Self-reconfiguration of real-time communication in cyber-physical systems

Today, in domains like automation and robotics systems consist of various sensors and computation nodes. Due to the temporal dependency in quality of measured data, such Cyber-Physical Systems (CPS) commonly have real-time requirements on communication. In addition, these systems shall become more flexible and scalable, e.g., by adding new components to the CPS. This would be most suitable if a CPS could react to the presence of a new component and reconfigure itself to run afterward with the new component integrated to the CPS. This capability is covered by the term Plug-and-Produce. In this paper, we propose a concept to enable Plug-and-Produce within a CPS whose network uses different communication media, e.g., Ethernet and CAN. To enable real-time communication provided by different communication protocols, their different synchronization mechanisms have to be combined to get a common time base within the entire system. For this purpose, we consider Ethernet as well as CAN-based real-time communication protocols and their synchronization mechanisms. The proposed concept for self-reconfiguration aims to be integrated into our three layered software architecture that is presented as well.     

Data breaches: Goodness of fit,pricing, and risk measurement

Some research on cyber risk has been conducted in the field of information technology, but virtually no research exists in the actuarial domain. As a first step toward a more profound actuarial discussion, we use multidimensional scaling and goodness-of-fit tests to analyze the distribution of data breach information. Our results show that different types of data breaches need to be modeled as distinct risk categories. For severity modeling, the log-skew-normal distribution provides promising results. The findings add to the recent discussion on the use of skewed distributions in actuarial modeling (Vernic, 2006; Bolancé et al., 2008; Eling, 2012). Moreover, they provide useful insights for actuaries working on the implementation of cyber insurance policies. We illustrate the usefulness of our results in two applications on risk measurement and pricing.     

Resilient self/event-triggered consensus based on ternary control

This paper considers the problem of multi-agent consensus in the presence of adversarial agents. Such adversaries may try to introduce undesired influence on the coordination of the regular agents and to even prevent them from reaching consensus. To our setting, we extend the so-called mean subsequence reduced algorithms with the aim to reduce the use of computation and communication resources of the agents. In particular, by employing self- and event-triggered communication, the frequencies of state updates as well as data transmissions are kept low. Moreover, the control inputs of the agents take the form of ternary signals, allowing them to further reduce the amount of information at each transmission. We will observe that in hostile environments with adversaries, the self-triggered approach can bring certain advantages over the event-triggered counterpart. Moreover, a novel switching scheme is introduced to mix the two protocols to further enhance the performance of the agents.     

Fooling intrusion detection systems using adversarially autoencoder

Due to the increasing cyber-attacks, various Intrusion Detection Systems (IDSs) have been proposed to identify network anomalies. Most existing machine learning-based IDSs learn patterns from the features extracted from network traffic flows, and the deep learning-based approaches can learn data distribution features from the raw data to differentiate normal and anomalous network flows. Although having been used in the real world widely, the above methods are vulnerable to some types of attacks. In this paper, we propose a novel attack framework, Anti-Intrusion Detection AutoEncoder (AIDAE), to generate features to disable the IDS. In the proposed framework, an encoder transforms features into a latent space, and multiple decoders reconstruct the continuous and discrete features, respectively. Additionally, a generative adversarial network is used to learn the flexible prior distribution of the latent space. The correlation between continuous and discrete features can be kept by using the proposed training scheme. Experiments conducted on NSL-KDD, UNSW-NB15, and CICIDS2017 datasets show that the generated features indeed degrade the detection performance of existing IDSs dramatically.     

面向拜登政府的过渡期网络安全建议

美国网络空间日光浴委员会为新上任的拜登政府提出的网络安全建议。重点建议拜登政府在上任头100天内组建国家网络总监办公室,制定和颁布国家网络战略,改善当前政府网络安全工作的连贯性和影响力,并进一步加强与私营部门的合作关系。同时阐述了拜登政府此后应优先开展的七项工作,以及白宫和国会应围绕网络安全展开立法合作的六个领域。     

坚持总体国家安全观打造网络安全风险防范体系的探索与实践

当前,在信息革命浪潮的推动下,信息通信行业已是国民经济发展最快、竞争最激烈、创新最活跃的领域。而与此相伴而生的非传统安全问题愈发凸显,网络威胁与传统威胁的融合交织对国家安全产生深刻影响,以及信息通信行业持续健康发展的重要基石。本文立足总体国家安全观和网络强国战略要求,系统分析和研究新形势下打造网络安全风险防范体系的理论与实践。     

Security and privacy in 6G networks: New areas and new challenges

With the deployment of more and more 5g networks, the limitations of 5g networks have been found, which undoubtedly promotes the exploratory research of 6G networks as the next generation solutions. These investigations include the fundamental security and privacy problems associated with 6G technologies. Therefore, in order to consolidate and solidify this foundational research as a basis for future investigations, we have prepared a survey on the status quo of 6G security and privacy. The survey begins with a historical review of previous networking technologies and how they have informed the current trends in 6G networking. We then discuss four key aspects of 6G networks – real-time intelligent edge computing, distributed artificial intelligence, intelligent radio, and 3D intercoms – and some promising emerging technologies in each area, along with the relevant security and privacy issues. The survey concludes with a report on the potential use of 6G. Some of the references used in this paper along and further details of several points raised can be found at: security-privacyin5g-6g.github.io.     

A systematic literature review of blockchain cyber security

Since the publication of Satoshi Nakamoto's white paper on Bitcoin in 2008, blockchain has (slowly) become one of the most frequently discussed methods for securing data storage and transfer through decentralized, trustless, peer-to-peer systems. This research identifies peer-reviewed literature that seeks to utilize blockchain for cyber security purposes and presents a systematic analysis of the most frequently adopted blockchain security applications. Our findings show that the Internet of Things (IoT) lends itself well to novel blockchain applications, as do networks and machine visualization, public-key cryptography, web applications, certification schemes and the secure storage of Personally Identifiable Information (PII). This timely systematic review also sheds light on future directions of research, education and practices in the blockchain and cyber security space, such as security of blockchain in IoT, security of blockchain for AI data, and sidechain security.     

Dynamic defenses in cyber security: Techniques,methods and challenges

Driven by the rapid development of the Internet of Things, cloud computing and other emerging technologies, the connotation of cyberspace is constantly expanding and becoming the fifth dimension of human activities. However, security problems in cyberspace are becoming serious, and traditional defense measures (e.g., firewall, intrusion detection systems, and security audits) often fall into a passive situation of being prone to attacks and difficult to take effect when responding to new types of network attacks with a higher and higher degree of coordination and intelligence. By constructing and implementing the diverse strategy of dynamic transformation, the configuration characteristics of systems are constantly changing, and the probability of vulnerability exposure is increasing. Therefore, the difficulty and cost of attack are increasing, which provides new ideas for reversing the asymmetric situation of defense and attack in cyberspace. Nonetheless, few related works systematically introduce dynamic defense mechanisms for cyber security. The related concepts and development strategies of dynamic defense are rarely analyzed and summarized. To bridge this gap, we conduct a comprehensive and concrete survey of recent research efforts on dynamic defense in cyber security. Specifically, we firstly introduce basic concepts and define dynamic defense in cyber security. Next, we review the architectures, enabling techniques and methods for moving target defense and mimic defense. This is followed by taxonomically summarizing the implementation and evaluation of dynamic defense. Finally, we discuss some open challenges and opportunities for dynamic defense in cyber security.