Most proposals for securing control systems are heuristic in nature, and while they increase the protection of their target, the security guarantees they provide are unclear. This paper proposes a new way of modeling the security guarantees of a Cyber-Physical System (CPS) against arbitrary false command attacks. As our main case study, we use the most popular testbed for control systems security. We first propose a detailed formal model of this testbed and then show how the original configuration is vulnerable to a single-actuator attack. We then propose modifications to the control system and prove that our modified system is secure against arbitrary, single-actuator attacks.

Due to the broadcast nature of power line communication (PLC) channels, confidential information exchanged on the power grid is prone to malicious exploitation by any PLC device connected to the same power grid. To combat the ever-growing security threats, physical layer security (PLS) has been proposed as a viable safeguard or complement to existing security mechanisms. In this paper, the security analysis of a typical PLC adversary system model is investigated. In particular, we derive the expressions of the corresponding average secrecy capacity (ASC) and the secrecy outage probability (SOP) of the considered PLC system. In addition, numerical results are presented to validate the obtained analytical expressions and to assess the relevant PLS performances. The results show significant impacts of the transmission distances and the used carrier frequency on the overall transmission security.

Information system administrators must pay attention to system vulnerability information and take appropriate measures against security attacks on the systems they manage. However, as the number of security vulnerability reports increases, the time required to implement vulnerability remediation also increases, therefore vulnerability risks must be assessed and prioritized. Especially in the early stages of vulnerability discovery, such as zero-day attacks, the risk assessment must consider changes over time, since it takes time to spread the information among adversaries and defenders.The Common Vulnerability Scoring System (CVSS) is used widely for vulnerability risk assessment, but it cannot be said that it can sufficiently cope with temporal changes of risk of attacks. In this paper, we proposed software vulnerability growth models to assist system administrators in decision making. Experimental results show that these models can provide a visual representation of the risk over time.

In wireless security, cognitive adversaries are known to inject jamming energy on the victim’s frequency band and monitor the same band for countermeasures thereby trapping the victim. Under the class of cognitive adversaries, we propose a new threat model wherein the adversary, upon executing the jamming attack, measures the long-term statistic of Kullback-Leibler Divergence (KLD) between its observations over each of the network frequencies before and after the jamming attack. To mitigate this adversary, we propose a new cooperative strategy wherein the victim takes the assistance for a helper node in the network to reliably communicate its message to the destination. The underlying idea is to appropriately split their energy and time resources such that their messages are reliably communicated without disturbing the statistical distribution of the samples in the network. We present rigorous analyses on the reliability and the covertness metrics at the destination and the adversary, respectively, and then synthesize tractable algorithms to obtain near-optimal division of resources between the victim and the helper. Finally, we show that the obtained near-optimal division of energy facilitates in deceiving the adversary with a KLD estimator.

Current threat modeling methods focus on understanding the protected network from the perspective of the owners of those networks rather than on comprehensively understanding and integrating the methodology and intent of the threat. We argue that layering the human factors of the adversary over the existing threat models increases the ability of cybersecurity practitioners to truly understand possible threats. Therefore, we need to expand existing adversary and threat modeling approaches in cyberspace to include the representation of human factors of threats, specifically motivations, biases, and perceptions. This additional layer of modeling should be informed by an analysis of cyber threat intelligence reporting. By creating and adopting this expanded modeling, cybersecurity practitioners would have an understanding of how an adversary views their network, which would expand their ability to understand how their network is most likely to be attacked.

The high directionality of millimeter-wave (mmWave) communication systems has proven effective in reducing the attack surface against eavesdropping, thus improving the physical layer security. However, even with highly directional beams, the system is still exposed to eavesdropping against adversaries located within the main lobe. In this paper, we propose BeamSec, a solution to protect the users even from adversaries located in the main lobe. The key feature of BeamSec are: (i) Operating without the knowledge of eavesdropper’s location/channel; (ii) Robustness against colluding eavesdropping attack and (iii) Standard compatibility, which we prove using experiments via our IEEE 802.11ad/ay-compatible 60 GHz phased-array testbed. Methodologically, BeamSec first identifies uncorrelated and diverse beampairs between the transmitter and receiver by analyzing signal characteristics available through standard-compliant procedures. Next, it encodes the information jointly over all selected beampairs to minimize information leakage. We study two methods for allocating transmission time among different beams, namely uniform allocation (no knowledge of the wireless channel) and optimal allocation for maximization of the secrecy rate (with partial knowledge of the wireless channel). Our experiments show that BeamSec outperforms the benchmark schemes against single and colluding eavesdroppers and enhances the secrecy rate by 79.8\% over a random paths selection benchmark.

