Common Vulnerability Scoring System (CVSS) is intended to capture the key characteristics of a vulnerability and correspondingly produce a numerical score to indicate the severity. Important efforts are conducted for building a CVSS stochastic model in order to provide a high-level risk assessment to better support cybersecurity decision-making. However, these efforts consider nothing regarding HPC (High-Performance Computing) networks using a Science Demilitary Zone (DMZ) architecture that has special design principles to facilitate data transition, analysis, and store through in a broadband backbone. In this paper, an HPCvul (CVSS-based vulnerability and risk assessment) approach is proposed for HPC networks in order to provide an understanding of the ongoing awareness of the HPC security situation under a dynamic cybersecurity environment. For such a purpose, HPCvul advocates the standardization of the collected security-related data from the network to achieve data portability. HPCvul adopts an attack graph to model the likelihood of successful exploitation of a vulnerability. It is able to merge multiple attack graphs from different HPC subnets to yield a full picture of a large HPC network. Substantial results are presented in this work to demonstrate HPCvul design and its performance.

Swarm learning (SL) is an emerging promising decentralized machine learning paradigm and has achieved high performance in clinical applications. SL solves the problem of a central structure in federated learning by combining edge computing and blockchain-based peer-to-peer network. While there are promising results in the assumption of the independent and identically distributed (IID) data across participants, SL suffers from performance degradation as the degree of the non-IID data increases. To address this problem, we propose a generative augmentation framework in swarm learning called SL-GAN, which augments the non-IID data by generating the synthetic data from participants. SL-GAN trains generators and discriminators locally, and periodically aggregation via a randomly elected coordinator in SL network. Under the standard assumptions, we theoretically prove the convergence of SL-GAN using stochastic approximations. Experimental results demonstrate that SL-GAN outperforms state-of-art methods on three real world clinical datasets including Tuberculosis, Leukemia, COVID-19.

With the continuous development of the Internet, artificial intelligence, 5G and other technologies, various issues have started to receive attention, among which the network security issue is now one of the key research directions for relevant research scholars at home and abroad. This paper researches on the basis of traditional Internet technology to establish a security identification system on top of the network physical layer of the Internet, which can effectively identify some security problems on top of the network infrastructure equipment and solve the identified security problems on the physical layer. This experiment is to develop a security identification system, research and development in the network physical level of the Internet, compared with the traditional development of the relevant security identification system in the network layer, the development in the physical layer, can be based on the physical origin of the protection, from the root to solve part of the network security problems, can effectively carry out the identification and solution of network security problems. The experimental results show that the security identification system can identify some basic network security problems very effectively, and the system is developed based on the physical layer of the Internet network, and the protection is carried out from the physical device, and the retransmission symbol error rates of CQ-PNC algorithm and ML algorithm in the experiment are 110 and 102, respectively. The latter has a lower error rate and better protection.

Wireless security and privacy is gaining a significant interest due to the burgeoning growth of communication devices across the electromagnetic spectrum. In this article, we introduce the concept of the space-time modulated millimeter-wave wireless links enabling physical layer security in highspeed communication links. Such an approach does not require cryptographic key exchanges and enables security in a seamless fashion with no overhead on latency. We show both the design and implementation of such a secure system using custom integrated chips at 71-76 GHz with off-chip packaged antenna array. We also demonstrate the security metric of such a system and analyze the efficacy through distributed eavesdropper attack.

Physical Layer Security (PLS) is used to accomplish perfect secure communication between intended network nodes, while the eavesdropper gets zero information. In this paper, a smart antenna technology i.e., Massive multiple-input-multiple-output (mMIMO) and Non-Orthogonal Multiple Access (NOMA) technology is being used to enhance the secrecy performance of a 5G communication network. Small scale Rayleigh fading channels, as well as large scale pathway loss, have to be taken into consideration. An eavesdropper with multiple antennas, an amplify-and-forward (AF) relay with multi antenna has been proposed. Spider Monkey Algorithm (SMO) is used in adding Artificial Noise (AN) for refining secrecy rate. The findings revealed that the suggested technique improves the security and the quality of Wireless communication.

Security is of vital importance in wireless industrial communication systems. When spoofing attacking has occurred, leading to economic losses or even safety accidents. So as to address the concern, existing approaches mainly rely on traditional cryptographic algorithms. However, these methods cannot meet the needs of short delay and lightweight. In this paper, we propose a CSI-based PHY-layer security authentication scheme to detect spoofing detection. The main idea takes advantage of the uncorrelated nature of wireless channels to the identification of spoofing nodes in the physical layer. We demonstrate a MIMO-OFDM based spoofing detection prototype in industrial environments. Firstly, utilizing Universal Software Radio Peripheral (USRPs) to establish MIMO-OFDM communication systems is presented. Secondly, our proposed security scheme of CSI-based PHY-layer authentication is demonstrated. Finally, the effectiveness of the proposed approach has been verified via attack experiments.

