A robust ecological security network(ESN)is essential for ensuring regional ecological security,improving fragile ecological conditions,and promoting sustainable development.Climate change and land use/cover change(LU...A robust ecological security network(ESN)is essential for ensuring regional ecological security,improving fragile ecological conditions,and promoting sustainable development.Climate change and land use/cover change(LUCC)influence the structure and connectivity of the ESN by impacting ecosystem services(ESs).Previous studies primarily focused on the overall effects of LUCC on ESN changes,but they largely overlooked the effects of detailed LUCC transitions.In this study,we evaluated changes in the structure and connectivity of the ESN in the Songnen Plain(SNP),Northeast China,over the past 30 yr(1990s-2020s)using circuit theory and graph theory.We further explored the effects of climate change,LUCC,and detailed LUCC transformations on ESN changes through factorial control experiments.Results revealed a 24.86%decrease in ecological sources and a 27.06%decrease in ecological corridors,accompanied by a decline in ESN connectivity from the 1990s to the 2010s.Conversely,from the 2010s to the 2020s,ecological sources increased by 14.71%and ecological corridors increased by 25.71%due to ecological projects such as returning farmland to wetlands,resulting in an overall increase in ESN connectivity.The changes in ESN structure were primarily attributed to LUCC effects,followed by climate change effects and their interactions.In contrast,the changes in connectivity were significantly affected by climate change,followed by interactive effects and LUCC.Through detailed examination of LUCC transformation effects,we further found that the changes in ESN structure were primarily attributed to wetland loss,followed by deforestation and urban expansion.Meanwhile,the changes in ESN connectivity were mainly due to the effects of wetland loss,urban expansion and deforestation.Notably,the adverse effects of wetland loss partly offset climate change benefits on ESN.Our study offers valuable insights for developing future land management policies and implementing ecological projects,aimed at maintaining a stable ESN and ensuring sustainable human development.展开更多
Given the grave local and international network security landscape,a national strategic level analysis indicates that the modernization and advancement within the Industry 4.0 era are closely correlated with overall c...Given the grave local and international network security landscape,a national strategic level analysis indicates that the modernization and advancement within the Industry 4.0 era are closely correlated with overall competitive strength.Consequently,China proposed a strategy for the integration of industrialization and informatization,optimizing and adjusting its industrial structure to swiftly achieve transformation and upgrading in the Industry 4.0 era,thereby enhancing the sophistication of intelligent industrial control systems.The distributed control system in a nuclear power plant functions as an industrial control system,overseeing the operational status of the physical process.Its ability to ensure safe and reliable operation is directly linked to nuclear safety and the cybersecurity of the facility.The management of network security in distributed control systems(DCS)is crucial for achieving this objective.Due to the varying network settings and parameters of the DCS implemented in each nuclear power plant,the network security status of the system sometimes diverges from expectations.During system operation,it will undoubtedly encounter network security issues.Consequently,nuclear power plants utilize the technical criteria outlined in GB/T 22239 to formulate a network security management program aimed at enhancing the operational security of DCS within these facilities.This study utilizes existing network security regulations and standards as a reference to analyze the network security control standards based on the nuclear power plant’s control system.It delineates the fundamental requirements for network security management,facilitating integration with the entire life cycle of the research,development,and application of the nuclear power plant’s distributed control system,thereby establishing a network security management methodology that satisfies the control requirements of the nuclear power plant.Initially,it presents DCS and network security management,outlines current domestic and international network security legislation and standards,and specifies the standards pertinent to the administration of DCS in nuclear power plants.Secondly,the design of network security management for DCS is executed in conjunction with the specific context of nuclear power plants.This encompasses the deployment of network security apparatus,validation of the network security management strategy,and optimization adjustments.Consequently,recommendations beneficial to the network security management of nuclear power plants are compiled,aimed at establishing a management system and incorporating the concept of full life cycle management,which is predicated on system requirements,system design,and both software and hardware considerations.Conversely,it presents the notion of comprehensive life cycle management and suggests network security management strategies encompassing system requirements,system architecture,detailed hardware and software design and implementation,procurement,internal system integration,system validation and acceptance testing,system installation,operational maintenance,system modifications,and decommissioning.We will consistently enhance the performance and functionality of DCS in nuclear power plants,establish a safe and secure operational environment,and thereby facilitate the implementation of DCS in nuclear facilities while ensuring robust network security in the future.展开更多
The 5G-R network is on the verge of entering the construction stage.Given that the dedicated network for railways is closely linked to train operation safety,there are extremely high requirements for network security....The 5G-R network is on the verge of entering the construction stage.Given that the dedicated network for railways is closely linked to train operation safety,there are extremely high requirements for network security.As a result,there is an urgent need to conduct research on 5G-R network security.To comprehensively enhance the end-to-end security protection of the 5G-R network,this study summarized the security requirements of the GSM-R network,analyzed the security risks and requirements faced by the 5G-R network,and proposed an overall 5G-R network security architecture.The security technical schemes were detailed from various aspects:5G-R infrastructure security,terminal access security,networking security,operation and maintenance security,data security,and network boundary security.Additionally,the study proposed leveraging the 5G-R security situation awareness system to achieve a comprehensive upgrade from basic security technologies to endogenous security capabilities within the 5G-R system.展开更多
