Biblio

Peer-to-peer (P2P) energy trading is one of the promising approaches for implementing decentralized electricity market paradigms. In the P2P trading, each actor negotiates directly with a set of trading partners. Since the physical network or grid is used for energy transfer, power losses are inevitable, and grid-related costs always occur during the P2P trading. A proper market clearing mechanism is required for the P2P energy trading between different producers and consumers. This paper proposes a decentralized market clearing mechanism for the P2P energy trading considering the privacy of the agents, power losses as well as the utilization fees for using the third party owned network. Grid-related costs in the P2P energy trading are considered by calculating the network utilization fees using an electrical distance approach. The simulation results are presented to verify the effectiveness of the proposed decentralized approach for market clearing in P2P energy trading.

This study addresses the coordination issue of multi-agent systems under complicated actuator faults and cyber attacks. Distributed fault-tolerant design is developed with the estimated and output neighboring information in decentralized estimation observer. Criteria of reaching the exponential coordination of multi-agent systems with cyber attacks is obtained with average dwelling time and chattering bound method. Simulations validate the efficiency of the anti-attack fault-tolerant design.

From the perspective of time domain, the propagation characteristics of sound waves in seawater can be seen more intuitively. In order to study the influence and characteristics of seamount on low frequency acoustic propagation, the research of this paper used the Finite Element Method (FEM) based on time domain to set up a full-waveguide low-frequency acoustic propagation simulation model, and discussed the influencing laws about acoustic propagation on seamount. The simulation results show that Seamounts can hinder the propagation of sound waves, weaken the energy of sound waves. The topographic changes of seamounts can cause the coupling and transformation of acoustic signals during the propagation which can stimulate the seabed interface wave.

The vehicle-to-grid (V2G) network has a clear advantage in terms of economic benefits, and it has grabbed the interest of powergrid and electric vehicle (EV) consumers. Many V2G techniques, at present, for example, use bilinear pairing to execute the authentication scheme, which results in significant computational costs. Furthermore, in the existing V2G techniques, the system master key is issued independently by the third parties, it is vulnerable to leaking if the third party is compromised by an attacker. This paper presents an efficient and secure anonymous authentication scheme for V2G networks to overcome this issue we use a lightweight authentication system for electric vehicles and smart grids. In the proposed technique, the keys are generated by the trusted authority after the successful registration of EVs in the trusted authority and the dispatching center. The suggested scheme not only enhances the verification performance of V2G networks and also protects against inbuilt hackers.

For the Internet of things (IoT) secure data aggregation issues, data privacy-preserving and limited computation ability and energy of nodes should be tradeoff. Based on analyzing the pros-and-cons of current works, a low energy- consuming secure data aggregation method (LCSDA) was proposed. This method uses shortest path principle to choose neighbor nodes and generates the data aggregation paths in the cluster based on prim minimum spanning tree algorithm. Simulation results show that this method could effectively cut down energy consumption and reduce the probability of cluster head node being captured, in the same time preserving data privacy.

The security control problem of cyber-physical system (CPS) under actuator attacks is studied in the paper. Considering the strict-feedback cyber-physical systems with external disturbance, a security control scheme is proposed by combining backstepping method and super-twisting sliding mode technology when the transmission control input signal of network layer is under false data injection(FDI) attack. Firstly, the unknown nonlinear function of the CPS is identified by Radial Basis Function Neural Network. Secondly, the backstepping method and super-twisting sliding mode algorithm are combined to eliminate the influence of actuator attack and ensure the robustness of the control system. Then, by Lyapunov stability theory, it is proved that the proposed control scheme can ensure that all signals in the closed-loop system are semi-global and ultimately uniformly bounded. Finally, the effectiveness of the proposed control scheme is verified by the inverted pendulum simulation.

