Neural Network Security - With the continuous development of network technology and the continuous expansion of network scale, the security of the network has suffered more threats, and the attacks faced are becoming more and more extensive. The frequent occurrence of network security incidents has caused huge losses, facing more and more severe situation, it is necessary to adopt various network security technologies to solve the problem. In network security, the most commonly used technology is firewall. The firewall has a certain blocking effect on attacks from outside the network, but it has a weak defense effect on the attacks in the internal network, and it is easy to be bypassed. Intrusion detection technology can detect both internal and external network attacks. Responses are generated before the intrusion behavior occurs, and alarm information is issued for timely and effective processing. In recent years, China s campus security incidents are still happening, seriously threatening the lives of students and disrupting the normal teaching order of schools. At present, there are still many loopholes in campus security operations. Campus security management system has become an important task in campus security construction. On this basis, relevant personnel are required to analyze the existing problems of campus safety and the needs of the safety management system, and find the main technology of a more advanced intelligent safety management system.

Neural Network Security - With the rapid development of computer networks and information technology today, people are more inclined to use network systems to achieve various data exchanges. Alibaba, Tencent and other companies virtual payment has become the mainstream payment method. Due to the globalization and openness of the network, anyone can freely enter and exit, which brings huge hidden dangers to NS(network security). NS has become an important issue that we have to face. Once important information is stolen, it is likely to cause very large losses to individuals and even the society. This article mainly studies the computer NS encryption technology of neural network. First of all, the current situation of computer NS is comprehensively reflected from the two aspects of domestic Internet users and NS penetration rate in recent years. By 2020, the number of Chinese residents using the Internet has reached 1.034 billion, and 77.3\% of Internet users are generally aware of NS. Secondly, it analyzes the effect of NN(neural network) on computer NS encryption technology. The results show that the use of NN in computer encryption technology not only helps to improve security and convenience, but also prevents the secondary transmission of data and prevents related information leakage.

Neural Network Security - With the development of computing technology, data security and privacy protection have also become the focus of researchers; along with this comes the issue of network link security and reliability, and these issues have become the focus of discussion when studying network security. Intrusion detection is an effective means to assist in network malicious traffic detection and maintain network stability; to meet the ever-changing demand for network traffic identification, intrusion detection models have undergone a transformation from traditional intrusion detection models to machine learning intrusion detection models to deep intrusion detection models. The efficiency and superiority of deep learning have been proven in fields such as image processing, but there are still some problems in the field of network security intrusion detection: the models are not targeted when processing data, the models have poor generalization ability, etc. The combinatorial neural network proposed in this paper can effectively propose a solution to the problems of existing models, and the CL-IDS model proposed in this paper has a better performance on the KDDCUP99 dataset as demonstrated by relevant experiments.

Neural Network Resiliency - Over the past few years, deep neural networks (DNNs) have been used to solve a wide range of real-life problems. However, DNNs are vulnerable to adversarial attacks where carefully crafted input perturbations can mislead a well-trained DNN to produce false results. As DNNs are being deployed into security-sensitive applications such as autonomous driving, adversarial attacks may lead to catastrophic consequences.

Neural Network Resiliency - Automatic modulation classification (AMC) using the Deep Neural Network (DNN) approach outperforms the traditional classification techniques, even in the presence of challenging wireless channel environments. However, the adversarial attacks cause the loss of accuracy for the DNN-based AMC by injecting a well-designed perturbation to the wireless channels. In this paper, we propose a novel generative adversarial network (GAN)-based countermeasure approach to safeguard the DNN-based AMC systems against adversarial attack examples. GAN-based aims to eliminate the adversarial attack examples before feeding to the DNN-based classifier. Specifically, we have shown the resiliency of our proposed defense GAN against the Fast-Gradient Sign method (FGSM) algorithm as one of the most potent kinds of attack algorithms to craft the perturbed signals. The existing defense-GAN has been designed for image classification and does not work in our case where the abovementioned communication system is considered. Thus, our proposed countermeasure approach deploys GANs with a mixture of generators to overcome the mode collapsing problem in a typical GAN facing radio signal classification problem. Simulation results show the effectiveness of our proposed defense GAN so that it could enhance the accuracy of the DNN-based AMC under adversarial attacks to 81\%, approximately.

