Biblio

This paper has a new network security evaluation method as an absorbing Markov chain-based assessment method. This method is different from other network security situation assessment methods based on graph theory. It effectively refinement issues such as poor objectivity of other methods, incomplete consideration of evaluation factors, and mismatching of evaluation results with the actual situation of the network. Firstly, this method collects the security elements in the network. Then, using graph theory combined with absorbing Markov chain, the threat values of vulnerable nodes are calculated and sorted. Finally, the maximum possible attack path is obtained by blending network asset information to determine the current network security status. The experimental results prove that the method fully considers the vulnerability and threat node ranking and the specific case of system network assets, which makes the evaluation result close to the actual network situation.

The safety of the power system is inherently vital, due to the high risk of the electronic power system. In the wave of digitization in recent years, many power systems have been digitized to a certain extent. Under this circumstance, network security is particularly important, in order to ensure the normal operation of the power system. However, with the development of the Internet, network security issues are becoming more and more serious. Among all kinds of network attacks, the Distributed Denial of Service (DDoS) is a major threat. Once, attackers used huge volumes of traffic in short time to bring down the victim server. Now some attackers just use low volumes of traffic but for a long time to create trouble for attack detection. There are many methods for DDoS detection, but no one can fully detect it because of the huge volumes of traffic. In order to better detect DDoS and make sure the safety of electronic power system, we propose a novel detection method based on neural network. The proposed model and its service are deployed to the edge cloud, which can improve the real-time performance for detection. The experiment results show that our model can detect attacks well and has good real-time performance.

A power amplifier(PA) is inherently nonlinear device and is used in a communication system widely. Due to the nonlinearity of PA, the communication system is hard to work well. Digital predistortion (DPD) is the way to solve this problem. Using Volterra function to fit the PA is what most DPD solutions do. However, when it comes to wideband signal, there is a deduction on the performance of the Volterra function. In this paper, we replace the Volterra function with B-spline function which performs better on fitting PA at wideband signal. And the other benefit is that the orthogonality of coding matrix A could be improved, enhancing the stability of computation. Additionally, we use compressive sampling to reduce the complexity of the function model.

Without security, any network system loses its efficiency, reliability, and resilience. With the huge integration of the ICT capabilities, the Electric Vehicle (EV) as a transportation form in cities is becoming more and more affordable and able to reply to citizen and environmental expectations. However, the EV vulnerability to cyber-attacks is increasing which intensifies its negative impact on societies. This paper targets the cybersecurity issues for Connected Electric Vehicles (CEVs) in parking lots where a peer-to-peer(P2P) energy transaction system is launched. A False Data Injection Attack (FDIA) on the electricity price signal is considered and a Machine Learning/SVM classification protocol is used to detect and extract the right values. Simulation results are conducted to prove the effectiveness of this proposed model.

Most existing deep neural networks (DNNs) are inexplicable and fragile, which can be easily deceived by carefully designed adversarial example with tiny undetectable noise. This allows attackers to cause serious consequences in many DNN-assisted scenarios without human perception. In the field of speaker recognition, the attack for speaker recognition system has been relatively mature. Most works focus on white-box attacks that assume the information of the DNN is obtainable, and only a few works study gray-box attacks. In this paper, we study blackbox attacks on the speaker recognition system, which can be applied in the real world since we do not need to know the system information. By combining the idea of transferable attack and query attack, our proposed method NMI-FGSM-Tri can achieve the targeted goal by misleading the system to recognize any audio as a registered person. Specifically, our method combines the Nesterov accelerated gradient (NAG), the ensemble attack and the restart trigger to design an attack method that generates the adversarial audios with good performance to attack blackbox DNNs. The experimental results show that the effect of the proposed method is superior to the extant methods, and the attack success rate can reach as high as 94.8% even if only one query is allowed.

Protecting an identity of IPv6 packet against Denial-of-Service (DoS) attack, depend on the proposed methods of cryptography and steganography. Reliable communication using the security aspect is the most visible issue, particularly in IPv6 network applications. Problems such as DoS attacks, IP spoofing and other kinds of passive attacks are common. This paper suggests an approach based on generating a randomly unique identities for every node. The generated identity is encrypted and hided in the transmitted packets of the sender side. In the receiver side, the received packet verified to identify the source before processed. Also, the paper involves implementing nine experiments that are used to test the proposed scheme. The scheme is based on creating the address of IPv6, then passing it to the logistics map then encrypted by RSA and authenticated by SHA2. In addition, network performance is computed by OPNET modular. The results showed better computation power consumption in case of lost packet, average events, memory and time, and the better results as total memory is 35,523 KB, average events/sec is 250,52, traffic sent is 30,324 packets/sec, traffic received is 27,227 packets/sec, and lose packets is 3,097 packets/sec.

