Existing researches on cyber attackdefense analysis have typically adopted stochastic game theory to model the problem for solutions,but the assumption of complete rationality is used in modeling,ignoring the informat...Existing researches on cyber attackdefense analysis have typically adopted stochastic game theory to model the problem for solutions,but the assumption of complete rationality is used in modeling,ignoring the information opacity in practical attack and defense scenarios,and the model and method lack accuracy.To such problem,we investigate network defense policy methods under finite rationality constraints and propose network defense policy selection algorithm based on deep reinforcement learning.Based on graph theoretical methods,we transform the decision-making problem into a path optimization problem,and use a compression method based on service node to map the network state.On this basis,we improve the A3C algorithm and design the DefenseA3C defense policy selection algorithm with online learning capability.The experimental results show that the model and method proposed in this paper can stably converge to a better network state after training,which is faster and more stable than the original A3C algorithm.Compared with the existing typical approaches,Defense-A3C is verified its advancement.展开更多
2017年2月,由北约智库“网络合作防御卓越中心”发起完成的《网络行动国际法塔林手册2.0版》(Tallinn Manual 2.0 on the International Law Applicableto Cyber Operations)(简称《塔林手册2.0版》)由英国剑桥大学出版社正式出版....2017年2月,由北约智库“网络合作防御卓越中心”发起完成的《网络行动国际法塔林手册2.0版》(Tallinn Manual 2.0 on the International Law Applicableto Cyber Operations)(简称《塔林手册2.0版》)由英国剑桥大学出版社正式出版.《塔林手册2.0版》是一个在西方国家主导下,试图通过学者的集体研究来推动网络空间国际法发展的大型项目,也是网络空间国际博弈中有一定影响的机制之一.在《塔林手册2.0版》推出一周年之际,重温该手册的出台历程,思考它对网络空间国际规则的影响,总结其带来的启示和影响,对我国准确把握网络空间国际法的发展态势、积极参与网络空间国际规则制定有着重要意义.展开更多
Chatting language is a unique phenomenon confined to the Internet.It is of great interest to a great number of re searchers.This paper is going to make a research in the following aspects:categories of cyber chatting ...Chatting language is a unique phenomenon confined to the Internet.It is of great interest to a great number of re searchers.This paper is going to make a research in the following aspects:categories of cyber chatting language in China and its distinguishing features.By doing so,it is hoped that more and more people can be aware of the use of online chatting language and use it on proper occasions.展开更多
运用CitespaceⅡ信息可视化图谱软件对"cyberspace" or "cyber warfare"研究文献数据进行分析,绘制了共引网络图谱,并依据图谱中关键节点文献的知识基础,对研究热点及趋势进行了初步探讨,得出国外研究的热点与前沿...运用CitespaceⅡ信息可视化图谱软件对"cyberspace" or "cyber warfare"研究文献数据进行分析,绘制了共引网络图谱,并依据图谱中关键节点文献的知识基础,对研究热点及趋势进行了初步探讨,得出国外研究的热点与前沿的相关结论,对"cyberspace" or "cyber warfare"的研究具有一定的参考价值。展开更多
To ensure flight safety,the complex network method is used to study the influence and invulnerability of air traffic cyber physical system(CPS)nodes.According to the rules of air traffic management,the logical couplin...To ensure flight safety,the complex network method is used to study the influence and invulnerability of air traffic cyber physical system(CPS)nodes.According to the rules of air traffic management,the logical coupling relationship between routes and sectors is analyzed,an air traffic CPS network model is constructed,and the indicators of node influence and invulnerability are established.The K-shell algorithm is improved to identify node influence,and the invulnerability is analyzed under random and selective attacks.Taking Airspace in Eastern China as an example,its influential nodes are sorted by degree,namely,K-shell,the improved K-shell(IKS)and betweenness centrality.The invulnerability of air traffic CPS under different attacks is analyzed.Results show that IKS can effectively identify the influential nodes in the air traffic CPS network,and IKS and betweenness centrality are the two key indicators that affect the invulnerability of air traffic CPS.展开更多
Due to the deep integration of information technology and operational technology,networked control systems are experiencing an increasing risk of international cyber attacks.In practice,industrial cyber security is a ...Due to the deep integration of information technology and operational technology,networked control systems are experiencing an increasing risk of international cyber attacks.In practice,industrial cyber security is a significant topic because current networked control systems are supporting various critical infrastructures to offer vital utility services.By comparing with traditional IT systems,this paper first analyzes the uncontrollable cyber threats and classified attack characteristics,and elaborates the intrinsic vulnerabilities in current networked control systems and novel security challenges in future Industrial Internet.After that,in order to overcome partial vulnerabilities,this paper presents a few representative security mechanisms which have been successfully applied in today’s industrial control systems,and these mechanisms originally improve traditional IT defense technologies from the perspective of industrial availability.Finally,several popular security viewpoints,adequately covering the needs of industrial network structures and service characteristics,are proposed to combine with burgeoning industrial information technologies.We target to provide some helpful security guidelines for both academia and industry,and hope that our insights can further promote in-depth development of industrial cyber security.展开更多