The rapid growth of Internet of things devices and the emergence of rapidly evolving network threats have made traditional security assessment methods inadequate.Federated learning offers a promising solution to exped...The rapid growth of Internet of things devices and the emergence of rapidly evolving network threats have made traditional security assessment methods inadequate.Federated learning offers a promising solution to expedite the training of security assessment models.However,ensuring the trustworthiness and robustness of federated learning under multi-party collaboration scenarios remains a challenge.To address these issues,this study proposes a shard aggregation network structure and a malicious node detection mechanism,along with improvements to the federated learning training process.First,we extract the data features of the participants by using spectral clustering methods combined with a Gaussian kernel function.Then,we introduce a multi-objective decision-making approach that combines data distribution consistency,consensus communication overhead,and consensus result reliability in order to determine the final network sharing scheme.Finally,by integrating the federated learning aggregation process with the malicious node detection mechanism,we improve the traditional decentralized learning process.Our proposed ShardFed algorithm outperforms conventional classification algorithms and state-of-the-art machine learning methods like FedProx and FedCurv in convergence speed,robustness against data interference,and adaptability across multiple scenarios.Experimental results demonstrate that the proposed approach improves model accuracy by up to 2.33%under non-independent and identically distributed data conditions,maintains higher performance with malicious nodes containing poisoned data ratios of 20%–50%,and significantly enhances model resistance to low-quality data.展开更多
In order to manage all kinds of network security devices and software systems efficiently, and make them collaborate with each other, the model for an open network security management platform is presented. The feasib...In order to manage all kinds of network security devices and software systems efficiently, and make them collaborate with each other, the model for an open network security management platform is presented. The feasibility and key implementing technology of the model are expatiated. A prototype system is implemented to validate it.展开更多
Network Security Situation Awareness System YHSAS acquires,understands and displays the security factors which cause changes of network situation,and predicts the future development trend of these security factors.YHS...Network Security Situation Awareness System YHSAS acquires,understands and displays the security factors which cause changes of network situation,and predicts the future development trend of these security factors.YHSAS is developed for national backbone network,large network operators,large enterprises and other large-scale network.This paper describes its architecture and key technologies:Network Security Oriented Total Factor Information Collection and High-Dimensional Vector Space Analysis,Knowledge Representation and Management of Super Large-Scale Network Security,Multi-Level,Multi-Granularity and Multi-Dimensional Network Security Index Construction Method,Multi-Mode and Multi-Granularity Network Security Situation Prediction Technology,and so on.The performance tests show that YHSAS has high real-time performance and accuracy in security situation analysis and trend prediction.The system meets the demands of analysis and prediction for large-scale network security situation.展开更多
With the rapid development of global information and the increasing dependence on network for people, network security problems are becoming more and more serious. By analyzing the existing security assessment methods...With the rapid development of global information and the increasing dependence on network for people, network security problems are becoming more and more serious. By analyzing the existing security assessment methods, we propose a network security situation evaluation system based on modified D-S evidence theory is proposed. Firstly, we give a modified D-S evidence theory to improve the reliability and rationality of the fusion result and apply the theory to correlation analysis. Secondly, the attack successful support is accurately calculated by matching internal factors with external threats. Multi-module evaluation is established to comprehensively evaluate the situation of network security. Finally we use an example of actual network datasets to validate the network security situation evaluation system. The simulation result shows that the system can not only reduce the rate of false positives and false alarms, but also effectively help analysts comprehensively to understand the situation of network security.展开更多
Network security situation is a hot research topic in the field of network security. Whole situation awareness includes the current situation evaluation and the future situation prediction. However, the now-existing r...Network security situation is a hot research topic in the field of network security. Whole situation awareness includes the current situation evaluation and the future situation prediction. However, the now-existing research focuses on the current situation evaluation, and seldom discusses the future prediction. Based on the historical research, an improved grey Verhulst model is put forward to predict the future situation. Aiming at the shortages in the prediction based on traditional Verhulst model, the adaptive grey parameters and equal- dimensions grey filling methods are proposed to improve the precision. The simulation results prove that the scheme is efficient and applicable.展开更多
In this paper,the security problem for the multi-access edge computing(MEC)network is researched,and an intelligent immunity-based security defense system is proposed to identify the unauthorized mobile users and to p...In this paper,the security problem for the multi-access edge computing(MEC)network is researched,and an intelligent immunity-based security defense system is proposed to identify the unauthorized mobile users and to protect the security of whole system.In the proposed security defense system,the security is protected by the intelligent immunity through three functions,identification function,learning function,and regulation function,respectively.Meanwhile,a three process-based intelligent algorithm is proposed for the intelligent immunity system.Numerical simulations are given to prove the effeteness of the proposed approach.展开更多
