Biblio

Using Generative Adversarial Networks (GAN) to translate images is a significant field in computer vision. There are partial distortion, artifacts and detail loss in the images generated by current image translation algorithms. In order to solve this problem, this paper adds attention-based residual neural network to the generator of GAN. Attention-based residual neural network can improve the representation ability of the generator by weighting the channels of the feature map. Experiment results on the Facades dataset show that Attention Residual GAN can translate images with excellent quality.

Currently, the increasing complexity of DDoS attacks makes it difficult for modern security systems to track them. Machine learning techniques are increasingly being used in such systems as they are well established. However, a new problem arose: the creation of informative datasets. Generative adversarial networks can help create large, high-quality datasets for machine learning training. The article discusses the issue of using generative adversarial networks to generate new patterns of network attacks for the purpose of their further use in training.

Image style transfer refers to the transformation of the style of image, so that the image details are retained to the maximum extent while the style is transferred. Aiming at the problem of low clarity of style transfer images generated by CycleGAN network, this paper improves the CycleGAN network. In this paper, the network model of auto-encoder and variational auto-encoder is added to the structure. The encoding part of the auto-encoder is used to extract image content features, and the variational auto-encoder is used to extract style features. At the same time, the generating network of the model in this paper uses first to adjust the image size and then perform the convolution operation to replace the traditional deconvolution operation. The discriminating network uses a multi-scale discriminator to force the samples generated by the generating network to be more realistic and approximate the target image, so as to improve the effect of image style transfer.

Kernel embeddings of distributions have recently gained significant attention in the machine learning community as a data-driven technique for representing probability distributions. Broadly, these techniques enable efficient computation of expectations by representing integral operators as elements in a reproducing kernel Hilbert space. We apply these techniques to the area of stochastic optimal control theory and present a method to compute approximately optimal policies for stochastic systems with arbitrary disturbances. Our approach reduces the optimization problem to a linear program, which can easily be solved via the Lagrangian dual, without resorting to gradient-based optimization algorithms. We focus on discrete- time dynamic programming, and demonstrate our proposed approach on a linear regulation problem, and on a nonlinear target tracking problem. This approach is broadly applicable to a wide variety of optimal control problems, and provides a means of working with stochastic systems in a data-driven setting.

The accelerated penetration rate of renewable energy sources (RES) brings environmental benefits at the expense of increasing operation cost and undermining the satisfaction of the N-1 security criterion. To address the latter issue, this paper extends the state of the art, i.e. deterministic AC security-constrained optimal power flow (SCOPF), to capture two new dimensions: RES stochasticity and inter-temporal constraints of emerging sources of flexibility such as flexible loads (FL) and energy storage systems (ESS). Accordingly, the paper proposes and solves for the first time a new problem formulation in the form of stochastic multi-period AC SCOPF (S-MP-SCOPF). The S-MP-SCOPF is formulated as a non-linear programming (NLP). It computes optimal setpoints in day-ahead operation of flexibility resources and other conventional control means for congestion management and voltage control. Another salient feature of this paper is the comprehensive and accurate modelling: AC power flow model for both pre-contingency and post-contingency states, joint active/reactive power flows, inter-temporal resources such as FL and ESS in a 24-hours time horizon, and RES uncertainties. The applicability of the proposed model is tested on 5-bus (6 contingencies) and 60 bus Nordic32 (33 contingencies) systems.

We propose a novel theoretical approach for solving a Stochastic Security Game using augmented Markov Decison Processes and an experimental evaluation. Most of the previous works mentioned in the literature focus on Linear Programming techniques seeking Strong Stackelberg Equilibria through the defender and attacker’s strategy spaces. Although effective, these techniques are computationally expensive and tend to not scale well to very large problems. By fixing the set of the possible defense strategies, our approach is able to use the well-known augmented MDP formalism to compute an optimal policy for an attacker facing a defender patrolling. Experimental results on fully observable cases validate our approach and show good performances in comparison with optimistic and pessimistic approaches. However, these results also highlight the need of scalability improvements and of handling the partial observability cases.

