A fuzzy set-based evaluation approach is demonstrated to assess the security risks for internet-banking System. The Internet-banking system is semi-formally described using Unified Modeling Language (UML) to specify...A fuzzy set-based evaluation approach is demonstrated to assess the security risks for internet-banking System. The Internet-banking system is semi-formally described using Unified Modeling Language (UML) to specify the behavior and state of the system on the base of analyzing the existing qualitative risk assessment methods. And a quantitative method based on fuzzy set is used to measure security risks of the system, A case study was performed on the WEB server of the Internet-banking System using fuzzy-set based assessment algorithm to quantitatively compute the security risk severity. The numeric result also provides a method to decide the most critical component which should amuse the system administrator enough attention to take the appropriate security measure or controls to alleviate the risk severity. The experiments show this method can be used to quantify the security properties for the Internet-banking System in practice.展开更多
Power system security and stability is very important to national economy and people's life,so it has been paid great attention by governments and power utilities.In order to avoid huge economic losses caused by l...Power system security and stability is very important to national economy and people's life,so it has been paid great attention by governments and power utilities.In order to avoid huge economic losses caused by large-scale blackouts,State Grid Corporation of China(SGCC)have invested sufficient human and financial resources to carry out related researches,and remarkable achievements have been achieved.However,large grid stability problem is very complex,it is still difficult to completely avoid the blackouts.展开更多
After the digital revolution, the power system security becomes an important issue and it urges the power producers to maintain a well secured system in order to supply a quality power to the end users. This paper pre...After the digital revolution, the power system security becomes an important issue and it urges the power producers to maintain a well secured system in order to supply a quality power to the end users. This paper presents an integrated Corrective Security Constrained Optimal Power Flow (CSCOPF) with Flexible Transmission Line Impedance (FTLI) to enhance the power system security. The corrective approach of SCOPF is chosen, because it allows the corrective equipment to bring back the system to a stable operating point and hence, it offers high flexibility and better economics. The concept of FTLI arises from the ability of FACTS devices such as Thyristor Controlled Series Capacitor (TCSC), which can vary the line reactance to a certain extent. An enhanced security can be achieved by incorporating FTLI into the CSCOPF problem, since the power flow in a system is highly dependent on the line reactance. FTLI based CSCOPF can reduce the amount of rescheduling of generators, but it will result in an increased number of variables and thus, the complexity to the optimization process is increased. This highly complex problem is solved by using nonlinear programming. The AC based OPF model is preferred, since the corrective security actions require highly accurate solutions. IEEE 30 bus system is used to test the proposed scheme and the results are compared with the traditional CSCOPF. It can be seen that the proposed idea provides a notable improvement in the reduction of cost incurred for restoring the system security.展开更多
In developing power grids,setting standards is critical to its success.The development of China’s power industry has proposed new requirements for power systems to ensure secure and stable operations.The principal st...In developing power grids,setting standards is critical to its success.The development of China’s power industry has proposed new requirements for power systems to ensure secure and stable operations.The principal standards for the security and stability of China’s current power systems are analyzed in terms of operational control,generator-grid coordination and simulation.The shortcomings are pointed out and the directions of future development are discussed.In the end,the study highlighted the following key areas that require further research and improvement:the evaluation criteria of power system security and stability should be improved to ensure the secure and stable operation of China’s power systems;the operational control standards should be constantly enhanced to increase the reliability and flexibility of operational control strategies;generatorgrid coordination standards should be upgraded to improve the coordination between the generator control protection system and the grid;and the simulation methodology should be standardized in future power system security and stability research.展开更多
The security assurance of computer-based systems that rely on safety and security</span><span style="font-family:'Minion Pro Capt','serif';"> </span><span style="fon...The security assurance of computer-based systems that rely on safety and security</span><span style="font-family:'Minion Pro Capt','serif';"> </span><span style="font-family:Verdana;">assurance, such as consistency, durability, efficiency and accessibility, require or need resources. This target</span><span style="font-family:Verdana;">s</span><span style="font-family:Verdana;"> the System-of-Systems (SoS) problems with the exception of difficulties and concerns that apply similarly to subsystem interactions on a single system and system-as-component interactions on a large information</span><span style="font-family:'Minion Pro Capt','serif';"> </span><span style="font-family:Verdana;">system. This research addresses security and information assurance for safety-critical systems, where security and safety </span><span style="font-family:Verdana;">are</span><span style="font-family:Verdana;"> addressed before going to actual implementation/development phase for component-based systems. For this purpose, require a conceptual idea or strategy that deals with the application logic security assurance issues. This may explore the vulnerability in single component or a reuse of specification in existing logic in component-based system. Keeping in view this situation, we have defined seven concepts of security assurance and security assurance design strategy for safety-critical systems.展开更多
