An evolutionary game theory–based security model in vehicular ad hoc networks

The word population is growing on a daily basis; consequently, the growth of commute and transport, developing efficient and intelligent transportation systems (ITS), has become one of the most popular requirements and the most significant attempts in modern urban areas containing large population. A key component of intelligent transportation systems is a vehicular ad hoc network. Devising internet‐based practical programs such as awareness of climatic conditions, geographical location, practical programs like on‐line payment services in the vehicular ad hoc network has led to safer driving, prevention of deadly accidents, transportation improvement, more welfare and convenience for passengers, and even offering more commercial opportunities. The special features of vehicular ad hoc network, such as intense activity, constantly‐changing topology, the vehicles' high speed, etc, will lead to challenges in gaining security. Therefore, providing vehicular ad hoc networks with security is of extreme importance in terms of users' anonymity, identification, and data privacy. In this paper, a security model is presented using a method based on evolutionary games. This method, in every vehicle, is applied as a node in the network while interacting with other vehicles; it aims at distinguishing some common attacks and defending against attackers. In this method, defending (honest) vehicles and attacking vehicles take part in an asymmetrical game; each vehicle aims at gaining the most utility and achieving its goals. The proposed method is simulated using various scenarios. The simulation results reveal that the proposed method is efficient and it reaches equilibrium and convergence at the end of the game in each scenario.     

Exploiting WiMAX for covert transmission of secret data over fading channel

Worldwide Interoperability for Microwave Access (WiMAX) is the broadband wireless access technique that provides rapid broadband services to domestic and enterprise users. Owing to the broadcast characteristic of the WiMAX system, transmitted data security is crucial, particularly when the messages are confidential. In this work, exploiting of WiMAX to convey sensitive secret information is presented. In the first phase, we exploited conventional WiMAX (fast Fourier transform [FFT]‐WiMAX), and in the second phase, we propose a wavelet packet transform (WPT)–based WiMAX for covert communication. The quality evaluation of both covert transmission models (FFT‐WiMAX and WPT‐WiMAX) over the fading channel is done in this work. The experimental outcomes of the proposed WPT‐WiMAX covert transmission system reveal a significant enhancement in error rate (bit error rate) and peak signal‐to‐noise ratio for a given signal‐to‐noise ratio.     

Secrecy sum rate optimization in MISO nonorthogonal multiple access systems with orthogonal space‐time block coding

In this paper, we investigate the secrecy sum rate optimization problem for a multiple‐input single‐output (MISO) nonorthogonal multiple access (NOMA) system with orthogonal space‐time block codes (OSTBC). This system consists of a transmitter, two users, and a potential eavesdropper. The transmitter sends information by orthogonal space‐time block codes. The transmitter's precoder and the power allocation scheme are designed to maximize achievable secrecy sum rate subject to the power constraint at the transmitter and the minimum transmission rate requirement of the weak user. We consider two cases of the eavesdropper's channel condition to obtain positive secrecy sum rate. The first case is the eavesdropper's equivalent channel is the weakest, and the other is the eavesdropper's equivalent channel between the strong user and weak user. For the former case, we employ the constrained concave convex procedure (CCCP)‐based iterative algorithm with one‐dimensional search. While for the latter, we adopt the method of alternating optimization (AO) between precoder and power allocation. We solve a semidefinite programming to optimize the precoder and drive a closed‐form expression of power allocation. The simulation results obtained by our method demonstrate the superiority of our proposed scheme.     

SCM: Secure and accountable TLS certificate management

In classical public‐key infrastructure (PKI), the certificate authorities (CAs) are fully trusted, and the security of the PKI relies on the trustworthiness of the CAs. However, recent failures and compromises of CAs showed that if a CA is corrupted, fake certificates may be issued, and the security of clients will be at risk. As emerging solutions, blockchain‐ and log‐based PKI proposals potentially solved the shortcomings of the PKI, in particular, eliminating the weakest link security and providing a rapid remedy to CAs' problems. Nevertheless, log‐based PKIs are still exposed to split‐world attacks if the attacker is capable of presenting two distinct signed versions of the log to the targeted victim(s), while the blockchain‐based PKIs have scaling and high‐cost issues to be overcome. To address these problems, this paper presents a secure and accountable transport layer security (TLS) certificate management (SCM), which is a next‐generation PKI framework. It combines the two emerging architectures, introducing novel mechanisms, and makes CAs and log servers accountable to domain owners. In SCM, CA‐signed domain certificates are stored in log servers, while the management of CAs and log servers is handed over to a group of domain owners, which is conducted on the blockchain platform. Different from existing blockchain‐based PKI proposals, SCM decreases the storage cost of blockchain from several hundreds of GB to only hundreds of megabytes. Finally, we analyze the security and performance of SCM and compare SCM with previous blockchain‐ and log‐based PKI schemes.     