Metaverse technologies depend on various advanced human-computer interaction (HCI) devices to be supported by extended reality (XR) technology. Many new HCI devices are supported by wireless Internet of Things (IoT) networks, where a reliable routing scheme is essential for seamless data trans-mission. Routing Protocol for Low power and Lossy networks (RPL) is a key routing technology used in IPv6-based low power and lossy networks (LLNs). However, in the networks that are configured, such as small wireless devices applying the IEEE 802.15.4 standards, due to the lack of a system that manages the identity (ID) at the center, the maliciously compromised nodes can make fabricated IDs and pretend to be a legitimate node. This behavior is called Sybil attack, which is very difficult to respond to since attackers use multiple fabricated IDs which are legally disguised. In this paper, Sybil attack countermeasures on RPL-based networks published in recent studies are compared and limitations are analyzed through simulation performance analysis.

Tourism is one of the main sources of income in Australia. The number of tourists will affect airlines, hotels and other stakeholders. Predicting the arrival of tourists can make full preparations for welcoming tourists. This paper selects Queensland Tourism data as intelligent data. Carry out data visualization around the intelligent data, establish seasonal ARIMA model, find out the characteristics and predict. In order to improve the accuracy of prediction. Based on the tourism data around Queensland, build a 10 layer Back Propagation neural network model. It is proved that the network shows good performance for the data prediction of this paper.

Cloud computing is a fast growing field that provides the user with resources like software, infrastructure and virtual hardware processing power. The steady rise of cloud computing in recent times allowed large companies and even individual users to move towards working with cloud storage systems. However, the risks of leakage of uploaded data in the cloud storage and the questions about the privacy of such systems are becoming a huge problem. Security incidents occur frequently everywhere around the world. Sometimes, data leak may occur at the server side by hackers for their own profit. Data being shared must be encrypted before outsourcing it to the cloud storage. Existing encryption/decryption systems utilize large computational power and have troubles managing the files. This paper introduces a file system that is a more efficient, virtual, with encryption/decryption scheme using parallel encryption. To make encryption and decryption of files easier, Parallel encryption is used in place of serial encryption which is integrated with Identity-Based Encryption in the file system. The proposed file system aims to secure files, reduce the chances of file stored in cloud storage getting leaked thus providing better security. The proposed file system, OutFS+, is more robust and secure than its predecessor, OutFS. Cloud outsourcing takes place faster and the files can be downloaded to the OutFS+ instance on the other side. Moreover, OutFS+ is secure since it is a virtual layer on the operating system and can be unmounted whenever the user wants to.

Vehicular Fog Computing (VFC) has been proposed to address the security and response time issues of Vehicular Ad Hoc Networks (VANETs) in latency-sensitive vehicular network environments, due to the frequent interactions that VANETs need to have with cloud servers. However, the anonymity protection mechanism in VFC may cause the attacker to launch Sybil attacks by fabricating or creating multiple pseudonyms to spread false information in the network, which poses a severe security threat to the vehicle driving. Therefore, in this paper, we summarize different types of Sybil attack detection mechanisms in VFC for the first time, and provide a comprehensive comparison of these schemes. In addition, we also summarize the possible impacts of different types of Sybil attacks on VFC. Finally, we summarize challenges and prospects of future research on Sybil attack detection mechanisms in VFC.

This article provides an overview of the security of VANET, which is a vehicle network. When reviewing this topic, publications of various researchers were considered. The article provides information security requirements for VANET, an overview of security research, an overview of existing attacks, methods for detecting attacks and appropriate countermeasures against such threats.

Distributed Denial-of-Service (DDoS) attacks aim to cause downtime or a lack of responsiveness for web services. DDoS attacks targeting the application layer are amongst the hardest to catch as they generally appear legitimate at lower layers and attempt to take advantage of common application functionality or aspects of the HTTP protocol, rather than simply send large amounts of traffic like with volumetric flooding. Attacks can focus on functionality such as database operations, file retrieval, or just general backend code. In this paper, we examine common forms of application layer attacks, preventative and detection measures, and take a closer look specifically at HTTP Flooding attacks by the High Orbit Ion Cannon (HOIC) and “low and slow” attacks through slowloris.

