Abstract: A method for preventing domain name system cache poisoning attacks comprises steps of inputting a domain name by an internet application program of an Internet communication device, determining in which area the Internet communication device is located, randomly selecting at least two domain name system resolvers of the area, retrieving at least one Internet protocol address from the domain name system resolvers and evaluating the Internet protocol addresses to generate at least one security score, selecting a trustworthy Internet protocol address based on the security scores, comparing the security score of the selected Internet protocol address with a predetermined security score threshold, and sending the trustworthy Internet protocol address to the Internet application program of the Internet communication device when the security score is greater than the security score threshold.

Abstract: A layer-aware Forward Error Correction (FEC) encoding and decoding method for encoding and decoding an information content, an encoding apparatus, a decoding apparatus, and a system thereof are provided, wherein the information content has a plurality of layer source symbol sets. In the encoding method, source symbols of each layer are encoded into encoding symbols corresponding to the layer by using an FEC encoder. In addition, final encoding symbols of an upper layer are generated by aggregating encoding symbols of both the upper layer and a lower layer. Thereby, the layer-aware FEC encoding method can maintain the encoding/decoding dependency between different layers of data without increasing the complexity of the encoding/decoding operations.

Abstract: A handover authentication method includes performing, by a wireless network server, a first authentication between a client and the wireless network server via a first network gateway; obtaining first authentication keys for the wireless network server and the client based on the first authentication; determining, by the wireless network server, a need to handover the client from the first network gateway to a second network gateway; deriving, by the wireless network server and from the first authentication keys, a handover authentication key shared by the client and the wireless network server; obtaining, by the wireless network server, second authentication keys for the network server and the client; and serving, by the wireless network server, the client via the second network gateway.

Abstract: Apparatus, method, and computer readable medium for generating and utilizing a feature code to monitor a program are provided. The program is run in a secure environment at the beginning. The program calls a function through an application program interface. A return address of the application program interface is used to generate the feature code. When the application runs again at another time, the feature code is utilized to monitor the program. According to the aforementioned arrangement and steps, the application program interface can be monitored dynamically. Consequently, any program can be monitored by this approach, which results in a more secure environment. Further, fewer application program interfaces are required to be monitored, so the required computer resource is less.

Abstract: Disclosed is an authentication method employing elliptic curve cryptography (ECC), applicable to a mobile broadcast TV system having one or more head end systems, at least a transmitter, and at least a mobile set. The authentication method comprises at least one request message from mobile sets simultaneously or in a short period of time arriving at a head end system for authentication; manipulating each broadcast authentication message by ECC; manipulating each service request message by ECC and pairing operation; performing a mutual authentication between the head end system and mobile sets by ECC and pairing operation; and broadcasting one group of authentication messages to all the mobile sets of many requests arrived at the head end system simultaneously or in a short period of time for the same service.

Abstract: The present invention relates to a mobile jamming attack method applied in a wireless sensor network (WSN) and method defending the same. The mobile jamming attack method is a power exhaustion denial-of-service attack, possesses mobility and self-learning capability and is unable to be defended with existing defending scheme due to its attack to the routing layer of the WSN; the mobile jamming defending method employs multi-topologies scheme to defend the mobile jamming attack so that the affected area is reduced, the base station can still receive reply packets under the attack, and the jammed area can be roughly located and the track of the mobile jammer can be traced.

Abstract: A network reputation system and its controlling method are provided. A credentials and exchange component permits a user to generate credentials and exchange matching keys with those persons having a social relationship with the user. A reputation evaluation component enables other users to make evaluations about an estimatee via the sharing of social network information. A query and response component receives a query from a person having a social relationship with the user for requesting an evaluation about the estimatee, and responds an associated evaluation result to the person having a social relationship with the user, via the sharing of social network information and the evaluations made by the other users about the estimatee.

Abstract: A mobile station, an access point, a gateway apparatus, a base station, and a handshake method thereof for use in a wireless network framework are provided. The wireless network framework comprises a first wireless network comprising the access point, and a second wireless network comprising the gateway apparatus and base station. There is an IP security tunnel between the access point and the gateway apparatus. When the mobile station handovers from the first wireless network to the second wireless network, it transmits a master session key to the gateway apparatus via the access point and the IP security tunnel. Additionally, when the mobile station handovers from the second wireless network to the first wireless network, it transmits a master session key to the access point. As a result, the authentication time, which is needed in handover procedure between the first wireless network and the second wireless network, is reduced effectively.

Abstract: An apparatus and method for renewing a key, a computer readable media thereof, and a wireless network comprising the same are provided. The method is adapted to the first base station. The first base station belongs to a wireless network. The first base station uses a first key and has a first coverage. The method comprises the following steps: determining that the mobile device moves from the first coverage to the second coverage of a second base station; determining that the login time of the mobile device is later than the renewing time of the first key; renewing the first key; and sending the first key to the mobile device.

