Biblio

Considered is a network of parallel wireless channels in which individual parties are engaged in secret communication under the protection of cooperative jamming. A strategic eavesdropper selects the most vulnerable channels to attack. Existing works usually suggest the defender allocate limited cooperative jamming power to various channels. However, it usually requires some strong assumptions and complex computation to find such an optimal power control policy. This paper proposes a probabilistic cooperative jamming scheme such that the defender focuses on protecting randomly selected channels. Two different cases regarding each channel’s eavesdropping capacity are discussed. The first case studies the general scenario where each channel has different eavesdropping capacity. The second case analyzes an extreme scenario where all channels have the same eavesdropping capacity. Two non-zero-sum Nash games model the competition between the network defender and an eavesdropper in each case. Furthermore, considering the case that the defender does not know the eavesdropper’s channel state information (CSI) leads to a Bayesian game. For all three games, we derive conditions for the existence of a unique Nash equilibrium (NE), and obtain the equilibria and the value functions in closed form.

Spear phishing emails target to specific individual or organization, they are more elaborated, targeted, and harmful than phishing emails. The attackers usually harvest information about the recipient in any available ways, then create a carefully camouflaged email and lure the recipient to perform dangerous actions. In this paper we present a new effective approach to detect spear phishing emails based on machine learning. Firstly we extracted 21 Stylometric features from email, 3 forwarding features from Email Forwarding Relationship Graph Database(EFRGD), and 3 reputation features from two third-party threat intelligence platforms, Virus Total(VT) and Phish Tank(PT). Then we made an improvement on Synthetic Minority Oversampling Technique(SMOTE) algorithm named KM-SMOTE to reduce the impact of unbalanced data. Finally we applied 4 machine learning algorithms to distinguish spear phishing emails from non-spear phishing emails. Our dataset consists of 417 spear phishing emails and 13916 non-spear phishing emails. We were able to achieve a maximum recall of 95.56%, precision of 98.85% and 97.16% of F1-score with the help of forwarding features, reputation features and KM-SMOTE algorithm.

In recent years, with the rise of the Internet of things industry, a variety of user location-based applications came into being. While users enjoy these convenient services, their location information privacy is also facing a great threat. Therefore, the research on location privacy protection in the Internet of things has become a hot spot for scholars. Privacy protection microdata publishing is a hot spot in data privacy protection research. Data interference is an effective solution for privacy protection microdata publishing. Aiming at privacy protection clustering problem, a privacy protection data interference method is proposed. In this paper, the location privacy protection algorithm is studied, with the purpose of providing location services and protecting the data interference of users' location privacy. In this paper, the source location privacy protection protocol (PR \_ CECRP) algorithm with controllable energy consumption is proposed to control the energy consumption of phantom routing strategy. In the routing process from the source node to the phantom node, the source data packet forwarding mechanism based on sector area division is adopted, so that the random routing path is generated and the routing energy consumption and transmission delay are effectively controlled.

In the industrial control system, in order to solve the problem that the installation of smart devices in a transparent environment are faced with the unknown attack problems, because most of the industrial control equipment to detect unknown risks, Therefore, by studying the security protection of the current industrial control system and the trust mechanism that should be widely used in the Internet of things, this paper presents the abnormal node detection mode based on comprehensive trust applied to the industrial control system scenarios. This model firstly proposes a model, which fuses direct and indirect trust values into current trust values through support algorithm and vector similarity algorithm, and then combines them with historical trust values, and gives the calculation method of each trust value. Finally, a method to determine abnormal nodes based on comprehensive trust degree is given to realize a detection process for all industrial control nodes. By analyzing the real data case provided by Melbourne Water, it is concluded that this model can improve the detection range and detection accuracy of abnormal nodes. It can accurately judge and effectively resist malicious behavior and also have a good resistance to aggression.