Internet Protocol Version 6 (IPv6) is expected for widespread deployment worldwide. Such rapid development of IPv6 may lead to safety problems. The main threats in IPv6 networks are denial of service (DoS) attacks and distributed DoS (DDoS) attacks. In addition to the similar threats in Internet Protocol Version 4 (IPv4), IPv6 has introduced new potential vulnerabilities, which are DoS and DDoS attacks based on Internet Control Message Protocol version 6 (ICMPv6). We divide such new attacks into two categories: pure flooding attacks and source address spoofing attacks. We propose P4-NSAF, a scheme to defend against the above two IPv6 DoS and DDoS attacks in the programmable data plane. P4-NSAF uses Count-Min Sketch to defend against flooding attacks and records information about IPv6 agents into match tables to prevent source address spoofing attacks. We implement a prototype of P4-NSAF with P4 and evaluate it in the programmable data plane. The result suggests that P4-NSAF can effectively protect IPv6 networks from DoS and DDoS attacks based on ICMPv6.

The interaction between the transmission system of doubly-fed wind farms and the power grid and the stability of the system have always been widely concerned at home and abroad. In recent years, wind farms have basically installed static var generator (SVG) to improve voltage stability. Therefore, this paper mainly studies the subsynchronous oscillation (SSO) problem in the grid-connected grid-connected doubly-fed wind farm with static var generators. Firstly based on impedance analysis, the sequence impedance model of the doubly-fed induction generator and the static var generator is established by the method. Then, based on the stability criterion of Bode plot and time domain simulation, the influence of the access of the static var generator on the SSO of the system is analyzed. Finally, the sensitivity analysis of the main parameters of the doubly-fed induction generator and the static var generator is carried out. The results show that the highest sensitivity is the proportional gain parameter of the doubly-fed induction generator current inner loop, and its value should be reduced to reduce the risk of SSO of the system.

Nowadays, microservice architecture is known as a successful and promising architecture for smart city applications. Applying microservices in the designing and implementation of systems has many advantages such as autonomy, loosely coupled, composability, scalability, fault tolerance. However, the complexity of calling between microservices leads to problems in security, accessibility, and data management in the execution of systems. In order to address these challenges, in recent years, various researchers and developers have focused on the use of microservice patterns in the implementation of microservice-based systems. Microservice patterns are the result of developers’ successful experiences in addressing common challenges in microservicebased systems. However, hitherto no guideline has been provided for an in-depth understanding of microservice patterns and how to apply them to real systems. The purpose of this paper is to investigate in detail the most widely used and important microservice patterns in order to analyze the function of each pattern, extract the behavioral signatures and construct a service dependency graph for them so that researchers and enthusiasts use the provided guideline to create a microservice-based system equipped with design patterns. To construct the proposed guideline, five real open source projects have been carefully investigated and analyzed and the results obtained have been used in the process of making the guideline.

Malware created by the Advanced Persistent Threat (APT) groups do not typically carry out the attacks in a single stage. The “Cyber Kill Chain” framework developed by Lockheed Martin describes an APT through a seven stage life cycle [5] . APT groups are generally nation state actors [1] . They perform highly targeted attacks and do not stop until the goal is achieved [7] . Researchers are always working toward developing a system and a process to create an environment safe from APT type attacks [2] . In this paper, the threat considered is ransomware which are developed by APT groups. WannaCry is an example of a highly sophisticated ransomware created by the Lazurus group of North Korea and its level of sophistication is evident from the existence of a contingency plan of attack upon being discovered [3] [6] . The major contribution of this research is the analysis of APT type ransomware using game theory to present optimal strategies for the defender through the development of equilibrium solutions when faced with APT type ransomware attack. The goal of the equilibrium solutions is to help the defender in preparedness before the attack and in minimization of losses during and after the attack.

Cloud computing forms the backbone of the era of automation and the Internet of Things (IoT). It offers computing and storage-based services on consumption-based pricing. Large-scale datacenters are used to provide these service and consumes enormous electricity. Datacenters contribute a large portion of the carbon footprint in the environment. Through virtual machine (VM) consolidation, datacenter energy consumption can be reduced via efficient resource management. VM selection policy is used to choose the VM that needs migration. In this research, we have proposed PbV mSp: A priority-based VM selection policy for VM consolidation. The PbV mSp is implemented in cloudsim and evaluated compared with well-known VM selection policies like gpa, gpammt, mimt, mums, and mxu. The results show that the proposed PbV mSp selection policy has outperformed the exisitng policies in terms of energy consumption and other metrics.

Vehicle Ad-Hoc Networks (VANETs) are a special type of Mobile Ad-Hoc Network (MANETs). In VANETs, a group of vehicles communicates with each other to transfer data without a need for a fixed infrastructure. In this paper, we compare the performance of two routing protocols: Ad-hoc on Demand Distance Vector protocol (AODV) and Destination-Sequenced Distance Vector protocol (DSDV) in VANETs. We measure the reliability of each protocol in the packet delivery.

We demonstrated hardware emulations to evaluate the error-correction performance for a FEC scheme with multilevel coding. It has enabled the measurement of BER to reach the order of 10−14 for the decoded signal.