A new type of time modulated metamaterial (MTM) antenna array transmitter capable of realizing 2D directional modulation (DM) for physical layer (PHY) security is presented in this work. The proposed 2D DM MTM antenna array is formed by a time modulated corporate feed network loaded with composite right/left-handed (CRLH) leaky wave antennas (LWAs). By properly designing the on-off states of the switch for each antenna feeding branch as well as harnessing the frequency scanning characteristics of CRLH L WAs, 2D DM can be realized to form a PHY secured transmission link in the 2D space. Experimental results demonstrate the bit-error-rate (BER) is low only at a specific 2D angle for the orthogonal frequency-division multiplexing (OFDM) wireless data links.

In this short position paper, we discuss several potential security concerns that can be found at the physical layer of 6th-generation (6G) cellular networks. Discussion on 6G cellular networks is still at its early stage and thus several candidate radio technologies have been proposed but no single technology has yet been finally selected for 6G systems. Among several radio technologies, we focus on three promising ones for 6G physical-layer technologies: reconfigurable intelligent surface (RIS), Open-RAN (O-RAN), and full-duplex radios. We hope this position paper will spark more active discussion on the security concerns in these new radio technologies.

Vehicular networks are vulnerable to large scale attacks. Blockchain, implemented upon application layer, is recommended as one of the effective security and privacy solutions for vehicular networks. However, due to an increasing complexity of connected nodes, heterogeneous environment and rising threats, a robust security solution across multiple layers is required. Motivated by the Physical Layer Security (PLS) which utilizes physical layer characteristics such as channel fading to ensure reliable and confidential transmission, in this paper we analyze the impact of PLS on a blockchain-enabled vehicular network with two types of physical layer attacks, i.e., jamming and eavesdropping. Throughout the analysis, a Full Duplex Non-Orthogonal Multiple Access (FD-NOMA) based vehicle-to-everything (V2X) is considered to reduce interference caused by jamming and meet 5G communication requirements. Simulation results show enhanced goodput of a blockckchain enabled vehicular network integrated with PLS as compared to the same solution without PLS.

MIMO system makes full use of the space dimension, in the era of increasingly tense spectrum resources, which greatly improves the spectrum efficiency and is one of the future communication support technologies. At the same time, considering the high cost of direct communication between the two parties in a long distance, the relay communication mode has been paid more and more attention. In relay communication network, each node connected by relay has different security levels. In order to forward the information of all nodes, the relay node has the lowest security permission level. Therefore, it is meaningful to study the physical layer security problem in MIMO two-way relay system with relay as the eavesdropper. In view of the above situation, this paper proposes the physical layer security model of MIMO two-way relay cooperative communication network, designs a communication matching grouping algorithm with low complexity and a two-step carrier allocation optimization algorithm, which improves the total security capacity of the system. At the same time, theoretical analysis and simulation verify the effectiveness of the proposed algorithm.

The power industrial control system is an important part of the national critical Information infrastructure. Its security is related to the national strategic security and has become an important target of cyber attacks. In order to solve the problem that the vulnerability detection technology of power industrial control system cannot meet the requirement of non-destructive, this paper proposes an industrial control vulnerability analysis technology combined with dynamic and static analysis technology. On this basis, an industrial control non-destructive vulnerability detection system is designed, and a simulation verification platform is built to verify the effectiveness of the industrial control non-destructive vulnerability detection system. These provide technical support for the safety protection research of the power industrial control system.

In recent years, the blackout accident shows that the cause of power failure is not only in the power network, but also in the cyber network. Aiming at the problem of cyber network fault Cyber-physical power systems, combined with the structure and functional attributes of cyber network, the comprehensive criticality of information node is defined. By evaluating the vulnerability of ieee39 node system, it is found that the fault of high comprehensive criticality information node will cause greater load loss to the system. The simulation results show that the comprehensive criticality index can effectively identify the key nodes of the cyber network.

This paper proposes a power network vulnerability analysis method based on topological approach considering of uncertainties from high-penetrated wind generations. In order to assess the influence of the impact of wind generation owing to its variable wind speed etc., the Quasi Monte Carlo based probabilistic load flow is adopted and performed. On the other hand, an extended stochastic topological vulnerability method involving Complex Network theory with probabilistic load flow is proposed. Corresponding metrics, namely stochastic electrical betweenness and stochastic net-ability are proposed respectively and applied to analyze the vulnerability of power network with wind generations. The case study of CIGRE medium voltage benchmark network is performed for illustration and evaluation. Furthermore, a cascading failures model considering the stochastic metrics is also developed to verify the effectiveness of proposed methodology.