In this paper,we investigate and analyze the network security risks faced by 5G private industrial networks.Based on current network security architecture and 3GPP requirements and considering the actual application o...In this paper,we investigate and analyze the network security risks faced by 5G private industrial networks.Based on current network security architecture and 3GPP requirements and considering the actual application of 5G private industrial networks,a comparative analysis is used to plan and design a private network security construction scheme.The network security construction model,network organization,and key processes of 5G private industrial networks at the current stage are investigated.In addition,the key direction for the next stage of construction is discussed.展开更多
Since the frequency of network security incidents is nonlinear,traditional prediction methods such as ARMA,Gray systems are difficult to deal with the problem.When the size of sample is small,methods based on artifici...Since the frequency of network security incidents is nonlinear,traditional prediction methods such as ARMA,Gray systems are difficult to deal with the problem.When the size of sample is small,methods based on artificial neural network may not reach a high degree of preciseness.Least Squares Support Vector Machines (LSSVM) is a kind of machine learning methods based on the statistics learning theory,it can be applied to solve small sample and non-linear problems very well.This paper applied LSSVM to predict the occur frequency of network security incidents.To improve the accuracy,it used an improved genetic algorithm to optimize the parameters of LSSVM.Verified by real data sets,the improved genetic algorithm (IGA) converges faster than the simple genetic algorithm (SGA),and has a higher efficiency in the optimization procedure.Specially,the optimized LSSVM model worked very well on the prediction of frequency of network security incidents.展开更多
As the number of Virtual Machines(VMs) consolidated on single physical server increases with the rapid advance of server hardware,virtual network turns complex and frangible.Modern Network Security Engines(NSE) are in...As the number of Virtual Machines(VMs) consolidated on single physical server increases with the rapid advance of server hardware,virtual network turns complex and frangible.Modern Network Security Engines(NSE) are introduced to eradicate the intrusions occurring in the virtual network.In this paper,we point out the inadequacy of the present live migration implementation,which hinders itself from providing transparent VM relocation between hypervisors equipped with Network Security Engines(NSE-H).This occurs because the current implementation ignores VM-related Security Context(SC) required by NSEs embedded in NSE-H.We present the CoM,a comprehensive live migration framework,for NSE-H-based virtualization computing environment.We built a prototype system on Xen hypervisors to evaluate our framework,and conduct experiments under various realistic application environments.The results demonstrate that our solution successfully fixes the inadequacy of the present live migration implementation,and the performance overhead is negligible.展开更多
The risk situation assessment and forecast technique of network security is a basic method of active defense techniques. In order to assess the risk of network security two methods were used to define the index of ris...The risk situation assessment and forecast technique of network security is a basic method of active defense techniques. In order to assess the risk of network security two methods were used to define the index of risk and forecast index in time series, they were analytical hierarchy process (AHP) and support vector regression (SVR). The module framework applied the methods above was also discussed. Experiment results showed the forecast values were so close to actual values and so it proved the approach is correct.展开更多
The security incidents ion networks are sudden and uncertain, it is very hard to precisely predict the network security situation by traditional methods. In order to improve the prediction accuracy of the network secu...The security incidents ion networks are sudden and uncertain, it is very hard to precisely predict the network security situation by traditional methods. In order to improve the prediction accuracy of the network security situation, we build a network security situation prediction model based on Wavelet Neural Network (WNN) with optimized parameters by the Improved Niche Genetic Algorithm (INGA). The proposed model adopts WNN which has strong nonlinear ability and fault-tolerance performance. Also, the parameters for WNN are optimized through the adaptive genetic algorithm (GA) so that WNN searches more effectively. Considering the problem that the adaptive GA converges slowly and easily turns to the premature problem, we introduce a novel niche technology with a dynamic fuzzy clustering and elimination mechanism to solve the premature convergence of the GA. Our final simulation results show that the proposed INGA-WNN prediction model is more reliable and effective, and it achieves faster convergence-speed and higher prediction accuracy than the Genetic Algorithm-Wavelet Neural Network (GA-WNN). Genetic Algorithm-Back Propagation Neural Network (GA-BPNN) and WNN.展开更多
With the rapid development of wireless networks,the Ad Hoc networks are widely used in many fields,but the current network security solutions for the Ad Hoc network are not competitive enough.So the critical technolog...With the rapid development of wireless networks,the Ad Hoc networks are widely used in many fields,but the current network security solutions for the Ad Hoc network are not competitive enough.So the critical technology of Ad Hoc network applications shall be how to implement the security scheme.Here the discussions are focused on the specific solution against the security threats which the Ad Hoc networks will face,the methodology of a management model which uses trusted computing technology to solve Ad Hoc network security problems,and the analysis and verification for the security of this model.展开更多
