Biblio

Since the birth of the Internet, the quality of network service has been a widespread concerned problem. With the continuous development of communication and information technology, people gradually realized that the contradiction between the limited resources and the business requirements of network cannot be fundamentally solved. In this paper, we design and develop a distributed security quality of service testing framework called AweQoS(AwesomeQoS), to adapt to the current complex network environment. This paper puts forward the necessity that some security tests should be closely combined with quality of service testing, and further discusses the basic methods of distributed denial of service attack and defense. We introduce the design idea and working process of AweQoS in detail, and introduce a bandwidth test method based on user datagram protocol. Experimental results show that this new test method has better test performance and potential under the AweQoS framework.

The construction of power Internet of things is an important development direction of power grid enterprises in the future. Big data not only brings economic and social benefits to the power system industry, but also brings many information security problems. Therefore, in the case of accelerating the construction of ubiquitous electric Internet of things, it is urgent to standardize the data security protection in the ubiquitous electric Internet of things environment. By analyzing the characteristics of big data in power system, this paper discusses the security risks faced by big data in power system. Finally, we propose some methods of data security protection based on the defects of big data security in current power system. By building a data security intelligent management and control platform, it can automatically discover and identify the types and levels of data assets, and build a classification and grading information base of dynamic data assets. And through the detection and identification of data labels and data content characteristics, tracking the use of data flow process. So as to realize the monitoring of data security state. By protecting sensitive data against leakage based on the whole life cycle of data, the big data security of power grid informatization can be effectively guaranteed and the safety immunity of power information system can be improved.

Phasor measurement unit (PMU) networks are increasingly deployed to offer timely and high-precision measurement of today's highly interconnected electric power systems. To enhance the cyber-resilience of PMU networks against malicious attacks and system errors, we develop an optimization-based network management scheme based on the software-defined networking (SDN) communication infrastructure to recovery PMU network connectivity and restore power system observability. The scheme enables fast network recovery by optimizing the path generation and installation process, and moreover, compressing the SDN rules to be installed on the switches. We develop a prototype system and perform system evaluation in terms of power system observability, recovery speed, and rule compression using the IEEE 30-bus system and IEEE 118-bus system.

In order to excavate security threats in power grid by making full use of heterogeneous data sources in power information system, this paper proposes APT (Advanced Persistent Threat) attack detection sandbox technology and active defense system based on big data analysis technology. First, the file is restored from the mirror traffic and executed statically. Then, sandbox execution was carried out to introduce analysis samples into controllable virtual environment, and dynamic analysis and operation samples were conducted. Through analyzing the dynamic processing process of samples, various known and unknown malicious code, APT attacks, high-risk Trojan horses and other network security risks were comprehensively detected. Finally, the threat assessment of malicious samples is carried out and visualized through the big data platform. The results show that the method proposed in this paper can effectively warn of unknown threats, improve the security level of system data, have a certain active defense ability. And it can effectively improve the speed and accuracy of power information system security situation prediction.

Web applications, as a conventional platform for sensitive data and important transactions, are of great significance to human society. But with its open source framework, the existing security vulnerabilities can easily be exploited by malicious users, especially when web developers fail to follow the secure practices. Here we present a distributed scanning system, FalconEye, with great precision and high performance, it will help prevent potential threats to Web applications. Besides, our system is also capable of covering basically all the web vulnerabilities registered in the Common Vulnerabilities and Exposures (CVE). The FalconEye system is consists of three modules, an input source module, a scanner module and a support platform module. The input module is used to improve the coverage of target server, and other modules make the system capable of generic vulnerabilities scanning. We then experimentally demonstrate this system in some of the most common vulnerabilities test environment. The results proved that the FalconEye system can be a strong contender among the various detection systems in existence today.

As a national strategic hot spot, the Internet of Things (IoT) has shown its vigor and vitality. With the development of IoT, its application in power grid is more and more extensive. As an advanced technology for information sensing and transmission, IoT has been applied extensively in power generation, transmission, transformation, distribution, utilization and other processes, and will develop with broad prospect in smart grid. Narrow Band Internet of Things (NB-IoT) is of broad application prospects in production management, life-cycle asset management and smart power utilization of smart grid. Its characteristics and security demands of application domain present a challenge for the security of electric power business. However, current protocols either need dual authentication and key agreements, or have poor compatibility with current network architecture. In order to improve the high security of power network data transmission, an end-to-end security authentication protocol of NB-IoT for smart grid based on physical unclonable function and state secret algorithm SM3 is proposed in this paper. A self-controllable NB-IoT application layer security architecture was designed by introducing the domestic cryptographic algorithm, extending the existing key derivation structure of LTE, and combining the physical unclonable function to ensure the generation of encryption keys between NB-IoT terminals and power grid business platforms. The protocol of this paper realizes secure data transmission and bidirectional identity authentication between IoT devices and terminals. It is of low communication costs, lightweight and flexible key update. In addition, the protocol also supports terminal authentication during key agreement, which furtherly enhances the security of business systems in smart grid.

Social and emotional intelligence of computer systems is increasingly important in human-AI (Artificial Intelligence) interactions. This paper presents a tangible AI interface, T.A.I, that enhances physical engagement in digital communication between users and a conversational AI agent. We describe a compact, pneumatically shape-changing hardware design with a rich set of physical gestures that actuate on mobile devices during real-time conversations. Our user study suggests that the physical presence provided by T.A.I increased users' empathy for, and social connection with the virtual intelligent system, leading to an improved Human-AI communication experience.