Based on the wide application of cloud computing and wireless sensor networks in various fields,the Sensor-Cloud System(SCS)plays an indispensable role between the physical world and the network world.However,due to t...Based on the wide application of cloud computing and wireless sensor networks in various fields,the Sensor-Cloud System(SCS)plays an indispensable role between the physical world and the network world.However,due to the close connection and interdependence between the physical resource network and computing resource network,there are security problems such as cascading failures between systems in the SCS.In this paper,we propose a model with two interdependent networks to represent a sensor-cloud system.Besides,based on the percolation theory,we have carried out a formulaic theoretical analysis of the whole process of cascading failure.When the system’s subnetwork presents a steady state where there is no further collapse,we can obtain the largest remaining connected subgroup components and the penetration threshold.Theoretically,this result is the critical maximum that the coupled SCS can withstand.To verify the correctness of the theoretical results,we further carried out actual simulation experiments.The results show that a scale-free network priority attack’s percolation threshold is always less than that of ER network which is priority attacked.Similarly,when the scale-free network is attacked first,adding the power law exponentλcan be more intuitive and more effective to improve the network’s reliability.展开更多
Memory leak is a common software vulnerability that can decrease the reliability of an application and,in severe cases,even cause program crashes.If there are intentionally triggerable memory leak vulnerabilities in a...Memory leak is a common software vulnerability that can decrease the reliability of an application and,in severe cases,even cause program crashes.If there are intentionally triggerable memory leak vulnerabilities in a program,attackers can exploit these bugs to launch denial-of-service attacks or induce the program to exhibit unexpected behaviors due to low memory conditions.Existing fuzzing techniques primarily focus on improving code coverage,and specialized fuzzing techniques for individual memory-related defects like uncontrolled memory allocation do not address memory leak vulnerabilities.MemLock is the first fuzzing technique to address memory consumption vulnerabilities including memory leakage.However,the coverage-centric guidance mechanism of MemLock introduces a degree of aimlessness in the testing process,that results in low seed quality and slow bug exposure speed.To address this issue,we propose a risk areas guidance-based fuzzing technique called RBZZER.First,RBZZER retains MemLock’s memory consumption-guided mechanism and introduces a novel distance-guided approach to expedite the arrival of fuzzing at the potential memory areas.Second,we introduce a new seed scheduling strategy called risk areas-based seed scheduling,which classifies seeds based on potential memory leak areas in the program and further schedules them,thereby effectively improving the efficiency of discovering memory leak vulnerabilities.Experiments demonstrate that RBZZER outperforms the state-of-the-art fuzzing techniques by finding 52%more program unique crashes than the second-best counterpart.In particular,RBZZER can discover the amount of memory leakage at least 112%more than the other baseline fuzzers.Besides,RBZZER detects memory leaks at an average speed that is 9.10x faster than MemLock.展开更多
Trusted computing,which can effectively increase the credibility of information system,has made great achievements and is in continuous development. For country who is going to strengthen network construction like Chi...Trusted computing,which can effectively increase the credibility of information system,has made great achievements and is in continuous development. For country who is going to strengthen network construction like China,it is an important fundamental supporting technology worth researching. China is in the international forefront in the field of trusted computing. This paper gives comprehensive introductions to the new development and application of key technologies in trusted computing,such as various trusted platform modules(TPM、TCM、TPCM),TCG Software Stack(TSS),trusted cloud server and Trusted Execution Environment(TEE). We illustrate the progressing and application extension of these technologies and also point out some key problems worth studying in the future.展开更多
With the explosive growth of network applications, the threat of the malicious code against network security becomes increasingly serious. In this paper we explore the mechanism of the malicious code by giving an atta...With the explosive growth of network applications, the threat of the malicious code against network security becomes increasingly serious. In this paper we explore the mechanism of the malicious code by giving an attack model of the malicious code, and discuss the critical techniques of implementation and prevention against the malicious code. The remaining problems and emerging trends in this area are also addressed in the paper.展开更多
Anomaly detection of privileged processes is one of the most important means to safeguard the host and system security. The key problem for improving detection performance is to identify local behavior of the short se...Anomaly detection of privileged processes is one of the most important means to safeguard the host and system security. The key problem for improving detection performance is to identify local behavior of the short sequences in traces of system calls accurately. An alternative modeling method was proposed based on the typical pattern matching of short sequences, which builds upon the concepts of short sequences with context dependency and the specially designed aggregation algorithm. The experimental results indicate that the modeling method considering the context dependency improves clearly the sensitive decision threshold as compared with the previous modeling method.展开更多