Intrusion detection systems (IDSs) are widely deployed in the industrial control systems to protect network security. IDSs typically generate a huge number of alerts, which are time-consuming for system operators to process. Most of the alerts are individually insignificant false alarms. However, it is not the best solution to discard these alerts, as they can still provide useful information about network situation. Based on the study of characteristics of alerts in the industrial control systems, we adopt an enhanced method of exponentially weighted moving average (EWMA) control charts to help operators in processing alerts. We classify all detection signatures as regular and irregular according to their frequencies, set multiple control limits to detect anomalies, and monitor regular signatures for network security situational awareness. Extensive experiments have been performed using real-world alert data. Simulation results demonstrate that the proposed enhanced EWMA method can greatly reduce the volume of alerts to be processed while reserving significant abnormal information.

In this era, with a great extent of automation and connection, modern production processes are highly prone to cyber-attacks. The sensor-controller chain becomes an obvious target for attacks because sensors are commonly used to regulate production facilities. In this research, we introduce a new control configuration for the system, which is sensitive to time delay attacks (TDA), in which data transfer from the sensor to the controller is intentionally delayed. The attackers want to disrupt and damage the system by forcing controllers to use obsolete data about the system status. In order to improve the accuracy of delay identification and prediction, as well as erroneous limit and estimation for control, a new control structure is developed by an Internal Model Control (IMC) based Proportional-Integral-Derivative (PID) scheme with a fractional filter. An additional concept is included to mitigate the effect of time delay attack, i.e., the smith predictor. Simulation studies of the established control framework have been implemented with two numerical examples. The performance assessment of the proposed method has been done based on integral square error (ISE), integral absolute error (IAE) and total variation (TV).

In the traditional Internet of Vehicles, communication data is easily tampered with and easily leaked. In order to improve the trust evaluation mechanism of the Internet of Vehicles and establish a trust relationship between vehicles, a blockchain-based Internet of Vehicles trust evaluation (BBTE) scheme is proposed. First, the scheme uses the roadside unit RSU to calculate the trust value of vehicle nodes and maintain the generation, verification and storage of blocks, so as to realize distributed data storage and ensure that data cannot be tampered with. Secondly, an efficient trust evaluation method is designed. The method integrates four trust decision factors: initial trust, historical experience trust, recommendation trust and RSU observation trust to obtain the overall trust value of vehicle nodes. In addition, in the process of constructing the recommendation trust method, the recommendation trust is divided into three categories according to the interaction between the recommended vehicle node and the communicator, use CRITIC to obtain the optimal weights of three recommended trusts, and use CRITIC to obtain the optimal weights of four trust decision-making factors to obtain the final trust value. Finally, the NS3 simulation platform is used to verify the security and accuracy of the trust evaluation method, and to improve the identification accuracy and detection rate of malicious vehicle nodes. The experimental analysis shows that the scheme can effectively deal with the gray hole attack, slander attack and collusion attack of other vehicle nodes, improve the security of vehicle node communication interaction, and provide technical support for the basic application of Internet of Vehicles security.

Currently, mobile ad hoc networks (MANETs) are widely used due to its self-configuring feature. However, it is vulnerable to the malicious jammers in practice. Traditional anti-jamming approaches, such as channel hopping based on deterministic sequences, may not be the reliable solution against intelligent jammers due to its fixed patterns. To address this problem, we propose a distributed game theory-based multi-agent anti-jamming (DMAA) algorithm in this paper. It enables each user to exploit all information from its neighboring users before the network attacks, and derive dynamic local policy knowledge to overcome intelligent jamming attacks efficiently as well as guide the users to cooperatively hop to the same channel with high probability. Simulation results demonstrate that the proposed algorithm can learn an optimal policy to guide the users to avoid malicious jamming more efficiently and rapidly than the random and independent Q-learning baseline algorithms,

Security authentication can effectively solve the problem of access to Low Earth Orbit (LEO) satellites. However, the existing solutions still harbor some problems in the computational complexity of satellite authentication, flexible networking, resistance to brute force attacks and other aspects. So, a security authentication scheme for LEO satellites that integrates spatial channel characteristics is designed within the software defined network architecture. In this scheme, the spatial channel characteristics are introduced to the subsequent lightweight encryption algorithm to achieve effective defense against brute force attacks. According to security analysis and simulation results, the scheme can effectively reduce the computational overhead while protecting against replay attacks, brute force attacks, DOS attacks, and other known attacks.

