Network Control Systems Security - With the development of industrial informatization, information security in the power production industry is becoming more and more important. In the power production industry, as the critical information egress of the industrial control system, the information security of the Networked Control System is particularly important. This paper proposes a construction method for an information security platform of Networked Control System, which is used for research, testing and training of Networked Control System information security.
Authored by Deng Zhang, Jiang Zhao, Dingding Ding, Hanjun Gao
Network on Chip Security - With the advancements in VLSI technology, Tiled Chip Multicore Processors (TCMP) with packet switched Network-on-Chip (NoC) have emerged as the backbone of the modern data intensive parallel multi-core systems. Tight timeto-market and cost constraints have forced chip manufacturers to use third-party IPs in sophisticated TCMP designs. This dependence over third party IPs has instigated security vulnerabilities in inter-tile communication that cannot be detected at manufacturing and testing phases. This includes possibility of having malicious circuits like Hardware Trojans (HT). NoC is the likely target of HT insertion due to its significance and positional advantage from system and communication standpoints. Recent research shows that HTs can manipulate control fields of NoC packets and leads to dead flit attacks that has the potential to disrupt the on-chip communication resulting in application level stalling. In this paper, we propose run time detection of such dead flit attacks by analyzing packet movement behaviours. We also propose a cost effective mitigation mechanism by re-routing the packets around the HT infected router. Our experimental study with real benchmarks on 8x8 mesh TCMP evaluates the effectiveness of the proposed solution.
Authored by Mohammad Khan, Ruchika Gupta, Vedika Kulkarni, John Jose, Sukumar Nandi
Network on Chip Security - Due to the increasing complexity of modern heterogeneous System-on-Chips (SoC) and the growing vulnerabilities, security risk assessment and quantification is required to measure the trustworthiness of a SoC. This paper describes a systematic approach to model the security risk of a system for malicious hardware attacks. The proposed method uses graph analysis to assess the impact of an attack and the Common Vulnerability Scoring System (CVSS) is used to quantify the security level of the system. To demonstrate the applicability of the proposed metric, we consider two open source SoC benchmarks with different architectures. The overall risk is calculated using the proposed metric by computing the exploitability and impact of attack on critical components of a SoC.
Authored by Sujan Saha, Joel Mbongue, Christophe Bobda
Network on Chip Security - In recent times, Network-on-Chip (NoC) has become state of the art for communication in Multiprocessor Systemon-Chip due to the existing scalability issues in this area. However, these systems are exposed to security threats such as extraction of secret information. Therefore, the need for secure communication arises in such environments. In this work, we present a communication protocol based on authenticated encryption with recovery mechanisms to establish secure end-to-end communication between the NoC nodes. In addition, a selected key agreement approach required for secure communication is implemented. The security functionality is located in the network adapter of each processing element. If data is tampered with or deleted during transmission, recovery mechanisms ensure that the corrupted data is retransmitted by the network adapter without the need of interference from the processing element. We simulated and implemented the complete system with SystemC TLM using the NoC simulation platform PANACA. Our results show that we can keep a high rate of correctly transmitted information even when attackers infiltrated the NoC system.
Authored by Julian Haase, Sebastian Jaster, Elke Franz, Diana Göhringer
Network on Chip Security - Without secure wrappers, it is impossible to protect the integrity of embedded IP cores for NoC-based SoC. This paper describes an IEEE 1500 compatible secure test wrapper NoC based on low-cost PUF circuit. The original key generated by LFSR is encrypted into a stream cipher by the PUF module, and the input key string should be equal to this cryptograph unless the wrapper is locked, which provides effective on-line authentication.
Authored by Ying Zhang, Yuanxiang Li, Xin Chen, Jizhong Yang, Yifeng Hua, Jiaoyan Yao
Network on Chip Security - This paper designs a network security protection system based on artificial intelligence technology from two aspects of hardware and software. The system can simultaneously collect Internet public data and secret-related data inside the unit, and encrypt it through the TCM chip solidified in the hardware to ensure that only designated machines can read secret-related materials. The data edgecloud collaborative acquisition architecture based on chip encryption can realize the cross-network transmission of confidential data. At the same time, this paper proposes an edge-cloud collaborative information security protection method for industrial control systems by combining endaddress hopping and load balancing algorithms. Finally, using WinCC, Unity3D, MySQL and other development environments comprehensively, the feasibility and effectiveness of the system are verified by experiments.
