Biblio

Geospatial fog computing system offers various benefits as a platform for geospatial computing services closer to the end users, including very low latency, good mobility, precise position awareness, and widespread distribution. In recent years, it has grown quickly. Fog nodes' security is susceptible to a number of assaults, including denial of service and resource abuse, because to their widespread distribution, complex network environments, and restricted resource availability. This paper proposes a Quantum Key Distribution (QKD)-based geospatial quantum fog computing environment that offers a symmetric secret key negotiation protocol that can preserve information-theoretic security. In QKD, after being negotiated between any two fog nodes, the secret keys can be given to several users in various locations to maintain forward secrecy and long-term protection. The new geospatial quantum fog computing environment proposed in this work is able to successfully withstand a variety of fog computing assaults and enhances information security.

To prevent all sorts of attacks, the technology of security service function chains (SFC) is proposed in recent years, it becomes an attractive research highlights. Dynamic orchestration algorithm can create SFC according to the resource usage of network security functions. The current research on creating SFC focuses on a single domain. However in reality the large and complex networks are divided into security domains according to different security levels and managed separately. Therefore, we propose a cross-security domain dynamic orchestration algorithm to create SFC for network security functions based on ant colony algorithm(ACO) and consider load balancing, shortest path and minimum delay as optimization objectives. We establish a network security architecture based on the proposed algorithm, which is suitable for the industrial vertical scenarios, solves the deployment problem of the dynamic orchestration algorithm. Simulation results verify that our algorithm achieves the goal of creating SFC across security domains and demonstrate its performance in creating service function chains to resolve abnormal traffic flows.

Network attacks are becoming more intense and characterized by complexity and persistence. Mechanisms that ensure network resilience to faults and threats should be well provided. Different approaches have been proposed to network resilience; however, most of them rely on static policies, which is unsuitable for current complex network environments and real-time requirements. To address these issues, we present a Belief-Desire-Intention (BDI) based multi-agent resilience network controller coupled with blockchain. We first clarify the theory and platform of the BDI, then discuss how the BDI evaluates the network resilience. In addition, we present the architecture, workflow, and applications of the resilience network controller. Simulation results show that the resilience network controller can effectively detect and mitigate distributed denial of service attacks.

In this paper, we deal with the resilient consensus problem in networked control systems in which a group of agents are interacting with each other. A min-max-based resilient consensus algorithm has been proposed to help normal agents reach an agreement upon their state values in the presence of misbehaving ones. It is shown that the use of the developed algorithm will result in less computational load and fast convergence. Both synchronous and asynchronous update schemes for the network have been studied. Finally, the effectiveness of the proposed algorithm has been evaluated through numerical examples.

This article analyzes the current situation of computer network security in colleges and universities, future development trends, and the relationship between software vulnerabilities and worm outbreaks. After analyzing a server model with buffer overflow vulnerabilities, a worm implementation model based on remote buffer overflow technology is proposed. Complex networks are the medium of worm propagation. By analyzing common complex network evolution models (rule network models, ER random graph model, WS small world network model, BA scale-free network model) and network node characteristics such as extraction degree distribution, single source shortest distance, network cluster coefficient, richness coefficient, and close center coefficient.

he growing trend towards network “softwarization” allows the creation and deployment of even complex network environments in a few minutes or seconds, rather than days or weeks as required by traditional methods. This revolutionary approach made it necessary to seek automatic processes to solve network security problems. One of the main issues in the automation of network security concerns the proper and efficient modeling of network traffic. In this paper, we describe two optimized Traffic Flows representation models, called Atomic Flows and Maximal Flows. In addition to the description, we have validated and evaluated the proposed models to solve two key network security problems - security verification and automatic configuration - showing the advantages and limitations of each solution.

The supply chain network is a complex network with the risk of cascading failure. To study the cascading failure in it, an accurate supply chain network model needs to be established. In this paper, we construct a layered supply chain network model according to the types of companies in real supply chain networks. We first define the similarity between companies in the same layer by studying real-world scenarios in supply chain networks. Then, considering both the node degree and the similarity between nodes in the same layer, we propose preferential attachment probability formulas for the new nodes to join the exist network. Finally, the evolution steps of the model are summarized. We analyze the structural characteristics of the new model. The results show that the new model has scale-free property and small-world property, which conform to the structural characteristics of the known supply chain networks. Compared with the other network models, it is found that the new model can better describe the actual supply chain network.