Neural Network Resiliency - With the proliferation of Low Earth Orbit (LEO) spacecraft constellations, comes the rise of space-based wireless cognitive communications systems (CCS) and the need to safeguard and protect data against potential hostiles to maintain widespread communications for enabling science, military and commercial services. For example, known adversaries are using advanced persistent threats (APT) or highly progressive intrusion mechanisms to target high priority wireless space communication systems. Specialized threats continue to evolve with the advent of machine learning and artificial intelligence, where computer systems inherently can identify system vulnerabilities expeditiously over naive human threat actors due to increased processing resources and unbiased pattern recognition. This paper presents a disruptive abuse case for an APT-attack on such a CCS and describes a trade-off analysis that was performed to evaluate a variety of machine learning techniques that could aid in the rapid detection and mitigation of an APT-attack. The trade results indicate that with the employment of neural networks, the CCS s resiliency would increase its operational functionality, and therefore, on-demand communication services reliability would increase. Further, modelling, simulation, and analysis (MS\&A) was achieved using the Knowledge Discovery and Data Mining (KDD) Cup 1999 data set as a means to validate a subset of the trade study results against Training Time and Number of Parameters selection criteria. Training and cross-validation learning curves were computed to model the learning performance over time to yield a reasonable conclusion about the application of neural networks.

Neural Network Resiliency - The globalization of the Integrated Circuit (IC) market is attracting an ever-growing number of partners, while remarkably lengthening the supply chain. Thereby, security concerns, such as those imposed by functional Reverse Engineering (RE), have become quintessential. RE leads to disclosure of confidential information to competitors, potentially enabling the theft of intellectual property. Traditional functional RE methods analyze a given gate-level netlist through employing pattern matching towards reconstructing the underlying basic blocks, and hence, reverse engineer the circuit’s function.

Network Security Resiliency - Trending towards autonomous transportation systems, modern vehicles are equipped with hundreds of sensors and actuators that increase the intelligence of the vehicles with a higher level of autonomy, as well as facilitate increased communication with entities outside the in-vehicle network.However, increase in a contact point with the outside world has exposed the controller area network (CAN) of a vehicle to remote security vulnerabilities. In particular, an attacker can inject fake high priority messages within the CAN through the contact points, while preventing legitimate messages from controlling the CAN (Denial-of-Service (DoS) attack). In this paper, we propose a Moving Target Defense (MTD) based mechanism to provide resiliency against DoS attack, where we shuffle the message priorities at different communication cycles, opposed to the state-of-the-art message priority setup, to nullify the attacker’s knowledge of message priorities for a given time. The performance and efficacy of the proposed shuffling algorithm has been analyzed under different configuration, and compared against the state-of-the-art solutions. It is observed that the proposed mechanism is successful in denying DoS attack when the attacker is able to bypass preemptive strategies and inject messages within the in-vehicle network.

Network Security Resiliency - Distributed cyber-infrastructures and Artificial Intelligence (AI) are transformative technologies that will play a pivotal role in the future of society and the scientific community. Internet of Things (IoT) applications harbor vast quantities of connected devices that collect a massive amount of sensitive information (e.g., medical, financial), which is usually analyzed either at the edge or federated cloud systems via AI/Machine Learning (ML) algorithms to make critical decisions (e.g., diagnosis). It is of paramount importance to ensure the security, privacy, and trustworthiness of data collection, analysis, and decision-making processes. However, system complexity and increased attack surfaces make these applications vulnerable to system breaches, single-point of failures, and various cyber-attacks. Moreover, the advances in quantum computing exacerbate the security and privacy challenges. That is, emerging quantum computers can break conventional cryptographic systems that offer cyber-security services, public key infrastructures, and privacy-enhancing technologies. Therefore, there is a vital need for new cyber-security paradigms that can address the resiliency, long-term security, and efficiency requirements of distributed cyber infrastructures.

