A robust ecological security network(ESN)is essential for ensuring regional ecological security,improving fragile ecological conditions,and promoting sustainable development.Climate change and land use/cover change(LU...A robust ecological security network(ESN)is essential for ensuring regional ecological security,improving fragile ecological conditions,and promoting sustainable development.Climate change and land use/cover change(LUCC)influence the structure and connectivity of the ESN by impacting ecosystem services(ESs).Previous studies primarily focused on the overall effects of LUCC on ESN changes,but they largely overlooked the effects of detailed LUCC transitions.In this study,we evaluated changes in the structure and connectivity of the ESN in the Songnen Plain(SNP),Northeast China,over the past 30 yr(1990s-2020s)using circuit theory and graph theory.We further explored the effects of climate change,LUCC,and detailed LUCC transformations on ESN changes through factorial control experiments.Results revealed a 24.86%decrease in ecological sources and a 27.06%decrease in ecological corridors,accompanied by a decline in ESN connectivity from the 1990s to the 2010s.Conversely,from the 2010s to the 2020s,ecological sources increased by 14.71%and ecological corridors increased by 25.71%due to ecological projects such as returning farmland to wetlands,resulting in an overall increase in ESN connectivity.The changes in ESN structure were primarily attributed to LUCC effects,followed by climate change effects and their interactions.In contrast,the changes in connectivity were significantly affected by climate change,followed by interactive effects and LUCC.Through detailed examination of LUCC transformation effects,we further found that the changes in ESN structure were primarily attributed to wetland loss,followed by deforestation and urban expansion.Meanwhile,the changes in ESN connectivity were mainly due to the effects of wetland loss,urban expansion and deforestation.Notably,the adverse effects of wetland loss partly offset climate change benefits on ESN.Our study offers valuable insights for developing future land management policies and implementing ecological projects,aimed at maintaining a stable ESN and ensuring sustainable human development.展开更多
Given the grave local and international network security landscape,a national strategic level analysis indicates that the modernization and advancement within the Industry 4.0 era are closely correlated with overall c...Given the grave local and international network security landscape,a national strategic level analysis indicates that the modernization and advancement within the Industry 4.0 era are closely correlated with overall competitive strength.Consequently,China proposed a strategy for the integration of industrialization and informatization,optimizing and adjusting its industrial structure to swiftly achieve transformation and upgrading in the Industry 4.0 era,thereby enhancing the sophistication of intelligent industrial control systems.The distributed control system in a nuclear power plant functions as an industrial control system,overseeing the operational status of the physical process.Its ability to ensure safe and reliable operation is directly linked to nuclear safety and the cybersecurity of the facility.The management of network security in distributed control systems(DCS)is crucial for achieving this objective.Due to the varying network settings and parameters of the DCS implemented in each nuclear power plant,the network security status of the system sometimes diverges from expectations.During system operation,it will undoubtedly encounter network security issues.Consequently,nuclear power plants utilize the technical criteria outlined in GB/T 22239 to formulate a network security management program aimed at enhancing the operational security of DCS within these facilities.This study utilizes existing network security regulations and standards as a reference to analyze the network security control standards based on the nuclear power plant’s control system.It delineates the fundamental requirements for network security management,facilitating integration with the entire life cycle of the research,development,and application of the nuclear power plant’s distributed control system,thereby establishing a network security management methodology that satisfies the control requirements of the nuclear power plant.Initially,it presents DCS and network security management,outlines current domestic and international network security legislation and standards,and specifies the standards pertinent to the administration of DCS in nuclear power plants.Secondly,the design of network security management for DCS is executed in conjunction with the specific context of nuclear power plants.This encompasses the deployment of network security apparatus,validation of the network security management strategy,and optimization adjustments.Consequently,recommendations beneficial to the network security management of nuclear power plants are compiled,aimed at establishing a management system and incorporating the concept of full life cycle management,which is predicated on system requirements,system design,and both software and hardware considerations.Conversely,it presents the notion of comprehensive life cycle management and suggests network security management strategies encompassing system requirements,system architecture,detailed hardware and software design and implementation,procurement,internal system integration,system validation and acceptance testing,system installation,operational maintenance,system modifications,and decommissioning.We will consistently enhance the performance and functionality of DCS in nuclear power plants,establish a safe and secure operational environment,and thereby facilitate the implementation of DCS in nuclear facilities while ensuring robust network security in the future.展开更多
The 5G-R network is on the verge of entering the construction stage.Given that the dedicated network for railways is closely linked to train operation safety,there are extremely high requirements for network security....The 5G-R network is on the verge of entering the construction stage.Given that the dedicated network for railways is closely linked to train operation safety,there are extremely high requirements for network security.As a result,there is an urgent need to conduct research on 5G-R network security.To comprehensively enhance the end-to-end security protection of the 5G-R network,this study summarized the security requirements of the GSM-R network,analyzed the security risks and requirements faced by the 5G-R network,and proposed an overall 5G-R network security architecture.The security technical schemes were detailed from various aspects:5G-R infrastructure security,terminal access security,networking security,operation and maintenance security,data security,and network boundary security.Additionally,the study proposed leveraging the 5G-R security situation awareness system to achieve a comprehensive upgrade from basic security technologies to endogenous security capabilities within the 5G-R system.展开更多