Cyber security risk assessment is very important to quantify the security level of communication-based train control (CBTC) systems. In this paper, a methodology is proposed to assess the cyber security risk of CBTC systems that integrates complex network theory and attack graph method. On one hand, in order to determine the impact of malicious attacks on train control, we analyze the connectivity of movement authority (MA) paths based on the working state of nodes, the connectivity of edges. On the other hand, attack graph is introduced to quantify the probabilities of potential attacks that combine multiple vulnerabilities in the cyber world of CBTC. Experiments show that our methodology can assess the security risks of CBTC systems and improve the security level after implementing reinforcement schemes.

In this paper, we investigated a self-oscillating ring system with variation of the delay time, which demonstrates the phenomenon of laminar chaos. The presence of laminar chaos is demonstrated for various laws of time delay variation - sinusoidal, sawtooth, and triangular. The behavior of coupled systems with laminar chaos and diffusive coupling is investigated. The presence of synchronous behavior is shown.

Experimental implementation of phase-locked loop (PLL) with bandpass filter is proposed. Such PLL is noteworthy for neuron-like dynamics. It generates both regular and chaotic spikes and bursts. Previously proposed hardware implementation of this system has significant disadvantage – absence of excitable (non-oscillating) mode that is vital for brain neurons. The proposed electronic neuron-like generator is modified and could be used for hardware implementation of spiking neural networks.

The study of networks is an extensively investigated field of research, with networks and network structure often encoding relationships describing certain systems or processes. Critical infrastructure is understood as being a structure whose failure or damage has considerable impact on safety, security and wellbeing of society, with power systems considered a classic example. The work presented in this paper builds on the long-lasting foundations of network and complex network theory, proposing an extension in form of rebalance based flow centrality for structural vulnerability assessment and critical component identification in adaptive network topologies. The proposed measure is applied to power system vulnerability analysis, with performance demonstrated on the IEEE 30-, 57- and 118-bus test system, outperforming relevant methods from the state-of-the-art. The proposed framework is deterministic (guaranteed), analytically obtained (interpretable) and generalizes well with changing network parameters, providing a complementary tool to power system vulnerability analysis and planning.

5G smart grid applications rely on its high-performance transmission and bearer network. With the help of complex network theory, this paper first analyzes the complex network characteristic parameters of 5G smart grid, and explains the necessity and supporting significance of network vulnerability analysis for efficient transmission of 5G network. Then the node importance analysis algorithm based on node degree and clustering coefficient (NIDCC) is proposed. According to the results of simulation analysis, the power network has smaller path length and higher clustering coefficient in terms of static parameters, which indicates that the speed and breadth of fault propagation are significantly higher than that of random network. It further shows the necessity of network vulnerability analysis. By comparing with the other two commonly used algorithms, we can see that NIDCC algorithm can more accurately estimate and analyze the weak links of the network. It is convenient to carry out the targeted transformation of the power grid and the prevention of blackout accidents.

The power cyber-physical system combines the cyber network with the traditional electrical power network, which can monitor and control the operation of the power grid stably and efficiently. Since the system's structure and function is complicated and large, it becomes fragile as a result. Therefore, establishing a reasonable and effective CPS model and discussing its vulnerability performance under external attacks is essential and vital for power grid operation. This paper uses the theory of complex networks to establish a independent system model by IEEE-118-node power network and 200-node scale-free information network, introducing information index to identify and sort important nodes in the network, and then cascade model of the power cyber-physical system based on the node load capacity is constructed and the vulnerability assessment analysis is carried out. The simulation shows that the disintegration speed of the system structure under deliberate attacks is faster than random attacks; And increasing the node threshold can effectively inhibit the propagation of failure.

The vulnerability assessment of the cyber-physical power system based on complex network theory is applied in this paper. The influence of the power system statistics upon the system vulnerability is studied based on complex network theory. The electrical betweenness is defined to suitably describe the power system characteristics. The real power systems are utilized as examples to analyze the distribution of the degree and betweenness of the power system as a complex network. The topology model of the cyber-physical power system is formed, and the static analysis is implemented to the study of the cyber-physical power system structural vulnerability. The IEEE 300 bus test system is selected to verify the model.