The rapid growth of communication networks, coupled with the increasing complexity of cyber threats, necessitates the implementation of proactive measures to protect networks and systems. In this study, we introduce a federated learning-based approach for cyber threat hunting at the endpoint level. The proposed method utilizes the collective intelligence of multiple devices to effectively and confidentially detect attacks on individual machines. A security assessment tool is also developed to emulate the behavior of adversary groups and Advanced Persistent Threat (APT) actors in the network. This tool provides network security experts with the ability to assess their network environment s resilience and aids in generating authentic data derived from diverse threats for use in subsequent stages of the federated learning (FL) model. The results of the experiments demonstrate that the proposed model effectively detects cyber threats on the devices while safeguarding privacy.

Intelligent security system is an important part of intelligent site construction, which directly affects the life safety of operators and the level of engineering supervision. Traditional security communication systems for construction, mineral mining and other fields have problems such as small network coverage, low capacity, short terminal life and relatively simple function. According to the application scenarios and business requirements of intelligent security system, this paper uses LoRa AD-hoc networking technology to carry out the network architecture research and key technology design of intelligent security AD-hoc networking system. Further, the detailed design of the embedded software of the system terminal and gateway is completed, and the functions of physical sign monitoring, danger warning and terminal positioning are realized.

Low probability of detection (LPD) has recently emerged as a means to enhance the privacy and security of wireless networks. Unlike existing wireless security techniques, LPD measures aim to conceal the entire existence of wireless communication instead of safeguarding the information transmitted from users. Motivated by LPD communication, in this paper, we study a privacy-preserving and distributed framework based on graph neural networks to minimise the detectability of a wireless ad-hoc network as a whole and predict an optimal communication region for each node in the wireless network, allowing them to communicate while remaining undetected from external actors. We also demonstrate the effectiveness of the proposed method in terms of two performance measures, i.e., mean absolute error and median absolute error.

Vehicular Ad Hoc Networks (VANETs) have the capability of swapping every node of every individual while driving and traveling on the roadside. The VANET-connected vehicle can send and receive data such as requests for emergency assistance, current traffic conditions, etc. VANET assistance with a vehicle for communication purposes is desperately needed. The routing method has the characteristics of safe routing to repair the trust-based features on a specific node.When malicious activity is uncovered, intrusion detection systems (IDS) are crucial tools for mitigating the damage. Collaborations between vehicles in a VANET enhance detection precision by spreading information about interactions across their nodes. This makes the machine learning distribution system feasible, scalable, and usable for creating VANET-based cooperative detection techniques. Privacy considerations are a major impediment to collaborative learning due to the data flow between nodes. A malicious node can get private details about other nodes by observing them. This study proposes a cooperative IDS for VANETs that safeguards the data generated by machine learning. In the intrusion detection phase, the selected optimal characteristics is used to detect network intrusion via a hybrid Deep Neural Network and Bidirectional Long Short-Term Memory approach. The Trust-based routing protocol then performs the intrusion prevention process, stopping the hostile node by having it select the most efficient routing path possible.

Named Data Networking (NDN) has been considered a promising network architecture for Vehicular Ad Hoc Networks (VANETs), what became known as Vehicular Named-Data Networking (VNDN). This new paradigm brings the potential to improve Vehicle-to-Vehicle (V2V) and Vehicle-to-Infrastructure (V2I) that are inefficient in urban intelligent transport scenarios. Despite the advantages, VNDN brings inherent problems, such as the routing interest packages on NDN, which causes serious problem in the vehicular environment. The broadcast storm attack results in a huge amount of packet loss, provoking transmission overload. In addition, the link disconnection caused by the highly dynamic topology leads to a low package delivery rate. In this article, we propose a strategy for forwarding packages of interest in VNDN networks, using fuzzy logic to mitigate the broadcast storm. The proposal also aims to avoid packet collision and efficient data recovery, which the approach is based on metrics such as the nodes distance, the link stability and the signal quality. The results show a reduction in the number of Interest and Data packets without disrupting network performance maintaining adequate Interest delays.

