Biblio

Ubiquitous Electric Internet of Things (UEIoT) is the next generation electrical energy networks. The distributed and open structure of UEIoT is weak and vulnerable to security threats. To solve the security problem of UEIoT terminal, in this paper, the interaction between smart terminals and the malicious attackers in UEIoT as a differential game is investigated. A complex decision-making process and interactions between the smart terminal and attackers are analyzed. Through derivation and analysis of the model, an algorithm for the optimal defense strategy of UEIoT is designed. The results lay a theoretical foundation, which can support UEIoT make a dynamic strategy to improve the defensive ability.

In modern power grids (PGs), load frequency control (LFC) is effectively employed to preserve the frequency within the allowable ranges. However, LFC dependence on information and communication technologies (ICTs) makes PGs vulnerable to cyber attacks. Manipulation of measured data and control commands known as false data injection attacks (FDIAs) can negatively affect grid frequency performance and destabilize PG. This paper investigates the frequency performance of an isolated PG under coordinated FDIAs. A control scheme based on the combination of a Kalman filter, a chi-square detector, and a linear quadratic Gaussian controller is proposed to detect and mitigate the coordinated FDIAs. The efficiency of the proposed control scheme is evaluated under two types of scaling and exogenous FDIAs. The simulation results demonstrate that the proposed control scheme has significant capabilities to detect and mitigate the designed FDIAs.

The concepts of information flow security and refinement are known to have had a troubled relationship ever since the seminal work of McLean. In this work we study refinements that support changes in data representation and semantics, including the addition of state variables that may induce new observational power or side channels. We propose a new epistemic approach to ignorance-preserving refinement where an abstract model is used as a specification of a system's permitted information flows, that may include the declassification of secret information. The core idea is to require that refinement steps must not induce observer knowledge that is not already available in the abstract model. Our study is set in the context of a class of shared variable multiagent models similar to interpreted systems in epistemic logic. We demonstrate the expressiveness of our framework through a series of small examples and compare our approach to existing, stricter notions of information-flow secure refinement based on bisimulations and noninterference preservation. Interestingly, noninterference preservation is not supported “out of the box” in our setting, because refinement steps may introduce new secrets that are independent of secrets already present at abstract level. To support verification, we first introduce a “cube-shaped” unwinding condition related to conditions recently studied in the context of value-dependent noninterference, kernel verification, and secure compilation. A fundamental problem with ignorance-preserving refinement, caused by the support for general data and observation refinement, is that sequential composability is lost. We propose a solution based on relational pre-and postconditions and illustrate its use together with unwinding on the oblivious RAM construction of Chung and Pass.

The randomness, ambiguity and some other uncertainties of trust relationships in Wireless Sensor Networks (WSNs) make existing trust management methods often unsatisfactory in terms of accuracy. This paper proposes a trust evaluation method based on cloud model for malicious node detection. The conversion between qualitative and quantitative sensor node trust degree is achieved. Firstly, nodes cooperate with each other to establish a standard cloud template for malicious nodes and a standard cloud template for normal nodes, so that malicious nodes have a qualitative description to be either malicious or normal. Secondly, the trust cloud template obtained during the interactions is matched against the previous standard templates to achieve the detection of malicious nodes. Simulation results demonstrate that the proposed method greatly improves the accuracy of malicious nodes detection.

With the increasing application of micro-nano satellite network, it is extremely vulnerable to the influence of internal malicious nodes in the practical application process. However, currently micro-nano satellite network still lacks effective means of routing security protection. In order to solve this problem, combining with the characteristics of limited energy and computing capacity of micro-nano satellite nodes, this research proposes a secure routing algorithm based on trust value. First, the trust value of the computing node is synthesized, and then the routing path is generated by combining the trust value of the node with the AODV routing algorithm. Simulation results show that the proposed MNS-AODV routing algorithm can effectively resist the influence of internal malicious nodes on data transmission, and it can reduce the packet loss rate and average energy consumption.

Smart grids are one of the most important applications of cyber-physical systems. They intelligently transmit energy to customers by information technology, and have replaced the traditional power grid and are widely used. However, smart grids are vulnerable to cyber-attacks. Once attacked, it will cause great losses and lose the trust of customers. Therefore, it is important to evaluate the trustworthiness of smart grids. In order to evaluate the trustworthiness of smart grids, this paper uses a generalized stochastic Petri net (GSPN) to model smart grids. Considering various security threats that smart grids may face, we propose a general GSPN model for smart grids, which evaluates trustworthiness from three metrics of reliability, availability, and integrity by analyzing steady-state and transient probabilities. Finally, we obtain the value of system trustworthiness and simulation results show that the feasibility and effectiveness of our model for smart grids trustworthiness.