To ensure the safe operation of industrial digital twins network and avoid the harm to the system caused by hacker invasion,a series of discussions on network security issues are carried out based on game theory.From ...To ensure the safe operation of industrial digital twins network and avoid the harm to the system caused by hacker invasion,a series of discussions on network security issues are carried out based on game theory.From the perspective of the life cycle of network vulnerabilities,mining and repairing vulnerabilities are analyzed by applying evolutionary game theory.The evolution process of knowledge sharing among white hats under various conditions is simulated,and a game model of the vulnerability patch cooperative development strategy among manufacturers is constructed.On this basis,the differential evolution is introduced into the update mechanism of the Wolf Colony Algorithm(WCA)to produce better replacement individuals with greater probability from the perspective of both attack and defense.Through the simulation experiment,it is found that the convergence speed of the probability(X)of white Hat 1 choosing the knowledge sharing policy is related to the probability(x0)of white Hat 2 choosing the knowledge sharing policy initially,and the probability(y0)of white hat 2 choosing the knowledge sharing policy initially.When y0?0.9,X converges rapidly in a relatively short time.When y0 is constant and x0 is small,the probability curve of the“cooperative development”strategy converges to 0.It is concluded that the higher the trust among the white hat members in the temporary team,the stronger their willingness to share knowledge,which is conducive to the mining of loopholes in the system.The greater the probability of a hacker attacking the vulnerability before it is fully disclosed,the lower the willingness of manufacturers to choose the"cooperative development"of vulnerability patches.Applying the improved wolf colonyco-evolution algorithm can obtain the equilibrium solution of the"attack and defense game model",and allocate the security protection resources according to the importance of nodes.This study can provide an effective solution to protect the network security for digital twins in the industry.展开更多
In this work, a hardware intrusion detection system (IDS) model and its implementation are introduced to perform online real-time traffic monitoring and analysis. The introduced system gathers some advantages of man...In this work, a hardware intrusion detection system (IDS) model and its implementation are introduced to perform online real-time traffic monitoring and analysis. The introduced system gathers some advantages of many IDSs: hardware based from implementation point of view, network based from system type point of view, and anomaly detection from detection approach point of view. In addition, it can detect most of network attacks, such as denial of services (DOS), leakage, etc. from detection behavior point of view and can detect both internal and external intruders from intruder type point of view. Gathering these features in one IDS system gives lots of strengths and advantages of the work. The system is implemented by using field programmable gate array (FPGA), giving a more advantages to the system. A C5.0 decision tree classifier is used as inference engine to the system and gives a high detection ratio of 99.93%.展开更多
This paper focuses on investigating immunological principles in designing a multi-agent security architecture for intrusion detection and response in mobile ad hoc networks. In this approach, the immunity-based agents...This paper focuses on investigating immunological principles in designing a multi-agent security architecture for intrusion detection and response in mobile ad hoc networks. In this approach, the immunity-based agents monitor the situation in the network. These agents can take appropriate actions according to the underlying security policies. Specifically, their activities are coordinated in a hierarchical fashion while sensing, communicating, decision and generating responses. Such an agent can learn and adapt to its environment dynamically and can detect both known and unknown intrusions. The proposed intrusion detection architecture is designed to be flexible, extendible, and adaptable that can perform real-time monitoring. This paper provides the conceptual view and a general framework of the proposed system. In the end, the architecture is illustrated by an example to show it can prevent the attack efficiently.展开更多
The tremendous performance gain of heterogeneous networks(Het Nets) is at the cost of complicated resource allocation. Considering information security, the resource allocation for Het Nets becomes much more challengi...The tremendous performance gain of heterogeneous networks(Het Nets) is at the cost of complicated resource allocation. Considering information security, the resource allocation for Het Nets becomes much more challenging and this is the focus of this paper. In this paper, the eavesdropper is hidden from the macro base stations. To relax the unpractical assumption on the channel state information on eavesdropper, a localization based algorithm is first given. Then a joint resource allocation algorithm is proposed in our work, which simultaneously considers physical layer security, cross-tier interference and joint optimization of power and subcarriers under fairness requirements. It is revealed in our work that the considered optimization problem can be efficiently solved relying on convex optimization theory and the Lagrangian dual decomposition method is exploited to solve the considered problem effectively. Moreover, in each iteration the closed-form optimal resource allocation solutions can be obtained based on the Karush-Kuhn-Tucker(KKT) conditions. Finally, the simulation results are given to show the performance advantages of the proposed algorithm.展开更多
The accuracy of historical situation values is required for traditional network security situation prediction(NSSP).There are discrepancies in the correlation and weighting of the various network security elements.To ...The accuracy of historical situation values is required for traditional network security situation prediction(NSSP).There are discrepancies in the correlation and weighting of the various network security elements.To solve these problems,a combined prediction model based on the temporal convolution attention network(TCAN)and bi-directional gate recurrent unit(BiGRU)network is proposed,which is optimized by singular spectrum analysis(SSA)and improved quantum particle swarmoptimization algorithm(IQPSO).This model first decomposes and reconstructs network security situation data into a series of subsequences by SSA to remove the noise from the data.Furthermore,a prediction model of TCAN-BiGRU is established respectively for each subsequence.TCAN uses the TCN to extract features from the network security situation data and the improved channel attention mechanism(CAM)to extract important feature information from TCN.BiGRU learns the before-after status of situation data to extract more feature information from sequences for prediction.Besides,IQPSO is proposed to optimize the hyperparameters of BiGRU.Finally,the prediction results of the subsequence are superimposed to obtain the final predicted value.On the one hand,IQPSO compares with other optimization algorithms in the experiment,whose performance can find the optimum value of the benchmark function many times,showing that IQPSO performs better.On the other hand,the established prediction model compares with the traditional prediction methods through the simulation experiment,whose coefficient of determination is up to 0.999 on both sets,indicating that the combined prediction model established has higher prediction accuracy.展开更多
