Biblio

Transmitting data through the internet may have severe security risks due to illegal access done by attackers. Some methods have been introduced to overcome this issue, such as cryptography and steganography. Nevertheless, some problems still arise, such as the quality of the stego data. Specifically, it happens if the stego is shared with some users. In this research, a shared-secret mechanism is combined with steganography. For this purpose, the fuzzy logic edge detection and Prediction Error (PE) methods are utilized to hide private data. The secret sharing process is carried out after data embedding in the cover image. This sharing mechanism is performed on image pixels that have been converted to PE values. Various Peak Signal to Noise Ratio (PSNR) values are obtained from the experiment. It is found that the number of participants and the threshold do not significantly affect the image quality of the shares.

In the Smart Grid paradigm, this critical infrastructure operation is increasingly exposed to cyber-threats due to the increased dependency on communication networks. An adversary can launch an attack on a power grid operation through False Data Injection into system measurements and/or through attacks on the communication network, such as flooding the communication channels with unnecessary data or intercepting messages. A cross-layered strategy that combines power grid data, communication grid monitoring and Machine Learning-based processing is a promising solution for detecting cyber-threats. In this paper, an implementation of an integrated solution of a cross-layer framework is presented. The advantage of such a framework is the augmentation of valuable data that enhances the detection of anomalies in the operation of power grid. IEEE 118-bus system is built in Simulink to provide a power grid testing environment and communication network data is emulated using SimComponents. The performance of the framework is investigated under various FDI and communication attacks.

Propagation delay in blockchain networks is a major impairment of message transmission and validation in the bitcoin network. The transaction delay caused by message propagation across long network chains can cause significant threats to the bitcoin network integrity by allowing miners to find blocks during the message consensus process. Potential threats of slow transaction dissemination include double-spending, partitions, and eclipse attacks. In this paper, we propose a method for minimizing propagation delay by reducing non-compulsory message broadcasts during transaction dissemination in the underlying blockchain network. Our method will decrease the propagation delay in the bitcoin network and consequently mitigate the security threats based on message dissemination delay. Our results show improvement in the delay time with more effect on networks with a large number of nodes.

The spatial-temporal random variation characteristics of underwater acoustic channel make the difference among the underwater acoustic communication network link channels, which make network performance difficult to predict. In order to better understand the fluctuation and difference of network link channel, we analyze the measured channel data of five links in the Qiandao Lake underwater acoustic communication network experiment. This paper first estimates impulse response, spread function, power delay profile and Doppler power spectrum of the time-varying channel in a short detection time, and compares the time-frequency energy distribution characteristics of each link channel. Then, we statistically analyze the discreteness of the signal to noise ratio, multipath spread and Doppler spread parameter distributions for a total of145 channels over a long observation period. The results show that energy distribution structure and fading fluctuation scale of each link channel in underwater acoustic communication network are obviously different.

In-vehicle CAN (Controller Area Network) bus network does not have any network security protection measures, which is facing a serious network security threat. However, most of the intrusion detection solutions requiring extensive computational resources cannot be implemented in in- vehicle network system because of the resource constrained ECUs. To add additional hardware or to utilize cloud computing, we need to solve the cost problem and the reliable communication requirement between vehicles and cloud platform, which is difficult to be applied in a short time. Therefore, we need to propose a short-term solution for automobile manufacturers. In this paper, we propose a signature-based light-weight intrusion detection system, which can be applied directly and promptly to vehicle's ECUs (Electronic Control Units). We detect the anomalies caused by several attack modes on CAN bus from real-world scenarios, which provide the basis for selecting signatures. Experimental results show that our method can effectively detect CAN traffic related anomalies. For the content related anomalies, the detection ratio can be improved by exploiting the relationship between the signals.

In recent years, insider threat incidents and losses of companies or organizations are on the rise, and internal network security is facing great challenges. Traditional intrusion detection methods cannot identify malicious behaviors of insiders. As an effective method, insider threat detection technology has been widely concerned and studied. In this paper, we use the tree structure method to analyze user behavior, form feature sequences, and combine the Copula Based Outlier Detection (COPOD) method to detect the difference between feature sequences and identify abnormal users. We experimented on the insider threat dataset CERT-IT and compared it with common methods such as Isolation Forest.

