang South China Agricultural University, China

Zhen Li Hebei University, China

Li Lin Beijing University of Technology, China

Jinhui Liu Shaanxi Normal University, China

Zheli Liu Nankai University, China

Zhenxing Qian Fudan University, China

Weizhong Qiang Huazhong University of Science and Technology,

China

viii Organization

Yu Qin Institute of Software, Chinese Academy of Sciences,

China

Longjiang Qu National University of Defense Technology, China

Jun Shao Zhejiang Gongshang University, China

Yulong Shen Xidian University, China

Ming Tang Wuhan University, China

Donghai Tian Beijing Institute of Technology, China

Yan Tong Huazhong Agricultural University, China

Ding Wang Peking University, China

Chao Wang Shanghai University, China

Houzhen Wang Wuhan University, China

Juan Wang Wuhan University, China

Wei Wang Beijing Jiaotong University, China

Zhibo Wang Wuhan University, China

Lifei Wei Shanghai Ocean University, China

Qianhong Wu Beihang University, China

Liang Xiao Xiamen University, China

Peng Xu Huazhong University of Science and Technology,

China

Yang Xu Guizhou Normal University, China

Li Xu Fujian Normal University, China

Fajiang Yu Wuhan University, China

Yong Yu Shaanxi Normal University, China

Jianbiao Zhang Beijing University of Technology, China

Liqiang Zhang Wuhan University, China

Zijian Zhang Beijing Institute of Technology, China

Lei Zhao Wuhan University, China

Xueguang Zhou Naval University of Engineering, China

Yajin Zhou Zhejiang University, China

Organization ix

Contents

Generative Image Steganography Based on GANs. . . . . . . . . . . . . . . . . . . . 1

Yaojie Wang, Xiaoyuan Yang, and Hengkang Jin

Partial Blind Proxy Re-signature Scheme for Mobile Internet . . . . . . . . . . . . 16

Yanfang Lei, Zhijuan Jia, Lipeng Wang, Bei Gong, Yage Cheng,

and Junjun Fu

Information Flow-Based Security Construction for Compositional

Interface Automata . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31

Mingdi Xu, Zhaoyang Jin, Fan Zhang, and Feng Cui

Provably Secure Server-Assisted Verification Threshold Proxy

Re-signature Scheme . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44

Guoning Lv, Yanfang Lei, Mingsheng Hu, Yage Cheng, Bei Gong,

and Junjun Fu

ReJection: A AST-Based Reentrancy Vulnerability Detection Method . . . . . . 58

Rui Ma, Zefeng Jian, Guangyuan Chen, Ke Ma, and Yujia Chen

Identity Authentication Under Internet of Everything Based

on Edge Computing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 72

Zixiao Kong, Jingfeng Xue, Yong Wang, Weijie Han, and Xinyu Liu

STC: Improving the Performance of Virtual Machines Based

on Task Classification . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 86

Jiancheng Zhao, Zhiqiang Zhu, Lei Sun, Songhui Guo, and Jin Wu

A Method for Realizing Covert Communication at Router Driving Layer. . . . 104

Jingsong Cui, Chi Guo, Manli Zhang, and Qi Guo

A Secure Multi-party Signature Scheme Based on Trust Mechanism . . . . . . . 119

Yage Cheng, Mingsheng Hu, Lipeng Wang, Yanfang Lei, Junjun Fu,

Bei Gong, and Wei Ma

Virtual FPGA Placement with an Efficient Ant Colony Optimization. . . . . . . 133

Yingxin Xu, Lei Sun, Songhui Guo, and Haidong Liu

Identity-Based Threshold Group Signature Scheme

of Blockchain Verification . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 144

Lipeng Wang, Mingsheng Hu, Zhijuan Jia, Yage Cheng, Junjun Fu,

Yubo Wang, and Bei Gong

ByteDroid: Android Malware Detection Using Deep Learning

on Bytecode Sequences . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 159

Kewen Zou, Xi Luo, Pengfei Liu, Weiping Wang, and Haodong Wang

Research on Multidimensional System Security Assessment Based

on AHP and Gray Correlation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 177

Xiaolin Zhao, Hao Xu, Ting Wang, Xiaoyi Jiang, and Jingjing Zhao

Research on Software Network Key Nodes Mining Methods Based

on Complex Network . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 193

Chun Shan, Peng Wang, Changzhen Hu, Xianwei Gao,

and Shanshan Mei

Research and Development of TPM Virtualization . . . . . . . . . . . . . . . . . . . 206