This paper proposes a RSSI-based routing protocol for smart pole mesh networks equipped with multiple IEEE 802.11p/WAVE radios. In the IEEE 802.11p based multi-radio multi-channel environments, the performance of traditional mesh routing protocols is severely degraded because of metric measurement overhead. The periodic probe messages for measuring the quality of each channel incurs a large overhead due to the channel switching delay. To solve such an overhead problem, we introduce a routing metric that estimates expected transmission time and proposes a light-weight channel allocation algorithm based on RSSI value only. We evaluate the performance of the proposed solution through simulation experiments with NS-3. Simulation results show that it can improve the network performance in terms of latency and throughput, compared to the legacy WCETT routing scheme.

The most widely used protocol for routing across the 6LoWPAN stack is the Routing Protocol for Low Power and Lossy (RPL) Network. However, the RPL lacks adequate security solutions, resulting in numerous internal and external security vulnerabilities. There is still much research work left to uncover RPL's shortcomings. As a result, we first implement the worst parent selection (WPS) attack in this paper. Second, we offer an intrusion detection system (IDS) to identify the WPS attack. The WPS attack modifies the victim node's objective function, causing it to choose the worst node as its preferred parent. Consequently, the network does not achieve optimal convergence, and nodes form the loop; a lower rank node selects a higher rank node as a parent, effectively isolating many nodes from the network. In addition, we propose DWA-IDS as an IDS for detecting WPS attacks. We use the Contiki-cooja simulator for simulation purposes. According to the simulation results, the WPS attack reduces system performance by increasing packet transmission time. The DWA-IDS simulation results show that our IDS detects all malicious nodes that launch the WPS attack. The true positive rate of the proposed DWA-IDS is more than 95%, and the detection rate is 100%. We also deliberate the theoretical proof for the false-positive case as our DWA-IDS do not have any false-positive case. The overhead of DWA-IDS is modest enough to be set up with low-power and memory-constrained devices.

CP-ABE (Ciphertext-policy attribute based encryption) is considered as a secure access control for data sharing. However, the SK(secret key) in most CP-ABE scheme is generated by Centralized authority(CA). It could lead to the high cost of building trust and single point of failure. Because of the characters of blockchain, some schemes based on blockchain have been proposed to prevent the disclosure and protect privacy of users' attribute. Thus, a new CP-ABE identity-attribute management(IAM) data sharing scheme is proposed based on blockchain, i.e. IAM-BDSS, to guarantee privacy through the hidden policy and attribute. Meanwhile, we define a transaction structure to ensure the auditability of parameter transmission on blockchain system. The experimental results and security analysis show that our IAM-BDSS is effective and feasible.

In order to solve the problem of high data collision probability, high access delay and high-power consumption in random access process of power Internet of Things, an access scheme for large-scale micro-power wireless sensors based on slot-scheduling and hybrid mode is presented. This scheme divides time into different slots and designs a slot-scheduling algorithm according to network workload and power consumption. Sensors with different service priorities are arranged in different time slots for competitive access, using appropriate random-access mechanism. And rationally arrange the number of time slots and competing end-devices in different time slots. This scheme is able to meet the timeliness requirements of different services and reduce the overall network power consumption when dealing with random access scenarios of large-scale micro-power wireless sensor network. Based on the simulation results of actual scenarios, this access scheme can effectively reduce the overall power consumption of the network, and the high priority services can meet the timeliness requirements on the premise of lower power consumption, while the low priority services can further reduce power consumption.