Vehicular ad-hoc networks (VANETs) are one of the most stochastic networks in terms of node movement patterns. Due to the high speed of vehicles, nodes form temporary clusters and shift between clusters rapidly, which limits the usable computational complexity for quality of service (QoS) and security enhancements. Hence, VANETs are one of the most insecure networks and are prone to various attacks like Masquerading, Distributed Denial of Service (DDoS) etc. Various algorithms have been proposed to safeguard VANETs against these attacks, which vary concerning security and QoS performance. These algorithms include linear rule-checking models, software-defined network (SDN) rules, blockchain-based models, etc. Due to such a wide variety of model availability, it becomes difficult for VANET designers to select the most optimum security framework for the network deployment. To reduce the complexity of this selection, the paper reviews statistically investigate a wide variety of modern VANET-based security models. These models are compared in terms of security, computational complexity, application and cost of deployment, etc. which will assist network designers to select the most optimum models for their application. Moreover, the paper also recommends various improvements that can be applied to the reviewed models, to further optimize their performance.

Cyber-Physical Systems(CPS) have been experiencing a fast-growing process in recent decades, and related security issues also have become more important than ever before. To design an efficient defensive policy for operators and controllers is the utmost task to be considered. In this paper, a stochastic game-theoretic model is developed to study a CPS security problem by considering the interdependence between cyber and physical spaces of a CPS. The game model is solved with Minimax Q-learning for finding the mixed strategies equilibria. The numerical simulation revealed that the defensive factors and attack cost can affect the policies adopted by the system. From the perspective of the operator of a CPS, increasing successful defense probability in the phrase of disruption will help to improve the probability of defense strategy when there is a correlation between the cyber layer and the physical layer in a CPS. On the contrary side, the system defense probability will decrease as the total cost of the physical layer increases.

We present a scalable optimization algorithm and its parallel implementation for two-stage stochastic programming problems of large-scale, particularly the security constrained optimal power flow models routinely used in electrical power grid operations. Such problems can be prohibitively expensive to solve on industrial scale with the traditional methods or in serial. The algorithm decomposes the problem into first-stage and second-stage optimization subproblems which are then scheduled asynchronously for efficient evaluation in parallel. Asynchronous evaluations are crucial in achieving good balancing and parallel efficiency because the second-stage optimization subproblems have highly varying execution times. The algorithm employs simple local second-order approximations of the second-stage optimal value functions together with exact first- and second-order derivatives for the first-stage subproblems to accelerate convergence. To reduce the number of the evaluations of computationally expensive second-stage subproblems required by line search, we devised a flexible mechanism for controlling the step size that can be tuned to improve performance for individual class of problems. The algorithm is implemented in C++ using MPI non-blocking calls to overlap computations with communication and boost parallel efficiency. Numerical experiments of the algorithm are conducted on Summit and Lassen supercomputers at Oak Ridge and Lawrence Livermore National Laboratories and scaling results show good parallel efficiency.

SUMMARY & CONCLUSIONSA Multi-access Edge Computing (MEC) micro data center (MEDC) consists of multiple MEC hosts close to endpoint devices. MEC service is delivered by instantiating a virtualization system (e.g., Virtual Machines or Containers) on a MEC host. MEDC faces more new security risks due to various device connections in an open environment. When more and more IoT/CPS systems are connected to MEDC, it is necessary for MEC service providers to quantitatively analyze any security loss and then make defense-related decision. This paper develops a CTMC model for quantitatively analyzing the security and dependability of a vulnerable MEDC system under lateral movement attacks, from the adversary’s initial successful access until the MEDC becomes resistant to the attack. The proposed model captures the behavior of the system in a scenario where (i) the rate of vulnerable MEC servers being infected increases with the increasing number of infected MEC servers, (ii) each infected MEC server can perform its compromising activity independently and randomly, and (iii) any infected MEC may fail and then cannot provide service. We also introduce the formulas for computing metrics. The proposed model and formula are verified to be approximately accurate by comparing numerical results and simulation results.

