Network Intrusion Detection - This paper proposes a CNN-BiLS TM intrusion detection model for complex system networks. The model performs data over-sampling on the unbalanced data set, which reduces the gap in the amount of category data. It is based on the integration, cooperation, and selectivity of methods and mechanisms in the intrusion detection system, so as to achieve the idea of optimization. In the intrusion detection system, an intrusion detection system based on a variety of detection methods and technologies is proposed, and an integrated, cooperative, and selective overall structure is established. It will be based on distributed intrusion detection and feature engine analysis of intrusion detection, efficiency an increase of 6.7\%.

Network Intrusion Detection - Aiming at the problems of low detection accuracy, high false detection rate and high missed detection rate of traditional Intelligent Substation (I-S) secondary system network Intrusion Detection (I-D) methods, a semantic enhanced network I-D method for I-S secondary system is proposed. First of all, through the analysis of the secondary system network of I-S and the existing security risks, the information network security protection architecture is built based on network I-D. Then, the overall structure of I-S secondary network I-D is constructed by integrating CNN and BiLSTM. Finally, the semantic analysis of Latent Dirichlet Allocation (LDA) is introduced to enhance the network I-D model, which greatly improves the detection accuracy. The proposed method is compared with the other two methods under the same conditions through simulation experiments. The results show that the detection accuracy of the proposed method is the highest (95.02\%) in the face of 10 different types of attack traffic, and the false detection rate and missed detection rate are the lowest (1.3\% and 3.8\% respectively). The algorithm performance is better than the other three comparison algorithms.

Network Intrusion Detection - With the continuous development of deep learning technology, the phenolic model of intrusion detection based on deep learning has become a research hotspot. Traditional network attack detection mainly relies on static rules to detect network behavior, so it is difficult to dynamically adapt to the continuous development of network attacks. While deep learning technology is more and more used in the field of security, the text is based on deep learning classification network to design intrusion detection classification model. The appropriate data processing technology is used to preprocess the original intrusion data, and the processed data is used to train the network model. Finally, the performance of the model is tested to achieve high classification accuracy.

Network Intrusion Detection - Network intrusion detection technology has been a popular application technology for current network security, but the existing network intrusion detection technology in the application process, there are problems such as low detection efficiency, low detection accuracy and other poor detection performance. To solve the above problems, a new treatment combining artificial intelligence with network intrusion detection is proposed. Artificial intelligence-based network intrusion detection technology refers to the application of artificial intelligence techniques, such as: neural networks, neural algorithms, etc., to network intrusion detection, and the application of these artificial intelligence techniques makes the automatic detection of network intrusion detection models possible.

Network Intrusion Detection - Intrusion detection is important in the defense in depth network security framework and a hot topic in computer network security in recent years. In this paper, an effective method for anomaly intrusion detection with low overhead and high efficiency is presented and applied to monitor the abnormal behavior of processes. The method is based on rough set theory and capable of extracting a set of detection rules with the minimum size to form a normal behavior model from the record of system call sequences generated during the normal execution of a process. Based on the network security knowledge base system, this paper proposes an intrusion detection model based on the network security knowledge base system, including data filtering, attack attempt analysis and situation assessment engine. In this model, evolutionary self organizing mapping is used to discover multi - target attacks of the same origin; The association rules obtained by time series analysis method are used to correlate online alarm events to identify complex attacks scattered in time; Finally, the corresponding evaluation indexes and corresponding quantitative evaluation methods are given for host level and LAN system level threats respectively. Compared with the existing IDS, this model has a more complete structure, richer knowledge available, and can more easily find cooperative attacks and effectively reduce the false positive rate.

Network Intrusion Detection - Under the background of the continuous improvement of Chinese social modernization and development level and the comprehensive popularization of information technology, data mining technology is becoming more and more widely used, but the corresponding network security problems occur frequently, which causes serious constraints to the improvement of data mining technology level.Therefore, this paper analyzes the simulation measures of cloud computing network security intrusion detection model based on data mining technology, to ensure that under the cloud computing environment, network intrusion effectively prevents concealment, degeneration, unpredictable, effectively realize the real-time monitoring network intrusion target, and improve the application value of relevant technologies.

