Biblio

To prevent all sorts of attacks, the technology of security service function chains (SFC) is proposed in recent years, it becomes an attractive research highlights. Dynamic orchestration algorithm can create SFC according to the resource usage of network security functions. The current research on creating SFC focuses on a single domain. However in reality the large and complex networks are divided into security domains according to different security levels and managed separately. Therefore, we propose a cross-security domain dynamic orchestration algorithm to create SFC for network security functions based on ant colony algorithm(ACO) and consider load balancing, shortest path and minimum delay as optimization objectives. We establish a network security architecture based on the proposed algorithm, which is suitable for the industrial vertical scenarios, solves the deployment problem of the dynamic orchestration algorithm. Simulation results verify that our algorithm achieves the goal of creating SFC across security domains and demonstrate its performance in creating service function chains to resolve abnormal traffic flows.

Although DC microgrids using a distributed cooperative control architecture can avoid the instability or shutdown issues caused by a single-point failure as compared to the centralized approach, limited global information in the former makes it difficult to detect cyber attacks. Here, we present a false data injection attack (FDIA)–-termed as a local control input attack–-targeting voltage observers in the secondary controllers and control loops in the primary controllers. Such an attack cannot be detected by only observing the performance of the estimated voltage of each agent, thereby posing a potential threat to the system operation. To address this, a detection method using the outputs of the voltage observers is developed to identify the exact location of an FDIA. The proposed approach is based on the characteristics of the distributed cooperative network and avoids heavy dependency on the system model parameters. Next, an event-driven mitigation approach is deployed to substitute the attacked element with a reconstructed signal upon the detection of an attack. Finally, the effectiveness of the proposed resilient scheme is validated using simulation results.

This paper presents a scheme of intellectual property protection of hardware circuit based on digital compression coding technology. The aim is to solve the problem of high embedding cost and low resource utilization of IP watermarking. In this scheme, the watermark information is preprocessed by dynamic compression coding around the idle circuit of FPGA, and the free resources of the surrounding circuit are optimized that the IP watermark can get the best compression coding model while the extraction and detection of IP core watermark by activating the decoding function. The experimental results show that this method not only expands the capacity of watermark information, but also reduces the cost of watermark and improves the security and robustness of watermark algorithm.