Inertial Confinement Fusion(ICF) uses the inertia of the substance itself to confine the nest-temperature thermonuclear fuel plasma to achieve thermonuclear fusion and obtain fusion energy. In the design of the local-volume ignition target capsule, the ignition zone and the main combustion zone are separated by heavy medium. The ignition zone is located in the center of the system (the part of the fusion combustion). The mass is small and can be compressed to high density and the overall temperature is raised to the ignition state (local-volume ignition). The temperature increase and density increase of the local volume ignition are relatively decoupled in time. The multi-step enhanced shock wave heats the fuel temperature drop, after which the collision effect accelerates the metal shell layer by layer, and uses the inertia of high-Z metal shell with a larger residual mass to achieve effective compression of the fuel areal after the driving source ends for a long time. Local volume ignition has the advantages of no need to reshape the radiation driving pulse, resistance to the influence of hot electrons, less demanding compression symmetry, and large combustion gain.

Physical Layer Security (PLS) is used to accomplish perfect secure communication between intended network nodes, while the eavesdropper gets zero information. In this paper, a smart antenna technology i.e., Massive multiple-input-multiple-output (mMIMO) and Non-Orthogonal Multiple Access (NOMA) technology is being used to enhance the secrecy performance of a 5G communication network. Small scale Rayleigh fading channels, as well as large scale pathway loss, have to be taken into consideration. An eavesdropper with multiple antennas, an amplify-and-forward (AF) relay with multi antenna has been proposed. Spider Monkey Algorithm (SMO) is used in adding Artificial Noise (AN) for refining secrecy rate. The findings revealed that the suggested technique improves the security and the quality of Wireless communication.

The high maneuverability of the unmanned aerial vehicle (UAV), facilitating fast and flexible deployment of communication infrastructures, brings potentially valuable opportunities to the future wireless communication industry. Nevertheless, UAV communication networks are faced with severe security challenges since air to ground (A2G) communications are more vulnerable to eavesdropping attacks than terrestrial communications. To solve the problem, we propose a coding scheme that hierarchically utilizes polar codes in order to address channel multi-state variation for UAV wiretap channels, without the instantaneous channel state information (CSI) known at the transmitter. The theoretical analysis and simulation results show that the scheme achieves the security capacity of the channel and meets the conditions of reliability and security.

In this short position paper, we discuss several potential security concerns that can be found at the physical layer of 6th-generation (6G) cellular networks. Discussion on 6G cellular networks is still at its early stage and thus several candidate radio technologies have been proposed but no single technology has yet been finally selected for 6G systems. Among several radio technologies, we focus on three promising ones for 6G physical-layer technologies: reconfigurable intelligent surface (RIS), Open-RAN (O-RAN), and full-duplex radios. We hope this position paper will spark more active discussion on the security concerns in these new radio technologies.

For the huge charging demands of numerous electric vehicles (EVs), coordinated charging is increasing in power grid. However, since connected with public networks, the coordinated charging control system is in a low-level cyber security and greatly vulnerable to malicious attacks. This paper investigates the malicious mode attack (MMA), which is a new cyber-attack pattern that simultaneously attacks massive EV charging piles to generate continuous sinusoidal power disturbance with the same frequency as the poorly-damped wide-area electromechanical mode. Thereby, high amplitude forced oscillations are stimulated by MMA, which seriously threats the stability of power systems and the power supply of charging stations. The potential threat of MMA is clarified by investigating the vulnerability of the IoT-based coordinated charging load control system, and an MMA process like Mirai is pointed out as an example. An MMA model is established for impact analysis. A hardware test platform is built for the verification of the MMA model. Test result verified the existence of MMA and the accuracy of the MMA model.

It is well-known that the most existing machine learning (ML)-based safety-critical applications are vulnerable to carefully crafted input instances called adversarial examples (AXs). An adversary can conveniently attack these target systems from digital as well as physical worlds. This paper aims to the generation of robust physical AXs against face recognition systems. We present a novel smoothness loss function and a patch-noise combo attack for realizing powerful physical AXs. The smoothness loss interjects the concept of delayed constraints during the attack generation process, thereby causing better handling of optimization complexity and smoother AXs for the physical domain. The patch-noise combo attack combines patch noise and imperceptibly small noises from different distributions to generate powerful registration-based physical AXs. An extensive experimental analysis found that our smoothness loss results in robust and more transferable digital and physical AXs than the conventional techniques. Notably, our smoothness loss results in a 1.17 and 1.97 times better mean attack success rate (ASR) in physical white-box and black-box attacks, respectively. Our patch-noise combo attack furthers the performance gains and results in 2.39 and 4.74 times higher mean ASR than conventional technique in physical world white-box and black-box attacks, respectively.