Cyber Physical Systems (CPS) are widely deployed and employed in many recent real applications such as automobiles with sensing technology for crashes to protect passengers, automated homes with various smart appliances and control units, and medical instruments with sensing capability of glucose levels in blood to keep track of normal body function. In spite of their significance, CPS infrastructures are vulnerable to cyberattacks due to the limitations in the computing, processing, memory, power, and transmission capabilities for their endpoint/edge appliances. In this paper, we consider a short systematic investigation for the models and techniques of cyberattacks and threats rate against Cyber Physical Systems with multiple subsystems and redundant elements such as, network of computing devices or storage modules. The cyberattacks are assumed to be externally launched against the Cyber Physical System during a prescribed operational time unit following stochastic distribution models such as Poisson probability distribution, negative-binomial probability distribution and other that have been extensively employed in the literature and proved their efficiency in modeling system attacks and threats.

Disinformation, fake news, and unverified rumors spread quickly in online social networks (OSNs) and manipulate people's opinions and decisions about life events. The solid mathematical solutions of the strategic decisions in OSNs have been provided under game theory models, including multiple roles and features. This work proposes a game-theoretic opinion framework to model subjective opinions and behavioral strategies of attackers, users, and a defender. The attackers use information deception models to disseminate disinformation. We investigate how different game-theoretic opinion models of updating people's subject opinions can influence a way for people to handle disinformation. We compare the opinion dynamics of the five different opinion models (i.e., uncertainty, homophily, assertion, herding, and encounter-based) where an opinion is formulated based on Subjective Logic that offers the capability to deal with uncertain opinions. Via our extensive experiments, we observe that the uncertainty-based opinion model shows the best performance in combating disinformation among all in that uncertainty-based decisions can significantly help users believe true information more than disinformation.

The network attack such as Distributed Denial-of-Service (DDoS) attack could be critical to latency-critical systems such as Mobile Edge Computing (MEC) as such attacks significantly increase the response delay of the victim service. Intrusion prevention system (IPS) is a promising solution to defend against such attacks, but there will be a trade-off between IPS deployment and application resource reservation as the deployment of IPS will reduce the number of computation resources for MEC applications. In this paper, we proposed a game-theoretic framework to study the joint computation resource allocation and IPS deployment in the MEC architecture. We study the pricing strategy of the MEC platform operator and purchase strategy of the application service provider, given the expected attack strength and end user demands. The best responses of both MPO and ASPs are derived theoretically to identify the Stackelberg equilibrium. The simulation results confirm that the proposed solutions significantly increase the social welfare of the system.

In the Bitcoin mining network, miners contribute computation power to solve crypto-puzzles in exchange for financial rewards. Due to the randomness and the competitiveness of mining, individual miners tend to join mining pools for low risks and steady incomes. Usually, a pool is managed by its central operator, who charges fees for providing risk-sharing services. This paper presents a hierarchical distributed computation paradigm where miners can distribute their power among multiple pools. By adding virtual pools, we separate miners’ dual roles of being the operator as well as being the member when solo mining. We formulate a multi-leader multi-follower Stackelberg game to study the joint utility maximization of pool operators and miners, thereby addressing a computation power allocation problem. We investigate two practical pool operation modes, a uniform-share-difficulty mode and a nonuniform-share-difficulty mode. We derive analytical results for the Stackelberg equilibrium of the game under both modes, based on which optimal strategies are designed for all operators and miners. Numerical evaluations are presented to verify the proposed model.

We study a game-theoretic model of the interactions between a Cyber-Physical System’s (CPS) operator (the defender) against an attacker who launches stepping-stone attacks to reach critical assets within the CPS. We consider that, in addition to optimally allocating its security budget to protect the assets, the defender may choose to modify the CPS through network design interventions. In particular, we propose and motivate four ways in which the defender can introduce additional nodes in the CPS: these nodes may be intended as additional safeguards, be added for functional or structural redundancies, or introduce additional functionalities in the system. We analyze the security implications of each of these design interventions, and evaluate their impacts on the security of an automotive network as our case study. We motivate the choice of the attack graph for this case study and elaborate how the parameters in the resulting security game are selected using the CVSS metrics and the ISO-26262 ASIL ratings as guidance. We then use numerical experiments to verify and evaluate how our proposed network interventions may be used to guide improvements in automotive security.