Despite the fact that the power grid is typically regarded as a relatively stable system, outages and electricity shortages are common occurrences. Grid security is mainly dependent on accurate vulnerability assessment. The vulnerability can be assessed in terms of topology-based metrics and flow-based metrics. In this work, power flow analysis is used to calculate the metrics under single line contingency (N-1) conditions. The effect of load uncertainty on system vulnerability is checked. The IEEE 30 bus power network has been used for the case study. It has been found that the variation in load demand affects the system vulnerability.

Aiming at the specificity and complexity of the power IoT terminal, a method of power IoT terminal firmware vulnerability detection based on memory fuzzing is proposed. Use the method of bypassing the execution to simulate and run the firmware program, dynamically monitor and control the execution of the firmware program, realize the memory fuzzing test of the firmware program, design an automatic vulnerability exploitability judgment plug-in for rules and procedures, and provide power on this basis The method and specific process of the firmware vulnerability detection of the IoT terminal. The effectiveness of the method is verified by an example.

For the huge charging demands of numerous electric vehicles (EVs), coordinated charging is increasing in power grid. However, since connected with public networks, the coordinated charging control system is in a low-level cyber security and greatly vulnerable to malicious attacks. This paper investigates the malicious mode attack (MMA), which is a new cyber-attack pattern that simultaneously attacks massive EV charging piles to generate continuous sinusoidal power disturbance with the same frequency as the poorly-damped wide-area electromechanical mode. Thereby, high amplitude forced oscillations are stimulated by MMA, which seriously threats the stability of power systems and the power supply of charging stations. The potential threat of MMA is clarified by investigating the vulnerability of the IoT-based coordinated charging load control system, and an MMA process like Mirai is pointed out as an example. An MMA model is established for impact analysis. A hardware test platform is built for the verification of the MMA model. Test result verified the existence of MMA and the accuracy of the MMA model.

This paper conducts simulation analysis on power transmission lines and availability of power communication link based on Latin hypercube sampling. It proposes a new method of vulnerability communication link assessment for electric cyber physical system. Wind power output, transmission line failure and communication link failure of electric cyber physical system are sampled to obtain different operating states of electric cyber physical system. The connectivity of communication links under different operating states of electric cyber physical system is calculated to judge whether the communication nodes of the links are connected with the control master station. According to the connection between the link communication node and the control master station, the switching load and switching load of the electric cyber physical system in different operating states are calculated, and the optimal switching load of the electric cyber physical system in different operating states is obtained. This method can clearly identify the vulnerable link in the electric cyber physical system, so as to monitor the vulnerable link and strengthen the link strength.

The outages and power shortages are common occurrences in today's world and they have a significant economic impact. These failures can be minimized by making the power grid topologically robust. Therefore, the vulnerability assessment in power systems has become a major concern. This paper considers both pure and extended topological method to analyse the vulnerability of the power system to single line failures. The lines are ranked based on four spectral graph metrics: spectral radius, algebraic connectivity, natural connectivity, and effective graph resistance. A correlation is established between all the four metrics. The impact of load uncertainty on the component ranking has been investigated. The vulnerability assessment has been done on IEEE 9-bus system. It is observed that load variation has minor impact on the ranking.

Software vulnerabilities threaten the security of computer system, and recently more and more loopholes have been discovered and disclosed. For the detected vulnerabilities, the relevant personnel will analyze the vulnerability characteristics, and combine the vulnerability scoring system to determine their severity level, so as to determine which vulnerabilities need to be dealt with first. In recent years, some characteristic description-based methods have been used to predict the severity level of vulnerability. However, the traditional text processing methods only grasp the superficial meaning of the text and ignore the important contextual information in the text. Therefore, this paper proposes an innovative method, called BERT-CNN, which combines the specific task layer of Bert with CNN to capture important contextual information in the text. First, we use Bert to process the vulnerability description and other information, including Access Gained, Attack Origin and Authentication Required, to generate the feature vectors. Then these feature vectors of vulnerabilities and their severity levels are input into a CNN network, and the parameters of the CNN are gotten. Next, the fine-tuned Bert and the trained CNN are used to predict the severity level of a vulnerability. The results show that our method outperforms the state-of-the-art method with 91.31% on F1-score.

SQL Injection has been around as a harmful and prolific threat on web applications for more than 20 years, yet it still poses a huge threat to the World Wide Web. Rapidly evolving web technology has not eradicated this threat; In 2017 51 % of web application attacks are SQL injection attacks. Most conventional practices to prevent SQL injection attacks revolves around secure web and database programming and administration techniques. Despite developer ignorance, a large number of online applications remain susceptible to SQL injection attacks. There is a need for a more effective method to detect and prevent SQL Injection attacks. In this research, we offer a unique machine learning-based strategy for identifying potential SQL injection attack (SQL injection attack) threats. Application of the proposed method in a Security Information and Event Management(SIEM) system will be discussed. SIEM can aggregate and normalize event information from multiple sources, and detect malicious events from analysis of these information. The result of this work shows that a machine learning based SQL injection attack detector which uses SIEM approach possess high accuracy in detecting malicious SQL queries.

