Biblio

The consensus-based frequency control relying on a communication system is used to restore the frequency deviations introduced by the primary droop control in an islanded AC microgrid, a typical cyber-physical power system(CPPS). This paper firstly studies the performance of the CPPS under two types of Distributed Denial of Service (DDoS ) attacks, finds that the intelligent attacks may cause more damage than the brute force attacks, and analyzes some potential defense strategies of the CPPS from two points of view. Some simulation results are also given to show the performance of both the physical and cyber system of the CPPS under different operation conditions.

The robustness of supply chain networks (SCNs) against sequential topology attacks is significant for maintaining firm relationships and activities. Although SCNs have experienced many emergencies demonstrating that mixed failures exacerbate the impact of cascading failures, existing studies of sequential attacks rarely consider the influence of mixed failure modes on cascading failures. In this paper, a reinforcement learning (RL)-based sequential attack strategy is applied to SCNs with cascading failures that consider mixed failure modes. To solve the large state space search problem in SCNs, a deep Q-network (DQN) optimization framework combining deep neural networks (DNNs) and RL is proposed to extract features of state space. Then, it is compared with the traditional random-based, degree-based, and load-based sequential attack strategies. Simulation results on Barabasi-Albert (BA), Erdos-Renyi (ER), and Watts-Strogatz (WS) networks show that the proposed RL-based sequential attack strategy outperforms three existing sequential attack strategies. It can trigger cascading failures with greater influence. This work provides insights for effectively reducing failure propagation and improving the robustness of SCNs.

Critical infrastructures such as the electricity grid can be severely impacted by cyber-attacks on its supply chain. Hence, having a robust cybersecurity infrastructure and management system for the electricity grid is a high priority. This paper proposes a cyber-security protocol for defense against man-in-the-middle (MiTM) attacks to the supply chain, which uses encryption and cryptographic multi-party authentication. A cyber-physical simulator is utilized to simulate the power system, control system, and security layers. The correctness of the attack modeling and the cryptographic security protocol against this MiTM attack is demonstrated in four different attack scenarios.

The ubiquitous nature of the Internet of Things (IoT) devices and their wide-scale deployment have remarkably attracted hackers to exploit weakly-configured and vulnerable devices, allowing them to form large IoT botnets and launch unprecedented attacks. Modeling the behavior of IoT botnets leads to a better understanding of their spreading mechanisms and the state of the network at different levels of the attack. In this paper, we propose a generic model to capture the behavior of IoT botnets. The proposed model uses Markov Chains to study the botnet behavior. Discrete Event System Specifications environment is used to simulate the proposed model.

In this paper, we studies secure wireless transmission using polar codes which based on self-coupling encryption for relay-wiretap channel. The coding scheme proposed in this paper divide the confidential message into two parts, one part used to generate key through a specific extension method, and then use key to perform coupling encryption processing on another part of the confidential message to obtain the ciphertext. The ciphertext is transmitted in the split-channels which are good for relay node, legitimate receiver and eavesdropper at the same time. Legitimate receiver can restore key with the assistance of relay node, and then uses the joint successive cancellation decoding algorithm to restore confidential message. Even if eavesdropper can correctly decode the ciphertext, he still cannot restore the confidential message due to the lack of key. Simulation results show that compared with the previous work, our coding scheme can increase the average code rate to some extent on the premise of ensuring the reliability and security of transmission.

With the advent of massive machine type of communications, security protection becomes more important than ever. Efforts have been made to impose security protection capability to physical-layer signal design, so called physical-layer security (PLS). The purpose of this paper is to evaluate the performance of PLS schemes for a multi-input-multi-output (MIMO) systems with space-time block coding (STBC) under imperfect channel estimation. Three PLS schemes for STBC schemes are modeled and their bit error rate (BER) performances are evaluated under various channel estimation error environments, and their performance characteristics are analyzed.

Cloud computing has become an integral part of medical big data. The cloud has the capability to store the large data volumes has attracted more attention. The integrity and privacy of patient data are some of the issues that cloud-based medical big data should be addressed. This research work introduces data integrity auditing scheme for cloud-based medical big data. This will help minimize the risk of unauthorized access to the data. Multiple copies of the data are stored to ensure that it can be recovered quickly in case of damage. This scheme can also be used to enable doctors to easily track the changes in patients' conditions through a data block. The simulation results proved the effectiveness of the proposed scheme.

5G has received significant interest from commercial as well as defense industries. However, resiliency in 5G remains a major concern for its use in military and defense applications. In this paper, we explore physical layer resiliency enhancements for 5G and use narrow-band Internet of Things (NB-IoT) as a study case. Two physical layer modifications, frequency hopping, and direct sequence spreading, are analyzed from the standpoint of implementation and performance. Simulation results show that these techniques are effective to harden the resiliency of the physical layer to interference and jamming. A discussion of protocol considerations for 5G and beyond is provided based on the results.