Considered is a network of parallel wireless channels in which individual parties are engaged in secret communication under the protection of cooperative jamming. A strategic eavesdropper selects the most vulnerable channels to attack. Existing works usually suggest the defender allocate limited cooperative jamming power to various channels. However, it usually requires some strong assumptions and complex computation to find such an optimal power control policy. This paper proposes a probabilistic cooperative jamming scheme such that the defender focuses on protecting randomly selected channels. Two different cases regarding each channel’s eavesdropping capacity are discussed. The first case studies the general scenario where each channel has different eavesdropping capacity. The second case analyzes an extreme scenario where all channels have the same eavesdropping capacity. Two non-zero-sum Nash games model the competition between the network defender and an eavesdropper in each case. Furthermore, considering the case that the defender does not know the eavesdropper’s channel state information (CSI) leads to a Bayesian game. For all three games, we derive conditions for the existence of a unique Nash equilibrium (NE), and obtain the equilibria and the value functions in closed form.

5G and beyond 5G low power wireless networks make Internet of Things (IoT) and Cyber-Physical Systems (CPS) applications capable of serving massive amounts of devices and machines. Due to the broadcast nature of wireless networks, it is crucial to secure the communication between these devices and machines from spoofing and interception attacks. This paper is concerned with the security of carrier frequency offset (CFO) based continuous physical layer authentication. The interaction between an attacker and a defender is modeled as a dynamic discrete leader-follower game with imperfect information. In the considered model, a legitimate user (Alice) communicates with the defender/operator (Bob) and is authorized by her CFO continuously. The attacker (Eve), by listening/eavesdropping the communication between Alice and Bob, tries to learn the CFO characteristics of Alice and aims to inject malicious packets to Bob by impersonating Alice. First, by showing that the optimal attacker strategy is a threshold policy, an optimization problem of the attacker with exponentially growing action space is reduced to a tractable integer optimization problem with a single parameter, then the corresponding defender cost is derived. Extensive simulations illustrate the characteristics of optimal strategies/utilities of the players depending on the actions, and show that the defender’s optimal false positive rate causes attack success probabilities to be in the order of 0.99. The results show the importance of the parameters while finding the balance between system security and efficiency.

The user's access history can be used as an important reference factor in determining whether to allow the current access request or not. And it is often ignored by the existing access control models. To make up for this defect, a Dynamic Trust - game theoretic Access Control model is proposed based on the previous work. This paper proposes a method to quantify the user's trust in the cloud environment, which uses identity trust, behavior trust, and reputation trust as metrics. By modeling the access process as a game and introducing the user's trust value into the pay-off matrix, the mixed strategy Nash equilibrium of cloud user and service provider is calculated respectively. Further, a calculation method for the threshold predefined by the service provider is proposed. Authorization of the access request depends on the comparison of the calculated probability of the user's adopting a malicious access policy with the threshold. Finally, we summarize this paper and make a prospect for future work.

With the increase of the number of network threats, the knowledge graph is an effective method to quickly analyze the network threats from the mass of network security texts. Named entity recognition in network security domain is an important task to construct knowledge graph. Aiming at the problem that key Chinese entity information in network security related text is difficult to identify, a named entity recognition model in network security domain based on BERT-BiLSTM-CRF is proposed to identify key named entities in network security related text. This model adopts the BERT pre-training model to obtain the word vectors of the preceding and subsequent text information, and the obtained word vectors will be input to the subsequent BiLSTM module and CRF module for encoding and sorting. The test results show that this model has a good effect on the data set of network security domain. The recognition effect of this model is better than that of LSTM-CRF, BERT-LSTM-CRF, BERT-CRF and other models, and the F1=93.81%.