Network Intrusion Detection - With the development of computing technology, data security and privacy protection have also become the focus of researchers; along with this comes the issue of network link security and reliability, and these issues have become the focus of discussion when studying network security. Intrusion detection is an effective means to assist in network malicious traffic detection and maintain network stability; to meet the ever-changing demand for network traffic identification, intrusion detection models have undergone a transformation from traditional intrusion detection models to machine learning intrusion detection models to deep intrusion detection models. The efficiency and superiority of deep learning have been proven in fields such as image processing, but there are still some problems in the field of network security intrusion detection: the models are not targeted when processing data, the models have poor generalization ability, etc. The combinatorial neural network proposed in this paper can effectively propose a solution to the problems of existing models, and the CL-IDS model proposed in this paper has a better performance on the KDDCUP99 dataset as demonstrated by relevant experiments.

Network Coding - Precise binary code vulnerability detection is a significant research topic in software security. Currently, the majority of software is released in binary form, and the corresponding vulnerability detection approaches for binary code are desired. Existing deep learning-based detection techniques can only detect binary code vulnerabilities but cannot precisely identify the types of vulnerabilities. This paper proposes a Binary code-based Hybrid neural network for Multiclass Vulnerability Detection, dubbed BHMVD. BHMVD generates binary slices according to the control dependence and data dependence of library/API function calls, and then extracts syntax features from binary slices to generate type slices, which can help identify vulnerability types. This paper uses a hybrid neural network of CNN-BLSTM to extract vulnerability features from binary and type slices. The former extracts local features, while the latter extracts global features. Experiment results on 19 types of vulnerabilities show that BHMVD is effective for binary code-based multiclass vulnerability detection, and using a hybrid neural network can improve detection ability.

Network Coding - Unmanned Aerial Vehicles (UAVs) are drawing enormous attention in both commercial and military applications to facilitate dynamic wireless communications and deliver seamless connectivity due to their flexible deployment, inherent line-ofsight (LOS) air-to-ground (A2G) channels, and high mobility. These advantages, however, render UAV-enabled wireless communication systems susceptible to eavesdropping attempts. Hence, there is a strong need to protect the wireless channel through which most of the UAV-enabled applications share data with each other. There exist various error correction techniques such as Low Density Parity Check (LDPC), polar codes that provide safe and reliable data transmission by exploiting the physical layer but require high transmission power. Also, the security gap achieved by these error-correction techniques must be reduced to improve the security level. In this paper, we present deep learning (DL) enabled punctured LDPC codes to provide secure and reliable transmission of data for UAVs through the Additive White Gaussian Noise (AWGN) channel irrespective of the computational power and channel state information (CSI) of the Eavesdropper. Numerical result analysis shows that the proposed scheme reduces the Bit Error Rate (BER) at Bob effectively as compared to Eve and the Signal to Noise Ratio (SNR) per bit value of 3.5 dB is achieved at the maximum threshold value of BER. Also, the security gap is reduced by 47.22 \% as compared to conventional LDPC codes.

Network Coding - Software vulnerabilities, caused by unintentional flaws in source codes, are the main root cause of cyberattacks. Source code static analysis has been used extensively to detect the unintentional defects, i.e. vulnerabilities, introduced into the source codes by software developers. In this paper, we propose a deep learning approach to detect vulnerabilities from their LLVM IR representations based on the techniques that have been used in natural language processing. The proposed approach uses a hierarchical process to first identify source codes with vulnerabilities, and then it identifies the lines of codes that contribute to the vulnerability within the detected source codes. This proposed twostep approach reduces the false alarm of detecting vulnerable lines. Our extensive experiment on real-world and synthetic codes collected in NVD and SARD shows high accuracy (about 98\%) in detecting source code vulnerabilities 1.