Liang Tan, Huan Xiao, and Juan Wang

A Secure Certificateless Identity Authentication Scheme Based

on Blockchain . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 251

Weijun Ao, Shaojing Fu, Chao Zhang, and Ming Xu

A Trust-Based Security Research Method for Internet of Things Terminal . . . 267

Zhe Liu, Bo Zhao, and Jiyang Li

A QoS&SLA-Driven Multifaceted Trust Model for Cloud Computing . . . . . . 281

Runlian Zhang, Qingzhi Wang, Jinhua Cui, and Xiaonian Wu

A Lossless Data Hiding Scheme in Public Key Encrypted Domain Based

on Homomorphic Key-Switching . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 296

Yan Ke, Minqing Zhang, Tingting Su, and Jia Liu

A Detection Approach for Buffer Overflow Vulnerability Based on Data

Control Flow Graph . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 310

Jinfu Chen, Qihao Bao, Qingchen Zhang, Jinchang Hu,

and Patrick Kwaku Kudjo

Outsourced Data Integrity Auditing for Efficient Batch Dynamic Updates . . . 325

Kunyao Deng, Ming Xu, and Shaojing Fu

Secure Personal Health Records Sharing Based on Blockchain and IPFS . . . . 340

Xuguang Wu, Yiliang Han, Minqing Zhang, and Shuaishuai Zhu

Author Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 355

xii Contents

Generative Image Steganography

Based on GANs

Yaojie Wang1,2(&)

, Xiaoyuan Yang1,2, and Hengkang Jin1,3

1 Engineering University of PAP, Xi’an 710086, China

[email protected] 2 Key Laboratory of Network and Information Security of PAP,

Xi’an 710086, China 3 Unified Communications and Next Generation Network Systems Laboratory,

Xi’an 710086, China

Abstract. According to the embedding method of secret information,

steganography can be divided into: cover modification, selection and synthesis.

In view of the problem that the cover modification will leave the modification

trace, the cover selection is difficult and the load is too low, this paper proposes a

generative image steganography scheme based on GANs, which combines with

cover synthesis. Based on GAN, the scheme uses secret information as the

driver and directly generates encrypted images for transmission, which can

effectively resist the detection of steganalysis algorithms. The security of the

scheme is based on the key of the encryption algorithm. Even if the attacker

obtains the transmitted information, only the meaningless result will be obtained

without the key. Experiments were carried out on the data set of CelebA, and the

results verified the feasibility and security of the scheme.

Keywords: Information hiding
Cover synthesis
Generative adversarial

networks
Security

1 Introduction

In Fridrich’s groundbreaking work of modern steganography [1], steganographic

channel is divided into three categories, cover selection, modification and synthesis.

cover modification is the most common method of traditional information hiding, but it

is inevitable to leave some traces of modification on the cover, which makes it difficult to

resist the detection based on statistical analysis algorithm. Cover selection method does

not modify the cover image, thereby avoiding the threat of the existing steganalysis

technology. This method cannot be applied to practical applications because of its low

payload [2]. Compared with the former two methods, the cover synthesis method is

more suitable. However, this method is only a theoretical conception, rather than a

practical steganography, because it is difficult to obtain multiple natural samples [3].

Fortunately, a data-based sampling technique, generative adversarial networks

(GANs) [4] have become a new research hot spot in artificial intelligence. The biggest

advantage and feature of GANs is the ability to sample real space and generate samples

driven by noise, which provides the possibility for cover synthesis. Based on GANs,

© Springer Nature Singapore Pte Ltd. 2020

W. Han et al. (Eds.): CTCIS 2019, CCIS 1149, pp. 1–15, 2020.

https://doi.org/10.1007/978-981-15-3418-8_1

this paper combines symmetric encryption and information hiding, and proposes a

generative image steganography scheme. We do not make any modifications to the

generated image, which can resist steganographic analysis detection. At the same time,

a key-based coordinate encryption algorithm is proposed, which accords with the

Kerckhoffs principle [5]. It enhances the ability to resist steganalysis and expands new

ideas for the development of information hiding and cryptography.

The remainder of this letter is organized as follows: We detail the development and

improvement of machine learning in steganography. Section. 3 shows how to build

generative image steganography by GANs. Experiment results are demonstrated in

Sect. 4. Section 5 concludes this research and details our future work.