In recent years,an increasing number of application services are deployed in the cloud.However,the cloud platform faces unknown security threats brought by its unknown vulnerabilities and backdoors.Many researchers ha...In recent years,an increasing number of application services are deployed in the cloud.However,the cloud platform faces unknown security threats brought by its unknown vulnerabilities and backdoors.Many researchers have studied the Cyber Mimic Defense(CMD)technologies of the cloud services.However,there is a shortage of tools that enable researchers to evaluate their newly proposed cloud service CMD mechanisms,such as scheduling and decision mechanisms.To fill this gap,we propose MimicCloudSim as a mimic cloud service simulation system based on the basic functionalities of CloudSim.MimicCloudSim supports the simulation of dynamic heterogeneous redundancy(DHR)structure which is the core architecture of CMD technology,and provides an extensible interface to help researchers implement new scheduling and decision mechanisms.In this paper,we firstly describes the architecture and implementation of MimicCloudSim,and then discusses the simulation process.Finally,we demonstrate the capabilities of MimicCloudSim by using a decision mechanism.In addition,we tested the performance of MimicCloudSim,the conclusion shows that MimicCloudSim is highly scalable.展开更多
Cyber operations are relatively a new phenomenon of the last two decades.During that period,they have increased in number,complexity,and agility,while their design and development have been processes well kept under s...Cyber operations are relatively a new phenomenon of the last two decades.During that period,they have increased in number,complexity,and agility,while their design and development have been processes well kept under secrecy.As a consequence,limited data(sets)regarding these incidents are available.Although various academic and practitioner public communities addressed some of the key points and dilemmas that surround cyber operations(such as attack,target identification and selection,and collateral damage),still methodologies and models are needed in order to plan,execute,and assess them in a responsibly and legally compliant way.Based on these facts,it is the aim of this article to propose a model that i))estimates and classifies the effects of cyber operations,and ii)assesses proportionality in order to support targeting decisions in cyber operations.In order to do that,a multi-layered fuzzy model was designed and implemented by analysing real and virtual realistic cyber operations combined with interviews and focus groups with technical e military experts.The proposed model was evaluated on two cyber operations use cases in a focus group with four technical e military experts.Both the design and the results of the evaluation are revealed in this article.展开更多
Conventional power systems are being developed into grid cyber physical systems(GCPS) with widespread application of communication, computer, and control technologies. In this article, we propose a quantitative analys...Conventional power systems are being developed into grid cyber physical systems(GCPS) with widespread application of communication, computer, and control technologies. In this article, we propose a quantitative analysis method for a GCPS. Based on this, we discuss the relationship between cyberspace and physical space, especially the computational similarity within the GCPS both in undirected and directed bipartite networks. We then propose a model for evaluating the fusion of the three most important factors: information, communication, and security. We then present the concept of the fusion evaluation cubic for the GCPS quantitative analysis model. Through these models, we can determine whether a more realistic state of the GCPS can be found by enhancing the fusion between cyberspace and physical space. Finally, we conclude that the degree of fusion between the two spaces is very important, not only considering the performance of the whole business process, but also considering security.展开更多