Network Security Resiliency - The 5G ecosystem is designed as a highly sophisticated and modularized architecture that decouples the radio access network (RAN), the multi-access edge computing (MEC) and the mobile core to enable different and scalable deployments. It leverages modern principles of virtualized network functions, microservices-based service chaining, and cloud-native software stacks. Moreover, it provides built-in security and mechanisms for slicing. Despite all these capabilities, there remain many gaps and opportunities for additional capabilities to support end-toend secure operations for applications across many domains. Although 5G supports mechanisms for network slicing and tunneling, new algorithms and mechanisms that can adapt network slice configurations dynamically to accommodate urgent and mission-critical traffic are needed. Such slices must be secure, interference-aware, and free of side channel attacks. Resilience of the 5G ecosystem itself requires an effective means for observability and (semi-)autonomous self-healing capabilities. To address this plethora of challenges, this paper presents the SECurity and REsiliency TEchniques for Differentiated 5G OPerationS (SECRETED 5G OPS) project, which is investigating fundamental new solutions that center on the zero trust, network slicing, and network augmentation dimensions, which together will achieve secure and differentiated operations in 5G networks. SECRETED 5G OPS solutions are designed to be easily deployable, minimally invasive to the existing infrastructure, not require modifications to user equipment other than possibly firmware upgrades, economically viable, standards compliant, and compliant to regulations.

Network Security Resiliency - The 5G ecosystem is designed as a highly sophisticated and modularized architecture that decouples the radio access network (RAN), the multi-access edge computing (MEC) and the mobile core to enable different and scalable deployments. It leverages modern principles of virtualized network functions, microservices-based service chaining, and cloud-native software stacks. Moreover, it provides built-in security and mechanisms for slicing. Despite all these capabilities, there remain many gaps and opportunities for additional capabilities to support end-toend secure operations for applications across many domains. Although 5G supports mechanisms for network slicing and tunneling, new algorithms and mechanisms that can adapt network slice configurations dynamically to accommodate urgent and mission-critical traffic are needed. Such slices must be secure, interference-aware, and free of side channel attacks. Resilience of the 5G ecosystem itself requires an effective means for observability and (semi-)autonomous self-healing capabilities. To address this plethora of challenges, this paper presents the SECurity and REsiliency TEchniques for Differentiated 5G OPerationS (SECRETED 5G OPS) project, which is investigating fundamental new solutions that center on the zero trust, network slicing, and network augmentation dimensions, which together will achieve secure and differentiated operations in 5G networks. SECRETED 5G OPS solutions are designed to be easily deployable, minimally invasive to the existing infrastructure, not require modifications to user equipment other than possibly firmware upgrades, economically viable, standards compliant, and compliant to regulations.

Network Security Resiliency - The renewable energy proliferation calls upon the grid operators and planners to systematically evaluate the potential impacts of distributed energy resources (DERs). Considering the significant differences between various inverter-based resources (IBRs), especially the different capabilities between grid-forming inverters and grid-following inverters, it is crucial to develop an efficient and effective assessment procedure besides available co-simulation framework with high computation burdens. This paper presents a streamlined graph-based topology assessment for the integrated power system transmission and distribution networks. Graph analyses were performed based on the integrated graph of modified miniWECC grid model and IEEE 8500-node test feeder model, high performance computing platform with 40 nodes and total 2400 CPUs has been utilized to process this integrated graph, which has 100,000+ nodes and 10,000+ IBRs. The node ranking results not only verified the applicability of the proposed method, but also revealed the potential of distributed grid forming (GFM) and grid following (GFL) inverters interacting with the centralized power plants.

Network Security Resiliency - Software-Defined Networking (SDN) technique is presented in this paper to manage the Naval Supervisory Control and Data Acquisition (SCADA) network for equipping the network with the function of reconfiguration and scalability. The programmable nature of SDN enables a programmable Modular Topology Generator (MTG), which provides an extensive control over the network’s internal connectivity and traffic control. Specifically, two functions of MTG are developed and examined in this paper, namely linkHosts and linkSwitches. These functions are able to place the network into three different states, i.e., fully connected, fully disconnected, and partially connected. Therefore, it provides extensive security benefits and allows network administrators to dynamically reconfigure the network and adjust settings according to the network’s needs. Extensive tests on Mininet have demonstrated the effectiveness of SDN for enabling the reconfigurable and scalable Naval SCADA network. Therefore, it provides a potent tool to enhance the resiliency/survivability, scalability/compatibility, and security of naval SCADA networks.