On the Internet of Battlefield Things (IoBT), unmanned aerial vehicles (UAVs) provide significant operational advantages. However, the exploitation of the UAV by an untrustworthy entity might lead to security violations or possibly the destruction of crucial IoBT network functionality. The IoBT system has substantial issues related to data tampering and fabrication through illegal access. This paper proposes the use of an intelligent architecture called IoBT-Net, which is built on a convolution neural network (CNN) and connected with blockchain technology, to identify and trace illicit UAV in the IoBT system. Data storage on the blockchain ledger is protected from unauthorized access, data tampering, and invasions. Conveniently, this paper presents a low complexity and robustly performed CNN called LRCANet to estimate AOA for object localization. The proposed LRCANet is efficiently designed with two core modules, called GFPU and stacks, which are cleverly organized with regular and point convolution layers, a max pool layer, and a ReLU layer associated with residual connectivity. Furthermore, the effectiveness of LRCANET is evaluated by various network and array configurations, RMSE, and compared with the accuracy and complexity of the existing state-of-the-art. Additionally, the implementation of tailored drone-based consensus is evaluated in terms of three major classes and compared with the other existing consensus.

Wireless Sensor Networks (WSN) have assisted applications of multi-agent system. Abundant sensor nodes, densely distributed around a base station (BS), collect data and transmit to BS node for data analysis. The concept of cluster has been emerged as the efficient communication structure in resource-constrained environment. However, the security still remains a major concern due to the vulnerability of sensor nodes. In this paper, we propose a percolation-based secure routing protocol. We leverage the trust score composed of three indexes to select cluster heads (CH) for unevenly distributed clusters. By considering the reliability, centrality and stability, legitimate nodes with social trust and adequate energy are chosen to provide relay service. Moreover, we design a multi-path inter-cluster routing protocol to construct CH chains for directed inter-cluster data transmission based on the percolation. And the measurement of transit score for on-path CH nodes contributes to load balancing and security. Our simulation results show that our protocol is able to guarantee the security to improve the delivery ratio and packets delay.

In financial markets such as stock markets, securities are traded at a price where supply equals demand. Behind the impediments to the short-selling of stock, most participants in the stock market are buyers, so trades are more probable at higher prices than in situations without such restrictions. However, the order imbalance that occurs when buy orders exceed sell orders can change due to many factors. Hence, it is insufficient to discuss the effects of order imbalance caused by impediments to short-selling on the stock price only through empirical studies. Our study used an artificial market to investigate the effects on traded price and quantity of limit orders. The simulation results revealed that the order imbalance when buy orders exceed sell orders increases the traded price and results in fewer quantities of limit sell orders than limit buy orders. In particular, when the sell/buy ratio of the order imbalance model is less than or equal to 0.9, the limit sell/buy ratio becomes lower than that. Lastly, we investigated the mechanisms of the effects on traded price and quantity of limit orders.

The security of manycore systems has become increasingly critical. In system-on-chips (SoCs), Hardware Trojans (HTs) manipulate the functionalities of the routing components to saturate the on-chip network, degrade performance, and result in the leakage of sensitive data. Existing HT detection techniques, including runtime monitoring and state-of-the-art learning-based methods, are unable to timely and accurately identify the implanted HTs, due to the increasingly dynamic and complex nature of on-chip communication behaviors. We propose AGAPE, a novel Generative Adversarial Network (GAN)-based anomaly detection and mitigation method against HTs for secured on-chip communication. AGAPE learns the distribution of the multivariate time series of a number of NoC attributes captured by on-chip sensors under both HT-free and HT-infected working conditions. The proposed GAN can learn the potential latent interactions among different runtime attributes concurrently, accurately distinguish abnormal attacked situations from normal SoC behaviors, and identify the type and location of the implanted HTs. Using the detection results, we apply the most suitable protection techniques to each type of detected HTs instead of simply isolating the entire HT-infected router, with the aim to mitigate security threats as well as reducing performance loss. Simulation results show that AGAPE enhances the HT detection accuracy by 19%, reduces network latency and power consumption by 39% and 30%, respectively, as compared to state-of-the-art security designs.