基金Under the auspices of National Key Research and Development Program of China(No.2022YFF1300904)the National Natural Science Foundation of China(No.42271119,42371075,42471127)+1 种基金Youth Innovation Promotion Association,Chinese Academy of Sciences(No.2023238)Jilin Province Science and Technology Development Plan Project(No.20230203001SF)。
文摘A robust ecological security network(ESN)is essential for ensuring regional ecological security,improving fragile ecological conditions,and promoting sustainable development.Climate change and land use/cover change(LUCC)influence the structure and connectivity of the ESN by impacting ecosystem services(ESs).Previous studies primarily focused on the overall effects of LUCC on ESN changes,but they largely overlooked the effects of detailed LUCC transitions.In this study,we evaluated changes in the structure and connectivity of the ESN in the Songnen Plain(SNP),Northeast China,over the past 30 yr(1990s-2020s)using circuit theory and graph theory.We further explored the effects of climate change,LUCC,and detailed LUCC transformations on ESN changes through factorial control experiments.Results revealed a 24.86%decrease in ecological sources and a 27.06%decrease in ecological corridors,accompanied by a decline in ESN connectivity from the 1990s to the 2010s.Conversely,from the 2010s to the 2020s,ecological sources increased by 14.71%and ecological corridors increased by 25.71%due to ecological projects such as returning farmland to wetlands,resulting in an overall increase in ESN connectivity.The changes in ESN structure were primarily attributed to LUCC effects,followed by climate change effects and their interactions.In contrast,the changes in connectivity were significantly affected by climate change,followed by interactive effects and LUCC.Through detailed examination of LUCC transformation effects,we further found that the changes in ESN structure were primarily attributed to wetland loss,followed by deforestation and urban expansion.Meanwhile,the changes in ESN connectivity were mainly due to the effects of wetland loss,urban expansion and deforestation.Notably,the adverse effects of wetland loss partly offset climate change benefits on ESN.Our study offers valuable insights for developing future land management policies and implementing ecological projects,aimed at maintaining a stable ESN and ensuring sustainable human development.
文摘Given the grave local and international network security landscape,a national strategic level analysis indicates that the modernization and advancement within the Industry 4.0 era are closely correlated with overall competitive strength.Consequently,China proposed a strategy for the integration of industrialization and informatization,optimizing and adjusting its industrial structure to swiftly achieve transformation and upgrading in the Industry 4.0 era,thereby enhancing the sophistication of intelligent industrial control systems.The distributed control system in a nuclear power plant functions as an industrial control system,overseeing the operational status of the physical process.Its ability to ensure safe and reliable operation is directly linked to nuclear safety and the cybersecurity of the facility.The management of network security in distributed control systems(DCS)is crucial for achieving this objective.Due to the varying network settings and parameters of the DCS implemented in each nuclear power plant,the network security status of the system sometimes diverges from expectations.During system operation,it will undoubtedly encounter network security issues.Consequently,nuclear power plants utilize the technical criteria outlined in GB/T 22239 to formulate a network security management program aimed at enhancing the operational security of DCS within these facilities.This study utilizes existing network security regulations and standards as a reference to analyze the network security control standards based on the nuclear power plant’s control system.It delineates the fundamental requirements for network security management,facilitating integration with the entire life cycle of the research,development,and application of the nuclear power plant’s distributed control system,thereby establishing a network security management methodology that satisfies the control requirements of the nuclear power plant.Initially,it presents DCS and network security management,outlines current domestic and international network security legislation and standards,and specifies the standards pertinent to the administration of DCS in nuclear power plants.Secondly,the design of network security management for DCS is executed in conjunction with the specific context of nuclear power plants.This encompasses the deployment of network security apparatus,validation of the network security management strategy,and optimization adjustments.Consequently,recommendations beneficial to the network security management of nuclear power plants are compiled,aimed at establishing a management system and incorporating the concept of full life cycle management,which is predicated on system requirements,system design,and both software and hardware considerations.Conversely,it presents the notion of comprehensive life cycle management and suggests network security management strategies encompassing system requirements,system architecture,detailed hardware and software design and implementation,procurement,internal system integration,system validation and acceptance testing,system installation,operational maintenance,system modifications,and decommissioning.We will consistently enhance the performance and functionality of DCS in nuclear power plants,establish a safe and secure operational environment,and thereby facilitate the implementation of DCS in nuclear facilities while ensuring robust network security in the future.
文摘The 5G-R network is on the verge of entering the construction stage.Given that the dedicated network for railways is closely linked to train operation safety,there are extremely high requirements for network security.As a result,there is an urgent need to conduct research on 5G-R network security.To comprehensively enhance the end-to-end security protection of the 5G-R network,this study summarized the security requirements of the GSM-R network,analyzed the security risks and requirements faced by the 5G-R network,and proposed an overall 5G-R network security architecture.The security technical schemes were detailed from various aspects:5G-R infrastructure security,terminal access security,networking security,operation and maintenance security,data security,and network boundary security.Additionally,the study proposed leveraging the 5G-R security situation awareness system to achieve a comprehensive upgrade from basic security technologies to endogenous security capabilities within the 5G-R system.