The rapid growth of Internet of things devices and the emergence of rapidly evolving network threats have made traditional security assessment methods inadequate.Federated learning offers a promising solution to exped...The rapid growth of Internet of things devices and the emergence of rapidly evolving network threats have made traditional security assessment methods inadequate.Federated learning offers a promising solution to expedite the training of security assessment models.However,ensuring the trustworthiness and robustness of federated learning under multi-party collaboration scenarios remains a challenge.To address these issues,this study proposes a shard aggregation network structure and a malicious node detection mechanism,along with improvements to the federated learning training process.First,we extract the data features of the participants by using spectral clustering methods combined with a Gaussian kernel function.Then,we introduce a multi-objective decision-making approach that combines data distribution consistency,consensus communication overhead,and consensus result reliability in order to determine the final network sharing scheme.Finally,by integrating the federated learning aggregation process with the malicious node detection mechanism,we improve the traditional decentralized learning process.Our proposed ShardFed algorithm outperforms conventional classification algorithms and state-of-the-art machine learning methods like FedProx and FedCurv in convergence speed,robustness against data interference,and adaptability across multiple scenarios.Experimental results demonstrate that the proposed approach improves model accuracy by up to 2.33%under non-independent and identically distributed data conditions,maintains higher performance with malicious nodes containing poisoned data ratios of 20%–50%,and significantly enhances model resistance to low-quality data.展开更多
This study introduces an innovative hybrid approach that integrates deep learning with blockchain technology to improve cybersecurity,focusing on network intrusion detection systems(NIDS).The main goal is to overcome ...This study introduces an innovative hybrid approach that integrates deep learning with blockchain technology to improve cybersecurity,focusing on network intrusion detection systems(NIDS).The main goal is to overcome the shortcomings of conventional intrusion detection techniques by developing amore flexible and robust security architecture.We use seven unique machine learning models to improve detection skills,emphasizing data quality,traceability,and transparency,facilitated by a blockchain layer that safeguards against datamodification and ensures auditability.Our technique employs the Synthetic Minority Oversampling Technique(SMOTE)to equilibrate the dataset,therefore mitigating prevalent class imbalance difficulties in intrusion detection.The model selection procedure determined that Random Forest was the most successful model,with a notable detection accuracy of 97%.This substantially surpasses conventional methods and enhances the system’s capacity to identify both established and novel threats with exceptional accuracy.To optimize feature selection and maximize performance,we use Extreme Gradient Boosting(XGBoost),which improves the significance of chosen features while reducing the danger of overfitting.Our study indicates that the integrated use of machine learning for pattern identification,multi-factor authentication(MFA)for access security,and blockchain for data validation constitutes a thorough and sustainable cybersecurity solution.This architecture not only increases security but also lowers the need for regular human monitoring,significantly cutting energy consumption connected with cybersecurity infrastructure.The research finds that this integrated strategy provides a realistic road for increasing network security,addressing real-world cyber threats,and promoting eco-friendly practices in IT security.展开更多
Distributed Denial-of-Service(DDoS)attacks pose severe threats to Industrial Control Networks(ICNs),where service disruption can cause significant economic losses and operational risks.Existing signature-based methods...Distributed Denial-of-Service(DDoS)attacks pose severe threats to Industrial Control Networks(ICNs),where service disruption can cause significant economic losses and operational risks.Existing signature-based methods are ineffective against novel attacks,and traditional machine learning models struggle to capture the complex temporal dependencies and dynamic traffic patterns inherent in ICN environments.To address these challenges,this study proposes a deep feature-driven hybrid framework that integrates Transformer,BiLSTM,and KNN to achieve accurate and robust DDoS detection.The Transformer component extracts global temporal dependencies from network traffic flows,while BiLSTM captures fine-grained sequential dynamics.The learned embeddings are then classified using an instance-based KNN layer,enhancing decision boundary precision.This cascaded architecture balances feature abstraction and locality preservation,improving both generalization and robustness.The proposed approach was evaluated on a newly collected real-time ICN traffic dataset and further validated using the public CIC-IDS2017 and Edge-IIoT datasets to demonstrate generalization.Comprehensive metrics including accuracy,precision,recall,F1-score,ROC-AUC,PR-AUC,false positive rate(FPR),and detection latency were employed.Results show that the hybrid framework achieves 98.42%accuracy with an ROC-AUC of 0.992 and FPR below 1%,outperforming baseline machine learning and deep learning models.Robustness experiments under Gaussian noise perturbations confirmed stable performance with less than 2%accuracy degradation.Moreover,detection latency remained below 2.1 ms per sample,indicating suitability for real-time ICS deployment.In summary,the proposed hybrid temporal learning and instance-based classification model offers a scalable and effective solution for DDoS detection in industrial control environments.By combining global contextual modeling,sequential learning,and instance-based refinement,the framework demonstrates strong adaptability across datasets and resilience against noise,providing practical utility for safeguarding critical infrastructure.展开更多
With the growing complexity and decentralization of network systems,the attack surface has expanded,which has led to greater concerns over network threats.In this context,artificial intelligence(AI)-based network intr...With the growing complexity and decentralization of network systems,the attack surface has expanded,which has led to greater concerns over network threats.In this context,artificial intelligence(AI)-based network intrusion detection systems(NIDS)have been extensively studied,and recent efforts have shifted toward integrating distributed learning to enable intelligent and scalable detection mechanisms.However,most existing works focus on individual distributed learning frameworks,and there is a lack of systematic evaluations that compare different algorithms under consistent conditions.In this paper,we present a comprehensive evaluation of representative distributed learning frameworks—Federated Learning(FL),Split Learning(SL),hybrid collaborative learning(SFL),and fully distributed learning—in the context of AI-driven NIDS.Using recent benchmark intrusion detection datasets,a unified model backbone,and controlled distributed scenarios,we assess these frameworks across multiple criteria,including detection performance,communication cost,computational efficiency,and convergence behavior.Our findings highlight distinct trade-offs among the distributed learning frameworks,demonstrating that the optimal choice depends strongly on systemconstraints such as bandwidth availability,node resources,and data distribution.This work provides the first holistic analysis of distributed learning approaches for AI-driven NIDS and offers practical guidelines for designing secure and efficient intrusion detection systems in decentralized environments.展开更多