This paper presents conceptual modelling of the criticality of critical infrastructure (CI) nth order dependency effect using neural networks. Incidentally, critical infrastructures are usually not stand-alone, they are mostly interconnected in some way thereby creating a complex network of infrastructures that depend on each other. The relationships between these infrastructures can be either unidirectional or bidirectional with possible cascading or escalating effect. Moreover, the dependency relationships can take an nth order, meaning that a failure or disruption in one infrastructure can cascade to nth interconnected infrastructure. The nth-order dependency and criticality problems depict a sequential characteristic, which can result in chronological cyber effects. Consequently, quantifying the criticality of infrastructure demands that the impact of its failure or disruption on other interconnected infrastructures be measured effectively. To understand the complex relational behaviour of nth order relationships between infrastructures, we model the behaviour of nth order dependency using Neural Network (NN) to analyse the degree of dependency and criticality of the dependent infrastructure. The outcome, which is to quantify the Criticality Index Factor (CIF) of a particular infrastructure as a measure of its risk factor can facilitate a collective response in the event of failure or disruption. Using our novel NN approach, a comparative view of CIFs of infrastructures or organisations can provide an efficient mechanism for Critical Information Infrastructure Protection and resilience (CIIPR) in a more coordinated and harmonised way nationally. Our model demonstrates the capability to measure and establish the degree of dependency (or interdependency) and criticality of CIs as a criterion for a proactive CIIPR.

Network embedding, which aims to map the discrete network topology to a continuous low-dimensional representation space with the major topological properties preserved, has emerged as an essential technique to support various network inference tasks. However, incorporating both the evolutionary nature and the network's heterogeneity remains a challenge for existing network embedding methods. In this study, we propose a novel Translation-Based Dynamic Heterogeneous Network Embedding (TransDHE) approach to consider both the aspects simultaneously. For a dynamic heterogeneous network with a sequence of snapshots and multiple types of nodes and edges, we introduce a translation-based embedding module to capture the heterogeneous characteristics (e.g., type information) of each single snapshot. An orthogonal alignment module and RNN-based aggregation module are then applied to explore the evolutionary patterns among multiple successive snapshots for the final representation learning. Extensive experiments on a set of real-world networks demonstrate that TransDHE can derive the more informative embedding result for the network dynamic and heterogeneity over state-of-the-art network embedding baselines.

The security issue of complex network systems, such as communication systems and power grids, has attracted increasing attention due to cascading failure threats. Many existing studies have investigated the robustness of complex networks against cascading failure from an attacker's perspective. However, most of them focus on the synchronous attack in which the network components under attack are removed synchronously rather than in a sequential fashion. Most recent pioneering work on sequential attack designs the attack strategies based on simple heuristics like degree and load information, which may ignore the inside functions of nodes. In the paper, we exploit a reinforcement learning-based sequential attack method to investigate the impact of different nodes on cascading failure. Besides, a candidate pool strategy is proposed to improve the performance of the reinforcement learning method. Simulation results on Barabási-Albert scale-free networks and real-world networks have demonstrated the superiority and effectiveness of the proposed method.

Aiming at the working mechanism of optical backbone network, based on the theory of complex network, the invulnerability evaluation index of optical backbone network is extracted from the physical topology of optical backbone network and the degree of bandwidth satisfaction, finally, the invulnerability evaluation model of optical backbone network is established. At the same time, the evaluation model is verified and analyzed with specific cases, through the comparison of 4 types of attack, the results show that the number of deliberate point attacks ( DP) is 16.7% lower than that of random point attacks ( RP) when the critical collapse state of the network is reached, and the number of deliberate edge attacks ( DE) is at least 10.4% lower than that of random edge attacks ( RE). Therefore, evaluating the importance of nodes and edges and strengthening the protection of key nodes and edges can help optical network effectively resist external attacks and significantly improve the anti-damage ability of optical network, which provides theoretical support for the anti-damage evaluation of optical network and has certain practical significance for the upgrade and reconstruction of optical network.