2 Improvement of Generative Model in Steganography

In recent years, some researchers have tried to introduce the theory of confrontation

into the field of information security. PassGAN [6] was introduced into the code￾deciphering work, and the password generative method based on machine learning was

used to replace the artificially formulated password rules, which made obvious pro￾gress. Biggo et al. [7] introduced the idea of confrontation into network attack and

defense, and the concept of confrontation model was proposed, especially for the

improvement of vulnerability repair. In terms of information hiding, some researchers

have introduced the generation of confrontation networks into steganography, but the

main method they use is still based on the framework of carrier modification. The

representative schemes are as follows:

(1) SGAN & SSGAN

Volkhonskiy et al. [8] proposed the SGAN scheme, which first combined GAN with

steganography, adding a message embedding module on the basis of original GAN.

Different from the traditional method, the generated image is used as the carrier to embed

the information. At the same time, an additional steganographic analysis discriminator is

trained to ensure that the generated image of the generator cannot be distinguished from

the encrypted image after embedded information, so that the steganographic security is

further improved. The scheme structure is shown in Fig. 1 below:

Fig. 1. The structure of SGAN

2 Y. Wang et al.

Similar to [8], Shi et al. [9] introduce WGAN [10] to increase convergence speed

and achieve more stable image quality. At the same time, GNCNN was used as the

steganographic analysis module to improve the safety of steganography. Wang et al.

[11] improved the framework and reconstructed the discriminator of original GAN. The

generated image is first embedded into the secret information, and then input into the

discriminator for discriminating, forcing the generated image to be more suitable for

embedding information while ensuring image quality.

The basic idea of the above solution is to introduce a simple LSB modification

module to the GAN confrontation training to achieve steganography. On the one hand,

the advantages of generating model in GAN are utilized to ensure that the generated

carrier images meet the statistical characteristics of natural images. On the other hand,

an additional steganographic discriminator and message embedding module are added

to ensure that the generated vector image is effective against steganalysis. Therefore,

these schemes can generate image carriers that meet specific steganographic security,

but the general performance against steganographic analysis is poor and cannot

effectively resist the detection of other steganalysis methods.

(2) ASDL-GAN

Tang et al. [12] proposed the automatic Steganographic Distortion Learning (ASDL)

for the first time based on the additive distortion cost function. They use machine

learning to obtain the probability matrix P of image pixel modification, then use the

STC method to embed secret information. This scheme is called ASDL-GAN.

The scheme utilizes the adversarial network to improve the performance of the

generator G, and the probabilistic matrix P is obtained by sampling the generator G to

implement steganography. The discriminator D distinguishes both the encrypted carrier

and the original carrier. The basic structure is shown in Fig. 2 below:

Fig. 2. The structure of ASDL-GAN

Generative Image Steganography Based on GANs 3

To learn the probability matrix P, they propose a miniature network TES as the

activation function of the probability matrix. To further improve the security of ASDL￾GAN, Yang et al. [13] proposed UT-SCA-GAN (U-net, Tanh-simulator function,

Selection Channel Awareness). They use the Tanh-simulator function instead of the

TES activation function to improve efficiency, using U-net as the basic structure of the

generator. To resist SCA steganalysis, the scheme also introduces the absolute values

of 30 high-pass filters in the rich model as auxiliary conditions. The basic framework is

shown in Fig. 3:

The main method of these representative schemes is still to embed secret infor￾mation based on carrier modification. They do not fundamentally satisfy the statistical

characteristics of the original image. That is to say, the transmitted encrypted carrier

still has traces of modification, which makes it difficult to resist the detection of the

steganographic algorithm.

For further study the application of adversarial training in steganography,we pro￾pose a novel method—generative image steganography based on GANs. Its feasibility

and safety have been verified through experiments, and This paper has the following

contributions:

1. According to the idea of carrier synthesis, the concept of generative image

steganography is innovatively proposed, and no modification is made to the gen￾erated carrier information, which can fundamentally resist the detection of

steganographic analysis.

2. Combining “two points, one line” mathematical principle, a coordinate encryption

algorithm is proposed, which combines symmetric encryption and information

hiding, and satisfies the Kerckhoffs’ principle. Ideally, without shared keys, the

extraction of secret information is equivalent to brute force cracking.

Fig. 3. The structure of UT-SCA-GAN

4 Y. Wang et al.