Cyber physical system(CPS)provides more powerful service by cyber and physical features through the wireless communication.As a kind of social organized network system,a fundamental question of CPS is to achieve servi...Cyber physical system(CPS)provides more powerful service by cyber and physical features through the wireless communication.As a kind of social organized network system,a fundamental question of CPS is to achieve service self-organization with its nodes autonomously working in both physical and cyber environments.To solve the problem,the social nature of nodes in CPS is firstly addressed,and then a formal social semantic descriptions is presented for physical environment,node service and task in order to make the nodes communicate automatically and physical environment sensibly.Further,the Horn clause is introduced to represent the reasoning rules of service organizing.Based on the match function,which is defined for measurement between semantics,the semantic aware measurement is presented to evaluate whether environment around a node can satisfy the task requirement or not.Moreover,the service capacity evaluation method for nodes is addressed to find out the competent service from both cyber and physical features of nodes.According to aforementioned two measurements,the task semantic decomposition algorithm and the organizing matrix are defined and the service self-organizing mechanism for CPS is proposed.Finally,examinations are given to further verify the efficiency and feasibility of the proposed mechanism.展开更多
The rapid technological convergence between Internet of Things (loT), Wireless Body Area Networks (WBANs) and cloud computing has made e-healthcare emerge as a promising application domain, which has significant p...The rapid technological convergence between Internet of Things (loT), Wireless Body Area Networks (WBANs) and cloud computing has made e-healthcare emerge as a promising application domain, which has significant potential to improve the quality of medical care. In particular, patient-centric health monitoring plays a vital role in e-healthcare service, involving a set of important operations ranging from medical data collection and aggregation, data transmission and segregation, to data analytics. This survey paper firstly presents an architectural framework to describe the entire monitoring life cycle and highlight the essential service components. More detailed discussions are then devoted to {/em data collection} at patient side, which we argue that it serves as fundamental basis in achieving robust, efficient, and secure health monitoring. Subsequently, a profound discussion of the security threats targeting eHealth monitoring systems is presented, and the major limitations of the existing solutions are analyzed and extensively discussed. Finally, a set of design challenges is identified in order to achieve high quality and secure patient-centric monitoring schemes, along with some potential solutions.展开更多
基金supported by the Major Science and Technology Programs in Henan Province(No.241100210100)The Project of Science and Technology in Henan Province(No.242102211068,No.232102210078)+2 种基金The Key Field Special Project of Guangdong Province(No.2021ZDZX1098)The China University Research Innovation Fund(No.2021FNB3001,No.2022IT020)Shenzhen Science and Technology Innovation Commission Stable Support Plan(No.20231128083944001)。
文摘Existing researches on cyber attackdefense analysis have typically adopted stochastic game theory to model the problem for solutions,but the assumption of complete rationality is used in modeling,ignoring the information opacity in practical attack and defense scenarios,and the model and method lack accuracy.To such problem,we investigate network defense policy methods under finite rationality constraints and propose network defense policy selection algorithm based on deep reinforcement learning.Based on graph theoretical methods,we transform the decision-making problem into a path optimization problem,and use a compression method based on service node to map the network state.On this basis,we improve the A3C algorithm and design the DefenseA3C defense policy selection algorithm with online learning capability.The experimental results show that the model and method proposed in this paper can stably converge to a better network state after training,which is faster and more stable than the original A3C algorithm.Compared with the existing typical approaches,Defense-A3C is verified its advancement.
文摘2017年2月,由北约智库“网络合作防御卓越中心”发起完成的《网络行动国际法塔林手册2.0版》(Tallinn Manual 2.0 on the International Law Applicableto Cyber Operations)(简称《塔林手册2.0版》)由英国剑桥大学出版社正式出版.《塔林手册2.0版》是一个在西方国家主导下,试图通过学者的集体研究来推动网络空间国际法发展的大型项目,也是网络空间国际博弈中有一定影响的机制之一.在《塔林手册2.0版》推出一周年之际,重温该手册的出台历程,思考它对网络空间国际规则的影响,总结其带来的启示和影响,对我国准确把握网络空间国际法的发展态势、积极参与网络空间国际规则制定有着重要意义.