基金supported by State Grid Hebei Electric Power Co.,Ltd.Science and Technology Project,Research on Security Protection of Power Services Carried by 4G/5G Networks(Grant No.KJ2024-127).
文摘The rapid growth of Internet of things devices and the emergence of rapidly evolving network threats have made traditional security assessment methods inadequate.Federated learning offers a promising solution to expedite the training of security assessment models.However,ensuring the trustworthiness and robustness of federated learning under multi-party collaboration scenarios remains a challenge.To address these issues,this study proposes a shard aggregation network structure and a malicious node detection mechanism,along with improvements to the federated learning training process.First,we extract the data features of the participants by using spectral clustering methods combined with a Gaussian kernel function.Then,we introduce a multi-objective decision-making approach that combines data distribution consistency,consensus communication overhead,and consensus result reliability in order to determine the final network sharing scheme.Finally,by integrating the federated learning aggregation process with the malicious node detection mechanism,we improve the traditional decentralized learning process.Our proposed ShardFed algorithm outperforms conventional classification algorithms and state-of-the-art machine learning methods like FedProx and FedCurv in convergence speed,robustness against data interference,and adaptability across multiple scenarios.Experimental results demonstrate that the proposed approach improves model accuracy by up to 2.33%under non-independent and identically distributed data conditions,maintains higher performance with malicious nodes containing poisoned data ratios of 20%–50%,and significantly enhances model resistance to low-quality data.
文摘In order to manage all kinds of network security devices and software systems efficiently, and make them collaborate with each other, the model for an open network security management platform is presented. The feasibility and key implementing technology of the model are expatiated. A prototype system is implemented to validate it.
基金This work is funded by the National Natural Science Foundation of China under Grant U1636215the National key research and development plan under Grant Nos.2018YFB0803504,2016YFB0800303.
文摘Network Security Situation Awareness System YHSAS acquires,understands and displays the security factors which cause changes of network situation,and predicts the future development trend of these security factors.YHSAS is developed for national backbone network,large network operators,large enterprises and other large-scale network.This paper describes its architecture and key technologies:Network Security Oriented Total Factor Information Collection and High-Dimensional Vector Space Analysis,Knowledge Representation and Management of Super Large-Scale Network Security,Multi-Level,Multi-Granularity and Multi-Dimensional Network Security Index Construction Method,Multi-Mode and Multi-Granularity Network Security Situation Prediction Technology,and so on.The performance tests show that YHSAS has high real-time performance and accuracy in security situation analysis and trend prediction.The system meets the demands of analysis and prediction for large-scale network security situation.
基金Supported by the Foundation of Tianjin for Science and Technology Innovation(10FDZDGX00400,11ZCKFGX00900)Key Project of Educational Reform Foundation of Tianjin Municipal Education Commission(C03-0809)
文摘With the rapid development of global information and the increasing dependence on network for people, network security problems are becoming more and more serious. By analyzing the existing security assessment methods, we propose a network security situation evaluation system based on modified D-S evidence theory is proposed. Firstly, we give a modified D-S evidence theory to improve the reliability and rationality of the fusion result and apply the theory to correlation analysis. Secondly, the attack successful support is accurately calculated by matching internal factors with external threats. Multi-module evaluation is established to comprehensively evaluate the situation of network security. Finally we use an example of actual network datasets to validate the network security situation evaluation system. The simulation result shows that the system can not only reduce the rate of false positives and false alarms, but also effectively help analysts comprehensively to understand the situation of network security.
基金the National Natural Science Foundation of China(No.60605019)
文摘Network security situation is a hot research topic in the field of network security. Whole situation awareness includes the current situation evaluation and the future situation prediction. However, the now-existing research focuses on the current situation evaluation, and seldom discusses the future prediction. Based on the historical research, an improved grey Verhulst model is put forward to predict the future situation. Aiming at the shortages in the prediction based on traditional Verhulst model, the adaptive grey parameters and equal- dimensions grey filling methods are proposed to improve the precision. The simulation results prove that the scheme is efficient and applicable.
基金This work was supported by National Natural Science Foundation of China(No.61971026)the Fundamental Research Funds for the Central Universities(No.FRF-TP-18-008A3).
文摘In this paper,the security problem for the multi-access edge computing(MEC)network is researched,and an intelligent immunity-based security defense system is proposed to identify the unauthorized mobile users and to protect the security of whole system.In the proposed security defense system,the security is protected by the intelligent immunity through three functions,identification function,learning function,and regulation function,respectively.Meanwhile,a three process-based intelligent algorithm is proposed for the intelligent immunity system.Numerical simulations are given to prove the effeteness of the proposed approach.
文摘In this paper,we investigate and analyze the network security risks faced by 5G private industrial networks.Based on current network security architecture and 3GPP requirements and considering the actual application of 5G private industrial networks,a comparative analysis is used to plan and design a private network security construction scheme.The network security construction model,network organization,and key processes of 5G private industrial networks at the current stage are investigated.In addition,the key direction for the next stage of construction is discussed.