In the current network security situation, the types of network threats are complex and changeable. With the development of the Internet and the application of information technology, the general trend is opener. Important data and important business applications will face more serious security threats. However, with the development of cloud computing technology, the trend of large-scale deployment of important business applications in cloud centers has greatly increased. The development and use of software-defined networks in cloud data centers have greatly reduced the effect of traditional network security boundary protection. How to find an effective way to protect important applications in open multi-step large-scale cloud data centers is a problem we need to solve. Threat intelligence has become an important means to solve complex network attacks, realize real-time threat early warning and attack tracking because of its ability to analyze the threat intelligence data of various network attacks. Based on the research of threat intelligence, machine learning, cloud central network, SDN and other technologies, this paper proposes an active defense method of network security based on threat intelligence for super-large cloud data centers.

Deep neural networks (DNNs) have gained significant popularity in recent years, becoming the state of the art in a variety of domains. In particular, deep reinforcement learning (DRL) has recently been employed to train DNNs that realize control policies for various types of real-world systems. In this work, we present the whiRL 2.0 tool, which implements a new approach for verifying complex properties of interest for DRL systems. To demonstrate the benefits of whiRL 2.0, we apply it to case studies from the communication networks domain that have recently been used to motivate formal verification of DRL systems, and which exhibit characteristics that are conducive for scalable verification. We propose techniques for performing k-induction and semi-automated invariant inference on such systems, and leverage these techniques for proving safety and liveness properties that were previously impossible to verify due to the scalability barriers of prior approaches. Furthermore, we show how our proposed techniques provide insights into the inner workings and the generalizability of DRL systems. whiRL 2.0 is publicly available online.

Modern power grids are dependent on communication systems for data collection, visualization, and control. Distributed Network Protocol 3 (DNP3) is commonly used in supervisory control and data acquisition (SCADA) systems in power systems to allow control system software and hardware to communicate. To study the dependencies between communication network security, power system data collection, and industrial hardware, it is important to enable communication capabilities with real-time power system simulation. In this paper, we present the integration of new functionality of a power systems dynamic simulation package into our cyber-physical power system testbed that supports real-time power system data transfer using DNP3, demonstrated with an industrial real-time automation controller (RTAC). The usage and configuration of DNP3 with real-world equipment in to achieve power system monitoring and control of a large-scale synthetic electric grid via this DNP3 communication is presented. Then, an exemplar of DNP3 data collection and control is achieved in software and hardware using the 2000-bus Texas synthetic grid.

Ensuring the network security, resists the malicious traffic attacks as much as possible, and ensuring the network security, the Gated Recurrent Unit (GRU) and Convolutional Neural Network (CNN) are combined. Then, a Software Defined Networking (SDN) anomaly detection architecture is built and continuously optimized to ensure network security as much as possible and enhance the reliability of the detection architecture. The results show that the proposed network architecture can greatly improve the accuracy of detection, and its performance will be different due to the different number of CNN layers. When the two-layer CNN structure is selected, its performance is the best among all algorithms. Especially, the accuracy of GRU- CNN-2 is 98.7%, which verifies that the proposed method is effective. Therefore, under deep learning, the utilization of GRU- CNN to explore and optimize the SDN anomaly detection is of great significance to ensure information transmission security in the future.

In electronic warfare, communication may not counter reconnaissance and jamming without the help of network-station selection of frequency hopping. The competition in the field of electromagnetic spectrum is becoming more and more fierce with the increasingly complex electromagnetic environment of modern battlefield. The research on detection, identification, parameter estimation and network station selection of frequency hopping communication network has aroused the interest of scholars both at home and abroad, which has been summarized in this paper. Firstly, the working mode and characteristics of two kinds of FH communication networking modes synchronous orthogonal network and asynchronous non orthogonal network are introduced. Then, through the analysis of FH signals time hopping, frequency hopping, bandwidth, frequency, direction of arrival, bad time-frequency analysis, clustering analysis and machine learning method, the feature-based method is adopted Parameter selection technology is used to sort FH network stations. Finally, the key and difficult points of current research on FH communication network separation technology and the research status of blind source separation technology are introduced in details in this paper.

In this paper, we propose a relational anonymous P2P communication network evaluation model based on Markov chain (AEMC), and show how to extend our model to the anonymous evaluation of sender and receiver relationship anonymity when the attacker attacks the anonymous P2P communication network and obtains some information. Firstly, the constraints of the evaluation model (the attacker assumption for message tracing) are specified in detail; then the construction of AEMC anonymous evaluation model and the specific evaluation process are described; finally, the simulation experiment is carried out, and the evaluation model is applied to the probabilistic anonymous evaluation of the sender and receiver relationship of the attacker model, and the evaluation is carried out from the perspective of user (message).