One of the popular networks highly used for creating various Adhoc network applications is Mobile Ad hoc Networks, which are vulnerable to various security attacks, one of which is the blackhole attack. One of the networks that come under MANET is the Vehicular Adhoc network. It uses multi-hop data transmission, which provides various pathways to malicious attacks. One of the attacks, non-identifiable easily, is a blackhole attack, a category of DoS attack. Earlier research methods provided different algorithms for identifying and detecting individual attacks or standard security methods. At the same time, the accuracy of malicious activity detection and elimination is not up to the mark. In which a malevolent node misleadingly publicizes itself as having the shortest path to a destination, causing other nodes to send their data to it, which the attacker discards. This paper proposes a genetic algorithm-based approach for detecting blackhole attacks in VANETs. Our approach uses a combination of network metrics, such as network throughput and end-to-end delay, and genetic algorithms to identify malicious nodes. The genetic algorithm is used to optimize the selection of network metrics and determine the weights given to each metric in the detection process. Simulation results show that our approach effectively detects blackhole attacks with high accuracy and low false positive rates.

At present, the application of wireless Ad hoc network in the field of mobile security inspection is in its infancy, and the network security protection means for the power industry are still insufficient, which is highlighted by the lack of efficient security authentication means for Ad hoc network, and it is difficult to completely eliminate security risks such as illegal terminal intrusion, data counterfeiting and tampering. A decentralized security authentication scheme suitable for Ad hoc network is designed, which can solve the security trust transfer problem on the variable network topology. Under any network route, the security trust is transferred to the proxy node step by step through multiple peer authentication, and the authentication chain is eUEblished between the digital intelligence edge proxy device, the proxy node and the node to be accessed. On the one hand, it can effectively solve the counterfeit problem of A-nodes and proxy nodes; on the other hand, it can greatly reduce the problem of reduced security authentication efficiency caused by deepening network hierarchy.

The new power system puts forward higher requirements for the communication interconnection of power equipment, especially in power areas that are difficult to cover by public networks and private power networks. As an efficient means, although building power communication ad hoc network has the advantages of low cost and flexibility, it puts forward higher requirements for the security of power ad hoc networks. This paper proposes a lightweight and secure access method for power WIFI to better meet the real-time requirements of power ad hoc networks. Based on the analysis of STA and AP flexible networking switching modes of WIFI ad hoc network system, this paper focuses on the security challenges of power WIFI ad hoc network system. Meanwhile, according to the environmental characteristics of the power ad hoc network, we simplify and improve the classic WIFI secure communication in three stages: Scanning, link authentication, and association, to improve lightweight and secure access to power WIFI. The secure access example of power ad hoc network of multiple nodes proves the effectiveness of the proposed method.

Information-Centric Networking (ICN) has emerged as a perfect match to support data-driven applications. Typically, ICN ensures data integrity and authenticity, by provisioning signed and verifiable data packets. Nonetheless, the ICN cryptography-based security scheme entails increased computational and communication cost, while also necessitates continuous connectivity to the infrastructure. We claim that this security approach requires supportive mechanisms to perform adequately in scenarios involving disruptive connectivity and short-term communication. In this paper, we investigate the applicability of two security approaches, namely the in-force cryptographybased approach and a ‘lighter’ reputation-based one, in ad hoc information-centric networks, and aim to identify the pros and cons of each solution. Our experiments rely on a scenario deemed appropriate for the particular research objective: we selected an ICN-based Flying Ad hoc Network (FANET). We assess the impact of intermittent connectivity, as well as, the associated computational and communication cost, and the dynamics of mobility. Our results demonstrate that the reputation-based approach allows for building trust relations in a fast and lightweight manner, but without requiring permanent connectivity to trusted third parties. Therefore, we argue that the standard ICN security system can be consolidated by integrating reputation-based trust as an essential complementary mechanism.