Network Coding - With the continuous development of the Internet, artificial intelligence, 5G and other technologies, various issues have started to receive attention, among which the network security issue is now one of the key research directions for relevant research scholars at home and abroad. This paper researches on the basis of traditional Internet technology to establish a security identification system on top of the network physical layer of the Internet, which can effectively identify some security problems on top of the network infrastructure equipment and solve the identified security problems on the physical layer. This experiment is to develop a security identification system, research and development in the network physical level of the Internet, compared with the traditional development of the relevant security identification system in the network layer, the development in the physical layer, can be based on the physical origin of the protection, from the root to solve part of the network security problems, can effectively carry out the identification and solution of network security problems. The experimental results show that the security identification system can identify some basic network security problems very effectively, and the system is developed based on the physical layer of the Internet network, and the protection is carried out from the physical device, and the retransmission symbol error rates of CQ-PNC algorithm and ML algorithm in the experiment are 110 and 102, respectively. The latter has a lower error rate and better protection.

Network Coding - Aiming at the problem of security transmission in the space-terrestrial integrated networks, this paper proposes a physical layer secure transmission architecture based on concatenated LT and LDPC Codes. The outer code LT code adopts real-time random sampling coding, which can form a complex random interconnection structure and fully expand the randomness. The inner code LDPC code generates different codes through the random change of cyclic shift vector, Reduce the node interconnection deterioration caused by randomization on soft decision decoding, and obtain weak randomness high-performance error correction coding through storage optimized high-performance check matrix combined with soft decision decoding. The analysis and simulation results show that the proposed security transmission method not only improves the security of transmission, but also maintains the high transmission efficiency. Therefore it can be applied to the field of secure communication.

Network Coding - Network Coding (NC) enabled cellular networks can be penetrated by faulty packets that deviates the target nodes from decoding packets received. Even a little amount of pollution can be very quickly spread to remaining packets because of the resource exploitation at intermediary nodes. Numerous methods for protecting against data pollution attacks have been developed in the last few years. Another popular alternative is the Homomorphic Message Authentication Code (HMAC). Hackers can target HMAC by tampering with the end-of-packet tags, known as tag pollution assaults, in order to evade detection. To prevent data pollution and tag pollution assaults, a HMAC-based method can be used using two separate MAC tags. In the 5G wireless communication, small cells and collaborative networks have been extensively investigated. The use of network coding in wireless networks can increase throughput while consuming less power. Strong integrity procedures are essential for a coding environment to combat threats like pollution assaults and take full advantage of network coding. Latency and computation overhead can be reduced while maintaining security by modifying and optimising the existing integrity algorithms. This research focuses on analysing security threats in NC enabled small cells.

Network Coding - We propose and investigate a novel scheme of delay attack-resistant network based on optical code division multiple access (OCDMA). The bit error rate (BER) is analyzed theoretically, and the closed expression of BER is obtained. The system has a corresponding optimal threshold to minimize the BER in different cases. At the same transmission power, the BER will decrease when the code weight increases. Furthermore, the maximum number of users is different with different code weight and transmission power. Optisystem simulation results show that OCDMA system has delay attack-resistant performance, which can effectively improve the physical layer security of optical network.

Network Coding - This paper proposes a hybrid encryption scheme for multi-relay (MR) physical-layer network coding (PNC). Based on the three-relay (3R) bidirectional communication model, first, we discuss the throughput performance of the PNC compared with the traditional scheme (TS) and network coding (NC) system. Through the analysis of transmission efficiency, the superior throughput of the PNC system is demonstrated. Then, to further improve the security of the communication system, we give a scheme of advanced encryption standard (AES) and RivestShamir-Adleman (RSA) hybrid encryption, namely AR hybrid encryption. Finally, we embed the AR hybrid encryption into the multi-relay PNC communication system. At relay nodes of the ARPNC system, we focus on solving the problem of signal mapping. In the meantime, to reduce the performance loss caused by the increase of relay nodes, we exploit Low-Density Parity-Check (LDPC) code to enhance the decoding accuracy. The experimental results and security analysis show that the proposed scheme can boost the system throughput and transmission dependability and stronger the security of the communication system.