Distributed Denial of Service(DDoS)attacks are one of the severe threats to network infrastructure,sometimes bypassing traditional diagnosis algorithms because of their evolving complexity.PresentMachine Learning(ML)t...Distributed Denial of Service(DDoS)attacks are one of the severe threats to network infrastructure,sometimes bypassing traditional diagnosis algorithms because of their evolving complexity.PresentMachine Learning(ML)techniques for DDoS attack diagnosis normally apply network traffic statistical features such as packet sizes and inter-arrival times.However,such techniques sometimes fail to capture complicated relations among various traffic flows.In this paper,we present a new multi-scale ensemble strategy given the Graph Neural Networks(GNNs)for improving DDoS detection.Our technique divides traffic into macro-and micro-level elements,letting various GNN models to get the two corase-scale anomalies and subtle,stealthy attack models.Through modeling network traffic as graph-structured data,GNNs efficiently learn intricate relations among network entities.The proposed ensemble learning algorithm combines the results of several GNNs to improve generalization,robustness,and scalability.Extensive experiments on three benchmark datasets—UNSW-NB15,CICIDS2017,and CICDDoS2019—show that our approach outperforms traditional machine learning and deep learning models in detecting both high-rate and low-rate(stealthy)DDoS attacks,with significant improvements in accuracy and recall.These findings demonstrate the suggested method’s applicability and robustness for real-world implementation in contexts where several DDoS patterns coexist.展开更多
The advent of quantum computing poses a significant challenge to traditional cryptographic protocols,particularly those used in SecureMultiparty Computation(MPC),a fundamental cryptographic primitive for privacypreser...The advent of quantum computing poses a significant challenge to traditional cryptographic protocols,particularly those used in SecureMultiparty Computation(MPC),a fundamental cryptographic primitive for privacypreserving computation.Classical MPC relies on cryptographic techniques such as homomorphic encryption,secret sharing,and oblivious transfer,which may become vulnerable in the post-quantum era due to the computational power of quantum adversaries.This study presents a review of 140 peer-reviewed articles published between 2000 and 2025 that used different databases like MDPI,IEEE Explore,Springer,and Elsevier,examining the applications,types,and security issues with the solution of Quantum computing in different fields.This review explores the impact of quantum computing on MPC security,assesses emerging quantum-resistant MPC protocols,and examines hybrid classicalquantum approaches aimed at mitigating quantum threats.We analyze the role of Quantum Key Distribution(QKD),post-quantum cryptography(PQC),and quantum homomorphic encryption in securing multiparty computations.Additionally,we discuss the challenges of scalability,computational efficiency,and practical deployment of quantumsecure MPC frameworks in real-world applications such as privacy-preserving AI,secure blockchain transactions,and confidential data analysis.This review provides insights into the future research directions and open challenges in ensuring secure,scalable,and quantum-resistant multiparty computation.展开更多
In order to manage all kinds of network security devices and software systems efficiently, and make them collaborate with each other, the model for an open network security management platform is presented. The feasib...In order to manage all kinds of network security devices and software systems efficiently, and make them collaborate with each other, the model for an open network security management platform is presented. The feasibility and key implementing technology of the model are expatiated. A prototype system is implemented to validate it.展开更多
Network Security Situation Awareness System YHSAS acquires,understands and displays the security factors which cause changes of network situation,and predicts the future development trend of these security factors.YHS...Network Security Situation Awareness System YHSAS acquires,understands and displays the security factors which cause changes of network situation,and predicts the future development trend of these security factors.YHSAS is developed for national backbone network,large network operators,large enterprises and other large-scale network.This paper describes its architecture and key technologies:Network Security Oriented Total Factor Information Collection and High-Dimensional Vector Space Analysis,Knowledge Representation and Management of Super Large-Scale Network Security,Multi-Level,Multi-Granularity and Multi-Dimensional Network Security Index Construction Method,Multi-Mode and Multi-Granularity Network Security Situation Prediction Technology,and so on.The performance tests show that YHSAS has high real-time performance and accuracy in security situation analysis and trend prediction.The system meets the demands of analysis and prediction for large-scale network security situation.展开更多
With the rapid development of global information and the increasing dependence on network for people, network security problems are becoming more and more serious. By analyzing the existing security assessment methods...With the rapid development of global information and the increasing dependence on network for people, network security problems are becoming more and more serious. By analyzing the existing security assessment methods, we propose a network security situation evaluation system based on modified D-S evidence theory is proposed. Firstly, we give a modified D-S evidence theory to improve the reliability and rationality of the fusion result and apply the theory to correlation analysis. Secondly, the attack successful support is accurately calculated by matching internal factors with external threats. Multi-module evaluation is established to comprehensively evaluate the situation of network security. Finally we use an example of actual network datasets to validate the network security situation evaluation system. The simulation result shows that the system can not only reduce the rate of false positives and false alarms, but also effectively help analysts comprehensively to understand the situation of network security.展开更多