With the increasing penetration of renewable energy in power system,renewable energy power ramp events(REPREs),dominated by wind power and photovoltaic power,pose significant threats to the secure and stable operation...With the increasing penetration of renewable energy in power system,renewable energy power ramp events(REPREs),dominated by wind power and photovoltaic power,pose significant threats to the secure and stable operation of power systems.This paper presents an early warning method for REPREs based on long short-term memory(LSTM)network and fuzzy logic.First,the warning levels of REPREs are defined by assessing the control costs of various power control measures.Then,the next 4-h power support capability of external grid is estimated by a tie line power predictionmodel,which is constructed based on the LSTMnetwork.Finally,considering the risk attitudes of dispatchers,fuzzy rules are employed to address the boundary value attribution of the early warning interval,improving the rationality of power ramp event early warning.Simulation results demonstrate that the proposed method can generate reasonable early warning levels for REPREs,guiding decision-making for control strategy.展开更多
With China's entry into WTO, electronic commerce becomes an indispensable premise for China to build a modern, competitive, knowledge-driven economy, and integrate its national economy into an increasingly networked,...With China's entry into WTO, electronic commerce becomes an indispensable premise for China to build a modern, competitive, knowledge-driven economy, and integrate its national economy into an increasingly networked, knowledge-based global economy. This study examines the current status of Internet and E-commerce development in China, finds the factors that lead to the current situation in terms of government policy orientation, identifies the major barriers to E-commerce adoption in China, and proposes strategies toward greater success of E-commerce in China.展开更多
Climate change threatens the sustainable development and survival of the small Caribbean island nations. The continual rise in the demand and cost of the earth's finite hydrocarbon energy reservoir drives these count...Climate change threatens the sustainable development and survival of the small Caribbean island nations. The continual rise in the demand and cost of the earth's finite hydrocarbon energy reservoir drives these countries to examine the integration of renewable energy to reduce green house gas emissions whilst meeting their electrical energy demands. One possible renewable energy source is wind. Trinidad and Tobago, through its renewable energy policy, is seeking to reliably and economically integrate wind power with its conventional power generation sources. This paper assesses the adequacy of wind power generation at potential sites through the use of auto-regressive modeling and the use of Monte Carlo Simulation to evaluate the well-being indices for the combination of wind and conventional power generation. Two sites in the twin island Republic of Trinidad and Tobago were identified as case studies for the proposed methodology. Analysis of the results indicated that the methodology should be applied to sites with conditions encouraging economic feasibility of wind power generation.展开更多
Current policies facilitate the involvement of prosumer aggregators in the wholesale market on the distribution side.However,the wholesale market’s disregard for distribution network security constraints may lead to ...Current policies facilitate the involvement of prosumer aggregators in the wholesale market on the distribution side.However,the wholesale market’s disregard for distribution network security constraints may lead to potential security issues when aggregators deliver the awarded power.Furthermore,the electricity market operates within a multi-party offer framework,rendering the competitive behaviour of aggregators’rivals unpredictable.The relationship between locational marginal prices and the offer of prosumer aggregators is further complicated by the coupling of transmission and distribution systems.These factors contribute to the complexity of the decision-making process for prosumer aggregators.This paper introduces a comprehensive offer model for prosumer aggregators that incorporates network security and the intricate market environment.Initially,we develop optimisation decision-making models for various market participants,providing examples of their decision-making behaviours.Subsequently,we explore the interactive dynamics among market entities and formulate a mathematical optimisation model for prosumer aggregators that integrates network security constraints and the complexities of market decision-making.Additionally,we establish a multi-party game model that considers offer strategies of all participants.Finally,we propose simplified solution strategies to address the challenges associated with diverse application scenarios.Case studies conducted on a 69-bus distribution network validate the effectiveness of the proposed model.展开更多
Due to the increasing implementation of high voltage direct current(HVDC)and the integration of renewable resources,frequency stability problems in power systems are drawing greater attention in recent years.It has be...Due to the increasing implementation of high voltage direct current(HVDC)and the integration of renewable resources,frequency stability problems in power systems are drawing greater attention in recent years.It has become necessary to carry out online frequency security assessments to ensure the safe operation of power systems.Considering the low time-efficiency of simulation-based methods,analytical models,such as the frequency nadir prediction(FNP)model,are more suitable for online assessment,which requires calculating the worst frequency deviation under various contingencies.Based on the FNP model,the FNP-L model for online frequency security assessment is proposed in this paper.The proposed model implements security assessment by calculating and checking the frequency features,including the nadir time and frequency,followed by contingencies.The effect of the governor,including nonlinear constraints,is approximated into polynomial functions so that the results are obtained by solving multiple polynomial equations.Case studies are carried out using the New-England 39-bus system and a regional power grid,which shows that the proposed model could achieve both high speed and high accuracy,and can therefore be applied in online security assessment.展开更多