Authored by Xiuyun Lu, Wenxing Zhao, Yuquan Zhu
Network on Chip Security - Soft real-time applications, including multimedia, gaming, and smart appliances, rely on specific architectural characteristics to deliver output in a time-constrained fashion. Any violation of application deadlines can lower the Quality-of-Service (QoS). The data sets associated with these applications are distributed over cores that communicate via Network-on-Chip (NoC) in multi-core systems. Accordingly, the response time of such applications depends on the worst-case latency of request/reply packets. A malicious implant such as Hardware Trojan (HT) that initiates a delay-of-service attack can tamper with the system performance. We model an HT that mounts a time-delay attack in the system by violating the path selection strategy used by the adaptive NoC router. Our analysis shows that once activated, the proposed HT increases the packet latency by 17\% and degrades the system performance (IPC) by 18\% over the Baseline. Furthermore, we propose an HT detection framework that uses packet traffic analysis and path monitoring to localise the HT. Experiment results show that the proposed detection framework exhibits 4.8\% less power consumption and 6.4\% less area than the existing technique.
Authored by Manju Rajan, Mayank Choksey, John Jose
Network on Chip Security - IoT technology is finding new applications every day and everywhere in our daily lives. With that, come new use cases with new challenges in terms of device and data security. One of such challenges arises from the fact that many IoT devices/nodes are no longer being deployed on owners’ premises, but rather on public or private property other than the owner’s. With potential physical access to the IoT node, adversaries can launch many attacks that circumvent conventional protection methods. In this paper, we propose Secure SoC (SecSoC), a secure system-on-chip architecture that mitigates such attacks. This include logical memory dump attacks, bus snooping attacks, and compromised operating systems. SecSoC relies on two main mechanisms, (1) providing security extensions to the compute engine that runs the user application without changing its instruction set, (2) adding a security management unit (SMU) that provide HW security primitives for encryption, hashing, random number generators, and secrets store (keys, certificates, etc.). SecSoC ensures that no secret or sensitive data can leave the SoC IC in plaintext. SecSoC is being implemented in Bluespec SystemVerilog. The experimental results will reveal the area, power, and cycle time overhead of these security extensions. Overall performance (total execution time) will also be evaluated using IoT benchmarks.
Authored by Ayman Hroub, Muhammad Elrabaa
Network on Chip Security - The Network-on-Chip (NoC) is the communication heart in Multiprocessors System-on-Chip (MPSoC). It offers an efficient and scalable interconnection platform, which makes it a focal point of potential security threats. Due to outsourcing design, the NoC can be infected with a malicious circuit, known as Hardware Trojan (HT), to leak sensitive information or degrade the system’s performance and function. An HT can form a security threat by consciously dropping packets from the NoC, structuring a Black Hole Router (BHR) attack. This paper presents an end-to-end secure interconnection network against the BHR attack. The proposed scheme is energy-efficient to detect the BHR in runtime with 1\% and 2\% average throughput and energy consumption overheads, respectively.
Authored by Luka Daoud, Nader Rafla
Network on Chip Security - Coarse-Grained Reconfigurable Arrays (CGRA) implemented using FPGA are widely applied due to the portability and compatibility. As an evolvable hardware (EHW) platform, it also faces hardware security problems, among which hardware Trojans (HTs) is the most prominent threat. HTs are malicious hardware components. Once implanted in the route units (RUs) of the network-on-chip (NoC) in CGRA, it will leak confidential information or destroy the entire system. However, few studies have focused on HT mitigation in RUs of NoC in CGRA. To this end, we present an evolutionary algorithm (EA)-based method to mitigate HT attacks in NoC of CGRA. Specifically, we employ the EA to explore generating the circuit structures that do not contain HT-infected RUs. In the simulation experiments built using Python, this paper reports the experimental results for two target evolutionary circuits in NoC and outlines the effectiveness of the proposed method.
Authored by Zeyu Li, Junjie Wang, Zhao Huang, Quang Wang
Network Intrusion Detection - This paper proposes a CNN-BiLS TM intrusion detection model for complex system networks. The model performs data over-sampling on the unbalanced data set, which reduces the gap in the amount of category data. It is based on the integration, cooperation, and selectivity of methods and mechanisms in the intrusion detection system, so as to achieve the idea of optimization. In the intrusion detection system, an intrusion detection system based on a variety of detection methods and technologies is proposed, and an integrated, cooperative, and selective overall structure is established. It will be based on distributed intrusion detection and feature engine analysis of intrusion detection, efficiency an increase of 6.7\%.
