Biblio

To reduce the false negative rate in power data anomaly detection, enhance the overall detection accuracy and reliability, and create a more stable data detection environment, this paper designs a power big data anomaly detection method based on improved support vector machine technology. The abnormal features are extracted in advance, combined with the changes of power data, the multi-target anomaly detection nodes are laid, and on this basis, the improved support vector machine anomaly detection model is constructed. The anomaly detection is realized by combining the normalization processing of the equivalent vector. The final test results show that compared with the traditional clustering algorithm big data anomaly detection test group and the traditional multi-domain feature extraction big data anomaly detection test group, the final false negative rate of the improved support vector machine big data exception detection test group designed in this paper is only 2.04, which shows that the effect of the anomaly detection method is better. It is more accurate and reliable for testing in a complex power environment and has practical application value.

The application of mobile intelligent terminal in the environment is very complex, and its own computing capacity is also very limited, so it is vulnerable to malicious attacks. The security classification of mobile intelligent terminals can effectively ensure the security of their use. Therefore, a security classification method for mobile intelligent terminals based on multi-source data fusion is proposed. The Boolean value is used to count the multi-source data of the mobile intelligent terminal, and the word frequency method is used to calculate the weight of the multi-source data of the mobile intelligent terminal. The D-S evidence theory is used to complete the multi-source data fusion of the mobile intelligent terminal and implement the multi-source data fusion processing of the mobile intelligent terminal. On this basis, the security level permission value of mobile intelligent terminal is calculated to achieve the security level division of mobile intelligent terminal based on multi-source data fusion. The experimental results show that the accuracy of mobile intelligent terminal security classification is higher than 96% and the classification time is less than 3.8 ms after the application of the proposed method. Therefore, the security level of mobile intelligent terminals after the application of this method is high, and the security performance of mobile intelligent terminals is strong, which can effectively improve the accuracy of security classification and shorten the time of security classification.

In recent years, the epidemic of speculative side channels significantly increases the difficulty in enforcing domain isolation boundaries in a virtualized cloud environment. Although mitigations exist, the approach taken by the industry is neither a long-term nor a scalable solution, as we target each vulnerability with specific mitigations that add up to substantial performance penalties. We propose a different approach to secret isolation: guaranteeing that the hypervisor is Secret-Free (SF). A Secret-Free design partitions memory into secrets and non-secrets and reconstructs hypervisor isolation. It enforces that all domains have a minimal and secret-free view of the address space. In contrast to state-of-the-art, a Secret-Free hypervisor does not identify secrets to be hidden, but instead identifies non-secrets that can be shared, and only grants access necessary for the current operation, an allow-list approach. SF designs function with existing hardware and do not exhibit noticeable performance penalties in production workloads versus the unmitigated baseline, and outperform state-of-the-art techniques by allowing speculative execution where secrets are invisible. We implement SF in Xen (a Type-I hypervisor) to demonstrate that the design applies well to a commercial hypervisor. Evaluation shows performance comparable to baseline and up to 37% improvement in certain hypervisor paths compared with Xen default mitigations. Further, we demonstrate Secret-Free is a generic kernel isolation infrastructure for a variety of systems, not limited to Type-I hypervisors. We apply the same model in Hyper-V (Type-I), bhyve (Type-II) and FreeBSD (UNIX kernel) to evaluate its applicability and effectiveness. The successful implementations on these systems prove the generality of SF, and reveal the specific adaptations and optimizations required for each type of kernel.

With the rapid development of the electric power Internet-of-Things (power IoT) technology and the widespread use of general-purpose software, hardware and network facilities, the power IoT has become more and more open, which makes the traditional power system face new cyber security threats. In order to find the vulnerable device nodes and attack links in the power IoT system, this paper studies a set of attack path calculation methods and vulnerability node discovery algorithms, which can construct a power IoT attack simulation program based on the value of equipment assets and information attributes. What’s more, this paper has carried on the example analysis and verification on the improved IEEE RBTS Bus 2 system. Based on the above research plan, this paper finally developed a set of power IoT attack simulation tool based on distribution electronic stations, which can well find the vulnerable devices in the system.

The operating system is extremely important for both "Made in China 2025" and ubiquitous electric power Internet of Things. By investigating of five key requirements for ubiquitous electric power Internet of Things at the OS level (performance, ecosystem, information security, functional security, developer framework), this paper introduces the intelligent NARI microkernel Operating System and its innovative schemes. It is implemented with microkernel architecture based on the trusted computing. Some technologies such as process based fine-grained real-time scheduling algorithm, sigma0 efficient message channel and service process binding in multicore are applied to improve system performance. For better ecological expansion, POSIX standard API is compatible, Linux container, embedded virtualization and intelligent interconnection technology are supported. Native process sandbox and mimicry defense are considered for security mechanism design. Multi-level exception handling and multidimensional partition isolation are adopted to provide High Reliability. Theorem-assisted proof tools based on Isabelle/HOL is used to verify the design and implementation of NARI microkernel OS. Developer framework including tools, kit and specification is discussed when developing both system software and user software on this IoT OS.

Fractional hedonic games (FHGs) are extensively studied in game theory and explain the formation of coalitions among individuals in a group. This paper investigates the coalition generation problem, namely, finding a coalition structure whose social welfare, i.e., the sum of the players' payoffs, is maximized. We focus on agent-based methods which set the decision rules for each player in the game. Through repeated interactions the players arrive at a coalition structure. In particular, we propose CFSV, namely, coalition formation with Shapley value-based welfare distribution scheme. To evaluate CFSV, we theoretically demonstrate that this algorithm achieves optimal coalition structure over certain standard graph classes and empirically compare the algorithm against other existing benchmarks on real-world and synthetic graphs. The results show that CFSV is able to achieve superior performance.

In this paper, we propose the first identity-based broadcast encryption scheme, which can simultaneously achieves confidentiality and full anonymity against adaptive chosen-ciphertext attacks under a standard assumption. In addition, two further desirable features are also provided: one is fully-collusion resistant which means that even if all users outside of receivers S collude they cannot obtain any information about the plaintext. The other one is stateless which means that the users in the system do not need to update their private keys when the other users join or leave our system. In particular, our scheme is highly efficient, where the public parameters size, the private key size and the decryption cost are all constant and independent to the number of receivers.