文摘Chatting language is a unique phenomenon confined to the Internet.It is of great interest to a great number of re searchers.This paper is going to make a research in the following aspects:categories of cyber chatting language in China and its distinguishing features.By doing so,it is hoped that more and more people can be aware of the use of online chatting language and use it on proper occasions.
文摘运用CitespaceⅡ信息可视化图谱软件对"cyberspace" or "cyber warfare"研究文献数据进行分析,绘制了共引网络图谱,并依据图谱中关键节点文献的知识基础,对研究热点及趋势进行了初步探讨,得出国外研究的热点与前沿的相关结论,对"cyberspace" or "cyber warfare"的研究具有一定的参考价值。
基金This work was supported by the Fundamental Research Funds for the Central Universities(No.3122019191).
文摘To ensure flight safety,the complex network method is used to study the influence and invulnerability of air traffic cyber physical system(CPS)nodes.According to the rules of air traffic management,the logical coupling relationship between routes and sectors is analyzed,an air traffic CPS network model is constructed,and the indicators of node influence and invulnerability are established.The K-shell algorithm is improved to identify node influence,and the invulnerability is analyzed under random and selective attacks.Taking Airspace in Eastern China as an example,its influential nodes are sorted by degree,namely,K-shell,the improved K-shell(IKS)and betweenness centrality.The invulnerability of air traffic CPS under different attacks is analyzed.Results show that IKS can effectively identify the influential nodes in the air traffic CPS network,and IKS and betweenness centrality are the two key indicators that affect the invulnerability of air traffic CPS.
基金This work was supported by the National Key R&D Program under Grant No.2018YFA0701604the Natural Science Foundation of Liaoning Province under Grant No.2019-MS-149.
文摘Due to the deep integration of information technology and operational technology,networked control systems are experiencing an increasing risk of international cyber attacks.In practice,industrial cyber security is a significant topic because current networked control systems are supporting various critical infrastructures to offer vital utility services.By comparing with traditional IT systems,this paper first analyzes the uncontrollable cyber threats and classified attack characteristics,and elaborates the intrinsic vulnerabilities in current networked control systems and novel security challenges in future Industrial Internet.After that,in order to overcome partial vulnerabilities,this paper presents a few representative security mechanisms which have been successfully applied in today’s industrial control systems,and these mechanisms originally improve traditional IT defense technologies from the perspective of industrial availability.Finally,several popular security viewpoints,adequately covering the needs of industrial network structures and service characteristics,are proposed to combine with burgeoning industrial information technologies.We target to provide some helpful security guidelines for both academia and industry,and hope that our insights can further promote in-depth development of industrial cyber security.
基金This work was supported by the National Science and Technology Major Project of China(No.2018ZX03002002)the Foundation for Innovative Research Groups of the National Natural Science Foundation of China(No.61521003).
文摘In recent years,an increasing number of application services are deployed in the cloud.However,the cloud platform faces unknown security threats brought by its unknown vulnerabilities and backdoors.Many researchers have studied the Cyber Mimic Defense(CMD)technologies of the cloud services.However,there is a shortage of tools that enable researchers to evaluate their newly proposed cloud service CMD mechanisms,such as scheduling and decision mechanisms.To fill this gap,we propose MimicCloudSim as a mimic cloud service simulation system based on the basic functionalities of CloudSim.MimicCloudSim supports the simulation of dynamic heterogeneous redundancy(DHR)structure which is the core architecture of CMD technology,and provides an extensible interface to help researchers implement new scheduling and decision mechanisms.In this paper,we firstly describes the architecture and implementation of MimicCloudSim,and then discusses the simulation process.Finally,we demonstrate the capabilities of MimicCloudSim by using a decision mechanism.In addition,we tested the performance of MimicCloudSim,the conclusion shows that MimicCloudSim is highly scalable.