Network security situation is a hot research topic in the field of network security. Whole situation awareness includes the current situation evaluation and the future situation prediction. However, the now-existing r...Network security situation is a hot research topic in the field of network security. Whole situation awareness includes the current situation evaluation and the future situation prediction. However, the now-existing research focuses on the current situation evaluation, and seldom discusses the future prediction. Based on the historical research, an improved grey Verhulst model is put forward to predict the future situation. Aiming at the shortages in the prediction based on traditional Verhulst model, the adaptive grey parameters and equal- dimensions grey filling methods are proposed to improve the precision. The simulation results prove that the scheme is efficient and applicable.展开更多
In this paper,the security problem for the multi-access edge computing(MEC)network is researched,and an intelligent immunity-based security defense system is proposed to identify the unauthorized mobile users and to p...In this paper,the security problem for the multi-access edge computing(MEC)network is researched,and an intelligent immunity-based security defense system is proposed to identify the unauthorized mobile users and to protect the security of whole system.In the proposed security defense system,the security is protected by the intelligent immunity through three functions,identification function,learning function,and regulation function,respectively.Meanwhile,a three process-based intelligent algorithm is proposed for the intelligent immunity system.Numerical simulations are given to prove the effeteness of the proposed approach.展开更多
In this paper,we investigate and analyze the network security risks faced by 5G private industrial networks.Based on current network security architecture and 3GPP requirements and considering the actual application o...In this paper,we investigate and analyze the network security risks faced by 5G private industrial networks.Based on current network security architecture and 3GPP requirements and considering the actual application of 5G private industrial networks,a comparative analysis is used to plan and design a private network security construction scheme.The network security construction model,network organization,and key processes of 5G private industrial networks at the current stage are investigated.In addition,the key direction for the next stage of construction is discussed.展开更多
Since the frequency of network security incidents is nonlinear,traditional prediction methods such as ARMA,Gray systems are difficult to deal with the problem.When the size of sample is small,methods based on artifici...Since the frequency of network security incidents is nonlinear,traditional prediction methods such as ARMA,Gray systems are difficult to deal with the problem.When the size of sample is small,methods based on artificial neural network may not reach a high degree of preciseness.Least Squares Support Vector Machines (LSSVM) is a kind of machine learning methods based on the statistics learning theory,it can be applied to solve small sample and non-linear problems very well.This paper applied LSSVM to predict the occur frequency of network security incidents.To improve the accuracy,it used an improved genetic algorithm to optimize the parameters of LSSVM.Verified by real data sets,the improved genetic algorithm (IGA) converges faster than the simple genetic algorithm (SGA),and has a higher efficiency in the optimization procedure.Specially,the optimized LSSVM model worked very well on the prediction of frequency of network security incidents.展开更多
As the number of Virtual Machines(VMs) consolidated on single physical server increases with the rapid advance of server hardware,virtual network turns complex and frangible.Modern Network Security Engines(NSE) are in...As the number of Virtual Machines(VMs) consolidated on single physical server increases with the rapid advance of server hardware,virtual network turns complex and frangible.Modern Network Security Engines(NSE) are introduced to eradicate the intrusions occurring in the virtual network.In this paper,we point out the inadequacy of the present live migration implementation,which hinders itself from providing transparent VM relocation between hypervisors equipped with Network Security Engines(NSE-H).This occurs because the current implementation ignores VM-related Security Context(SC) required by NSEs embedded in NSE-H.We present the CoM,a comprehensive live migration framework,for NSE-H-based virtualization computing environment.We built a prototype system on Xen hypervisors to evaluate our framework,and conduct experiments under various realistic application environments.The results demonstrate that our solution successfully fixes the inadequacy of the present live migration implementation,and the performance overhead is negligible.展开更多
The risk situation assessment and forecast technique of network security is a basic method of active defense techniques. In order to assess the risk of network security two methods were used to define the index of ris...The risk situation assessment and forecast technique of network security is a basic method of active defense techniques. In order to assess the risk of network security two methods were used to define the index of risk and forecast index in time series, they were analytical hierarchy process (AHP) and support vector regression (SVR). The module framework applied the methods above was also discussed. Experiment results showed the forecast values were so close to actual values and so it proved the approach is correct.展开更多
The security incidents ion networks are sudden and uncertain, it is very hard to precisely predict the network security situation by traditional methods. In order to improve the prediction accuracy of the network secu...The security incidents ion networks are sudden and uncertain, it is very hard to precisely predict the network security situation by traditional methods. In order to improve the prediction accuracy of the network security situation, we build a network security situation prediction model based on Wavelet Neural Network (WNN) with optimized parameters by the Improved Niche Genetic Algorithm (INGA). The proposed model adopts WNN which has strong nonlinear ability and fault-tolerance performance. Also, the parameters for WNN are optimized through the adaptive genetic algorithm (GA) so that WNN searches more effectively. Considering the problem that the adaptive GA converges slowly and easily turns to the premature problem, we introduce a novel niche technology with a dynamic fuzzy clustering and elimination mechanism to solve the premature convergence of the GA. Our final simulation results show that the proposed INGA-WNN prediction model is more reliable and effective, and it achieves faster convergence-speed and higher prediction accuracy than the Genetic Algorithm-Wavelet Neural Network (GA-WNN). Genetic Algorithm-Back Propagation Neural Network (GA-BPNN) and WNN.展开更多
With the rapid development of wireless networks,the Ad Hoc networks are widely used in many fields,but the current network security solutions for the Ad Hoc network are not competitive enough.So the critical technolog...With the rapid development of wireless networks,the Ad Hoc networks are widely used in many fields,but the current network security solutions for the Ad Hoc network are not competitive enough.So the critical technology of Ad Hoc network applications shall be how to implement the security scheme.Here the discussions are focused on the specific solution against the security threats which the Ad Hoc networks will face,the methodology of a management model which uses trusted computing technology to solve Ad Hoc network security problems,and the analysis and verification for the security of this model.展开更多