Cyberattacks are one of the most pressing issues of our time. The impact of cyberthreats can damage various sectors such as business, health care, and governments, so one of the best solutions to deal with these cyberattacks and reduce cybersecurity threats is using Deep Learning. In this paper, we have created an in-depth study model to detect SQL Injection Attacks and Cross-Site Script attacks. We focused on XSS on the Stored-XSS attack type because SQL and Stored-XSS have similar site management methods. The advantage of combining deep learning with cybersecurity in our system is to detect and prevent short-term attacks without human interaction, so our system can reduce and prevent web attacks. This post-training model achieved a more accurate result more than 99% after maintaining the learning level, and 99% of our test data is determined by this model if this input is normal or dangerous.

Due to the simplicity of implementation and high threat level, SQL injection attacks are one of the oldest, most prevalent, and most destructive types of security attacks on Web-based information systems. With the continuous development and maturity of artificial intelligence technology, it has been a general trend to use AI technology to detect SQL injection. The selection of the sample set is the deciding factor of whether AI algorithms can achieve good results, but dataset with tagged specific category labels are difficult to obtain. This paper focuses on data augmentation to learn similar feature representations from the original data to improve the accuracy of classification models. In this paper, deep convolutional generative adversarial networks combined with genetic algorithms are applied to the field of Web vulnerability attacks, aiming to solve the problem of insufficient number of SQL injection samples. This method is also expected to be applied to sample generation for other types of vulnerability attacks.

Injection attack is one of the best 10 security dangers declared by OWASP. SQL infusion is one of the main types of attack. In light of their assorted and quick nature, SQL injection can detrimentally affect the line, prompting broken and public data on the site. Therefore, this article presents a profound woodland-based technique for recognizing complex SQL attacks. Research shows that the methodology we use resolves the issue of expanding and debasing the first condition of the woodland. We are currently presenting the AdaBoost profound timberland-based calculation, which utilizes a blunder level to refresh the heaviness of everything in the classification. At the end of the day, various loads are given during the studio as per the effect of the outcomes on various things. Our model can change the size of the tree quickly and take care of numerous issues to stay away from issues. The aftereffects of the review show that the proposed technique performs better compared to the old machine preparing strategy and progressed preparing technique.

Security is undoubtedly the most serious problem for Web applications, and SQL injection (SQLi) attacks are one of the most damaging. The detection of SQL blind injection vulnerability is very important, but unfortunately, it is not fast enough. This is because time-based SQL blind injection lacks web page feedback, so the delay function can only be set artificially to judge whether the injection is successful by observing the response time of the page. However, brute force cracking and binary search methods used in injection require more web requests, resulting in a long time to obtain database information in SQL blind injection. In this paper, a gated recurrent neural network-based SQL blind injection technology is proposed to generate the predictive characters in SQL blind injection. By using the neural language model based on deep learning and character sequence prediction, the method proposed in this paper can learn the regularity of common database information, so that it can predict the next possible character according to the currently obtained database information, and sort it according to probability. In this paper, the training model is evaluated, and experiments are carried out on the shooting range to compare the method used in this paper with sqlmap (the most advanced sqli test automation tool at present). The experimental results show that the method used in this paper is more effective and significant than sqlmap in time-based SQL blind injection. It can obtain the database information of the target site through fewer requests, and run faster.

The increasing use of Information Technology applications in the distributed environment is increasing security exploits. Information about vulnerabilities is also available on the open web in an unstructured format that developers can take advantage of to fix vulnerabilities in their IT applications. SQL injection (SQLi) attacks are frequently launched with the objective of exfiltration of data typically through targeting the back-end server organisations to compromise their customer databases. There have been a number of high profile attacks against large enterprises in recent years. With the ever-increasing growth of online trading, it is possible to see how SQLi attacks can continue to be one of the leading routes for cyber-attacks in the future, as indicated by findings reported in OWASP. Various machine learning and deep learning algorithms have been applied to detect and prevent these attacks. However, such preventive attempts have not limited the incidence of cyber-attacks and the resulting compromised database as reported by (CVE) repository. In this paper, the potential of using data mining approaches is pursued in order to enhance the efficacy of SQL injection safeguarding measures by reducing the false-positive rates in SQLi detection. The proposed approach uses CountVectorizer to extract features and then apply various supervised machine-learning models to automate the classification of SQLi. The model that returns the highest accuracy has been chosen among available models. Also a new model has been created PALOSDM (Performance analysis and Iterative optimisation of the SQLI Detection Model) for reducing false-positive rate and false-negative rate. The detection rate accuracy has also been improved significantly from a baseline of 94% up to 99%.