基金supported in part by the National High Technology Research and Development Program of China ("863" Program) (No.2007AA010502)
文摘Since the frequency of network security incidents is nonlinear,traditional prediction methods such as ARMA,Gray systems are difficult to deal with the problem.When the size of sample is small,methods based on artificial neural network may not reach a high degree of preciseness.Least Squares Support Vector Machines (LSSVM) is a kind of machine learning methods based on the statistics learning theory,it can be applied to solve small sample and non-linear problems very well.This paper applied LSSVM to predict the occur frequency of network security incidents.To improve the accuracy,it used an improved genetic algorithm to optimize the parameters of LSSVM.Verified by real data sets,the improved genetic algorithm (IGA) converges faster than the simple genetic algorithm (SGA),and has a higher efficiency in the optimization procedure.Specially,the optimized LSSVM model worked very well on the prediction of frequency of network security incidents.
基金supported by State Key Laboratory of Software Development Environment under Grant No. SKLSDE-2009ZX-02China Aviation Science Fund under Grant No.20081951National High Technical Research and Development Program of China (863 Program) under Grant No.2007AA01Z183
文摘As the number of Virtual Machines(VMs) consolidated on single physical server increases with the rapid advance of server hardware,virtual network turns complex and frangible.Modern Network Security Engines(NSE) are introduced to eradicate the intrusions occurring in the virtual network.In this paper,we point out the inadequacy of the present live migration implementation,which hinders itself from providing transparent VM relocation between hypervisors equipped with Network Security Engines(NSE-H).This occurs because the current implementation ignores VM-related Security Context(SC) required by NSEs embedded in NSE-H.We present the CoM,a comprehensive live migration framework,for NSE-H-based virtualization computing environment.We built a prototype system on Xen hypervisors to evaluate our framework,and conduct experiments under various realistic application environments.The results demonstrate that our solution successfully fixes the inadequacy of the present live migration implementation,and the performance overhead is negligible.
基金Supported bythe Basic Research of Commission ofScience , Technology and Industry for National Defense (03058720)
文摘The risk situation assessment and forecast technique of network security is a basic method of active defense techniques. In order to assess the risk of network security two methods were used to define the index of risk and forecast index in time series, they were analytical hierarchy process (AHP) and support vector regression (SVR). The module framework applied the methods above was also discussed. Experiment results showed the forecast values were so close to actual values and so it proved the approach is correct.
基金This work was partially supported by the National Natural Science Foundation of China (Nos. 61271260 and 61301122) and the Natural Science Foundation of Chongqing Science and Technology Commission (No. cstc2015jcyjA40050, cstc2014jcyjA40052), Scientific and Technological Research Program of Chongqing Municipal Education Commission (KJ1400405). Research Fund for Young Scholars of Chongqing University of Posts and Telecommunications (A2013-30), the Science Research Starting Foundation of Chongqing University of Posts and Telecommunications (A2013-23).
文摘The security incidents ion networks are sudden and uncertain, it is very hard to precisely predict the network security situation by traditional methods. In order to improve the prediction accuracy of the network security situation, we build a network security situation prediction model based on Wavelet Neural Network (WNN) with optimized parameters by the Improved Niche Genetic Algorithm (INGA). The proposed model adopts WNN which has strong nonlinear ability and fault-tolerance performance. Also, the parameters for WNN are optimized through the adaptive genetic algorithm (GA) so that WNN searches more effectively. Considering the problem that the adaptive GA converges slowly and easily turns to the premature problem, we introduce a novel niche technology with a dynamic fuzzy clustering and elimination mechanism to solve the premature convergence of the GA. Our final simulation results show that the proposed INGA-WNN prediction model is more reliable and effective, and it achieves faster convergence-speed and higher prediction accuracy than the Genetic Algorithm-Wavelet Neural Network (GA-WNN). Genetic Algorithm-Back Propagation Neural Network (GA-BPNN) and WNN.
基金National Natural Science Foundation of China under Grant No. 60970115,National Natural Science Funds Projects of China under Grant No. 91018008
文摘With the rapid development of wireless networks,the Ad Hoc networks are widely used in many fields,but the current network security solutions for the Ad Hoc network are not competitive enough.So the critical technology of Ad Hoc network applications shall be how to implement the security scheme.Here the discussions are focused on the specific solution against the security threats which the Ad Hoc networks will face,the methodology of a management model which uses trusted computing technology to solve Ad Hoc network security problems,and the analysis and verification for the security of this model.