When users request location services, they are easy to expose their privacy information, and the scheme of using a third-party server for location privacy protection has high requirements for the credibility of the server. To solve these problems, a localized differential privacy protection scheme in mobile environment is proposed, which uses Markov chain model to generate probability transition matrix, and adds Laplace noise to construct a location confusion function that meets differential privacy, Conduct location confusion on the client, construct and upload anonymous areas. Through the analysis of simulation experiments, the scheme can solve the problem of untrusted third-party server, and has high efficiency while ensuring the high availability of the generated anonymous area.

This paper addresses the allocation method of offensive resources for man-made attacks on power systems considering extreme weather conditions, which can help the defender identify the most vulnerable components to protect in this adverse situation. The problem is formulated as an attacker-defender model. The attacker at the upper level intends to maximize the expected damage considering all possible line failure scenarios. These scenarios are characterized by the combinations of failed transmission lines under extreme weather. Once the disruption is detected, the defender at the lower level alters the generation and consumption in the power grid using DC optimal power flow technique to minimize the damage. Then the original bi-level problem is transformed into an equivalent single-level mixed-integer linear program through strong duality theorem and Big-M method. The proposed attack resource allocation method is applied on IEEE 39-bus system and its effectiveness is demonstrated by the comparative case studies.

This paper investigates the physical layer security of a cognitive radio (CR) non-orthogonal multiple-access (NOMA) network supported by an intelligent reflecting surface (IRS). In a CR network, a secondary base station (BS) serves a couple of users, i.e., near and far users, via NOMA transmission under eavesdropping from a malicious attacker. It is assumed that the direct transmission link from the BS and far user is absent due to obstacles. Thus, an IRS is utilized to support far user communication, however, the communication links between the IRS and near/primary users are neglected because of heavy attenuation. The exact secrecy outage probability (SOP) for the near user and approximate SOP for the far user are then derived in closed-form by using the Gauss-Chebyshev approach. The accuracy of the derived analytical SOP is then verified through Monte Carlo simulations. The simulation results also provide useful insights on the impacts of the number of IRS reflecting elements and limited interference temperature on the system SOP.

Vehicular networks are vulnerable to large scale attacks. Blockchain, implemented upon application layer, is recommended as one of the effective security and privacy solutions for vehicular networks. However, due to an increasing complexity of connected nodes, heterogeneous environment and rising threats, a robust security solution across multiple layers is required. Motivated by the Physical Layer Security (PLS) which utilizes physical layer characteristics such as channel fading to ensure reliable and confidential transmission, in this paper we analyze the impact of PLS on a blockchain-enabled vehicular network with two types of physical layer attacks, i.e., jamming and eavesdropping. Throughout the analysis, a Full Duplex Non-Orthogonal Multiple Access (FD-NOMA) based vehicle-to-everything (V2X) is considered to reduce interference caused by jamming and meet 5G communication requirements. Simulation results show enhanced goodput of a blockckchain enabled vehicular network integrated with PLS as compared to the same solution without PLS.

The ubiquitous nature of the Internet of Things (IoT) devices and their wide-scale deployment have remarkably attracted hackers to exploit weakly-configured and vulnerable devices, allowing them to form large IoT botnets and launch unprecedented attacks. Modeling the behavior of IoT botnets leads to a better understanding of their spreading mechanisms and the state of the network at different levels of the attack. In this paper, we propose a generic model to capture the behavior of IoT botnets. The proposed model uses Markov Chains to study the botnet behavior. Discrete Event System Specifications environment is used to simulate the proposed model.

With the advent of the 5G era, high-speed and secure network access services have become a common pursuit. The QUIC (Quick UDP Internet Connection) protocol proposed by Google has been studied by many scholars due to its high speed, robustness, and low latency. However, the research on the security of the QUIC protocol by domestic and foreign scholars is insufficient. Therefore, based on the self-similarity of QUIC network traffic, combined with traffic characteristics and signal processing methods, a QUIC-based network traffic anomaly detection model is proposed in this paper. The model decomposes and reconstructs the collected QUIC network traffic data through the Empirical Mode Decomposition (EMD) method. In order to judge the occurrence of abnormality, this paper also intercepts overlapping traffic segments through sliding windows to calculate Hurst parameters and analyzes the obtained parameters to check abnormal traffic. The simulation results show that in the network environment based on the QUIC protocol, the Hurst parameter after being attacked fluctuates violently and exceeds the normal range. It also shows that the anomaly detection of QUIC network traffic can use the EMD method.