Network Security Resiliency - An often overlooked but equally important aspect of unmanned aerial system (UAS) design is the security of their networking protocols and how they deal with cyberattacks. In this context, cyberattacks are malicious attempts to monitor or modify incoming and outgoing data from the system. These attacks could target anywhere in the system where a transfer of data occurs but are most common in the transfer of data between the control station and the UAS. A compromise in the networking system of a UAS could result in a variety of issues including increased network latency between the control station and the UAS, temporary loss of control over the UAS, or a complete loss of the UAS. A complete loss of the system could result in the UAS being disabled, crashing, or the attacker overtaking command and control of the platform, all of which would be done with little to no alert to the operator. Fortunately, the majority of higher-end, enterprise, and government UAS platforms are aware of these threats and take actions to mitigate them. However, as the consumer market continues to grow and prices continue to drop, network security may be overlooked or ignored in favor of producing the lowest cost product possible. Additionally, these commercial off-the-shelf UAS often use uniform, standardized frequency bands, autopilots, and security measures, meaning a cyberattack could be developed to affect a wide variety of models with minimal changes. This paper will focus on a low-cost educational-use UAS and test its resilience to a variety of cyberattack methods, including man-in-the-middle attacks, spoofing of data, and distributed denial-of-service attacks. Following this experiment will be a discussion of current cybersecurity practices for counteracting these attacks and how they can be applied onboard a UAS. Although in this case the cyberattacks were tested against a simpler platform, the methods discussed are applicable to any UAS platform attempting to defend against such cyberattack methods.

Network Security Resiliency - A reliable synchrophasor network of phasor measurement units (PMUs) is essential for modern power system operations and management with rapidly increasing levels of renewable energy sources. Cyber-physical system vulnerabilities such as side-channel based denial of service (DoS) attacks can compromise PMU communications even when using an encrypted virtual private network. To overcome these vulnerabilities, countermeasures to DoS attacks needs to be developed. One such countermeasure is the development and deployment of a virtual synchrophasor network (VSN) to improve the reliability of a synchrophasor network to DoS attacks. A cellular computational networks (CCN) is a distributed artificial intelligence framework suitable for complex system modeling and estimation. CCNs have been proved to mitigate the effects of DoS attacks on single PMUs successfully. In this study, the robustness of a VSN is further investigated and proven to exhibit resiliency under concurrent DoS attacks. Typical results for VSN applications in multi-area power systems with utility-scale photovoltaic solar plants are presented.

Network Security Resiliency - Recently, Cloud Computing became one of today’s great innovations for provisioning Information Technology (IT) resources. Moreover, a new model has been introduced named Fog Computing, which addresses Cloud Computing paradigm issues regarding time delay and high cost. However, security challenges are still a big concern about the vulnerabilities to both Cloud and Fog Computing systems. Man- in- the- Middle (MITM) is considered one ofthe most destructive attacks in a Fog Computing context. Moreover, it’s very complex to detect MiTM attacks as it is performed passively at the SoftwareDefined Networking (SDN) level, also the Fog Computing paradigm is ideally suitable for MITM attacks. In this paper, a MITM mitigation schemewill be proposed consisting of an SDN network (Fog Leaders) which controls a layer of Fog Nodes. Furthermore, Multi-Path TCP (MPTCP) has been used between all edge devices and Fog Nodes to improve resource utilization and security. The proposed solution performance evaluation has been carried out in a simulation environment using Mininet, Ryu SDN controller and Multipath TCP (MPTCP) Linux kernel. The experimental results showed thatthe proposed solution improves security, network resiliency and resource utilization without any significant overheads compared to the traditional TCP implementation.

Network Security Architecture - As a result of globalization, the COVID-19 pandemic and the migration of data to the cloud, the traditional security measures where an organization relies on a security perimeter and firewalls do not work. There is a shift to a concept whereby resources are not being trusted, and a zero-trust architecture (ZTA) based on a zero-trust principle is needed. Adapting zero trust principles to networks ensures that a single insecure Application Protocol Interface (API) does not become the weakest link comprising of Critical Data, Assets, Application and Services (DAAS). The purpose of this paper is to review the use of zero trust in the security of a network architecture instead of a traditional perimeter. Different software solutions for implementing secure access to applications and services for remote users using zero trust network access (ZTNA) is also summarized. A summary of the author’s research on the qualitative study of “Insecure Application Programming Interface in Zero Trust Networks” is also discussed. The study showed that there is an increased usage of zero trust in securing networks and protecting organizations from malicious cyber-attacks. The research also indicates that APIs are insecure in zero trust environments and most organization are not aware of their presence.