The National Electricity Market(NEM)in Australia was suspended during June 15-23,2022,with a primary attribution to the lack of available generation capacity.This incident is noteworthy because it was the first market...The National Electricity Market(NEM)in Australia was suspended during June 15-23,2022,with a primary attribution to the lack of available generation capacity.This incident is noteworthy because it was the first market suspension in NEM’s history and took place in a major energy exporting country.In this letter,we review the outline and impacts of the incident.From the perspectives of market regulation,electricity supply,and electricity demand,we identify three underlying causes of the market suspension and offer four recommendations for the market mechanism evolution to ensure power supply security.展开更多
Strict enforcement of government policies to integrate high generation share from renewable energy sources(RES)like wind and PV would create inevitable operational challenges for the utilities to deliver Frequency Res...Strict enforcement of government policies to integrate high generation share from renewable energy sources(RES)like wind and PV would create inevitable operational challenges for the utilities to deliver Frequency Response(FR)services.Uncertain RES generation characteristics would worsen the situation for SO,to detain initial frequency deviation following the largest generation outage.This necessitates investigation of optimal generator combination for securing PFR adequacy with simultaneous characterization of uncertainty.In this regard,this paper proposes a novel Modified Interval(MI)based optimal generation mix formulation for operation cost minimization and FR adequacy.RES uncertainty is characterised by forecasted upper and lower bound,while hourly ramp needs are based on the net load scenarios.Proposed model is assessed on one area IEEE reliability test system.Rate of change of frequency(ROCOF)and frequency deviation are considered as network security limits to obtain optimal generation mix.Results obtained provide,overall cost performance,PFR and optimal generation mix,without violating system security criteria.This model would certainly assist SO,to enhance system’s inertia and PFR adequacy at short-term system operations and could be extended for long-term planning framework.展开更多
With the continuous expansion of digital infrastructures,malicious behaviors in host systems have become increasingly sophisticated,often spanning multiple processes and employing obfuscation techniques to evade detec...With the continuous expansion of digital infrastructures,malicious behaviors in host systems have become increasingly sophisticated,often spanning multiple processes and employing obfuscation techniques to evade detection.Audit logs,such as Sysmon,offer valuable insights;however,existing approaches typically flatten event sequences or rely on generic graph models,thereby discarding the natural parent-child process hierarchy that is critical for analyzing multiprocess attacks.This paper proposes a structure-aware threat detection framework that transforms audit logs into a unified two-dimensional(2D)spatio-temporal representation,where process hierarchy is modeled as the spatial axis and event chronology as the temporal axis.In addition,entropy-based features are incorporated to robustly capture obfuscated and non-linguistic strings,overcoming the limitations of semantic embeddings.The model’s performance was evaluated on publicly available datasets,achieving competitive results with an accuracy exceeding 95%and an F1-score of at least 0.94.The proposed approach provides a promising and reproducible solution for detecting attacks with unknown indicators of compromise(IoCs)by analyzing the relationships and behaviors of processes recorded in large-scale audit logs.展开更多
With the advancement of artificial intelligence,deep learning algorithms have increasingly been adopted for defect detection in substation equipment.However,a widely recognised limitation of such models is their inabi...With the advancement of artificial intelligence,deep learning algorithms have increasingly been adopted for defect detection in substation equipment.However,a widely recognised limitation of such models is their inability to learn autonomously over time,resulting in performance degradation when faced with changing data distributions—a phenomenon commonly referred to as‘concept drift’in continual learning contexts.This issue is particularly critical in industrial applications such as power systems,where operational environments evolve continuously.Recently,Hebbian learning has gained renewed interest within the machine learning community due to its unsupervised and localised nature.Several studies have explored its integration with deep neural networks trained via backpropagation(BP),yet combining Hebbian and BP learning remains challenging,especially within complex vision tasks beyond simple classification.In this paper,we propose an object detection framework that integrates Hebbian learning with BP in a layered architecture,supporting unsupervised online learning through a two-stage training strategy.This approach mitigates dependency on manual annotation and enhances adaptability in non-stationary environments.Our method demonstrates improved robustness compared to standard BP-based networks on both a perturbed defect dataset of substation equipment and the COCO2017 benchmark perturbed dataset.展开更多
基金Supported by the National Natural Science Foun-dation of China (2002AA142150)
文摘A fuzzy set-based evaluation approach is demonstrated to assess the security risks for internet-banking System. The Internet-banking system is semi-formally described using Unified Modeling Language (UML) to specify the behavior and state of the system on the base of analyzing the existing qualitative risk assessment methods. And a quantitative method based on fuzzy set is used to measure security risks of the system, A case study was performed on the WEB server of the Internet-banking System using fuzzy-set based assessment algorithm to quantitatively compute the security risk severity. The numeric result also provides a method to decide the most critical component which should amuse the system administrator enough attention to take the appropriate security measure or controls to alleviate the risk severity. The experiments show this method can be used to quantify the security properties for the Internet-banking System in practice.