One major tool of Energy Management Systems for monitoring the status of the power grid is State Estimation (SE). Since the results of state estimation are used within the energy management system, the security of the power system state estimation tool is most important. The research in this area is targeting detection of False Data Injection attacks on measurements. Though this aspect is crucial, SE also depends on database that are used to describe the relationship between measurements and systems' states. This paper presents a two-stage optimization framework to not only detect, but also correct cyber-attacks pertaining the measurements' model parameters used by the SE routine. In the first stage, an estimate of the line parameters ratios are obtained. In the second stage, the estimated ratios from stage I are used in a Bi-Level model for obtaining a final estimate of the measurements' model parameters. Hence, the presented framework does not only unify the detection and correction in a single optimization run, but also provide a monitoring scheme for the SE database that is typically considered static. In addition, in the two stages, linear programming framework is preserved. For validation, the IEEE 118 bus system is used for implementation. The results illustrate the effectiveness of the proposed model for detecting attacks in the database used in the state estimation process.

This work analyzed the coding gain that is provided in 6LoWPAN transceivers when channel-coding methods are used. There were made improvements at physical layer of 6LoWPAN technology in the system suggested. Performance analysis was performed using turbo, LDPC and convolutional codes on IEEE 802.15.4 standard that is used in the relevant physical layer. Code rate of convolutional and turbo codes are set to 1/3 and 1/4. For LDPC codes, the code rate is set as 3/4 and 5/6. According to simulation results obtained from the MATLAB environment, turbo codes give better results than LDPC and convolutional codes. It is seen that an average of 3 dB to 8 dB gain is achieved in turbo codes, in LDPC and convolutional coding, it is observed that the gain is between 2 dB and 6 dB depending on the modulation type and code rate.

Attribute Based Encryption that solely decrypts the cipher text's secret key attribute. Patient information is maintained on trusted third party servers in medical applications. Before sending health records to other third party servers, it is essential to protect them. Even if data are encrypted, there is always a danger of privacy violation. Scalability problems, access flexibility, and account revocation are the main security challenges. In this study, individual patient health records are encrypted utilizing a multi-authority ABE method that permits a multiple number of authorities to govern the attributes. A strong key generation approach in the classic Attribute Based Encryption is proposed in this work, which assures the robust protection of health records while also demonstrating its effectiveness. Simulation is done by using CloudSim Simulator and Statistical reports were generated using Cloud Reports. Efficiency, computation time and security of our proposed scheme are evaluated. The simulation results reveal that the proposed key generation technique is more secure and scalable.

Routing protocol for low power and lossy networks (RPL) is the underlying routing protocol of 6LoWPAN, a core communication standard for the Internet of Things. In terms of quality of service (QoS), device management, and energy efficiency, RPL beats competing wireless sensor and ad hoc routing protocols. However, several attacks could threaten the network due to the problem of unauthenticated or unencrypted control frames, centralized root controllers, compromised or unauthenticated devices. Thus, in this paper, we aim to investigate the effect of topology and Resources attacks on RPL.s efficiency. The Hello Flooding attack, Increase Number attack and Decrease Rank attack are the three forms of Resources attacks and Topology attacks respectively chosen to work on. The simulations were done to understand the impact of the three different attacks on RPL performances metrics including End-to-End Delay (E2ED), throughput, Packet Delivery Ratio (PDR) and average power consumption. The findings show that the three attacks increased the E2ED, decreased the PDR and the network throughput, and degrades the network’, which further raises the power consumption of the network nodes.