基金Under the auspices of National Key Research and Development Program of China(No.2022YFF1300904)the National Natural Science Foundation of China(No.42271119,42371075,42471127)+1 种基金Youth Innovation Promotion Association,Chinese Academy of Sciences(No.2023238)Jilin Province Science and Technology Development Plan Project(No.20230203001SF)。
文摘A robust ecological security network(ESN)is essential for ensuring regional ecological security,improving fragile ecological conditions,and promoting sustainable development.Climate change and land use/cover change(LUCC)influence the structure and connectivity of the ESN by impacting ecosystem services(ESs).Previous studies primarily focused on the overall effects of LUCC on ESN changes,but they largely overlooked the effects of detailed LUCC transitions.In this study,we evaluated changes in the structure and connectivity of the ESN in the Songnen Plain(SNP),Northeast China,over the past 30 yr(1990s-2020s)using circuit theory and graph theory.We further explored the effects of climate change,LUCC,and detailed LUCC transformations on ESN changes through factorial control experiments.Results revealed a 24.86%decrease in ecological sources and a 27.06%decrease in ecological corridors,accompanied by a decline in ESN connectivity from the 1990s to the 2010s.Conversely,from the 2010s to the 2020s,ecological sources increased by 14.71%and ecological corridors increased by 25.71%due to ecological projects such as returning farmland to wetlands,resulting in an overall increase in ESN connectivity.The changes in ESN structure were primarily attributed to LUCC effects,followed by climate change effects and their interactions.In contrast,the changes in connectivity were significantly affected by climate change,followed by interactive effects and LUCC.Through detailed examination of LUCC transformation effects,we further found that the changes in ESN structure were primarily attributed to wetland loss,followed by deforestation and urban expansion.Meanwhile,the changes in ESN connectivity were mainly due to the effects of wetland loss,urban expansion and deforestation.Notably,the adverse effects of wetland loss partly offset climate change benefits on ESN.Our study offers valuable insights for developing future land management policies and implementing ecological projects,aimed at maintaining a stable ESN and ensuring sustainable human development.
文摘Given the grave local and international network security landscape,a national strategic level analysis indicates that the modernization and advancement within the Industry 4.0 era are closely correlated with overall competitive strength.Consequently,China proposed a strategy for the integration of industrialization and informatization,optimizing and adjusting its industrial structure to swiftly achieve transformation and upgrading in the Industry 4.0 era,thereby enhancing the sophistication of intelligent industrial control systems.The distributed control system in a nuclear power plant functions as an industrial control system,overseeing the operational status of the physical process.Its ability to ensure safe and reliable operation is directly linked to nuclear safety and the cybersecurity of the facility.The management of network security in distributed control systems(DCS)is crucial for achieving this objective.Due to the varying network settings and parameters of the DCS implemented in each nuclear power plant,the network security status of the system sometimes diverges from expectations.During system operation,it will undoubtedly encounter network security issues.Consequently,nuclear power plants utilize the technical criteria outlined in GB/T 22239 to formulate a network security management program aimed at enhancing the operational security of DCS within these facilities.This study utilizes existing network security regulations and standards as a reference to analyze the network security control standards based on the nuclear power plant’s control system.It delineates the fundamental requirements for network security management,facilitating integration with the entire life cycle of the research,development,and application of the nuclear power plant’s distributed control system,thereby establishing a network security management methodology that satisfies the control requirements of the nuclear power plant.Initially,it presents DCS and network security management,outlines current domestic and international network security legislation and standards,and specifies the standards pertinent to the administration of DCS in nuclear power plants.Secondly,the design of network security management for DCS is executed in conjunction with the specific context of nuclear power plants.This encompasses the deployment of network security apparatus,validation of the network security management strategy,and optimization adjustments.Consequently,recommendations beneficial to the network security management of nuclear power plants are compiled,aimed at establishing a management system and incorporating the concept of full life cycle management,which is predicated on system requirements,system design,and both software and hardware considerations.Conversely,it presents the notion of comprehensive life cycle management and suggests network security management strategies encompassing system requirements,system architecture,detailed hardware and software design and implementation,procurement,internal system integration,system validation and acceptance testing,system installation,operational maintenance,system modifications,and decommissioning.We will consistently enhance the performance and functionality of DCS in nuclear power plants,establish a safe and secure operational environment,and thereby facilitate the implementation of DCS in nuclear facilities while ensuring robust network security in the future.
文摘The 5G-R network is on the verge of entering the construction stage.Given that the dedicated network for railways is closely linked to train operation safety,there are extremely high requirements for network security.As a result,there is an urgent need to conduct research on 5G-R network security.To comprehensively enhance the end-to-end security protection of the 5G-R network,this study summarized the security requirements of the GSM-R network,analyzed the security risks and requirements faced by the 5G-R network,and proposed an overall 5G-R network security architecture.The security technical schemes were detailed from various aspects:5G-R infrastructure security,terminal access security,networking security,operation and maintenance security,data security,and network boundary security.Additionally,the study proposed leveraging the 5G-R security situation awareness system to achieve a comprehensive upgrade from basic security technologies to endogenous security capabilities within the 5G-R system.
基金supported by State Grid Hebei Electric Power Co.,Ltd.Science and Technology Project,Research on Security Protection of Power Services Carried by 4G/5G Networks(Grant No.KJ2024-127).