文摘Power system security and stability is very important to national economy and people's life,so it has been paid great attention by governments and power utilities.In order to avoid huge economic losses caused by large-scale blackouts,State Grid Corporation of China(SGCC)have invested sufficient human and financial resources to carry out related researches,and remarkable achievements have been achieved.However,large grid stability problem is very complex,it is still difficult to completely avoid the blackouts.
文摘After the digital revolution, the power system security becomes an important issue and it urges the power producers to maintain a well secured system in order to supply a quality power to the end users. This paper presents an integrated Corrective Security Constrained Optimal Power Flow (CSCOPF) with Flexible Transmission Line Impedance (FTLI) to enhance the power system security. The corrective approach of SCOPF is chosen, because it allows the corrective equipment to bring back the system to a stable operating point and hence, it offers high flexibility and better economics. The concept of FTLI arises from the ability of FACTS devices such as Thyristor Controlled Series Capacitor (TCSC), which can vary the line reactance to a certain extent. An enhanced security can be achieved by incorporating FTLI into the CSCOPF problem, since the power flow in a system is highly dependent on the line reactance. FTLI based CSCOPF can reduce the amount of rescheduling of generators, but it will result in an increased number of variables and thus, the complexity to the optimization process is increased. This highly complex problem is solved by using nonlinear programming. The AC based OPF model is preferred, since the corrective security actions require highly accurate solutions. IEEE 30 bus system is used to test the proposed scheme and the results are compared with the traditional CSCOPF. It can be seen that the proposed idea provides a notable improvement in the reduction of cost incurred for restoring the system security.
文摘In developing power grids,setting standards is critical to its success.The development of China’s power industry has proposed new requirements for power systems to ensure secure and stable operations.The principal standards for the security and stability of China’s current power systems are analyzed in terms of operational control,generator-grid coordination and simulation.The shortcomings are pointed out and the directions of future development are discussed.In the end,the study highlighted the following key areas that require further research and improvement:the evaluation criteria of power system security and stability should be improved to ensure the secure and stable operation of China’s power systems;the operational control standards should be constantly enhanced to increase the reliability and flexibility of operational control strategies;generatorgrid coordination standards should be upgraded to improve the coordination between the generator control protection system and the grid;and the simulation methodology should be standardized in future power system security and stability research.
基金support by National Natural Science Foundation of China(61202354,51507084)Nanjing University of Post and Telecommunications Science Foundation(NUPTSF)(NT214203)
文摘The security assurance of computer-based systems that rely on safety and security</span><span style="font-family:'Minion Pro Capt','serif';"> </span><span style="font-family:Verdana;">assurance, such as consistency, durability, efficiency and accessibility, require or need resources. This target</span><span style="font-family:Verdana;">s</span><span style="font-family:Verdana;"> the System-of-Systems (SoS) problems with the exception of difficulties and concerns that apply similarly to subsystem interactions on a single system and system-as-component interactions on a large information</span><span style="font-family:'Minion Pro Capt','serif';"> </span><span style="font-family:Verdana;">system. This research addresses security and information assurance for safety-critical systems, where security and safety </span><span style="font-family:Verdana;">are</span><span style="font-family:Verdana;"> addressed before going to actual implementation/development phase for component-based systems. For this purpose, require a conceptual idea or strategy that deals with the application logic security assurance issues. This may explore the vulnerability in single component or a reuse of specification in existing logic in component-based system. Keeping in view this situation, we have defined seven concepts of security assurance and security assurance design strategy for safety-critical systems.