The security of the power grid is the first element of its operation. This paper aims at finding the vulnerability nodes in the power grid to prevent it from being destroyed. A novel comprehensive vulnerability index is proposed to the singleness of evaluation indicators for existing literature by integrating the power grid's topology information and operating state. Taking IEEE-118 as an example, the simulation analysis proves that the proposed vulnerability index has certain discriminative advantages and the best weighting factor is obtained through correlation analysis.

Smart grids have to protect meter measurements against false data injection attacks. By modifying the meter measurements, the attacker misleads the control decisions of the control center, which results in physical damages of power systems. In this paper, we propose a reinforcement learning based vulnerability analysis scheme for data injection attack without relying on the power system topology. This scheme enables the attacker to choose the data injection attack vector based on the meter measurements, the power system status, the previous injected errors and the number of meters to compromise. By combining deep reinforcement learning with prioritized experience replay, the proposed scheme more frequently replays the successful vulnerability detection experiences while bypassing the bad data detection, which is able to accelerate the learning speed. Simulation results based on the IEEE 14 bus system show that this scheme increases the probability of successful vulnerability detection and reduce the number of meters to compromise compared with the benchmark scheme.

5G smart grid applications rely on its high-performance transmission and bearer network. With the help of complex network theory, this paper first analyzes the complex network characteristic parameters of 5G smart grid, and explains the necessity and supporting significance of network vulnerability analysis for efficient transmission of 5G network. Then the node importance analysis algorithm based on node degree and clustering coefficient (NIDCC) is proposed. According to the results of simulation analysis, the power network has smaller path length and higher clustering coefficient in terms of static parameters, which indicates that the speed and breadth of fault propagation are significantly higher than that of random network. It further shows the necessity of network vulnerability analysis. By comparing with the other two commonly used algorithms, we can see that NIDCC algorithm can more accurately estimate and analyze the weak links of the network. It is convenient to carry out the targeted transformation of the power grid and the prevention of blackout accidents.

Symbiotic radio (SR) has recently emerged as a promising technology to boost spectrum efficiency of wireless communications by allowing reflective communications underlying the active RF communications. In this paper, we leverage SR to boost physical layer security by using an array of passive reflecting elements constituting the intelligent reflecting surface (IRS), which is reconfigurable to induce diverse RF radiation patterns. In particular, by switching the IRS's phase shifting matrices, we can proactively create dynamic channel conditions, which can be exploited by the transceivers to extract common channel features and thus used to generate secret keys for encrypted data transmissions. As such, we firstly present the design principles for IRS-assisted key generation and verify a performance improvement in terms of the secret key generation rate (KGR). Our analysis reveals that the IRS's random phase shifting may result in a non-uniform channel distribution that limits the KGR. Therefore, to maximize the KGR, we propose both a heuristic scheme and deep reinforcement learning (DRL) to control the switching of the IRS's phase shifting matrices. Simulation results show that the DRL approach for IRS-assisted key generation can significantly improve the KGR.

Cyber ranges are valuable assets but have limitations in simulating complex realities and multi-sector dependencies; to address this, federated cyber ranges are emerging. This work presents the ECHO Federated Cyber Range, a marketplace for cyber range services, that establishes a mechanism by which independent cyber range capabilities can be interconnected and accessed via a convenient portal. This allows for more complex and complete emulations, spanning potentially multiple sectors and complex exercises. Moreover, it supports a semi-automated approach for processing and deploying service requests to assist customers and providers interfacing with the marketplace. Its features and architecture are described in detail, along with the design, validation and deployment of a training scenario.

Cognitive radio (CR) as a key technology of solving the problem of low spectrum utilization has attracted wide attention in recent years. However, due to the open nature of the radio, the communication links can be eavesdropped by illegal user, resulting to severe security threat. Unmanned aerial vehicle (UAV) equipped with signal sensing and data transmission module, can access to the unoccupied channel to improve network security performance by transmitting artificial noise (AN) in CR networks. In this paper, we propose a resource allocation scheme for UAV-assisted overlay CR network. Based on the result of spectrum sensing, the UAV decides to play the role of jammer or secondary transmitter. The power splitting ratio for transmitting secondary signal and AN is introduced to allocate the UAV's transmission power. Particularly, we jointly optimize the spectrum sensing time, the power splitting ratio and the hovering position of the UAV to maximize the total secrecy rate of primary and secondary users. The optimization problem is highly intractable, and we adopt an adaptive inertia coefficient particle swarm optimization (A-PSO) algorithm to solve this problem. Simulation results show that the proposed scheme can significantly improve the total secrecy rate in CR network.