文摘Cyber operations are relatively a new phenomenon of the last two decades.During that period,they have increased in number,complexity,and agility,while their design and development have been processes well kept under secrecy.As a consequence,limited data(sets)regarding these incidents are available.Although various academic and practitioner public communities addressed some of the key points and dilemmas that surround cyber operations(such as attack,target identification and selection,and collateral damage),still methodologies and models are needed in order to plan,execute,and assess them in a responsibly and legally compliant way.Based on these facts,it is the aim of this article to propose a model that i))estimates and classifies the effects of cyber operations,and ii)assesses proportionality in order to support targeting decisions in cyber operations.In order to do that,a multi-layered fuzzy model was designed and implemented by analysing real and virtual realistic cyber operations combined with interviews and focus groups with technical e military experts.The proposed model was evaluated on two cyber operations use cases in a focus group with four technical e military experts.Both the design and the results of the evaluation are revealed in this article.
基金supported by The National Key Research and Development Program of China (Title: Basic Theories and Methods of Analysis and Control of the Cyber Physical Systems for Power Grid (Basic Research Class 2017YFB0903000))the State Grid Science and Technology Project (Title: Research on Architecture and Several Key Technologies for Grid Cyber Physical System,No.SGRIXTKJ[2016]454)
文摘Conventional power systems are being developed into grid cyber physical systems(GCPS) with widespread application of communication, computer, and control technologies. In this article, we propose a quantitative analysis method for a GCPS. Based on this, we discuss the relationship between cyberspace and physical space, especially the computational similarity within the GCPS both in undirected and directed bipartite networks. We then propose a model for evaluating the fusion of the three most important factors: information, communication, and security. We then present the concept of the fusion evaluation cubic for the GCPS quantitative analysis model. Through these models, we can determine whether a more realistic state of the GCPS can be found by enhancing the fusion between cyberspace and physical space. Finally, we conclude that the degree of fusion between the two spaces is very important, not only considering the performance of the whole business process, but also considering security.
基金Supported by the National Natural Science Foundation of China(61103069,71171148)the National High-Tech Research and Development Plan of China(″863″ Plan)(2012BAD35B01)+2 种基金the Innovation Program of Shanghai Municipal Education Commission(13YZ052)the Shanghai Committee of Science and Technology(11DZ1501703,11dz12106001)the Program of Shanghai Normal University(DXL125,DCL201302)
文摘Cyber physical system(CPS)provides more powerful service by cyber and physical features through the wireless communication.As a kind of social organized network system,a fundamental question of CPS is to achieve service self-organization with its nodes autonomously working in both physical and cyber environments.To solve the problem,the social nature of nodes in CPS is firstly addressed,and then a formal social semantic descriptions is presented for physical environment,node service and task in order to make the nodes communicate automatically and physical environment sensibly.Further,the Horn clause is introduced to represent the reasoning rules of service organizing.Based on the match function,which is defined for measurement between semantics,the semantic aware measurement is presented to evaluate whether environment around a node can satisfy the task requirement or not.Moreover,the service capacity evaluation method for nodes is addressed to find out the competent service from both cyber and physical features of nodes.According to aforementioned two measurements,the task semantic decomposition algorithm and the organizing matrix are defined and the service self-organizing mechanism for CPS is proposed.Finally,examinations are given to further verify the efficiency and feasibility of the proposed mechanism.
基金supported,in part,by Science Foundation Ireland grant 10/CE/I1855 to Lero -the Irish Software Engineering Research Centre(www.lero.ie)
文摘The rapid technological convergence between Internet of Things (loT), Wireless Body Area Networks (WBANs) and cloud computing has made e-healthcare emerge as a promising application domain, which has significant potential to improve the quality of medical care. In particular, patient-centric health monitoring plays a vital role in e-healthcare service, involving a set of important operations ranging from medical data collection and aggregation, data transmission and segregation, to data analytics. This survey paper firstly presents an architectural framework to describe the entire monitoring life cycle and highlight the essential service components. More detailed discussions are then devoted to {/em data collection} at patient side, which we argue that it serves as fundamental basis in achieving robust, efficient, and secure health monitoring. Subsequently, a profound discussion of the security threats targeting eHealth monitoring systems is presented, and the major limitations of the existing solutions are analyzed and extensively discussed. Finally, a set of design challenges is identified in order to achieve high quality and secure patient-centric monitoring schemes, along with some potential solutions.