In high-performance computing (HPC), scientific applications often manage a massive amount of data using I/O libraries. These libraries provide convenient data model abstractions, help ensure data portability, and, most important, empower end users to improve I/O performance by tuning configurations across multiple layers of the HPC I/O stack. We propose SCTuner, an autotuner integrated within the I/O library itself to dynamically tune both the I/O library and the underlying I/O stack at application runtime. To this end, we introduce a statistical benchmarking method to profile the behaviors of individual supercomputer I/O subsystems with varied configurations across I/O layers. We use the benchmarking results as the built-in knowledge in SCTuner, implement an I/O pattern extractor, and plan to implement an online performance tuner as the SCTuner runtime. We conducted a benchmarking analysis on the Summit supercomputer and its GPFS file system Alpine. The preliminary results show that our method can effectively extract the consistent I/O behaviors of the target system under production load, building the base for I/O autotuning at application runtime.

The ternary interval number contains more comprehensive information than the exact number, and the prediction of the ternary interval number is more conducive to intelligent decision-making. In order to reduce the overfitting problem of the neural network model, a combination prediction method of the BP neural network and the matrix GM (1, 1) model for the ternary interval number sequence is proposed in the paper, and based on the proposed method to predict the passenger volume. The matrix grey model for the ternary interval number sequence (MTIGM (1, 1)) can stably predict the overall development trend of a time series. Considering the integrity of interval numbers, the BP neural network model is established by combining the lower, middle and upper boundary points of the ternary interval numbers. The combined weights of MTIGM (1, 1) and the BP neural network are determined based on the grey relational degree. The combined method is used to predict the total passenger volume and railway passenger volume of China, and the prediction effect is better than MTIGM (1, 1) and BP neural network.

Reward functions are critical hyperparameters with commercial values for individual or distributed reinforcement learning (RL), as slightly different reward functions result in significantly different performance. However, existing inverse reinforcement learning (IRL) methods can be utilized to approximate reward functions just based on collected expert trajectories through observing. Thus, in the real RL process, how to generate a polluted trajectory and perform an adversarial attack on IRL for protecting reward functions has become the key issue. Meanwhile, considering the actual RL cost, generated adversarial trajectories should be minimal and non-catastrophic for ensuring normal RL performance. In this work, we propose a novel approach to craft adversarial trajectories disguised as expert ones, for decreasing the IRL performance and realize the anti-IRL ability. Firstly, we design a reward clustering-based metric to integrate both advantages of fine- and coarse-grained IRL assessment, including expected value difference (EVD) and mean reward loss (MRL). Further, based on such metric, we explore an adversarial attack based on agglomerative nesting algorithm (AGNES) clustering and determine targeted states as starting states for reward perturbation. Then we employ the intrinsic fear model to predict the probability of imminent catastrophe, supporting to generate non-catastrophic adversarial trajectories. Extensive experiments of 7 state-of-the-art IRL algorithms are implemented on the Object World benchmark, demonstrating the capability of our proposed approach in (a) decreasing the IRL performance and (b) having minimal and non-catastrophic adversarial trajectories.

Most of the existing calculation method of expert evaluation ability directly call data onto calculation, which leads to the risk of privacy leakage of expert review information and affects the peer review environment. With regard to this problem, a privacy protection method of experts' evaluation ability calculation of peer review is proposed. Privacy protection and data usability are adjusted according to privacy preferences. Using Gauss distribution and combining with the distributive law of real evaluation data, the virtual projects are generated, and the project data are anonymized according to the virtual projects. Laplace distribution is used to add noise to the evaluation sub score for perturbation, and the evaluation data are obfuscation according to the perturbation sub score. Based on the protected project data and evaluation data, the expert evaluation ability is calculated, and the review privacy is protected. The experimental results show that the proposed method can effectively balance the privacy protection and the accuracy of the calculation results.

In this paper, we propose a numerical simulation investigation of the wavelength division multiplexing mechanism between a chaotic secure channel and a traditional fiber channel using the advanced modulation method DP-16QAM at the bitrate of 80Gbps, the fiber length of 80 km and 100 GHz channel spacing in C-band. Our paper investigates correlation coefficients between the transmitter and also the receiver for two forms of communication channels. Our simulation results demonstrate that, in all cases, BER is always below 2.10-4 even when we have not used the forward-error-correction method. Besides, cross-interaction between the chaotic channel and also the non-chaotic channel is negligible showing a highly independent level between two channels.