基金supported by National Natural Science Foundation of China under Grant No.62072412,61902359,U1736115in part by the Opening Project of Shanghai Key Laboratory of Integrated Administration Technologies for Information Security under Grant No.AGK2018001.
文摘Based on the wide application of cloud computing and wireless sensor networks in various fields,the Sensor-Cloud System(SCS)plays an indispensable role between the physical world and the network world.However,due to the close connection and interdependence between the physical resource network and computing resource network,there are security problems such as cascading failures between systems in the SCS.In this paper,we propose a model with two interdependent networks to represent a sensor-cloud system.Besides,based on the percolation theory,we have carried out a formulaic theoretical analysis of the whole process of cascading failure.When the system’s subnetwork presents a steady state where there is no further collapse,we can obtain the largest remaining connected subgroup components and the penetration threshold.Theoretically,this result is the critical maximum that the coupled SCS can withstand.To verify the correctness of the theoretical results,we further carried out actual simulation experiments.The results show that a scale-free network priority attack’s percolation threshold is always less than that of ER network which is priority attacked.Similarly,when the scale-free network is attacked first,adding the power law exponentλcan be more intuitive and more effective to improve the network’s reliability.
基金supported by the National Key R&D Program of China(No.2021YFB3101803).
文摘Memory leak is a common software vulnerability that can decrease the reliability of an application and,in severe cases,even cause program crashes.If there are intentionally triggerable memory leak vulnerabilities in a program,attackers can exploit these bugs to launch denial-of-service attacks or induce the program to exhibit unexpected behaviors due to low memory conditions.Existing fuzzing techniques primarily focus on improving code coverage,and specialized fuzzing techniques for individual memory-related defects like uncontrolled memory allocation do not address memory leak vulnerabilities.MemLock is the first fuzzing technique to address memory consumption vulnerabilities including memory leakage.However,the coverage-centric guidance mechanism of MemLock introduces a degree of aimlessness in the testing process,that results in low seed quality and slow bug exposure speed.To address this issue,we propose a risk areas guidance-based fuzzing technique called RBZZER.First,RBZZER retains MemLock’s memory consumption-guided mechanism and introduces a novel distance-guided approach to expedite the arrival of fuzzing at the potential memory areas.Second,we introduce a new seed scheduling strategy called risk areas-based seed scheduling,which classifies seeds based on potential memory leak areas in the program and further schedules them,thereby effectively improving the efficiency of discovering memory leak vulnerabilities.Experiments demonstrate that RBZZER outperforms the state-of-the-art fuzzing techniques by finding 52%more program unique crashes than the second-best counterpart.In particular,RBZZER can discover the amount of memory leakage at least 112%more than the other baseline fuzzers.Besides,RBZZER detects memory leaks at an average speed that is 9.10x faster than MemLock.
基金supported by the National Natural Science Foundation of China (Grant NO.61332019, NO.61402342, NO.61202387)the National Basic Research Program of China ("973" Program) (Grant No.2014CB340600)the National High–Tech Research and Development Program of China ("863" Program) (Grant No.2015AA016002)
文摘Trusted computing,which can effectively increase the credibility of information system,has made great achievements and is in continuous development. For country who is going to strengthen network construction like China,it is an important fundamental supporting technology worth researching. China is in the international forefront in the field of trusted computing. This paper gives comprehensive introductions to the new development and application of key technologies in trusted computing,such as various trusted platform modules(TPM、TCM、TPCM),TCG Software Stack(TSS),trusted cloud server and Trusted Execution Environment(TEE). We illustrate the progressing and application extension of these technologies and also point out some key problems worth studying in the future.
文摘With the explosive growth of network applications, the threat of the malicious code against network security becomes increasingly serious. In this paper we explore the mechanism of the malicious code by giving an attack model of the malicious code, and discuss the critical techniques of implementation and prevention against the malicious code. The remaining problems and emerging trends in this area are also addressed in the paper.
文摘Anomaly detection of privileged processes is one of the most important means to safeguard the host and system security. The key problem for improving detection performance is to identify local behavior of the short sequences in traces of system calls accurately. An alternative modeling method was proposed based on the typical pattern matching of short sequences, which builds upon the concepts of short sequences with context dependency and the specially designed aggregation algorithm. The experimental results indicate that the modeling method considering the context dependency improves clearly the sensitive decision threshold as compared with the previous modeling method.