Network Coding - This paper introduces a method to improve the transmission model of BigNum network coding. The main contents include the research status of network coding, the principle of BigNum network coding, the security problems existing in the existing technology, the new coding matrix proposed for the problem, the beneficial effect of the new matrix and comparison. In this paper, to improve the security of BigNum network coding, we propose two new coding matrix forms: random number matrix and Fibonacci generation matrix. We also give a proof of the invertibility of Fibonacci generate matrix.

Network Coding - Network coding is getting wider and wider applications. Among which, many studies aim to leverage network coding to improve network security. However, a clear security classification and hierarchy is still missing so far. By classifying and articulating existing schemes, this paper proposed a security hierarchy of network coding system for the community. Four security grades: basic security, weak security, perfect security, and strong security, are tiered with different security strength. The tenet and implementation of them are expounded. The hierarchy helps delineate, classify, and differentiate secure network coding.

Network Accountability - Important for cloud services the cloud computing share throw multiple clients , and it is more important to allocate resources for cloud service provider , cloud computing is an infrastructure that provides on demand network services , in relation , the most important feature of the cloud services is that user’s data are hosted in remote . While taking benefit of this new emerging technology, users’ fear of losing command of their own data, is becoming a noteworthy hurdle to the extensive implementation of cloud services. Cloud service provider module is to process data owner request for storing data files and application and provides cloud users log details to data owner for audit purpose, to address this problem framework based on information accountability to keep track and trial of the authentic handling of the users’ data in the cloud. The system proposed that the Data can be fully tracked by the owner and follow up the service agreements by depending on many items which access, usage control and management.

Nearest Neighbor Search - One of the most significant and widely used IT breakthroughs nowadays is cloud computing. Today, the majority of enterprises use private or public cloud computing services for their computing infrastructure. Cyber-attackers regularly target Cloud resources by inserting malicious code or obfuscated malware onto the server. These malware programmes that are obfuscated are so clever that they often manage to evade the detection technology that is in place. Unfortunately, they are discovered long after they have done significant harm to the server. Machine Learning (ML) techniques have shown to be effective at finding malware in a wide range of fields. To address feature selection (FS) challenges, this study uses the wrapperbased Binary Bat Algorithm (BBA), Cuckoo Search Algorithm (CSA), Mayfly Algorithm (MA), and Particle Swarm Optimization (PSO), and then k-Nearest Neighbor (kNN), Random Forest (RF), and Support Vector Machine (SVM) are used to classify the benign and malicious records to measure the performance in terms of various metrics. CIC-MalMem-2022, the most recent malware memory dataset, is used to evaluate and test the proposed approach and it is found that the proposed system is an acceptable solution to detect malware.

Nearest Neighbor Search - With the rise and development of cloud computing, more and more companies try to outsource computing and storage to cloud in order to save storage and computing cost. Due to the rich information contained in images, the explosion of images is booming the image outsourcing. However, images may contain a lot of sensitive information and cloud servers are always not trusted. Directly outsourcing may lead to data breaches and incur privacy and security concerns. This has partly led to renewed interest in privacy-preserving encrypted image retrieval. However, there are still many challenges, such as low search accuracy and inefficiency due to the hundreds of high dimensional features extracted from a single image and the large scale of images. To address these challenges, in this paper, we propose an efficient, scalable and privacy-preserving image retrieval scheme via ball tree. First, the pre-trained Convolutional Neural Network (CNN) model is employed to extract image feature vectors to improve search accuracy. Next, an encrypted ball tree is constructed by using Learning With Errors(LWE)based secure k-Nearest Neighbor (kNN) algorithm. Finally, we conduct comprehensive experiments on real-world datasets and give a brief security analysis. The results show that our scheme is practical in terms of security, accuracy, and efficiency.