文摘The rapid growth of Internet of things devices and the emergence of rapidly evolving network threats have made traditional security assessment methods inadequate.Federated learning offers a promising solution to expedite the training of security assessment models.However,ensuring the trustworthiness and robustness of federated learning under multi-party collaboration scenarios remains a challenge.To address these issues,this study proposes a shard aggregation network structure and a malicious node detection mechanism,along with improvements to the federated learning training process.First,we extract the data features of the participants by using spectral clustering methods combined with a Gaussian kernel function.Then,we introduce a multi-objective decision-making approach that combines data distribution consistency,consensus communication overhead,and consensus result reliability in order to determine the final network sharing scheme.Finally,by integrating the federated learning aggregation process with the malicious node detection mechanism,we improve the traditional decentralized learning process.Our proposed ShardFed algorithm outperforms conventional classification algorithms and state-of-the-art machine learning methods like FedProx and FedCurv in convergence speed,robustness against data interference,and adaptability across multiple scenarios.Experimental results demonstrate that the proposed approach improves model accuracy by up to 2.33%under non-independent and identically distributed data conditions,maintains higher performance with malicious nodes containing poisoned data ratios of 20%–50%,and significantly enhances model resistance to low-quality data.
文摘This study introduces an innovative hybrid approach that integrates deep learning with blockchain technology to improve cybersecurity,focusing on network intrusion detection systems(NIDS).The main goal is to overcome the shortcomings of conventional intrusion detection techniques by developing amore flexible and robust security architecture.We use seven unique machine learning models to improve detection skills,emphasizing data quality,traceability,and transparency,facilitated by a blockchain layer that safeguards against datamodification and ensures auditability.Our technique employs the Synthetic Minority Oversampling Technique(SMOTE)to equilibrate the dataset,therefore mitigating prevalent class imbalance difficulties in intrusion detection.The model selection procedure determined that Random Forest was the most successful model,with a notable detection accuracy of 97%.This substantially surpasses conventional methods and enhances the system’s capacity to identify both established and novel threats with exceptional accuracy.To optimize feature selection and maximize performance,we use Extreme Gradient Boosting(XGBoost),which improves the significance of chosen features while reducing the danger of overfitting.Our study indicates that the integrated use of machine learning for pattern identification,multi-factor authentication(MFA)for access security,and blockchain for data validation constitutes a thorough and sustainable cybersecurity solution.This architecture not only increases security but also lowers the need for regular human monitoring,significantly cutting energy consumption connected with cybersecurity infrastructure.The research finds that this integrated strategy provides a realistic road for increasing network security,addressing real-world cyber threats,and promoting eco-friendly practices in IT security.
基金supported by the Extral High Voltage Power Transmission Company,China Southern Power Grid Co.,Ltd.
文摘Distributed Denial-of-Service(DDoS)attacks pose severe threats to Industrial Control Networks(ICNs),where service disruption can cause significant economic losses and operational risks.Existing signature-based methods are ineffective against novel attacks,and traditional machine learning models struggle to capture the complex temporal dependencies and dynamic traffic patterns inherent in ICN environments.To address these challenges,this study proposes a deep feature-driven hybrid framework that integrates Transformer,BiLSTM,and KNN to achieve accurate and robust DDoS detection.The Transformer component extracts global temporal dependencies from network traffic flows,while BiLSTM captures fine-grained sequential dynamics.The learned embeddings are then classified using an instance-based KNN layer,enhancing decision boundary precision.This cascaded architecture balances feature abstraction and locality preservation,improving both generalization and robustness.The proposed approach was evaluated on a newly collected real-time ICN traffic dataset and further validated using the public CIC-IDS2017 and Edge-IIoT datasets to demonstrate generalization.Comprehensive metrics including accuracy,precision,recall,F1-score,ROC-AUC,PR-AUC,false positive rate(FPR),and detection latency were employed.Results show that the hybrid framework achieves 98.42%accuracy with an ROC-AUC of 0.992 and FPR below 1%,outperforming baseline machine learning and deep learning models.Robustness experiments under Gaussian noise perturbations confirmed stable performance with less than 2%accuracy degradation.Moreover,detection latency remained below 2.1 ms per sample,indicating suitability for real-time ICS deployment.In summary,the proposed hybrid temporal learning and instance-based classification model offers a scalable and effective solution for DDoS detection in industrial control environments.By combining global contextual modeling,sequential learning,and instance-based refinement,the framework demonstrates strong adaptability across datasets and resilience against noise,providing practical utility for safeguarding critical infrastructure.
基金supported by the Research year project of the KongjuNational University in 2025 and the Institute of Information&Communications Technology Planning&Evaluation(IITP)grant funded by the Korea government(MSIT)(No.RS-2024-00444170,Research and International Collaboration on Trust Model-Based Intelligent Incident Response Technologies in 6G Open Network Environment).
文摘With the growing complexity and decentralization of network systems,the attack surface has expanded,which has led to greater concerns over network threats.In this context,artificial intelligence(AI)-based network intrusion detection systems(NIDS)have been extensively studied,and recent efforts have shifted toward integrating distributed learning to enable intelligent and scalable detection mechanisms.However,most existing works focus on individual distributed learning frameworks,and there is a lack of systematic evaluations that compare different algorithms under consistent conditions.In this paper,we present a comprehensive evaluation of representative distributed learning frameworks—Federated Learning(FL),Split Learning(SL),hybrid collaborative learning(SFL),and fully distributed learning—in the context of AI-driven NIDS.Using recent benchmark intrusion detection datasets,a unified model backbone,and controlled distributed scenarios,we assess these frameworks across multiple criteria,including detection performance,communication cost,computational efficiency,and convergence behavior.Our findings highlight distinct trade-offs among the distributed learning frameworks,demonstrating that the optimal choice depends strongly on systemconstraints such as bandwidth availability,node resources,and data distribution.This work provides the first holistic analysis of distributed learning approaches for AI-driven NIDS and offers practical guidelines for designing secure and efficient intrusion detection systems in decentralized environments.