The power communication network generates a large amount of data. The existing security monitoring method needs to use a large transmission bandwidth in the process of data processing, which leads to the decrease of real-time response. Therefore, an automatic monitoring method of power communication network security based on edge computing is proposed. The paper establishes the power communication monitoring network architecture by combining RFID identification sensor network and wireless communication network. The edge calculation is embedded to the edge side of the power communication network, and the data processing model of power communication is established. Based on linear discriminant analysis, the paper designs a network security situation awareness assessment model, and uses this model to evaluate the real-time data collected by the power communication network. According to the evaluation results, the probability of success of intrusion attack is calculated and the security risk monitoring is carried out for the intrusion attack. The experimental results show that compared with the existing monitoring methods, the edge based security monitoring method can effectively reduce communication delay, improve the real-time response, and then improve the intelligent level of power communication network.

To ensure the safe operation of power system, this paper studies two technologies of data encryption and digital signature, and designs a real-time data encryption system based on DES algorithm, which improves the security of data network communication. The real-time data encryption system of power system is optimized by the hybrid encryption system based on DES algorithm. The real-time data encryption of power system adopts triple DES algorithm, and double DES encryption algorithm of RSA algorithm to ensure the security of triple DES encryption key, which solves the problem of real-time data encryption management of power system. Java security packages are used to implement digital signatures that guarantee data integrity and non-repudiation. Experimental results show that the data encryption system is safe and effective.

In order to overcome a series of problems in the application process of traditional communication engineering in the new era, such as information security, this paper proposes a novel communication engineering application system based on artificial intelligence technology. The application system fully combines the artificial intelligence technology, and applies the artificial intelligence thinking to the reform of traditional communication engineering. Based on this, the application strategy also fully combines the application and development of 5g technology, and strengthens the security of communication engineering in the application process from many aspects. The results show that the application system can give full play to the role of artificial intelligence technology and improve the security of communication process as much as possible, which lays a good foundation for the further development of 5g technology.

To understand the future trend of network security, the field of network security began to introduce the concept of NSSA(Network Security Situation Awareness). This paper implements the situation assessment model by using game theory algorithms to calculate the situation value of attack and defense behavior. After analyzing the ant colony algorithm and the RBF neural network, the defects of the RBF neural network are improved through the advantages of the ant colony algorithm, and the situation prediction model based on the ant colony-RBF neural network is realized. Finally, the model was verified experimentally.

Smart grid is the key infrastructure of the country, and its network security is an important link to ensure the national important infrastructure security. SOC as a secure operation mechanism for adaptive and continuous improvement of information security, it is practically significant to address the challenge to the network security of the smart grid. Based on the analysis of the technical characteristics and security of smart grid, and taking a grid enterprise smart grid as an example, we propose the design scheme and implementation plan of smart grid SOC platform. Experimental results show that the platform we designed can meet the performance requirements, it also meets the requirements of real-time storage of behavioral data and provides support for interactive analysis and batch analysis.

Phasor measurement unit (PMU) networks are increasingly deployed to offer timely and high-precision measurement of today's highly interconnected electric power systems. To enhance the cyber-resilience of PMU networks against malicious attacks and system errors, we develop an optimization-based network management scheme based on the software-defined networking (SDN) communication infrastructure to recovery PMU network connectivity and restore power system observability. The scheme enables fast network recovery by optimizing the path generation and installation process, and moreover, compressing the SDN rules to be installed on the switches. We develop a prototype system and perform system evaluation in terms of power system observability, recovery speed, and rule compression using the IEEE 30-bus system and IEEE 118-bus system.

With the rapid development of networks, cyberspace security is facing increasingly severe challenges. Traditional alert aggregation process and alert correlation analysis process are susceptible to a large amount of redundancy and false alerts. To tackle the challenge, this paper proposes a network security situational awareness model KG-NSSA (Knowledge-Graph-based NSSA) based on knowledge graphs. This model provides an asset-based network security knowledge graph construction scheme. Based on the network security knowledge graph, a solution is provided for the classic problem in the field of network security situational awareness - network attack scenario discovery. The asset-based network security knowledge graph combines the asset information of the monitored network and fully considers the monitoring of network traffic. The attack scenario discovery according to the KG-NSSA model is to complete attack discovery and attack association through attribute graph mining and similarity calculation, which can effectively reflect specific network attack behaviors and mining attack scenarios. The effectiveness of the proposed method is verified on the MIT DARPA2000 data set. Our work provides a new approach for network security situational awareness.