Authored by Jiyong Li
Network Intrusion Detection - Aiming at the problems of low detection accuracy, high false detection rate and high missed detection rate of traditional Intelligent Substation (I-S) secondary system network Intrusion Detection (I-D) methods, a semantic enhanced network I-D method for I-S secondary system is proposed. First of all, through the analysis of the secondary system network of I-S and the existing security risks, the information network security protection architecture is built based on network I-D. Then, the overall structure of I-S secondary network I-D is constructed by integrating CNN and BiLSTM. Finally, the semantic analysis of Latent Dirichlet Allocation (LDA) is introduced to enhance the network I-D model, which greatly improves the detection accuracy. The proposed method is compared with the other two methods under the same conditions through simulation experiments. The results show that the detection accuracy of the proposed method is the highest (95.02\%) in the face of 10 different types of attack traffic, and the false detection rate and missed detection rate are the lowest (1.3\% and 3.8\% respectively). The algorithm performance is better than the other three comparison algorithms.
Authored by Bo Xiang, Changchun Zhang, Jugang Wang, Bo Wang
Network Intrusion Detection - With the continuous development of deep learning technology, the phenolic model of intrusion detection based on deep learning has become a research hotspot. Traditional network attack detection mainly relies on static rules to detect network behavior, so it is difficult to dynamically adapt to the continuous development of network attacks. While deep learning technology is more and more used in the field of security, the text is based on deep learning classification network to design intrusion detection classification model. The appropriate data processing technology is used to preprocess the original intrusion data, and the processed data is used to train the network model. Finally, the performance of the model is tested to achieve high classification accuracy.
Authored by XiaoFei Huang, YongGuang Li, Lin Ou, Fei Shu, Wei Ma
Network Intrusion Detection - Network intrusion detection technology has been a popular application technology for current network security, but the existing network intrusion detection technology in the application process, there are problems such as low detection efficiency, low detection accuracy and other poor detection performance. To solve the above problems, a new treatment combining artificial intelligence with network intrusion detection is proposed. Artificial intelligence-based network intrusion detection technology refers to the application of artificial intelligence techniques, such as: neural networks, neural algorithms, etc., to network intrusion detection, and the application of these artificial intelligence techniques makes the automatic detection of network intrusion detection models possible.
Authored by Chaofan Lu
Network Intrusion Detection - Intrusion detection is important in the defense in depth network security framework and a hot topic in computer network security in recent years. In this paper, an effective method for anomaly intrusion detection with low overhead and high efficiency is presented and applied to monitor the abnormal behavior of processes. The method is based on rough set theory and capable of extracting a set of detection rules with the minimum size to form a normal behavior model from the record of system call sequences generated during the normal execution of a process. Based on the network security knowledge base system, this paper proposes an intrusion detection model based on the network security knowledge base system, including data filtering, attack attempt analysis and situation assessment engine. In this model, evolutionary self organizing mapping is used to discover multi - target attacks of the same origin; The association rules obtained by time series analysis method are used to correlate online alarm events to identify complex attacks scattered in time; Finally, the corresponding evaluation indexes and corresponding quantitative evaluation methods are given for host level and LAN system level threats respectively. Compared with the existing IDS, this model has a more complete structure, richer knowledge available, and can more easily find cooperative attacks and effectively reduce the false positive rate.
Authored by Songjie Gong
Network Intrusion Detection - Under the background of the continuous improvement of Chinese social modernization and development level and the comprehensive popularization of information technology, data mining technology is becoming more and more widely used, but the corresponding network security problems occur frequently, which causes serious constraints to the improvement of data mining technology level.Therefore, this paper analyzes the simulation measures of cloud computing network security intrusion detection model based on data mining technology, to ensure that under the cloud computing environment, network intrusion effectively prevents concealment, degeneration, unpredictable, effectively realize the real-time monitoring network intrusion target, and improve the application value of relevant technologies.
Authored by Yuxiang Hou
Network Intrusion Detection - With the development of computing technology, data security and privacy protection have also become the focus of researchers; along with this comes the issue of network link security and reliability, and these issues have become the focus of discussion when studying network security. Intrusion detection is an effective means to assist in network malicious traffic detection and maintain network stability; to meet the ever-changing demand for network traffic identification, intrusion detection models have undergone a transformation from traditional intrusion detection models to machine learning intrusion detection models to deep intrusion detection models. The efficiency and superiority of deep learning have been proven in fields such as image processing, but there are still some problems in the field of network security intrusion detection: the models are not targeted when processing data, the models have poor generalization ability, etc. The combinatorial neural network proposed in this paper can effectively propose a solution to the problems of existing models, and the CL-IDS model proposed in this paper has a better performance on the KDDCUP99 dataset as demonstrated by relevant experiments.