Forming a secure autonomous vehicle group is extremely challenging since we have to consider threats and vulnerability of autonomous vehicles. Existing studies focus on communications among risk-free autonomous vehicles, which lack metrics to measure passenger security and cargo values. This work proposes a novel autonomous vehicle group formation method. We introduce risk assessment scoring to assess passenger security and cargo values, and propose an autonomous vehicle group formation method based on it. Our vehicle group is composed of a master node, and a number of core and border ones. Finally, the extensive simulation results show that our method is better than a Connectivity Prediction-based Dynamic Clustering model and a Low-InDependently clustering architecture in terms of node survival time, average change count of master nodes, and average risk assessment scoring.

Energy trading in small groups or microgrids is interesting to study. The energy market may overgrow in the future, so accessing the energy market by small prosumers may not be difficult anymore. This paper has modeled a decentralized P2P energy trading and exchange system in a microgrid group. The Islanded microgrid system is simulated to create a small energy producer and consumer trading situation. The simulation results show the increasing energy transactions and profit when including V2G as an energy storage device. In addition, blockchain is used for system security because a peer-to-peer marketplace has no intermediary control.

In recent years, the blackout accident shows that the cause of power failure is not only in the power network, but also in the cyber network. Aiming at the problem of cyber network fault Cyber-physical power systems, combined with the structure and functional attributes of cyber network, the comprehensive criticality of information node is defined. By evaluating the vulnerability of ieee39 node system, it is found that the fault of high comprehensive criticality information node will cause greater load loss to the system. The simulation results show that the comprehensive criticality index can effectively identify the key nodes of the cyber network.

MIMO system makes full use of the space dimension, in the era of increasingly tense spectrum resources, which greatly improves the spectrum efficiency and is one of the future communication support technologies. At the same time, considering the high cost of direct communication between the two parties in a long distance, the relay communication mode has been paid more and more attention. In relay communication network, each node connected by relay has different security levels. In order to forward the information of all nodes, the relay node has the lowest security permission level. Therefore, it is meaningful to study the physical layer security problem in MIMO two-way relay system with relay as the eavesdropper. In view of the above situation, this paper proposes the physical layer security model of MIMO two-way relay cooperative communication network, designs a communication matching grouping algorithm with low complexity and a two-step carrier allocation optimization algorithm, which improves the total security capacity of the system. At the same time, theoretical analysis and simulation verify the effectiveness of the proposed algorithm.

Vehicular networks are vulnerable to large scale attacks. Blockchain, implemented upon application layer, is recommended as one of the effective security and privacy solutions for vehicular networks. However, due to an increasing complexity of connected nodes, heterogeneous environment and rising threats, a robust security solution across multiple layers is required. Motivated by the Physical Layer Security (PLS) which utilizes physical layer characteristics such as channel fading to ensure reliable and confidential transmission, in this paper we analyze the impact of PLS on a blockchain-enabled vehicular network with two types of physical layer attacks, i.e., jamming and eavesdropping. Throughout the analysis, a Full Duplex Non-Orthogonal Multiple Access (FD-NOMA) based vehicle-to-everything (V2X) is considered to reduce interference caused by jamming and meet 5G communication requirements. Simulation results show enhanced goodput of a blockckchain enabled vehicular network integrated with PLS as compared to the same solution without PLS.

Low-frequency oscillation (LFO) is a security and stability issue that the power system focuses on, measurement data play an important role in online monitoring and analysis of low-frequency oscillation parameters. Aiming at the problem that the measurement data containing noise affects the accuracy of modal parameter identification, a VMD-SSI modal identification algorithm is proposed, which uses the variational modal decomposition algorithm (VMD) for noise reduction combined with the stochastic subspace algorithm for identification. The VMD algorithm decomposes and reconstructs the initial signal with certain noise, and filters out the noise signal. Then, the optimized signal is input into stochastic subspace identification algorithm(SSI), the modal parameters is obtained. Simulation of a three-machine ninenode system verifies that the VMD-SSI mode identification algorithm has good anti-noise performance.

Intrusion detection systems (IDSs) are widely deployed in the industrial control systems to protect network security. IDSs typically generate a huge number of alerts, which are time-consuming for system operators to process. Most of the alerts are individually insignificant false alarms. However, it is not the best solution to discard these alerts, as they can still provide useful information about network situation. Based on the study of characteristics of alerts in the industrial control systems, we adopt an enhanced method of exponentially weighted moving average (EWMA) control charts to help operators in processing alerts. We classify all detection signatures as regular and irregular according to their frequencies, set multiple control limits to detect anomalies, and monitor regular signatures for network security situational awareness. Extensive experiments have been performed using real-world alert data. Simulation results demonstrate that the proposed enhanced EWMA method can greatly reduce the volume of alerts to be processed while reserving significant abnormal information.