Network Security Architecture - Design a new generation of smart power meter components, build a smart power network, implement power meter safety protection, and complete smart power meter network security protection. The new generation of smart electric energy meters mainly complete legal measurement, safety fee control, communication, control, calculation, monitoring, etc. The smart power utilization structure network consists of the master station server, front-end processor, cryptographic machine and master station to form a master station management system. Through data collection and analysis, the establishment of intelligent energy dispatching operation, provides effective energy-saving policy algorithms and strategies, and realizes energy-smart electricity use manage. The safety protection architecture of the electric energy meter is designed from the aspects of its own safety, full-scenario application safety, and safety management. Own security protection consists of hardware security protection and software security protection. The full-scene application security protection system includes four parts: boundary security, data security, password security, and security monitoring. Security management mainly provides application security management strategies and security responsibility division strategies. The construction of the intelligent electric energy meter network system lays the foundation for network security protection.

Network Security Architecture - To prevent all sorts of attacks, the technology of security service function chains (SFC) is proposed in recent years, it becomes an attractive research highlights. Dynamic orchestration algorithm can create SFC according to the resource usage of network security functions. The current research on creating SFC focuses on a single domain. However in reality the large and complex networks are divided into security domains according to different security levels and managed separately. Therefore, we propose a cross-security domain dynamic orchestration algorithm to create SFC for network security functions based on ant colony algorithm(ACO) and consider load balancing, shortest path and minimum delay as optimization objectives. We establish a network security architecture based on the proposed algorithm, which is suitable for the industrial vertical scenarios, solves the deployment problem of the dynamic orchestration algorithm. Simulation results verify that our algorithm achieves the goal of creating SFC across security domains and demonstrate its performance in creating service function chains to resolve abnormal traffic flows.

Network Security Architecture - Software-Defined Networking or SDN (Software-Defined Networking) is a technology for software control and management of the network in order to improve its properties. Unlike classic network management technologies, which are complex and decentralized, SDN technology is a much more flexible and simple system. The new architecture may be vulnerable to several attacks leading to resource depletion and preventing the SDN controller from providing support to legitimate users. One such attack is the Distributed Denial of Service (DDoS), which is on the rise today. We suggest Modified-DDoSNet, a system for detecting DDoS attacks in the SDN environment. A model based on Deep Learning (DL) techniques will be implemented, combining a Recurrent Neural Network (RNN) with an Autoencoder. The proposed model, which was first trained to detect attacks, was implemented in the security architecture of the SDN network, as a new component. The security architecture of the SDN network contains a total of 13 components, each of which represents an individual part of the architecture, where the first component is the RNN - autoencoder. The model itself, which is the first component, was trained in the CICDDoS2019 dataset. It has high reliability for attack detection, which increases the security of the SDN network architecture.

Network Security Architecture - Network security isolation technology is an important means to protect the internal information security of enterprises. Generally, isolation is achieved through traditional network devices, such as firewalls and gatekeepers. However, the security rules are relatively rigid and cannot better meet the flexible and changeable business needs. Through the double sandbox structure created for each user, each user in the virtual machine is isolated from each other and security is ensured. By creating a virtual disk in a virtual machine as a user storage sandbox, and encrypting the read and write of the disk, the shortcomings of traditional network isolation methods are discussed, and the application of cloud desktop network isolation technology based on VMwarer technology in universities is expounded.

Network Security Architecture - In view of the current network security architecture of power grid enterprises does not adapt to new regulatory regulations, does not adapt to the development trend of digitalization, and the new technology of network security is not covered, this paper designs a set of network security architecture containing element views, capability views and measures views on the basis of the IPDRR network security architecture model, combined with the requirements of power grid enterprises for network security architecture, which covers the network security requirements of "collection, transmission, storage, application" and information system life cycle at the level of information system architecture. Meet new regulations and provide leadership with an understanding of the security posture of the enterprise, improving the organization s ability to defend against attacks.