Unmanned aerial vehicles (UAVs) can be deployed and managed in a variety of applications with the help of flying ad hoc networks, or FANETs. However, the dynamically changing topology in FANET has raised significant challenges, mainly related to the insurance of security as a required service for the optimal performance of FANET networks. Blockchain technology has recently been used as an innovative solution to improve FANET security, due to its main characteristics such as transparency, decentralization, and tamper-proof nature. In this poster, we detail some current applications of Blockchain to secure FANET including military, surveillance, and Industry 4.0 services. Finally, we discuss some of the common issues associated with the application of Blockchain on FANET networks.

Flying Ad-hoc Networks (FANET) is an evolving phenomenon in the types of ad-hoc networks, which connects Multiple UAVs (Unmanned Aerial Vehicles) or drones. It is a rapidly deployable, infrastructure-less, self-configurable, and flexible communication environment for data transmission among the multi-UAVs and the Base Station (BS). As a result of technological advancement, the deployment of Multi-UAV networks or FANET has increased. Particularly in life-threatening applications like disaster management and military operations, this kind of ad-hoc network will be highly beneficial. Due to its characteristics of infrastructure-less and non-hierarchical behavior, FANETs faces several security issues in their flexible data communication. Since these kinds of networks are significantly emerging, there is a vital need to establish a threat model capable of identifying vulnerabilities, quantifying risks, and addressing them. In Existing observations, these FANET environment are highly vulnerable to any kind of security threats which in turn degrades the overall performance of the network. Securing the data packets in FANET communication is a crucial task because the nodes involved in this network are movable. Malicious nodes can compromise the confidentiality, availability, and integrity of the network by intruding and modifying data or discarding network packets. In this article, the classification of attacks and several security issues for the FANETs are highlighted. Then the experimental analysis of Packet-loss based detection and Content-Modification detection in the FANETs are implemented and discussed using Omnet++ simulation tool.

This paper proposed a method of online non-parameter identification of nonlinear ship motion systems. Firstly, we use Mariner to generate a certain amount of ship motion data to train the LWPR model. Then the ship travels along a set track. During this process, the sensors continuously obtain the distance, radial velocity and azimuth of the ship relative to the ship, and then completes the construction of simulation data. Next, the performance of the algorithm is verified which uses the Kalman filtering framework. Finally, the estimated value is further used for updating the LWPR model to achieve the purpose of online learning, and the updated model will be used for the next prediction. The experimental results show that the online modeling and tracking method proposed in this paper has higher tracking accuracy than the parameter estimation techniques.

Auditory, which served as one of the five sense systems, play a vital role in human beings’ daily life. Among the many auditory detection techniques, Auditory Brainstem Response (ABR) is widely chosen and studied for its convenience and objectivity. The averaging (Ave) technique is the currently applied method to extract ABR from the EEG signals and is regarded as the gold standard in the clinic. However, the Ave technique is not suitable for noisy condition, like active behavioral condition, which requires the subjects to keep stay during the whole ABR test and is therefore not suitable for newborn. To extract ABR signals from the real active behavioral condition, an adaptive kalman filter (AKF) technique was proposed and systematically investigated from the morphology aspect in two conditions, namely rest and active behavioral (chewing) conditions. The results showed that in rest condition, the ABR signal obtained by the AKF method was highly similar to that of the gold standard method, and the latencies and amplitudes of characteristics waves were also alike. Moreover, we analyzed the latencies and amplitudes of the characteristics waves and CC between the standard ABR and the different method-based ABR. The analyses showed that the AKF had the potential on the extraction of ABR in active behavioral condition. The AKF method provides a new way to robust denoise, and opens a window for ABR acquisition in active behavioral condition, making ABR acquisition in daily life more possible.