基于NB-IoT网络的物联网安全防护研究及架构设计

随着NB-IoT商用部署进程的不断加快,基于NB-IoT网络的物联网安全防护研究受到了广泛关注。介绍了NB-IoT技术特点和系统架构,并通过业务平台及业务安全、NB-IoT网内安全及互联网终端设备安全3方面进行安全防护研究,提出了一种基于NB-IoT网络的物联网安全架构模型。     

Game theory-based attack and defense analysis in virtual wireless networks with jammers and eavesdroppers

Dynamic spectrum sharing and cognitive radio networks were proposed to enhance the Radio Frequency (RF) spectrum utilization. However, there are several challenges to realize them in real systems, such as sensing uncertainty causing issues to licensed users, business models for licensed service providers. Wireless virtualization is regarded as a technology that leverages service level agreements to sublease unused or underutilized RF spectrum that addresses aforementioned issues and helps to significantly enhance the utilization of the RF spectrum, offer improved coverage and capacity of networks, enhance network security and reduce energy consumption. With wireless virtualization, wireless networks' physical substrate is shared and reconfigured dynamically between virtual wireless networks through Mobile Virtual Network Operations (MVNOs). Wireless virtualization with dynamic configurable features of Wireless Infrastructure Providers (WIPs), virtualized wireless networks are vulnerable to a multitude of attacks, including jamming attacks and eavesdropping attacks. This paper investigates a means of defense through the employment of coalition game theory when jammers try to degrade the signal quality of legitimate users, and eavesdroppers aim to reduce secrecy rates. Specifically, we consider a virtual wireless network where MVNO users' job is to improve their Signal to Interference plus Noise Ratio (SINR) while the jammers target to collectively enhance their Jammer Received Signal Strength (JRSS), and an eavesdropper's goal is to reduce the overall secrecy rate. Numerical results have demonstrated that the proposed game strategies are effective (in terms of data rate, secrecy rate and latency) against such attackers compared to the traditional approaches.     

基于贝塞尔波束的大景深毫米波介质透镜天线设计

提出了基于贝塞尔波束的大景深毫米波介质透镜天线的设计方法.利用轴锥镜生成贝塞尔波束,并根据成像要求分别设计了基于贝塞尔波束的毫米波介质透镜天线和基于高斯波束的毫米波介质透镜天线.在3mm波段进行了仿真测试及分析,仿真结果表明,所设计的基于贝塞尔波束的毫米波介质透镜天线的3dB宽度为3.23mm,景深约为228mm,相较于传统的基于高斯波束的毫米波介质透镜天线,基于贝塞尔波束的毫米波介质透镜天线可实现的景深提升至5倍以上.     

5G安全技术与标准

移动通信从4G演进到5G的过程中,在网络演进和业务需求的促进下,安全设计的理念进一步完善,安全能力更加丰富。指出5G网络安全的设计理念是在开放的环境下构建安全的网络与服务,基于对3GPP、ITU、GSM中的5G安全标准的综合分析,梳理出网络自身安全保障、垂直行业支撑、安全测评认证3条主线。基于这3条主线,对5G网络中引入的安全新技术、安全新能力、安全新风险进行深入分析,并对5G安全未来发展趋势和重点工作提出建议。     

基于RASP的Web安全检测方法

目前,传统的Web安全检测方法作用于程序输入输出端,不能防范经变形混淆后绕过检测进入程序内部执行的恶意代码,难以满足当前Web应用安全防护新需求。本方法基于对传统数据流监控方法风险的深入分析,结合RASP技术特性,提出了基于RASP的Web安全检测方法,在Web应用程序内部的权限判别函数参数、系统命令执行函数参数、数据库操作函数参数处埋下 RASP 探针,在代码解释器层面实时检测数据流的变化。本方法基于Java语言进行了实现,在实验室证明该方法在准确率和检测时间上优于传统的Web安全检测方法,并在最后分析提出了本方法的部署和应用场景。     

机器视觉技术、标准及安全产业应用

聚焦机器视觉技术及标准化,分析了机器视觉、计算机视觉与人类视觉的异同,列举了与机器视觉相关的技术,介绍了网络信息安全、智能监控和智能交通等机器视觉产业典型应用,以及国际及国内主流标准化组织针对机器视觉技术、系统和应用的标准化工作进展、现状和布局。重点介绍了VCM和DCM等涉及机器视觉核心技术——机器视觉编码标准的工作,以及机器视觉系统和应用标准化组织。在此基础上,分析了机器视觉技术研究和标准化的未来发展方向。