Confidentiality and integrity security are the key challenges in future 5G networks. To encounter these challenges, various signature and key agreement protocols are being implemented in 5G systems to secure high-speed mobile-to-mobile communication. Many security ciphers such as SNOW 3G, Advanced Encryption Standard (AES), and ZUC are used for 5G security. Among these protocols, the AES algorithm has been shown to achieve higher hardware efficiency and throughput in the literature. In this paper, we implement the AES algorithm on Field Programmable Gate Array (FPGA) and real-time performance factors of the AES algorithm were exploited to best fit the needs and requirements of 5G. In addition, several modifications such as partial pipelining and deep pipelining (partial pipelining with sub-module pipelining) are implemented on Virtex 6 FPGA ML60S board to improve the throughput of the proposed design.

Aiming at the prevention of information security risk in protection and control of smart substation, a multi-level security defense method of substation based on data aggregation and convolution neural network (CNN) is proposed. Firstly, the intelligent electronic device(IED) uses "digital certificate + digital signature" for the first level of identity authentication, and uses UKey identification code for the second level of physical identity authentication; Secondly, the device group of the monitoring layer judges whether the data report is tampered during transmission according to the registration stage and its own ID information, and the device group aggregates the data using the credential information; Finally, the convolution decomposition technology and depth separable technology are combined, and the time factor is introduced to control the degree of data fusion and the number of input channels of the network, so that the network model can learn the original data and fused data at the same time. Simulation results show that the proposed method can effectively save communication overhead, ensure the reliable transmission of messages under normal and abnormal operation, and effectively improve the security defense ability of smart substation.

The concept of a microgrid has emerged as a promising solution for the management of local groups of electricity consumers and producers. The use of end-users' energy usage data can help in increasing efficient operation of a microgrid. However, existing data-aggregation schemes for a microgrid suffer different cyber attacks and do not provide high level of accuracy. This work aims at designing a privacy-preserving data-aggregation scheme for a microgrid of prosumers that achieves high level of accuracy, thereby benefiting to the management and control of a microgrid. First, a novel smart meter readings data protection mechanism is proposed to ensure privacy of prosumers by hiding the real energy usage data from other parties. Secondly, a blockchain-based data-aggregation scheme is proposed to ensure privacy of the end-users, while achieving high level of accuracy in terms of the aggregated data. The proposed data-aggregation scheme is evaluated using real smart meter readings data from 100 prosumers. The results show that the proposed scheme ensures prosumers' privacy and achieves high level of accuracy, while it is secure against eavesdropping and man-in-the-middle cyber attacks.

The vehicle-to-grid (V2G) network has a clear advantage in terms of economic benefits, and it has grabbed the interest of powergrid and electric vehicle (EV) consumers. Many V2G techniques, at present, for example, use bilinear pairing to execute the authentication scheme, which results in significant computational costs. Furthermore, in the existing V2G techniques, the system master key is issued independently by the third parties, it is vulnerable to leaking if the third party is compromised by an attacker. This paper presents an efficient and secure anonymous authentication scheme for V2G networks to overcome this issue we use a lightweight authentication system for electric vehicles and smart grids. In the proposed technique, the keys are generated by the trusted authority after the successful registration of EVs in the trusted authority and the dispatching center. The suggested scheme not only enhances the verification performance of V2G networks and also protects against inbuilt hackers.

Peer-to-peer (P2P) energy trading is one of the promising approaches for implementing decentralized electricity market paradigms. In the P2P trading, each actor negotiates directly with a set of trading partners. Since the physical network or grid is used for energy transfer, power losses are inevitable, and grid-related costs always occur during the P2P trading. A proper market clearing mechanism is required for the P2P energy trading between different producers and consumers. This paper proposes a decentralized market clearing mechanism for the P2P energy trading considering the privacy of the agents, power losses as well as the utilization fees for using the third party owned network. Grid-related costs in the P2P energy trading are considered by calculating the network utilization fees using an electrical distance approach. The simulation results are presented to verify the effectiveness of the proposed decentralized approach for market clearing in P2P energy trading.

In order to solve the problem of high data collision probability, high access delay and high-power consumption in random access process of power Internet of Things, an access scheme for large-scale micro-power wireless sensors based on slot-scheduling and hybrid mode is presented. This scheme divides time into different slots and designs a slot-scheduling algorithm according to network workload and power consumption. Sensors with different service priorities are arranged in different time slots for competitive access, using appropriate random-access mechanism. And rationally arrange the number of time slots and competing end-devices in different time slots. This scheme is able to meet the timeliness requirements of different services and reduce the overall network power consumption when dealing with random access scenarios of large-scale micro-power wireless sensor network. Based on the simulation results of actual scenarios, this access scheme can effectively reduce the overall power consumption of the network, and the high priority services can meet the timeliness requirements on the premise of lower power consumption, while the low priority services can further reduce power consumption.