Entering the critical year of the 14th Five Year Plan, China s information security industry has entered a new stage of development. With the increasing importance of information security, its industrial development has been paid attention to, but the data fragmentation of China s information security industry is serious, and there are few corresponding summaries and predictions. To achieve the development prediction of the industry, this article studies the intelligent prediction of information security industry data based on machine learning and new adaptive weighted fusion, and deduces the system based on the research results to promote industry development. Firstly, collect, filter, integrate, and preprocess industry data. Based on the characteristics of the data, machine learning algorithms such as linear regression, ridge regression, logical regression, polynomial regression and random forest are selected to predict the data, and the corresponding optimal parameters are found and set in the model creation. And an improved adaptive weighted fusion model based on model prediction performance was proposed. Its principle is to adaptively select the model with the lowest mean square error (MSE) value for fusion based on the real-time prediction performance of multiple machine learning models, and its weight is also calculated adaptively to improve prediction accuracy. Secondly, using technologies such as Matplotlib and Pyecharts to visualize the data and predicted results, it was found that the development trend of the information security industry is closely related to factors such as national information security laws and regulations, the situation between countries, and social emergencies. According to the predicted results of the data, it is observed that both industry input and output have shown an upward trend in recent years. In the future, China s information security industry is expected to maintain stable and rapid growth driven by the domestic market.

Spatial field digital modulation (SFDM) communication system is a special index modulation (IM) technique with low hardware complexity and physical layer security potential. However, the deployment of the SFDM system is always complicated and time-consuming. To solve the problems, an adaptive SFDM system without phase measurement is proposed and implemented in this paper. We design a system architecture fit for self-adjustment and propose the corresponding adaptive algorithm. The state isolation and the BER performance are measured under an indoor channel, which verifies its validity.

This paper investigates the output feedback security control problem of switched nonlinear systems (SNSs) against denial-of-service (DoS) attacks. A novel switched observer-based neural network (NN) adaptive control algorithm is established, which guarantees that all the signals in the closed-loop system remain bounded. Note that when a DoS attacker is active in the Sensor-Controller channel, the controller cannot acquire accurate information, which leads to the standard backstepping technique not being workable. A set of NN adaptive switching-like observers is designed to tackle the obstacle for each subsystem. Further, by combining the proposed observer with the backstepping technique, an NN adaptive controller is constructed and the dynamic surface control method is borrowed to surmount the complexity explosion phenomenon. Finally, an illustrative example is provided to demonstrate the effectiveness of the proposed control algorithm.

Adaptive security is considered as an approach in cybersecurity that analyzes events and against events and behaviors to protect a network. This study will provide details about the different algorithms being used to secure networks. These approaches are driven by a small quantity of labeled data and a massive amount of unlabeled data. In this context, contemporary semi-supervised learning strategies base their operations on the assumption that the distributions of labeled and unlabeled data are comparable. This assumption has a substantial influence on how well these strategies perform overall. If unlabeled data contain information that does not belong to a particular category, the efficiency of the system will deteriorate.

Forecasting technology plays an important role in the construction of systems for detecting anomalies in dynamic data flows of automated process control systems (APCS) resulting from the impact of cyberattacks. To form a forecast of the studied signals, methods for forming a single-component forecast and a multi-component forecast of an information signal using a linear prediction digital filter are considered. It is shown that for the detection of anomalies in the observed signals of APCS, the predictor prediction error signal implemented using a linear prediction filter is informative. The high information content of the use of spectral analysis of the prediction error signal in detecting anomalies in the observed signals of automated process control systems is shown.

Despite various distributed denial-of-service (DDoS) filtering solutions proposed and deployed throughout the Internet, DDoS attacks continue to evolve and successfully overwhelm the victims with DDoS traffic. While current DDoS solutions in general employ a fixed filtering granularity (e.g., IP address, 4-tuple flow, or service requests) with a specific goal (e.g., maximum coverage of DDoS traffic), in this paper we investigate adaptive DDoS filtering. We design and experiment algorithms that can generate and deploy DDoS-filtering rules that not only adapt to the most suitable and effective filtering granularity (e.g., IP source address and a port number vs. an individual IP address vs. IP prefixes at different lengths), but also adapt to the first priorities of victims (e.g., maximum coverage of DDoS traffic vs. minimum collateral damage from dropping legitimate traffic vs. minimum number of rules). We evaluated our approach through both large-scale simulations based on real-world DDoS attack traces and pilot studies. Our evaluations confirm that our algorithms can generate rules that adapt to every distinct filtering objective and achieve optimal results.