Focusing on security management for supply chain under emergencies, this paper analyzes the characteristics of supply chain risk, clarifies the relationship between business continuity management and security management for supply chain, organizational resilience and security management for supply chain separately, so as to propose suggestions to promote the realization of security management for supply chain combined these two concepts, which is of guiding significance for security management for supply chain and quality assurance of products and services under emergencies.

Under the background of "Internet +", in order to solve the problem of deeply mining credit risk behind online supply chain financial big data, this paper proposes an online supply chain financial credit risk assessment method based on deep belief network (DBN). First, a deep belief network evaluation model composed of Restricted Boltzmann Machine (RBM) and classifier SOFTMAX is established, and the performance evaluation test of three kinds of data sets is carried out by using this model. Using factor analysis to select 8 indicators from 21 indicators, and then input them into RBM for conversion to form a more scientific evaluation index, and finally input them into SOFTMAX for evaluation. This method of online supply chain financial credit risk assessment based on DBN is applied to an example for verification. The results show that the evaluation accuracy of this method is 96.04%, which has higher evaluation accuracy and better rationality compared with SVM method and Logistic method.

With the rapid development of cloud computing, IaaS (Infrastructure as a Service) becomes more and more popular. IaaS customers may not clearly know the actual performance of each cloud platform. Moreover, there are no unified standards in performance evaluation of IaaS VMs (virtual machine). The underlying virtualization technology of IaaS cloud is transparent to customers. In this paper, we will design an automated performance benchmarking platform which can automatically install, configure and execute each benchmarking tool with a configuration center. This platform can easily visualize multidimensional benchmarking parameters data of each IaaS cloud platform. We also rented four IaaS VMs from AliCloud-Beijing, AliCloud-Qingdao, UCloud and Huawei to validate our benchmarking system. Performance comparisons of multiple parameters between multiple platforms were shown in this paper. However, in practice, customers' applications running on VMs are often complex. Performance of complex applications may not depend on single benchmarking parameter (e.g. CPU, memory, disk I/O etc.). We ran a TPC-C test for example to get overall performance in MySQL application scenario. The effects of different benchmarking parameters differ in this specific scenario.

Specific emitter identification (SEI) is a physical-layer-based approach for enhancing wireless communication network security. A well-done SEI method can be widely applied in identifying the individual wireless communication device. In this paper, we propose a novel specific emitter identification method based on variational mode decomposition and histogram of oriented gradient (VMD-HOG). The signal is decomposed into specific temporal modes via VMD and HOG features are obtained from the time-frequency spectrum of temporal modes. The performance of the proposed method is evaluated both in single hop and relaying scenarios and under three channels with the number of emitters varying. Results depict that our proposed method provides great identification performance for both simulated signals and realistic data of Zigbee devices and outperforms the two existing methods in identification accuracy and computational complexity.

This paper investigates an asymptotically stable fault tolerant control (FTC) method for nonlinear continuous-time systems (NCTS) with actuator failures via differential game theory (DGT). Based on DGT, the FTC problem can be regarded as a two-player differential game problem with control player and fault player, which is solved by utilizing adaptive dynamic programming technique. Using a critic-only neural network, the cost function is approximated to obtain the solution of the Hamilton-Jacobi-Isaacs equation (HJIE). Then, the FTC strategy can be obtained based on the saddle point of HJIE, and ensures the satisfactory control performance for NCTS. Furthermore, the closed-loop NCTS can be guaranteed to be asymptotically stable, rather than ultimately uniformly bounded in corresponding existing methods. Finally, a simulation example is provided to verify the safe and reliable fault tolerance performance of the designed control method.

Mobile embedded terminals widely applied in individual lives, but its security threats become more and more serious. Malicious attacker can steal sensitive information such as user’s phonebook, credit card information by instrumenting malicious programs, or compromising vulnerable software. Against these problems, this paper proposes a scheme for trusted protection system on the embedded platform. The system uses SM algorithms and hardware security chip as the root of trust to establish security mechanisms, including trusted boot of system image, trusted monitoring of the system running environment, disk partition encryption and verification, etc. These security mechanisms provide comprehensive protection to embedded system boot, runtime and long-term storage devices. This paper introduces the architecture and principles of the system software, design system security functions and implement prototype system for protection of embedded OS. The experiments results indicates the promotion of embedded system security and the performance test shows that encryption performance can meet the practical application.