基金funded by State Grid Shandong Electric Power Company Technology Project(520626220110).
文摘With the increasing penetration of renewable energy in power system,renewable energy power ramp events(REPREs),dominated by wind power and photovoltaic power,pose significant threats to the secure and stable operation of power systems.This paper presents an early warning method for REPREs based on long short-term memory(LSTM)network and fuzzy logic.First,the warning levels of REPREs are defined by assessing the control costs of various power control measures.Then,the next 4-h power support capability of external grid is estimated by a tie line power predictionmodel,which is constructed based on the LSTMnetwork.Finally,considering the risk attitudes of dispatchers,fuzzy rules are employed to address the boundary value attribution of the early warning interval,improving the rationality of power ramp event early warning.Simulation results demonstrate that the proposed method can generate reasonable early warning levels for REPREs,guiding decision-making for control strategy.
文摘With China's entry into WTO, electronic commerce becomes an indispensable premise for China to build a modern, competitive, knowledge-driven economy, and integrate its national economy into an increasingly networked, knowledge-based global economy. This study examines the current status of Internet and E-commerce development in China, finds the factors that lead to the current situation in terms of government policy orientation, identifies the major barriers to E-commerce adoption in China, and proposes strategies toward greater success of E-commerce in China.
文摘Climate change threatens the sustainable development and survival of the small Caribbean island nations. The continual rise in the demand and cost of the earth's finite hydrocarbon energy reservoir drives these countries to examine the integration of renewable energy to reduce green house gas emissions whilst meeting their electrical energy demands. One possible renewable energy source is wind. Trinidad and Tobago, through its renewable energy policy, is seeking to reliably and economically integrate wind power with its conventional power generation sources. This paper assesses the adequacy of wind power generation at potential sites through the use of auto-regressive modeling and the use of Monte Carlo Simulation to evaluate the well-being indices for the combination of wind and conventional power generation. Two sites in the twin island Republic of Trinidad and Tobago were identified as case studies for the proposed methodology. Analysis of the results indicated that the methodology should be applied to sites with conditions encouraging economic feasibility of wind power generation.
基金supported by National Natural Science Foundation of China(Grant 52377107)the Taishan Scholars ProgramState Key Laboratory of Power System Operation and Control(Grant SKLD24KM17).
文摘Current policies facilitate the involvement of prosumer aggregators in the wholesale market on the distribution side.However,the wholesale market’s disregard for distribution network security constraints may lead to potential security issues when aggregators deliver the awarded power.Furthermore,the electricity market operates within a multi-party offer framework,rendering the competitive behaviour of aggregators’rivals unpredictable.The relationship between locational marginal prices and the offer of prosumer aggregators is further complicated by the coupling of transmission and distribution systems.These factors contribute to the complexity of the decision-making process for prosumer aggregators.This paper introduces a comprehensive offer model for prosumer aggregators that incorporates network security and the intricate market environment.Initially,we develop optimisation decision-making models for various market participants,providing examples of their decision-making behaviours.Subsequently,we explore the interactive dynamics among market entities and formulate a mathematical optimisation model for prosumer aggregators that integrates network security constraints and the complexities of market decision-making.Additionally,we establish a multi-party game model that considers offer strategies of all participants.Finally,we propose simplified solution strategies to address the challenges associated with diverse application scenarios.Case studies conducted on a 69-bus distribution network validate the effectiveness of the proposed model.
基金This work is supported by the National Key Research&Development Program of China(No.2018YFB0904500)the Science and Technology Foundation of the State Grid Corporation of China(SGLNDK00KJJS1800236).
文摘Due to the increasing implementation of high voltage direct current(HVDC)and the integration of renewable resources,frequency stability problems in power systems are drawing greater attention in recent years.It has become necessary to carry out online frequency security assessments to ensure the safe operation of power systems.Considering the low time-efficiency of simulation-based methods,analytical models,such as the frequency nadir prediction(FNP)model,are more suitable for online assessment,which requires calculating the worst frequency deviation under various contingencies.Based on the FNP model,the FNP-L model for online frequency security assessment is proposed in this paper.The proposed model implements security assessment by calculating and checking the frequency features,including the nadir time and frequency,followed by contingencies.The effect of the governor,including nonlinear constraints,is approximated into polynomial functions so that the results are obtained by solving multiple polynomial equations.Case studies are carried out using the New-England 39-bus system and a regional power grid,which shows that the proposed model could achieve both high speed and high accuracy,and can therefore be applied in online security assessment.