文摘Distributed Denial of Service(DDoS)attacks are one of the severe threats to network infrastructure,sometimes bypassing traditional diagnosis algorithms because of their evolving complexity.PresentMachine Learning(ML)techniques for DDoS attack diagnosis normally apply network traffic statistical features such as packet sizes and inter-arrival times.However,such techniques sometimes fail to capture complicated relations among various traffic flows.In this paper,we present a new multi-scale ensemble strategy given the Graph Neural Networks(GNNs)for improving DDoS detection.Our technique divides traffic into macro-and micro-level elements,letting various GNN models to get the two corase-scale anomalies and subtle,stealthy attack models.Through modeling network traffic as graph-structured data,GNNs efficiently learn intricate relations among network entities.The proposed ensemble learning algorithm combines the results of several GNNs to improve generalization,robustness,and scalability.Extensive experiments on three benchmark datasets—UNSW-NB15,CICIDS2017,and CICDDoS2019—show that our approach outperforms traditional machine learning and deep learning models in detecting both high-rate and low-rate(stealthy)DDoS attacks,with significant improvements in accuracy and recall.These findings demonstrate the suggested method’s applicability and robustness for real-world implementation in contexts where several DDoS patterns coexist.
文摘The advent of quantum computing poses a significant challenge to traditional cryptographic protocols,particularly those used in SecureMultiparty Computation(MPC),a fundamental cryptographic primitive for privacypreserving computation.Classical MPC relies on cryptographic techniques such as homomorphic encryption,secret sharing,and oblivious transfer,which may become vulnerable in the post-quantum era due to the computational power of quantum adversaries.This study presents a review of 140 peer-reviewed articles published between 2000 and 2025 that used different databases like MDPI,IEEE Explore,Springer,and Elsevier,examining the applications,types,and security issues with the solution of Quantum computing in different fields.This review explores the impact of quantum computing on MPC security,assesses emerging quantum-resistant MPC protocols,and examines hybrid classicalquantum approaches aimed at mitigating quantum threats.We analyze the role of Quantum Key Distribution(QKD),post-quantum cryptography(PQC),and quantum homomorphic encryption in securing multiparty computations.Additionally,we discuss the challenges of scalability,computational efficiency,and practical deployment of quantumsecure MPC frameworks in real-world applications such as privacy-preserving AI,secure blockchain transactions,and confidential data analysis.This review provides insights into the future research directions and open challenges in ensuring secure,scalable,and quantum-resistant multiparty computation.
文摘In order to manage all kinds of network security devices and software systems efficiently, and make them collaborate with each other, the model for an open network security management platform is presented. The feasibility and key implementing technology of the model are expatiated. A prototype system is implemented to validate it.
基金This work is funded by the National Natural Science Foundation of China under Grant U1636215the National key research and development plan under Grant Nos.2018YFB0803504,2016YFB0800303.
文摘Network Security Situation Awareness System YHSAS acquires,understands and displays the security factors which cause changes of network situation,and predicts the future development trend of these security factors.YHSAS is developed for national backbone network,large network operators,large enterprises and other large-scale network.This paper describes its architecture and key technologies:Network Security Oriented Total Factor Information Collection and High-Dimensional Vector Space Analysis,Knowledge Representation and Management of Super Large-Scale Network Security,Multi-Level,Multi-Granularity and Multi-Dimensional Network Security Index Construction Method,Multi-Mode and Multi-Granularity Network Security Situation Prediction Technology,and so on.The performance tests show that YHSAS has high real-time performance and accuracy in security situation analysis and trend prediction.The system meets the demands of analysis and prediction for large-scale network security situation.
基金Supported by the Foundation of Tianjin for Science and Technology Innovation(10FDZDGX00400,11ZCKFGX00900)Key Project of Educational Reform Foundation of Tianjin Municipal Education Commission(C03-0809)
文摘With the rapid development of global information and the increasing dependence on network for people, network security problems are becoming more and more serious. By analyzing the existing security assessment methods, we propose a network security situation evaluation system based on modified D-S evidence theory is proposed. Firstly, we give a modified D-S evidence theory to improve the reliability and rationality of the fusion result and apply the theory to correlation analysis. Secondly, the attack successful support is accurately calculated by matching internal factors with external threats. Multi-module evaluation is established to comprehensively evaluate the situation of network security. Finally we use an example of actual network datasets to validate the network security situation evaluation system. The simulation result shows that the system can not only reduce the rate of false positives and false alarms, but also effectively help analysts comprehensively to understand the situation of network security.
基金the National Natural Science Foundation of China(No.60605019)
文摘Network security situation is a hot research topic in the field of network security. Whole situation awareness includes the current situation evaluation and the future situation prediction. However, the now-existing research focuses on the current situation evaluation, and seldom discusses the future prediction. Based on the historical research, an improved grey Verhulst model is put forward to predict the future situation. Aiming at the shortages in the prediction based on traditional Verhulst model, the adaptive grey parameters and equal- dimensions grey filling methods are proposed to improve the precision. The simulation results prove that the scheme is efficient and applicable.