Dynamic security assessment (DSA) is to ensure the power system being operated under a secure condition that can withstand potential contingencies. DSA normally proceeds periodically on a 5 to 15 minutes basis, where the system security condition over a complete time interval is merely determined upon the system snapshot captured at the beginning of the interval. With high wind power penetration, the minute-to-minute variations of wind power can lead to more volatile power system states within a single DSA time interval. This paper investigates the intra-interval variation (IIV) phenomenon in power system online DSA and analyze whether the IIV problem is deserved attention in future DSA research and applications. An IIV-contaminated testing environment based on hierarchical Monte-Carlo simulation is developed to evaluate the practical IIV impacts on power system security and DSA performance. The testing results show increase in system insecurity risk and significant degradation in DSA accuracy in presence of IIV. This result draws attention to the IIV phenomenon in DSA of wind-energy power systems and calls for more robust DSA approach to mitigate the IIV impacts.

Many applications are bandwidth consuming but may tolerate longer flow completion times. Multipath protocols, such as multipath TCP (MPTCP), can offer bandwidth aggregation and resilience to link failures for such applications, and low priority congestion control (LPCC) mechanisms can make these applications yield to other time-sensitive ones. Properly combining the above two can improve the overall user experience. However, the existing LPCC mechanisms are not adequate for MPTCP. They do not take into account the characteristics of multiple network paths, and cannot ensure fairness among the same priority flows. Therefore, we propose a multipath LPCC mechanism, i.e., Dynamic Coupled Low Extra Delay Background Transport, named DC-LEDBAT. Our scheme is designed based on a standardized LPCC mechanism LEDBAT. To avoid unfairness among the same priority flows, DC-LEDBAT trades little throughput for precisely measuring the minimum delay. Moreover, to be friendly to single-path LEDBAT, our scheme leverages the correlation of the queuing delay to detect whether multiple paths go through a shared bottleneck. Then, DC-LEDBAT couples the congestion window at shared bottlenecks to control the sending rate. We implement DC-LEDBAT in a Linux kernel and experimental results show that DC-LEDBAT can not only utilize the excess bandwidth of MPTCP but also ensure fairness among the same priority flows.

By taking advantages of graphs and potential functions, a security reinforcement method for edge computing terminals is proposed in this paper. A risk graph of the terminal security protection system is constructed, and importance of the security protection and risks of the terminals is evaluated according to the topological potential of the graph nodes, and the weak points of the terminal are located, and the corresponding reinforcement method is proposed. The simulation experiment results show that the proposed method can upgrade and strengthen the key security mechanism of the terminal, improve the performance of the terminal security protection system, and is beneficial to the security management of the edge computing system.

Due to the advantages and limitations of the two kinds of vulnerability mining methods of static and dynamic analysis of android applications, the paper proposes a method of Android application vulnerability mining based on dynamic and static combination. Firstly, the static analysis method is used to obtain the basic vulnerability analysis results of the application, and then the input test case of dynamic analysis is constructed on this basis. The fuzzy input test is carried out in the real machine environment, and the application security vulnerability is verified with the taint analysis technology, and finally the application vulnerability report is obtained. Experimental results show that compared with static analysis results, the method can significantly improve the accuracy of vulnerability mining.

As a modern power transmission network, smart grid connects abundant terminal devices and plays an important role in our daily life. However, along with its growth are the security threats. Different from the separated environment previously, an adversary nowadays can destroy the power system by attacking its terminal devices. As a result, it's critical to ensure the security and safety of terminal devices. To achieve it, detecting the pre-existing vulnerabilities in the terminal program and enhancing its security, are of great importance and necessity. In this paper, we introduce Cker, a novel vulnerability detection tool for smart grid devices, which generates an program model based on device sources and sets rules to perform model checking. We utilize the static analysis to extract necessary information and build corresponding program models. By further checking the model with pre-defined vulnerability patterns, we achieve security detection and error reporting. The evaluation results demonstrate that our method can effectively detect vulnerabilities in smart devices with an acceptable accuracy and false positive rate. In addition, as Cker is realized by pure python, it can be easily scaled to other platforms.