Nearest Neighbor Search - The organization formed by the connection established between computers, typically by cable, for the purpose of communicating and transmitting data is known as a network. A computer network is a collection of interconnected computers that allow for the sharing of resources including data, programs, and files. When people think of computer networks, they think of the Internet. In this paper, we proposed the usage of a new technique for the categorization of computer network traffic that is based on deep sparse autoencoders and k-nearest-neighbor (KNN) that has been optimized with Grid Search. The autoencoders took the input data and extracted high-level characteristics from it, then connected those features to the KNN. The KNN was used to divide the characteristics into three distinct kinds of assaults (normal and abnormal). In comparison to other investigations, the proposed approach demonstrated an accuracy of 98.23\% in its results.

Nearest Neighbor Search - Web component fingerprint library is the basis to solve the problem of Web component identification. A complete and accurate Web component fingerprint library can effectively improve the Web component identification capability. At present, the expansion mode of Web component fingerprint database is still mainly based on expert experience for manual mining, which is difficult to expand and update. Therefore, there is an urgent need for a method to efficiently extend the Web component fingerprint library. To solve this problem, an intelligent method for mining Web components and fingerprints is proposed. This method uses the idea of manual mining new components for reference, and uses the search result characteristics of Web components in search engines to intelligently mine new Web components. At the same time, the fingerprint of Web components can be obtained automatically through data mining on the websites where new components are applied. The experimental results show that 22 new components and 102 component fingerprints have been found in a short time by using intelligent mining methods, which can efficiently mine Web components and fingerprints. Compared with the current mainstream manual mining methods, the efficiency of this method is greatly improved, which proves the feasibility of this method.

Nearest Neighbor Search - The data of large-scale distributed demand-side iot devices are gradually migrated to the cloud. This cloud deployment mode makes it convenient for IoT devices to participate in the interaction between supply and demand, and at the same time exposes various vulnerabilities of IoT devices to the Internet, which can be easily accessed and manipulated by hackers to launch large-scale DDoS attacks. As an easy-to-understand supervised learning classification algorithm, KNN can obtain more accurate classification results without too many adjustment parameters, and has achieved many research achievements in the field of DDoS detection. However, in the face of high-dimensional data, this method has high operation cost, high cost and not practical. Aiming at this disadvantage, this chapter explores the potential of classical KNN algorithm in data storage structure, Knearest neighbor search and hyperparameter optimization, and proposes an improved KNN algorithm for DDoS attack detection of demand-side IoT devices.

Nearest Neighbor Search - Network security is one of the main challenges faced by network administrators and owners, especially with the increasing numbers and types of attacks. This rapid increase results in a need to develop different protection techniques and methods. Network Intrusion Detection Systems (NIDS) are a method to detect and analyze network traffic to identify attacks and notify network administrators. Recently, machine learning (ML) techniques have been extensively applied in developing detection systems. Due to the high complexity of data exchanged over the networks, applying ML techniques will negatively impact system performance as many features need to be analyzed. To select the most relevant features subset from the input data, a feature selection technique is used, which results in enhancing the overall performance of the NIDS. In this paper, we propose a wrapper approach as a feature selection based on a Chaotic Crow Search Algorithm (CCSA) for anomaly network intrusion detection systems. Experiments were conducted on the LITNET2020 dataset. To the best of our knowledge, our proposed method can be considered the first selection algorithm applied on this dataset based on swarm intelligence optimization to find a special subset of features for binary and multiclass classifications that optimizes the performance for all classes at the same time.The model was evaluated using several ML classifiers namely, Knearest neighbors (KNN), Decision Tree (DT), Random Forest (RF), Support Vector Machine (SVM), Multi-layer perceptron (MLP), and Long Short-Term Memory (LSTM). The results proved that the proposed algorithm is more efficient in improving the performance of NIDS in terms of accuracy, detection rate, precision, F-score, specificity, and false alarm rate, outperforming state-of-the-art feature selection techniques recently proposed in the literature.

Nearest Neighbor Search - Nearest neighbor search is a fundamental buildingblock for a wide range of applications. A privacy-preserving protocol for nearest neighbor search involves a set of clients who send queries to a remote database. Each client retrieves the nearest neighbor(s) to its query in the database without revealing any information about the query. To ensure database privacy, clients must learn as little as possible beyond the query answer, even if behaving maliciously by deviating from protocol.