Biblio

When using deep learning for DDoS attack detection, there is a general degradation in detection performance due to small sample size. This paper proposes a small-sample DDoS attack detection method based on deep transfer learning. First, deep learning techniques are used to train several neural networks that can be used for transfer in DDoS attacks with sufficient samples. Then we design a transferability metric to compare the transfer performance of different networks. With this metric, the network with the best transfer performance can be selected among the four networks. Then for a small sample of DDoS attacks, this paper demonstrates that the deep learning detection technique brings deterioration in performance, with the detection performance dropping from 99.28% to 67%. Finally, we end up with a 20.8% improvement in detection performance by deep transfer of the 8LANN network in the target domain. The experiment shows that the detection method based on deep transfer learning proposed in this paper can well improve the performance deterioration of deep learning techniques for small sample DDoS attack detection.

With the explosive development of big data, it is necessary to sort the data according to their importance or priorities. The sources with different importance levels can be modeled by the multilevel diversity coding systems (MDCS). Another trend in future communication networks, say 5G wireless networks and Internet of Things, is that users may obtain their data from all available sources, even from devices belonging to other users. Then, the privacy of data becomes a crucial issue. In a recent work by Li et al., the secure asymmetric MDCS (S-AMDCS) with wiretap channels was investigated, where the wiretapped messages do not leak any information about the sources (i.e. perfect secrecy). It was shown that superposition (source-separate coding) is not optimal for the general S-AMDCS and the exact full secure rate region was proved for a class of S-AMDCS. In addition, a bound on the key size of the secure rate region was provided as well. As a further step on the SAMDCS problem, this paper mainly focuses on the key size characterization. Specifically, the constraints on the key size of superposition secure rate region are proved and a counterexample is found to show that the bound on the key size of the exact secure rate region provided by Li et al. is not tight. In contrast, tight necessary and sufficient constraints on the secrecy key size of the counterexample, which is the four-encoder S-AMDCS, are proved.

P2P botnet has become one of the most serious threats to today's network security. It can be used to launch kinds of malicious activities, ranging from spamming to distributed denial of service attack. However, the detection of P2P botnet is always challenging because of its decentralized architecture. In this paper, we propose a two-stage P2P botnet detection method which only relies on several traffic statistical features. This method first detects P2P hosts based on three statistical features, and then distinguishes P2P bots from benign P2P hosts by means of another two statistical features. Experimental evaluations on real-world traffic datasets shows that our method is able to detect hidden P2P bots with a detection accuracy of 99.7% and a false positive rate of only 0.3% within 5 minutes.

We present an intelligent system that focus on how to ensure the stability of ZigBee network automatically. First, we discussed on the character of ZigBee compared with WIFI. Pointed out advantage of ZigBee resides in security, stability, low power consumption and better expandability. Second, figuring out the shortcomings of ZigBee on application is that physical limitation of the frequency band and weak ability on diffraction, especially coming across a wall or a door in the actual environment of home. The third, to put forward a method which can be used to ensure the strength of ZigBee signal. The method is to detect the strength of ZigBee relay in advance. And then, to compare it with the threshold value which had been defined in previous. The threshold value of strength of ZigBee is the minimal and tolerable value which can ensure stable transmission of ZigBee. If the detected value is out of the range of threshold, system will prompt up warning message which can be used to hint user to add ZigBee reply between the original ZigBee node and ZigBee gateway.

Public key infrastructure (PKI) is the foundation and core of network security construction. Blockchain (BC) has many technical characteristics, such as decentralization, impossibility of being tampered with and forged, which makes it have incomparable advantages in ensuring information credibility, security, traceability and other aspects of traditional technology. In this paper, a method of constructing PKI certificate system based on permissioned BC is proposed. The problems of multi-CA mutual trust, poor certificate configuration efficiency and single point failure in digital certificate system are solved by using the characteristics of BC distribution and non-tampering. At the same time, in order to solve the problem of identity privacy on BC, this paper proposes a privacy-aware PKI system based on permissioned BCs. This system is an anonymous digital certificate publishing scheme., which achieves the separation of user registration and authorization, and has the characteristics of anonymity and conditional traceability, so as to realize to protect user's identity privacy. The system meets the requirements of certificate security and anonymity, reduces the cost of CA construction, operation and maintenance in traditional PKI technology, and improves the efficiency of certificate application and configuration.

Untrusted third-party vendors and manufacturers have raised security concerns in hardware supply chain. Among all existing solutions, formal verification methods provide powerful solutions in detection malicious behaviors at the pre-silicon stage. However, little work have been done towards built-in hardware runtime verification at the post-silicon stage. In this paper, a runtime formal verification framework is proposed to evaluate the trust of hardware during its execution. This framework combines the symbolic execution and SAT solving methods to validate the user defined properties. The proposed framework has been demonstrated on an FPGA platform using an SoC design with untrusted IPs. The experimentation results show that the proposed approach can provide high-level security assurance for hardware at runtime.

This paper investigates the privacy-preserving problem of the distributed consensus-based energy management considering both generation units and responsive demands in smart grid. First, we reveal the private information of consumers including the electricity consumption and the sensitivity of the electricity consumption to the electricity price can be disclosed without any privacy-preserving strategy. Then, we propose a privacy-preserving algorithm to preserve the private information of consumers through designing the secret functions, and adding zero-sum and exponentially decreasing noises. We also prove that the proposed algorithm can preserve the privacy while keeping the optimality of the final state and the convergence performance unchanged. Extensive simulations validate the theoretical results and demonstrate the effectiveness of the proposed algorithm.

This paper introduces a hardware Trojan detection method using Chip ID which is generated by Relative Time-Delays (RTD) of sensor chains and the effectiveness of RTD is verified by post-layout simulations. The rank of time-delays of the sensor chains would be changed in Trojan-inserted chip. RTD is an accurate approach targeting to all kinds of Trojans, since it is based on the RELATIVE relationship between the time-delays rather than the absolute values, which are hard to be measured and will change with the fabricate process. RTD needs no golden chip, because the RELATIVE values would not change in most situations. Thus the genuine ID can be generated by simulator. The sensor chains can be inserted into a layout utilizing unused spaces, so RTD is a low-cost solution. A Trojan with 4x minimum NMOS is placed in different places of the chip. The behavior of the chip is obtained by using transient based post-layout simulation. All the Trojans are detected AND located, thus the effectiveness of RTD is verified.