Cognitive radio primary network secure communication strategy based on secondary user energy harvesting and primary user destination assistance is investigated to guarantee primary user secure communication in cognitive radio network. In the proposed strategy, the primary network selects the best secondary user to forward the traffic from a primary transmitter (PT) to a primary receiver (PR). The best secondary user implements beamforming technique to assist primary network for secure communication. The remaining secondary transmitters harvest energy and transmit information to secondary receiver over the licensed primary spectrum. In order to further enhance the security of primary network and increase the harvested energy for the remaining secondary users, a destination-assisted jamming signal transmission strategy is proposed. In this strategy, artificial noise jamming signal transmitted by PR not only confuses eavesdropper, but also be used to power the remaining secondary users. Simulation results demonstrate that, the proposed strategy allows secondary users to communicate in the licensed primary spectrum. It enhances primary network secure communication performance dramatically with the joint design of secondary user transmission power and beamforming vectors. Furthermore, physical layer security of primary and secondary network can also be guaranteed via the proposed cognitive radio primary network secure communication strategy.

In this paper, we introduce cooperative spectrum sensing (CSS) scheme for detection of primary user (PU) in a cognitive radio network. Our scheme is based on a separating-hyperplane that discriminates between ellipsoids corresponding to two hypotheses. Additionally, we present a method to eliminate malicious cognitive radio users (MCRUs) that send false sensing data to the fusion center (FC) and degrade the system's detection performance. Simulation results verify the outperformance of the proposed method for the elimination of MCRUs and detection of PU.

We consider that in order to improve the utilization rate of spectrum resources and the security rate of unmanned aerial vehicle (UAV) Communication system, a secure transmission scheme of UAV relay assisted cognitive radio network (CRN) is proposed. In the presence of primary users and eavesdroppers, the UAV acts as the decoding and forwarding mobile relay to assist the secure transmission from the source node to the legitimate destination node. This paper optimizes the flight trajectory and transmission power of the UAV relay to maximize the security rate. Since the design problem is nonconvex, the original problem is approximated to a convex constraint by constructing a surrogate function with nonconvex constraints, and an iterative algorithm based on continuous convex approximation is used to solve the problem. The simulation results show that the algorithm can effectively improve the average security rate of the secondary system and successfully optimize the UAV trajectory.

This paper studies the hierarchical secure multicast algorithm in sparse code multiple access (SCMA) networks, its network security capacity is no longer limited by the users with the worst channel quality in multicast group. Firstly, we propose a network security energy efficiency (SEE) maximization problem. Secondly, in order to reduce the computational complexity, we propose a suboptimal algorithm (SA), which separates the codebook assignment with artificial noise from the power allocation with artificial noise. To further decrease the complexity of Lagrange method, a power allocation algorithm with increased fixed power is introduced. Finally, simulation results show that the network performance of the proposed algorithm in SCMA network is significantly better than that in orthogonal frequency division multiple access (OFDMA) network.

Based on the structure of turbo-polar codes, a secure symmetric encryption scheme is proposed to enhance information transmission security in this paper. This scheme utilizes interleaving at information bits and puncturing at parity bits for several times in the encoder. Correspondingly, we need to do the converse interleaving and fill zeros accurately at punctured position. The way of interleaving and puncturing is controlled by the private key of symmetric encryption, making sure the security of the system. The security of Secure Turbo-Polar Codes (STPC) is analyzed at the end of this paper. Simulation results are given to shown that the performance and complexity of Turbo-Polar Codes have little change after symmetric encryption. We also investigate in depth the influence of different remaining parity bit ratios on Frame Error Rate (FER). At low Signal to Noise Rate (SNR), we find it have about 0.6dB advantage when remaining parity bit ratio is between 1/20 and 1/4.

The ubiquity of wireless communication systems has resulted in extensive concern regarding their security issues. Combination of signaling and secrecy coding can provide greater improvement of confidentiality than tradition methods. In this work, we mainly focus on the secrecy coding design for physical layer security in wireless communications. When the main channel and wiretap channel are noisy, we propose a McEliece secure coding method based on LDPC which can guarantee both reliability between intended users and information security with respect to eavesdropper simultaneously. Simulation results show that Bob’s BER will be significantly decreased with the SNR increased, while Eve get a BER of 0.5 no matter how the SNR changes.

