网络威胁情报关联分析技术

在巨大的利益诱惑下,网络攻击技术正在快速畸形发展,与此同时网络防御技术却显得捉襟见肘,缺乏有效的技术手段和理论依据对网络威胁事件进行追踪溯源.针对攻击数据碎片化、溯源线索难提取、攻击链条难关联等问题,分析网络威胁情报的特点,设计网络安全知识图谱,包括6类网络威胁情报实体、14种实体关系,以构建的知识图谱为基础,提出5种...     

基于矩阵半张量积的信息物理融合系统状态不透明性分析与控制

状态不透明性作为一种重要的机密属性,能够表征入侵者窃取系统隐私信息的能力。针对带有不可观测事件的信息物理融合系统(CPSs),该文提出一种基于矩阵半张量积(STP)的代数状态空间方法,并且分析与验证CPSs的状态不透明性。首先利用矩阵STP理论对CPSs的状态演化进行建模,得到系统的动态代数表达式,然后利用STP运算的特性,给出验证系统当前状态不透明性的充分必要代数条件。最后,通过数值仿真算例验证了方法的有效性。该文提出的基于矩阵STP方法为CPSs相关隐私分析与安全控制研究提供了一个新的思路和框架。     

An IOT based smart grid system for advanced cooperative transmission and communication

In the Internet of Things (IoT) ecosystem, devices will predominate, using it in a manner similar to how people used it. Devices will cooperating in a multicast network to collect, share, and forward information way while interacting with one another autonomously and without centralised supervision. The building of an intelligent environment the capability of real-time collection of data, which is crucial for maximising the value of the IoT, will make this possible. A typical electric grid is made up of many power plants that use various power generating units, such as coal-based units, gas-based units, hydro units, etc. The majority of the infrastructure and wires that make up the conventional electricity grid have been in existence for a long time, it should be mentioned. They require significant investments, so providing them could take years. As a result, many grid components are outmoded and must be maintained and monitored on a regular basis to keep power flowing. A sophisticated technology is the smart grid (SG) system that makes it easier to integrate green technology and environmental considerations. The SG cyber–physical system was implemented thanks to the advancement and use of communication technologies in the conventional power system. The Internet of Things (IoT) and essential devices are both present in the complicated architecture of the SG systems. The traditional electric grids are been transformed into smart and efficient grid known as “Smart grid”. The Internet of Things’ smart grid allows for two-way communications among connected devices and technology that can recognise and respond to human needs. The cost and reliability of a smart grid are superior to that of conventional power infrastructure. Through use and data maintenance, smart grid technology will assist in reducing energy use and costs. One of the primary contributions made to grids is the integration of IoT with producing facilities using sustainable energy at various levels. To enhance the smart grid for bidirectional information exchange, improve power quality, and increase reliability Internet of Things (IOT) devices are becoming an important part of smart electric grid. IOT Infrastructure (IOTI) provide a flexible, efficient and secure platform providing strategic management for monitoring and controlling of different operations under different working conditions. This paper discusses cyber security on IOT based infrastructure for electric power systems. A comprehensive study is highlighted which includes type of IOTs, architecture used for smart grid, and future challenges.     

Usability aware secret protection with minimum cost

In this paper we study a cybersecurity problem of protecting system’s secrets with multiple protections and a required security level, while minimizing the associated cost due to implementation/maintenance of these protections as well as the affected system usability. The target system is modeled as a discrete-event system (DES) in which there are a subset of marker states denoting the services/functions provided to regular users, a subset of secret states, and multiple subsets of protectable events with different security levels. We first introduce usability-aware cost levels for the protectable events, and then formulate the security problem as to ensure that every system trajectory that reaches a secret state contains a specified number of protectable events with at least a certain security level, and the highest usability-aware cost level of these events is minimum. We first provide a necessary and sufficient condition under which this security problem is solvable, and when this condition holds we propose an algorithm to solve the problem based on the supervisory control theory of DES. Moreover, we extend the problem to the case of heterogeneous secrets with different levels of importance, and develop an algorithm to solve this extended problem. Finally, we demonstrate the effectiveness of our solutions with a network security example.     