文摘To ensure the safe operation of industrial digital twins network and avoid the harm to the system caused by hacker invasion,a series of discussions on network security issues are carried out based on game theory.From the perspective of the life cycle of network vulnerabilities,mining and repairing vulnerabilities are analyzed by applying evolutionary game theory.The evolution process of knowledge sharing among white hats under various conditions is simulated,and a game model of the vulnerability patch cooperative development strategy among manufacturers is constructed.On this basis,the differential evolution is introduced into the update mechanism of the Wolf Colony Algorithm(WCA)to produce better replacement individuals with greater probability from the perspective of both attack and defense.Through the simulation experiment,it is found that the convergence speed of the probability(X)of white Hat 1 choosing the knowledge sharing policy is related to the probability(x0)of white Hat 2 choosing the knowledge sharing policy initially,and the probability(y0)of white hat 2 choosing the knowledge sharing policy initially.When y0?0.9,X converges rapidly in a relatively short time.When y0 is constant and x0 is small,the probability curve of the“cooperative development”strategy converges to 0.It is concluded that the higher the trust among the white hat members in the temporary team,the stronger their willingness to share knowledge,which is conducive to the mining of loopholes in the system.The greater the probability of a hacker attacking the vulnerability before it is fully disclosed,the lower the willingness of manufacturers to choose the"cooperative development"of vulnerability patches.Applying the improved wolf colonyco-evolution algorithm can obtain the equilibrium solution of the"attack and defense game model",and allocate the security protection resources according to the importance of nodes.This study can provide an effective solution to protect the network security for digital twins in the industry.
文摘In this work, a hardware intrusion detection system (IDS) model and its implementation are introduced to perform online real-time traffic monitoring and analysis. The introduced system gathers some advantages of many IDSs: hardware based from implementation point of view, network based from system type point of view, and anomaly detection from detection approach point of view. In addition, it can detect most of network attacks, such as denial of services (DOS), leakage, etc. from detection behavior point of view and can detect both internal and external intruders from intruder type point of view. Gathering these features in one IDS system gives lots of strengths and advantages of the work. The system is implemented by using field programmable gate array (FPGA), giving a more advantages to the system. A C5.0 decision tree classifier is used as inference engine to the system and gives a high detection ratio of 99.93%.
基金Supported by the National High Technology Develop ment 863 Program of China (No.2003AA148010)Key Technologies R&D Program of China (No.2002DA103A03-07).
文摘This paper focuses on investigating immunological principles in designing a multi-agent security architecture for intrusion detection and response in mobile ad hoc networks. In this approach, the immunity-based agents monitor the situation in the network. These agents can take appropriate actions according to the underlying security policies. Specifically, their activities are coordinated in a hierarchical fashion while sensing, communicating, decision and generating responses. Such an agent can learn and adapt to its environment dynamically and can detect both known and unknown intrusions. The proposed intrusion detection architecture is designed to be flexible, extendible, and adaptable that can perform real-time monitoring. This paper provides the conceptual view and a general framework of the proposed system. In the end, the architecture is illustrated by an example to show it can prevent the attack efficiently.
基金supported by the National Natural Science Foundation of China under Grant No.61371075the 863 project SS2015AA011306
文摘The tremendous performance gain of heterogeneous networks(Het Nets) is at the cost of complicated resource allocation. Considering information security, the resource allocation for Het Nets becomes much more challenging and this is the focus of this paper. In this paper, the eavesdropper is hidden from the macro base stations. To relax the unpractical assumption on the channel state information on eavesdropper, a localization based algorithm is first given. Then a joint resource allocation algorithm is proposed in our work, which simultaneously considers physical layer security, cross-tier interference and joint optimization of power and subcarriers under fairness requirements. It is revealed in our work that the considered optimization problem can be efficiently solved relying on convex optimization theory and the Lagrangian dual decomposition method is exploited to solve the considered problem effectively. Moreover, in each iteration the closed-form optimal resource allocation solutions can be obtained based on the Karush-Kuhn-Tucker(KKT) conditions. Finally, the simulation results are given to show the performance advantages of the proposed algorithm.
基金This work is supported by the National Science Foundation of China(61806219,61703426,and 61876189)by National Science Foundation of Shaanxi Provence(2021JM-226)by the Young Talent fund of the University,and the Association for Science and Technology in Shaanxi,China(20190108,20220106)by and the Innovation Capability Support Plan of Shaanxi,China(2020KJXX-065).
文摘The accuracy of historical situation values is required for traditional network security situation prediction(NSSP).There are discrepancies in the correlation and weighting of the various network security elements.To solve these problems,a combined prediction model based on the temporal convolution attention network(TCAN)and bi-directional gate recurrent unit(BiGRU)network is proposed,which is optimized by singular spectrum analysis(SSA)and improved quantum particle swarmoptimization algorithm(IQPSO).This model first decomposes and reconstructs network security situation data into a series of subsequences by SSA to remove the noise from the data.Furthermore,a prediction model of TCAN-BiGRU is established respectively for each subsequence.TCAN uses the TCN to extract features from the network security situation data and the improved channel attention mechanism(CAM)to extract important feature information from TCN.BiGRU learns the before-after status of situation data to extract more feature information from sequences for prediction.Besides,IQPSO is proposed to optimize the hyperparameters of BiGRU.Finally,the prediction results of the subsequence are superimposed to obtain the final predicted value.On the one hand,IQPSO compares with other optimization algorithms in the experiment,whose performance can find the optimum value of the benchmark function many times,showing that IQPSO performs better.On the other hand,the established prediction model compares with the traditional prediction methods through the simulation experiment,whose coefficient of determination is up to 0.999 on both sets,indicating that the combined prediction model established has higher prediction accuracy.