This note addresses the problem of distributed control for a class of nonlinear multi-agent systems over a communication graph. In many real practical systems, owing to communication limits and the vulnerability of communication networks to be overheard and modified by the adversary, consideration of communication delays and cyber-attacks in designing of the controller is important. To consider these challenges, in the presented approach, a distributed controller for a group of one-link flexible joint manipulators is provided which are connected via data delaying communication network in the presence of cyber-attacks. Sufficient conditions are provided to guarantee that the closed-loop system is stable with prescribed disturbance attenuation, and the parameter of the control law can be obtained by solving a set of linear matrix inequities (LMIs). Eventually, simulations results of four single-link manipulators are provided to demonstrate the performance of the introduced method.

The superior breadth of data transmission through the internet is rapidly increasing in the current scenario. The information in the form of images is really critical in the fields of Banking, Military, Medicine, etc, especially, in the medical field as people are unable to travel to different locations, they rely on telemedicine facilities available. All these fields are equally vulnerable to intruders. So, to prevent such an act, encryption of these data in the form of images can be done using chaos encryption. Chaos Encryption has its long way in the field of Secure Communication. Their Unique features offer much more security than any conventional algorithms. There are many simple chaotic maps that could be used for encryption. In this paper, at first Henon chaotic maps is used for the encryption purpose. The comparison of the algorithm with conventional algorithms is also done. Finally, a security analysis for proving the robustness of the algorithm is carried out. Also, different existing and some new versions are compared so as to check whether a new combination could produce a better result. The simulation results show that the proposed algorithm is robust and simple to be used for this application. Also, found a new combination of the map to be used for the application.

In this paper, we propose a twice chaotic encryption scheme to improve the security of CO-OFDM/OQAM system. Simulation results show that the proposed scheme enhance the physical-layer security within the acceptable performance penalty.

In this paper, we propose a Chaotic Constellation Masking (CCM) encryption method based on henon mapping to enhance the security of CO-OFDM/OQAM system. Simulation results indicate the capability of the CCM method improving system security.

In recent years, with the rapid update of wireless communication technologies such as 5G and the Internet of Things, as well as the explosive growth of wireless intelligent devices, people's demand for radio spectrum resources is increasing, which leads spectrum scarcity is becoming more serious. To address the scarcity of spectrum, the Internet of Things based on cognitive radio (CR-IoT) has become an effective technique to enable IoT devices to reuse the spectrum that has been fully utilized. The frequency band information is transmitted through wireless communication in the CR-IoT network, so the node is easily to be eavesdropped or tampered with by attackers in the process of transmitting data, which leads to information leakage and wrong perception results. To deal with the security problem of channel data transmission, this paper proposes a chaotic compressed spectrum sensing algorithm. In this algorithm, the chaotic parameter package is utilized to generate the measurement matrix, which makes good use of the sensitivity of the initial value of chaotic system to improve the transmission security. And the introduction of the semi-tensor theory significantly reduces the dimension of the matrix that the secondary user needs to store. In addition, the semi-tensor compressed sensing is used in the fusion center for parallel reconstruction process, which effectively reduces the sensing time delay. The simulation results show that the chaotic compressed spectrum sensing algorithm can achieve faster, high-quality, and low-energy channel energy transmission.

The emerging time-sensitive applications, such as industrial automation, smart grids, and telesurgery, pose strong demands for enabling large-scale IP-based deterministic networks. The IETF DetNet working group recently proposes a Cycle Specified Queuing and Forwarding (CSQF) solution. However, CSQF only specifies an underlying device-level primitive while how to achieve network-wide flow scheduling remains undefined. Previous scheduling mechanisms are mostly oriented to the context of local area networks, making them inapplicable to the cyclic traffic in wide area networks. In this paper, we design the Cycle Tags Planning (CTP) mechanism, a first mathematical model to enable network-wide scheduling for cyclic traffic in large-scale deterministic networks. Then, a novel scheduling algorithm named flow offset and cycle shift (FO-CS) is designed to compute the flows' cycle tags. The FO-CS algorithm is evaluated under long-distance network topologies in remote industrial control scenarios. Compared with the Naive algorithm without using FO-CS, simulation results demonstrate that FO-CS improves the scheduling flow number by 31.2% in few seconds.

Aimed at the high requirement of timeliness in the process of information assurance, this paper describes the average time delay of information transmission in the system, and designs a timeliness index that can quantitatively describe the ability of early warning information assurance. In response to the problem that system capability cannot meet operational requirements due to enemy attacks, this paper analyzes the structure of the early warning information system, Early warning information complex network model is established, based on the timeliness index, a genetic algorithm based on simulated annealing with special chromosome coding is proposed.the algorithm is used to adjust the network model structure, the ability of early warning information assurance has been improved. Finally, the simulation results show the effectiveness of the proposed method.