基金This work was supported by National Natural Science Foundation of China(No.61971026)the Fundamental Research Funds for the Central Universities(No.FRF-TP-18-008A3).
文摘In this paper,the security problem for the multi-access edge computing(MEC)network is researched,and an intelligent immunity-based security defense system is proposed to identify the unauthorized mobile users and to protect the security of whole system.In the proposed security defense system,the security is protected by the intelligent immunity through three functions,identification function,learning function,and regulation function,respectively.Meanwhile,a three process-based intelligent algorithm is proposed for the intelligent immunity system.Numerical simulations are given to prove the effeteness of the proposed approach.
文摘In this paper,we investigate and analyze the network security risks faced by 5G private industrial networks.Based on current network security architecture and 3GPP requirements and considering the actual application of 5G private industrial networks,a comparative analysis is used to plan and design a private network security construction scheme.The network security construction model,network organization,and key processes of 5G private industrial networks at the current stage are investigated.In addition,the key direction for the next stage of construction is discussed.
基金supported in part by the National High Technology Research and Development Program of China ("863" Program) (No.2007AA010502)
文摘Since the frequency of network security incidents is nonlinear,traditional prediction methods such as ARMA,Gray systems are difficult to deal with the problem.When the size of sample is small,methods based on artificial neural network may not reach a high degree of preciseness.Least Squares Support Vector Machines (LSSVM) is a kind of machine learning methods based on the statistics learning theory,it can be applied to solve small sample and non-linear problems very well.This paper applied LSSVM to predict the occur frequency of network security incidents.To improve the accuracy,it used an improved genetic algorithm to optimize the parameters of LSSVM.Verified by real data sets,the improved genetic algorithm (IGA) converges faster than the simple genetic algorithm (SGA),and has a higher efficiency in the optimization procedure.Specially,the optimized LSSVM model worked very well on the prediction of frequency of network security incidents.
基金supported by State Key Laboratory of Software Development Environment under Grant No. SKLSDE-2009ZX-02China Aviation Science Fund under Grant No.20081951National High Technical Research and Development Program of China (863 Program) under Grant No.2007AA01Z183
文摘As the number of Virtual Machines(VMs) consolidated on single physical server increases with the rapid advance of server hardware,virtual network turns complex and frangible.Modern Network Security Engines(NSE) are introduced to eradicate the intrusions occurring in the virtual network.In this paper,we point out the inadequacy of the present live migration implementation,which hinders itself from providing transparent VM relocation between hypervisors equipped with Network Security Engines(NSE-H).This occurs because the current implementation ignores VM-related Security Context(SC) required by NSEs embedded in NSE-H.We present the CoM,a comprehensive live migration framework,for NSE-H-based virtualization computing environment.We built a prototype system on Xen hypervisors to evaluate our framework,and conduct experiments under various realistic application environments.The results demonstrate that our solution successfully fixes the inadequacy of the present live migration implementation,and the performance overhead is negligible.
基金Supported bythe Basic Research of Commission ofScience , Technology and Industry for National Defense (03058720)
文摘The risk situation assessment and forecast technique of network security is a basic method of active defense techniques. In order to assess the risk of network security two methods were used to define the index of risk and forecast index in time series, they were analytical hierarchy process (AHP) and support vector regression (SVR). The module framework applied the methods above was also discussed. Experiment results showed the forecast values were so close to actual values and so it proved the approach is correct.
基金This work was partially supported by the National Natural Science Foundation of China (Nos. 61271260 and 61301122) and the Natural Science Foundation of Chongqing Science and Technology Commission (No. cstc2015jcyjA40050, cstc2014jcyjA40052), Scientific and Technological Research Program of Chongqing Municipal Education Commission (KJ1400405). Research Fund for Young Scholars of Chongqing University of Posts and Telecommunications (A2013-30), the Science Research Starting Foundation of Chongqing University of Posts and Telecommunications (A2013-23).
文摘The security incidents ion networks are sudden and uncertain, it is very hard to precisely predict the network security situation by traditional methods. In order to improve the prediction accuracy of the network security situation, we build a network security situation prediction model based on Wavelet Neural Network (WNN) with optimized parameters by the Improved Niche Genetic Algorithm (INGA). The proposed model adopts WNN which has strong nonlinear ability and fault-tolerance performance. Also, the parameters for WNN are optimized through the adaptive genetic algorithm (GA) so that WNN searches more effectively. Considering the problem that the adaptive GA converges slowly and easily turns to the premature problem, we introduce a novel niche technology with a dynamic fuzzy clustering and elimination mechanism to solve the premature convergence of the GA. Our final simulation results show that the proposed INGA-WNN prediction model is more reliable and effective, and it achieves faster convergence-speed and higher prediction accuracy than the Genetic Algorithm-Wavelet Neural Network (GA-WNN). Genetic Algorithm-Back Propagation Neural Network (GA-BPNN) and WNN.
基金National Natural Science Foundation of China under Grant No. 60970115,National Natural Science Funds Projects of China under Grant No. 91018008
文摘With the rapid development of wireless networks,the Ad Hoc networks are widely used in many fields,but the current network security solutions for the Ad Hoc network are not competitive enough.So the critical technology of Ad Hoc network applications shall be how to implement the security scheme.Here the discussions are focused on the specific solution against the security threats which the Ad Hoc networks will face,the methodology of a management model which uses trusted computing technology to solve Ad Hoc network security problems,and the analysis and verification for the security of this model.