In this paper, internet is among the basic necessities of life. Internet has changed each and everybody's lives. So confidentiality of messages is very important over the internet. Steganography is the science of sending secret messages between the sender and intended receiver. It is such a technique that makes the exchange of covert messages possible. Each time a carrier is to be used for achieving steganography. The carrier plays a major role in establishing covert communication channel. This survey paper introduces steganography and its carriers. This paper concentrates on network protocols to be used as a carrier of steganograms. There are a number of protocols available to do so in the networks. Network steganography describes various methods used for transmitting data over a network without it being detected. Most of the methods proposed for hiding data in a network do not offer an additional protection to the covert data as it is sent as plain text. This paper presents a framework that offers the protection to the covert data by encrypting it and compresses it for gain in efficiency.

Recently, DDoS attack has developed rapidly and become one of the most important threats to the Internet. Traditional machine learning and deep learning methods can-not train a satisfactory model based on the data of a single client. Moreover, in the real scenes, there are a large number of devices used for traffic collection, these devices often do not want to share data between each other depending on the research and analysis value of the attack traffic, which limits the accuracy of the model. Therefore, to solve these problems, we design a DDoS attack detection model based on federated learning named FLDDoS, so that the local model can learn the data of each client without sharing the data. In addition, considering that the distribution of attack detection datasets is extremely imbalanced and the proportion of attack samples is very small, we propose a hierarchical aggregation algorithm based on K-Means and a data resampling method based on SMOTEENN. The result shows that our model improves the accuracy by 4% compared with the traditional method, and reduces the number of communication rounds by 40%.

The co-existence between Internet Protocol (IP) and Named-Data Networking (NDN) protocol is inevitable during the transition period. We propose a privacy-preserving translation method between IP and NDN called the dual-channel translation gateway. The gateway provides two different channels dedicated to the interest and the data packet to translate the IP to the NDN protocol and vice versa. Additionally, the name resolution table is provided at the gateway that binds an IP packet securely with a prefix name. Moreover, we compare the dual-channel gateway performance with the encapsulation gateway.

As the mobile Internet is developing rapidly, people who use cell phones to access the Internet dominate, and the mobile Internet has changed the development environment of online public opinion and made online public opinion events spread more widely. In the online environment, any kind of public issues may become a trigger for the generation of public opinion and thus need to be controlled for network supervision. The method in this paper can identify entities from the event texts obtained from mobile Today's Headlines, People's Daily, etc., and informatize security of public opinion in event instances, thus strengthening network supervision and control in mobile, and providing sufficient support for national security event management. In this paper, we present a SW-BiLSTM-CRF model, as well as a model combining the RoBERTa pre-trained model with the classical neural network BiLSTM model. Our experiments show that this approach provided achieves quite good results on Chinese emergency corpus, with accuracy and F1 values of 87.21% and 78.78%, respectively.

As a fundamental departure from the IP design which encodes source and destination addresses in each packet, Named Data Networking (NDN) directly uses application-defined data names for network layer communications. While bringing important data-centric benefits, the semantic richness of NDN names has also raised confidentiality and privacy concerns. In this paper, we first define the problem of name confidentiality, and then investigate the solution space through a comprehensive examination of all the proposed solutions up to date. Our work shows that the proposed solutions are simply different means to hide the actual data names via a layer of translation; they differ in where and how the translation takes place, which lead to different trade-offs in feasibility, efficiency, security, scalability, and different degrees of adherence to NDN's data-centric communications. Our investigation suggests the feasibility of a systematic design that can enable NDN to provide stronger name confidentiality and user privacy as compared to today's TCP/IP Internet.

The report examines approaches to assessing the information security of data transmission networks (DTN). The analysis of methods for quantitative assessment of information security risks is carried out. A methodological approach to the assessment of IS DTN based on the risk-oriented method is presented. A method for assessing risks based on the mathematical apparatus of the queening systems (QS) is considered and the problem of mathematical modeling is solved.