Security and privacy in 6G networks: New areas and new challenges

With the deployment of more and more 5g networks, the limitations of 5g networks have been found, which undoubtedly promotes the exploratory research of 6G networks as the next generation solutions. These investigations include the fundamental security and privacy problems associated with 6G technologies. Therefore, in order to consolidate and solidify this foundational research as a basis for future investigations, we have prepared a survey on the status quo of 6G security and privacy. The survey begins with a historical review of previous networking technologies and how they have informed the current trends in 6G networking. We then discuss four key aspects of 6G networks – real-time intelligent edge computing, distributed artificial intelligence, intelligent radio, and 3D intercoms – and some promising emerging technologies in each area, along with the relevant security and privacy issues. The survey concludes with a report on the potential use of 6G. Some of the references used in this paper along and further details of several points raised can be found at: security-privacyin5g-6g.github.io.     

Why do users not report spear phishing emails?

Cyber security training programs encourage users to report suspicious spear phishing emails, and most antiphishing software provide interfaces to assist in the reporting. Evidence, however, suggests that reporting is scarce. This research examined why this is the case. To this end, Social Cognitive Theory (SCT) was used to examine the influence of the triadic factors of perceived self-efficacy toward antiphishing behaviors, expected negative outcomes from reporting spear phishing emails, and cyber security self-monitoring, on individuals’ likelihood of reporting spear phishing emails. Based on recent research on phishing victims, the present study also incorporated cyber risk beliefs (CRBs) into the SCT framework. The model, tested using survey data (N = 386), revealed that the likelihood of reporting spear phishing emails is increased by perceived self-efficacy, expected negative outcomes, and cyber security self-monitoring. Furthermore, the CRBs directly influenced the three SCT factors and indirectly the individuals’ likelihood of reporting spear phishing emails. The findings add to our understanding of SCT and the science of cyber security.     

The implementation of low-cost urban acoustic monitoring devices

The urban sound environment of New York City (NYC) can be, amongst other things: loud, intrusive, exciting and dynamic. As indicated by the large majority of noise complaints registered with the NYC 311 information/complaints line, the urban sound environment has a profound effect on the quality of life of the city’s inhabitants. To monitor and ultimately understand these sonic environments, a process of long-term acoustic measurement and analysis is required. The traditional method of environmental acoustic monitoring utilizes short term measurement periods using expensive equipment, setup and operated by experienced and costly personnel. In this paper a different approach is proposed to this application which implements a smart, low-cost, static, acoustic sensing device based around consumer hardware. These devices can be deployed in numerous and varied urban locations for long periods of time, allowing for the collection of longitudinal urban acoustic data. The varied environmental conditions of urban settings make for a challenge in gathering calibrated sound pressure level data for prospective stakeholders. This paper details the sensors’ design, development and potential future applications, with a focus on the calibration of the devices’ Microelectromechanical systems (MEMS) microphone in order to generate reliable decibel levels at the type/class 2 level.     

基于信息物理融合系统的无人机地面目标跟踪系统

是在网络通信条件下信息世界与物理世界高度集成交互的复杂智能异构系统;为了解决CPS发展中缺乏测试和验证通用平台的现状,文章在深入分析CPS定义,架构及相关特性的基础上,从经济性,易于实现的角度出发,构建了一套基于CPS架构的无人机地面目标跟踪导航系统的通用测试验证平台,并在OPNET和MATLAB/Simulink模块下进行了仿真,最后针对该系统存在的问题提出了在未来发展中的关键技术及挑战。     

System of Systems Approach to Formal Modeling of CPS for Simulation‐Based Analysis

This paper presents a system‐of‐systems (SoS) approach to the formal modeling of a cyber‐physical system (CPS) for simulation‐based analysis. The approach is based on a convergence technology for modeling and simulation of a highly complex system in which SoS modeling methodology, hybrid systems modeling theory, and simulation interoperation technology are merged. The methodology maps each constituent system of a CPS to a disparate model of either continuous or discrete types. The theory employs two formalisms for modeling of the two model types with formal specification of interfaces between them. Finally, the technology adapts a simulation bus called DEVS BUS whose protocol synchronizes time and exchange messages between subsystems simulation. Benefits of the approach include reusability of simulation models and environments, and simulation‐based analysis of subsystems of a CPS in an inter‐relational manner.     

华为空闲Abis时隙优化

随着移动用户的数量及业务量的不断增长,如何利用现有网络资源提升网络承载效率,我们对现网GPRS及EDGE业务进行潜能深度挖掘,针对现网情况确定一些网络短板,其中发现空闲时隙优化方面存在可优化空间。此次空闲时隙优化是在提升网络资源利用率,优化网络运行情况的前提下展开的。通过提升空闲时隙优化,一方面提升了网络的承载能力,另一方面改善了用户感知,提升了网络质量。