Spatial crowdsourcing has stimulated various new applications such as taxi calling and food delivery. A key enabler for these spatial crowdsourcing based applications is to plan routes for crowd workers to execute tasks given diverse requirements of workers and the spatial crowdsourcing platform. Despite extensive studies on task planning in spatial crowdsourcing, few have accounted for the location privacy of tasks, which may be misused by an untrustworthy platform. In this paper, we explore efficient task planning for workers while protecting the locations of tasks. Specifically, we define the Privacy-Preserving Task Planning (PPTP) problem, which aims at both total revenue maximization of the platform and differential privacy of task locations. We first apply the Laplacian mechanism to protect location privacy, and analyze its impact on the total revenue. Then we propose an effective and efficient task planning algorithm for the PPTP problem. Extensive experiments on both synthetic and real datasets validate the advantages of our algorithm in terms of total revenue and time cost.

Continuous development of Internet of Things, big data and other emerging technologies has brought new challenges to the reliability of security-critical system products in various industries. Fault detection and evaluation in the early stage of software plays an important role in improving the reliability of software. However, fault prediction and evaluation, which are currently focused on the early stage of software, hardly provide high guidance for actual project development. In this study, a fault diagnosis method based on object-oriented Bayesian network (OOBN) is proposed. Starting from the time dimension and internal logic, a two-dimensional metric fault propagation model is established to calculate the failure rate of each early stage of software respectively, and the fault relationship of each stage is analyzed to find out the key fault units. In particular, it explores and validates the relationship between the failure rate of code phase and the failure caused by faults in requirement analysis stage and design stage in a train control system, to alert the developer strictly accordance with the industry development standards for software requirements analysis, design and coding, so as to reduce potential faults in the early stage. There is evidence that the study plays a crucial role to optimize the cost of software development and avoid catastrophic consequences.

Smart grids have to protect meter measurements against false data injection attacks. By modifying the meter measurements, the attacker misleads the control decisions of the control center, which results in physical damages of power systems. In this paper, we propose a reinforcement learning based vulnerability analysis scheme for data injection attack without relying on the power system topology. This scheme enables the attacker to choose the data injection attack vector based on the meter measurements, the power system status, the previous injected errors and the number of meters to compromise. By combining deep reinforcement learning with prioritized experience replay, the proposed scheme more frequently replays the successful vulnerability detection experiences while bypassing the bad data detection, which is able to accelerate the learning speed. Simulation results based on the IEEE 14 bus system show that this scheme increases the probability of successful vulnerability detection and reduce the number of meters to compromise compared with the benchmark scheme.

Existing group shilling attack detection methods mainly depend on human feature engineering to extract group attack behavior features, which requires a high knowledge cost. To address this problem, we propose a group shilling attack detection method based on maximum density subtensor mining. First, the rating time series of each item is divided into time windows and the item tensor groups are generated by establishing the user-rating-time window data models of three-dimensional tensor. Second, the M-Zoom model is applied to mine the maximum dense subtensor of each item, and the subtensor groups with high consistency of behaviors are selected as candidate groups. Finally, a dual-input convolutional neural network model is designed to automatically extract features for the classification of real users and group attack users. The experimental results on the Amazon and Netflix datasets show the effectiveness of the proposed method.

Recommender systems have been proved to be effective techniques to provide users with better experiences. However, when a recommender knows the user's preference characteristics or gets their sensitive information, then a series of privacy concerns are raised. A amount of solutions in the literature have been proposed to enhance privacy protection degree of recommender systems. Although the existing solutions have enhanced the protection, they led to a decrease in recommendation accuracy simultaneously. In this paper, we propose a security-aware hybrid recommendation method by combining the factorization and regression techniques. Specifically, the differential privacy mechanism is integrated into data pre-processing for data encryption. Firstly data are perturbed to satisfy differential privacy and transported to the recommender. Then the recommender calculates the aggregated data. However, applying differential privacy raises utility issues of low recommendation accuracy, meanwhile the use of a single model may cause overfitting. In order to tackle this challenge, we adopt a fusion prediction model by combining linear regression (LR) and matrix factorization (MF) for collaborative recommendation. With the MovieLens dataset, we evaluate the recommendation accuracy and regression of our recommender system and demonstrate that our system performs better than the existing recommender system under privacy requirement.