Network Reconnaissance - Through communication reconnaissance, the code stream of mobile communication cell users is obtained, and the code stream of single user are separated from the mixed code stream, which is vital for the behavior analysis and intelligent management of mobile terminals. In this process, the Cell Radio Network Temporary Identifier (C-RNTD is a specific sign of the user terminal, and is also the key to identify and separate different users code stream. However, there are few related studies on CRNTI and acquisition of code stream. To overcome the problem, the combining method about comprehensive searching of the 4th Generation Mobile Communication Technology (4G) Physical Downlink Control Channel (PDCCH), and interception of Sth Generation Mobile Communication Technology (5G) Physical Random Access Channel (PRACH) is proposed, to obtain the users C-RNTI effectively. According to the corresponding downlink control information (DCI), Physical Downlink Shared Channel (PDSCH) are correctly demodulated, descrambled and decoded to obtain the code stream within it. Finally, the communication reconnaissance receiver is used to carry out a real reconnaissance experiment on the actual 4G/5G\_ mobile communication system. The results, i.e. the obtained C-RNTI and code stream verify the correctness and efficiency of the proposed method. It lays an important technical foundation for the accurate identification and management of mobile communication user terminals.

Network Reconnaissance - With increasing number of data thefts courtesy of new and complex attack mechanisms being used everyday, declaring the internet as unsafe would be the understatement of the century. For current security experts the scenario is equivalent to an endless cat-and-mouse game across a constantly changing landscape. Hence relying on firewalls and anti-virus softwares is like trying to fight a modern, well-equipped army using sticks and stones. All that an attacker needs to successfully breach our system is the right social networking or the right malware used like a packing or encoding technique that our tools won’t detect. Therefore it is the need of the hour to shift our focus beyond edge defense, which largely involves validating the tools, and move towards identification of a breach followed by an appropriate response. This is achieved by implementing an ethereal network which is an end-to-end host and network approach that can actually scale as well as provide true breach detection. The objective is not just blocking; it is significant time reduction. When mundane methods involving firewalls and antiviruses fail, we need to determine what happened and respond. Any industry report uses the term weeks, months, and even years to determine the time of response, which is not good enough. Our goal is to bring it down to hours. We are talking about dramatic time reduction to improve our response, hence an effective breach detection approach is mandatory. A MHN (Modern Honey Network) with a honeypot system has been used to make management and deployment easier and to secure the honeypots. We have used various honeypots such as Glastopf, Dionaea honeypots, Kippo. The dubious activity will be recorded and the attacks details detected in MHN server. The final part of our research is reconnaissance. Since it can be awfully complicated we simplify the process by having our main focus on reconnaissance. Because if a malware or an insider threat breaks into something, they don’t know what they now have access to. This makes them feel the need to do reconnaissance. So, focusing on that behaviour provides us a simple way to determine that we have some unusual activity - whether it is an IOT device that has been compromised or whatever it may be, that has breached our network. Finally we deploy MHN, deploy Dionaea, Kippo, Snort honeypots and Splunk integration for analyzing the captured attacks which reveals the service port under attack and the source IP address of the attacker.

Network Reconnaissance - Multi-UAV cooperative reconnaissance for target search, localization, and tracking has attracted much attention in both civil and military applications, where strategies need to be designed for UAVs to finish the reconnaissance task cooperatively and in the time optimal manner. Different from the state-of-theart of recent research where all the UAVs involved are equipped with homogeneous payloads, this work exploits payload diversity to enhance the time efficiency of the cooperation and proposes a fast multi-UAV cooperative reconnaissance (FMUCR) method. FMUCR groups UAVs in pairs. In each pair, one UAV is equipped with a passive positioning radar, referred to as p-UAV, while another is equipped with an active positioning radar, referred to as a-UAV. FMUCR exploits the large detection range and rough target location detection of passive radar to enable fast search and directional tracking of a target, while the precise target position calculation of active radar to enable accurate tracking of a target. Specifically, the task area is partitioned into subareas according to the number of UAV pairs. Each UAV pair conducts target search, localization, and tracking in one subarea, where the p-UAV leads searching and preliminary tracking of targets, while accurate tracking of targets are taken over by the a-UAV. Algorithms for off-line path planning and on-line path planning are designed, respectively, for target search and target tracking. The comparative simulation demonstrates that, FMUCR can greatly shorten the target discovery time with little loss in target tracking accuracy.