As the application of Internet of Things technology becomes more common, the security problems derived from it became more and more serious. Different from the traditional Internet, the security of the Internet of Things presented new features. This paper introduced the current situation of Internet of Things security, generalized the definitions of situation awareness and network security situation awareness, and finally discussed the methods of establishing security situational awareness of Internet of Things which provided some tentative solutions to the new DDoS attack caused by Internet of Things terminals.

In recent years, we have faced a series of online threats. The continuous malicious attacks on the network have directly caused a huge threat to the user's spirit and property. In order to deal with the complex security situation in today's network environment, an intelligent network situational awareness model based on deep neural networks is proposed. Use the nonlinear characteristics of the deep neural network to solve the nonlinear fitting problem, establish a network security situation assessment system, take the situation indicators output by the situation assessment system as a guide, and collect on the main data features according to the characteristics of the network attack method, the main data features are collected and the data is preprocessed. This model designs and trains a 4-layer neural network model, and then use the trained deep neural network model to understand and analyze the network situation data, so as to build the network situation perception model based on deep neural network. The deep neural network situational awareness model designed in this paper is used as a network situational awareness simulation attack prediction experiment. At the same time, it is compared with the perception model using gray theory and Support Vector Machine(SVM). The experiments show that this model can make perception according to the changes of state characteristics of network situation data, establish understanding through learning, and finally achieve accurate prediction of network attacks. Through comparison experiments, datatypized neural network deep neural network situation perception model is proved to be effective, accurate and superior.

Nowadays, Security is the biggest challenge in communication networks. Well defined security protocols not only solve the privacy and security issues but also help to reduce the implementation cost and simplify network's operation. Network society demands more reliable and secure network services as well as infrastructure. In communication networks, data theft, hacking, fraud, cyber warfare are serious security threats. Security as defined by experts is confirming protected communication amongst communication/computing systems and consumer applications in private and public networks, it is important for promising privacy, confidentiality, and protection of information. This paper highlights the security related issues and challenges in communication networks. We also present the holistic view for the underlaying physical layer including physical infrastructure attacks, jamming, interception, and eavesdropping. This research focused on improving the security measures and protocols in different communication networks.

The new network based on software-defined network SDN and network function virtualization NFV will replace the traditional network, so it is urgent to study the network security architecture based on the new network environment. This paper presents a software - defined security SDS architecture. It is open and universal. It provides an open interface for security services, security devices, and security management. It enables different network security vendors to deploy security products and security solutions. It can realize the deployment, arrangement and customization of virtual security function VSFs. It implements fine-grained data flow control and security policy management. The author analyzes the different types of attacks that different parts of the system are vulnerable to. The defender can disable the network attacks by changing the server-side security configuration scheme. The future research direction of network security is put forward.

With the increasing popularity of the Internet, mobile Internet and the Internet of Things, the current network environment continues to become more complicated. Due to the increasing variety and severity of cybersecurity threats, traditional means of network security protection have ushered in a huge challenge. The network security posture prediction can effectively predict the network development trend in the future time based on the collected network history data, so this paper proposes an algorithm based on simulated annealing-particle swarm algorithm to optimize improved Elman neural network parameters to achieve posture prediction for network security. Taking advantage of the characteristic that the value of network security posture has periodicity, a simulated annealing algorithm is introduced along with an improved particle swarm algorithm to solve the problem that neural network training is prone to fall into a local optimal solution and achieve accurate prediction of the network security posture. Comparison of the proposed scheme with existing prediction methods validates that the scheme has a good posture prediction accuracy.

Low accuracy and slow speed of predictions for cyber security situational awareness. This paper proposes a network security situational awareness model based on accelerated accurate k-means radial basis function (RBF) neural network, the model uses the ball k-means clustering algorithm to cluster the input samples, to get the nodes of the hidden layer of the RBF neural network, speeding up the selection of the initial center point of the RBF neural network, and optimize the parameters of the RBF neural network structure. Finally, use the training data set to train the neural network, using the test data set to test the accuracy of this neural network structure, the results show that this method has a greater improvement in training speed and accuracy than other neural networks.