The 5G network systems are evolving and have complex network infrastructures. There is a great deal of work in this area focused on meeting the stringent service requirements for the 5G networks. Within this context, security requirements play a critical role as 5G networks can support a range of services such as healthcare services, financial and critical infrastructures. 3GPP and ETSI have been developing security frameworks for 5G networks. Our work in 5G security has been focusing on the design of security architecture and mechanisms enabling dynamic establishment of secure and trusted end to end services as well as development of mechanisms to proactively detect and mitigate security attacks in virtualised network infrastructures. The focus of this paper is on the latter, namely the facilities and mechanisms, and the design of a security architecture providing facilities and mechanisms to detect and mitigate specific security attacks. We have developed a simplified version of the security architecture using Software Defined Networks (SDN) and Network Function Virtualisation (NFV) technologies. The specific security functions developed in this architecture can be directly integrated into the 5G core network facilities enhancing its security.

The power terminal network has the characteristics of a large number of nodes, various types, and complex network topology. After the power terminal network is attacked, the impact of power terminals in different business scenarios is also different. Traditional impact assessment methods based on network traffic or power system operation rules are difficult to achieve comprehensive attack impact analysis. In this paper, from the three levels of terminal security itself, terminal network security and terminal business application security, it constructs quantitative indicators for analyzing the impact of power terminals after being attacked, so as to determine the depth and breadth of the impact of the attack on the power terminal network, and provide the next defense measures with realistic basis.

The main threats in complex networks for large-scale information systems using web browsers or service browsers are analyzed. The necessary security features for these types of systems are compared. The advantages of systems developed with service-browser technology are shown.

Under the background of increasingly severe security situation, the new working mode of power mobile internet business anytime and anywhere has greatly increased the complexity of network interaction. At the same time, various means of breaking through the boundary protection and moving laterally are emerging in an endless stream. The existing boundary-based mobility The security protection architecture is difficult to effectively respond to the current complex and diverse network attacks and threats, and faces actual combat challenges. This article first analyzes the security risks faced by the existing power mobile Internet services, and conducts a collaborative analysis of the key points of zero-trust based security protection from multiple perspectives such as users, terminals, and applications; on this basis, from identity security authentication, continuous trust evaluation, and fine-grained access The dimension of control, fine-grained access control based on identity trust, and the design of a zero-trust-based power mobile interconnection business security protection framework to provide theoretical guidance for power mobile business security protection.

In recent years, one of the important and interesting tasks has become the protection of civilian and military objects from unmanned aerial vehicles (UAVs) carrying a potential threat. To solve this problem, it is required to detect UAVs and activate protective systems. UAVs can be represented as aerodynamic objects of the monoplane or multicopter type with acoustic fingerprints. In this paper we consider algorithm for UAV acoustic detection and recognition system. Preliminary results of analysis of experimental data show effectiveness of proposed approach.

Since the birth of the Internet, the quality of network service has been a widespread concerned problem. With the continuous development of communication and information technology, people gradually realized that the contradiction between the limited resources and the business requirements of network cannot be fundamentally solved. In this paper, we design and develop a distributed security quality of service testing framework called AweQoS(AwesomeQoS), to adapt to the current complex network environment. This paper puts forward the necessity that some security tests should be closely combined with quality of service testing, and further discusses the basic methods of distributed denial of service attack and defense. We introduce the design idea and working process of AweQoS in detail, and introduce a bandwidth test method based on user datagram protocol. Experimental results show that this new test method has better test performance and potential under the AweQoS framework.

With the development of globalization, more and more enterprises are involved in the supply chain network with increasingly complex structure. In this paper, enterprises and relations in the logistics network are abstracted as nodes and edges of the complex network. A graph model for a supply chain network to specified industry is constructed, and the Neo4j graph database is employed to store the graph data. This paper uses the theoretical research tool of complex network to model and analyze the supply chain, and designs a supply chain network evaluation system which include static and dynamic measurement indexes according to the statistical characteristics of complex network. In this paper both the static and dynamic resilience characteristics of the the constructed supply chain network are evaluated from the perspective of complex network. The numeric experimental simulations are conducted for validation. This research has practical and theoretical significance for enterprises to make strategies to improve the anti-risk capability of supply chain network based on logistics network information.