Abstract: A method for key management for a broadcasting system includes generating a receiver group key (RGK) seed and a plurality of parameters for a receiver group provided by the broadcasting system; and calculating an RGK for the receiver group based on the RGK seed and the plurality of parameters.

Abstract: A key management system is provided. The key management system includes a key server. The key server generates secret keys by constructing a rights hierarchy and a resource hierarchy, associating the rights hierarchy with the resource hierarchy, and converting a rights-resource relationship into a node in a service hierarchy. The rights hierarchy includes a rights node and the resource hierarchy includes a resource node. The rights hierarchy is set above the resource hierarchy. The right hierarchy and the resource hierarchy are in a partial order relationship.

Abstract: A handover authentication method includes performing, by a wireless network server, a first authentication between a client and the wireless network server via a first network gateway; obtaining first authentication keys for the wireless network server and the client based on the first authentication; determining, by the wireless network server, a need to handover the client from the first network gateway to a second network gateway; deriving, by the wireless network server and from the first authentication keys, a handover authentication key shared by the client and the wireless network server; obtaining, by the wireless network server, second authentication keys for the network server and the client; and serving, by the wireless network server, the client via the second network gateway.

Abstract: A method for assigning a plurality of users of a broadcasting system, wherein each of the plurality of users subscribes to at least one of a plurality of receiver groups provided by the broadcasting system. The method includes dividing the plurality of users into a plurality of temporary groups each including ones of the plurality of users that subscribe to a same one of the plurality of receiver groups; and assigning the ones of the plurality of users to at least one user group.

Abstract: Mobile jamming attack method in wireless sensor network and method defending the same The present invention relates to a mobile jamming attack method applied in a wireless sensor network (WSN) and method defending the same. The mobile jamming attack method is a power exhaustion denial-of-service attack, possesses mobility and self-learning capability and is unable to be defended with existing defending scheme due to its attack to the routing layer of the WSN; the mobile jamming defending method employs multi-topologies scheme to defend the mobile jamming attack so that the affected area is reduced, the base station can still receive reply packets under the attack, and the jammed area can be roughly located and the track of the mobile jammer can be traced.

Abstract: Disclosed is an authentication method employing elliptic curve cryptography (ECC), applicable to a mobile broadcast TV system having one or more head end systems, at least a transmitter, and at least a mobile set. The authentication method comprises at least one request message from mobile sets simultaneously or in a short period of time arriving at a head end system for authentication; manipulating each broadcast authentication message by ECC; manipulating each service request message by ECC and pairing operation; performing a mutual authentication between the head end system and mobile sets by ECC and pairing operation; and broadcasting one group of authentication messages to all the mobile sets of many requests arrived at the head end system simultaneously or in a short period of time for the same service.

Abstract: A network apparatus having a database, a management method and a tangible machine-readable medium for managing internet protocol (IP) connection rules of the database are provided. The database stores at least one first IP connection rule. The management method comprises the following steps: writing a second IP connection rule through one of a plurality of management programs; determining there is a conflict between the at least one first IP connection rule and the second IP connection rule, and eliminating the conflict according to a weight value of the at least one first IP connection rule and a weight value of the second IP connection rule. The at least one first IP connection rule and the second IP connection rule are used in one network connection.

Abstract: The present invention relates to a wireless sensor message authentication method, which is characterized by an authentication scheme of any message authentication code applied to any secure message authentication code (MAC); an authentication scheme using the concept of error correcting code (ECC) and applied to any binary ECC to provide different feature; flexible technique tuning required throughput and faulty data detection capability by adjusting the ECC in use; end-to-end authentication; and XOR operation conducted to original MAC to secure light overhead.

Abstract: A key management method for wireless networks is disclosed. Before a mobile station residing in a first ASN switches to a neighboring second ASN, an authentication process between the mobile station and the second ASN is implemented. Thus, the authentication process is not required when the mobile station is switching to the second ASN.

Abstract: Apparatus, method, and computer readable medium for generating and utilizing a feature code to monitor a program are provided. The program is run in a secure environment at the beginning. The program calls a function through an application program interface. A return address of the application program interface is used to generate the feature code. When the application runs again at another time, the feature code is utilized to monitor the program. According to the aforementioned arrangement and steps, the application program interface can be monitored dynamically. Consequently, any program can be monitored by this approach, which results in a more secure environment. Further, fewer application program interfaces are required to be monitored, so the required computer resource is less.

Abstract: The present invention provides a method regarding key deployment in wireless sensor networks, that is, with random anticipated disposition mechanism as basis, a key management mechanism is designed.