基金supported by the National Natural Science Foundation of China (No.U2166201)China Postdoctoral Science Foundation (No.2022TQ0206)。
文摘The National Electricity Market(NEM)in Australia was suspended during June 15-23,2022,with a primary attribution to the lack of available generation capacity.This incident is noteworthy because it was the first market suspension in NEM’s history and took place in a major energy exporting country.In this letter,we review the outline and impacts of the incident.From the perspectives of market regulation,electricity supply,and electricity demand,we identify three underlying causes of the market suspension and offer four recommendations for the market mechanism evolution to ensure power supply security.
基金This work is supported by the DST grant for UKICERI project,DST/RCUK/JVCCE/2015/02.
文摘Strict enforcement of government policies to integrate high generation share from renewable energy sources(RES)like wind and PV would create inevitable operational challenges for the utilities to deliver Frequency Response(FR)services.Uncertain RES generation characteristics would worsen the situation for SO,to detain initial frequency deviation following the largest generation outage.This necessitates investigation of optimal generator combination for securing PFR adequacy with simultaneous characterization of uncertainty.In this regard,this paper proposes a novel Modified Interval(MI)based optimal generation mix formulation for operation cost minimization and FR adequacy.RES uncertainty is characterised by forecasted upper and lower bound,while hourly ramp needs are based on the net load scenarios.Proposed model is assessed on one area IEEE reliability test system.Rate of change of frequency(ROCOF)and frequency deviation are considered as network security limits to obtain optimal generation mix.Results obtained provide,overall cost performance,PFR and optimal generation mix,without violating system security criteria.This model would certainly assist SO,to enhance system’s inertia and PFR adequacy at short-term system operations and could be extended for long-term planning framework.
基金supported by the Nuclear Safety Research Program through Korea Foundation of Nuclear Safety(KoFONS)using the financial resource granted by the Nuclear Safety and Security Commission(NSSC)of the Republic of Korea(Grant number:2106061,50%)supported by the Institute of Information&Communications Technology Planning&Evaluation(IITP)grant funded by the Korea government(MSIT)(RS-2025-25394739,Development of Security Enhancement Technology for Industrial Control Systems Based on S/HBOM Supply Chain Protection,50%).
文摘With the continuous expansion of digital infrastructures,malicious behaviors in host systems have become increasingly sophisticated,often spanning multiple processes and employing obfuscation techniques to evade detection.Audit logs,such as Sysmon,offer valuable insights;however,existing approaches typically flatten event sequences or rely on generic graph models,thereby discarding the natural parent-child process hierarchy that is critical for analyzing multiprocess attacks.This paper proposes a structure-aware threat detection framework that transforms audit logs into a unified two-dimensional(2D)spatio-temporal representation,where process hierarchy is modeled as the spatial axis and event chronology as the temporal axis.In addition,entropy-based features are incorporated to robustly capture obfuscated and non-linguistic strings,overcoming the limitations of semantic embeddings.The model’s performance was evaluated on publicly available datasets,achieving competitive results with an accuracy exceeding 95%and an F1-score of at least 0.94.The proposed approach provides a promising and reproducible solution for detecting attacks with unknown indicators of compromise(IoCs)by analyzing the relationships and behaviors of processes recorded in large-scale audit logs.
基金supported by State Grid Corporation of China,Science and Technology Project under(Grant 5700-202358838A-4-3-WL).
文摘With the advancement of artificial intelligence,deep learning algorithms have increasingly been adopted for defect detection in substation equipment.However,a widely recognised limitation of such models is their inability to learn autonomously over time,resulting in performance degradation when faced with changing data distributions—a phenomenon commonly referred to as‘concept drift’in continual learning contexts.This issue is particularly critical in industrial applications such as power systems,where operational environments evolve continuously.Recently,Hebbian learning has gained renewed interest within the machine learning community due to its unsupervised and localised nature.Several studies have explored its integration with deep neural networks trained via backpropagation(BP),yet combining Hebbian and BP learning remains challenging,especially within complex vision tasks beyond simple classification.In this paper,we propose an object detection framework that integrates Hebbian learning with BP in a layered architecture,supporting unsupervised online learning through a two-stage training strategy.This approach mitigates dependency on manual annotation and enhances adaptability in non-stationary environments.Our method demonstrates improved robustness compared to standard BP-based networks on both a perturbed defect dataset of substation equipment and the COCO2017 benchmark perturbed dataset.