Authored by Gaodi Xu, Jinghui Zhou, Yunlong He
Network Coding - Precise binary code vulnerability detection is a significant research topic in software security. Currently, the majority of software is released in binary form, and the corresponding vulnerability detection approaches for binary code are desired. Existing deep learning-based detection techniques can only detect binary code vulnerabilities but cannot precisely identify the types of vulnerabilities. This paper proposes a Binary code-based Hybrid neural network for Multiclass Vulnerability Detection, dubbed BHMVD. BHMVD generates binary slices according to the control dependence and data dependence of library/API function calls, and then extracts syntax features from binary slices to generate type slices, which can help identify vulnerability types. This paper uses a hybrid neural network of CNN-BLSTM to extract vulnerability features from binary and type slices. The former extracts local features, while the latter extracts global features. Experiment results on 19 types of vulnerabilities show that BHMVD is effective for binary code-based multiclass vulnerability detection, and using a hybrid neural network can improve detection ability.
Authored by Ningning Cui, Liwei Chen, Gewangzi Du, Tongshuai Wu, Chenguang Zhu, Gang Shi
Network Coding - Unmanned Aerial Vehicles (UAVs) are drawing enormous attention in both commercial and military applications to facilitate dynamic wireless communications and deliver seamless connectivity due to their flexible deployment, inherent line-ofsight (LOS) air-to-ground (A2G) channels, and high mobility. These advantages, however, render UAV-enabled wireless communication systems susceptible to eavesdropping attempts. Hence, there is a strong need to protect the wireless channel through which most of the UAV-enabled applications share data with each other. There exist various error correction techniques such as Low Density Parity Check (LDPC), polar codes that provide safe and reliable data transmission by exploiting the physical layer but require high transmission power. Also, the security gap achieved by these error-correction techniques must be reduced to improve the security level. In this paper, we present deep learning (DL) enabled punctured LDPC codes to provide secure and reliable transmission of data for UAVs through the Additive White Gaussian Noise (AWGN) channel irrespective of the computational power and channel state information (CSI) of the Eavesdropper. Numerical result analysis shows that the proposed scheme reduces the Bit Error Rate (BER) at Bob effectively as compared to Eve and the Signal to Noise Ratio (SNR) per bit value of 3.5 dB is achieved at the maximum threshold value of BER. Also, the security gap is reduced by 47.22 \% as compared to conventional LDPC codes.
Authored by Himanshu Sharma, Neeraj Kumar, Raj Tekchandani, Nazeeruddin Mohammad
Network Coding - Software vulnerabilities, caused by unintentional flaws in source codes, are the main root cause of cyberattacks. Source code static analysis has been used extensively to detect the unintentional defects, i.e. vulnerabilities, introduced into the source codes by software developers. In this paper, we propose a deep learning approach to detect vulnerabilities from their LLVM IR representations based on the techniques that have been used in natural language processing. The proposed approach uses a hierarchical process to first identify source codes with vulnerabilities, and then it identifies the lines of codes that contribute to the vulnerability within the detected source codes. This proposed twostep approach reduces the false alarm of detecting vulnerable lines. Our extensive experiment on real-world and synthetic codes collected in NVD and SARD shows high accuracy (about 98\%) in detecting source code vulnerabilities 1.
Authored by Arash Mahyari
Network Coding - With the continuous development of the Internet, artificial intelligence, 5G and other technologies, various issues have started to receive attention, among which the network security issue is now one of the key research directions for relevant research scholars at home and abroad. This paper researches on the basis of traditional Internet technology to establish a security identification system on top of the network physical layer of the Internet, which can effectively identify some security problems on top of the network infrastructure equipment and solve the identified security problems on the physical layer. This experiment is to develop a security identification system, research and development in the network physical level of the Internet, compared with the traditional development of the relevant security identification system in the network layer, the development in the physical layer, can be based on the physical origin of the protection, from the root to solve part of the network security problems, can effectively carry out the identification and solution of network security problems. The experimental results show that the security identification system can identify some basic network security problems very effectively, and the system is developed based on the physical layer of the Internet network, and the protection is carried out from the physical device, and the retransmission symbol error rates of CQ-PNC algorithm and ML algorithm in the experiment are 110 and 102, respectively. The latter has a lower error rate and better protection.
Authored by Yunge Huang
Network Coding - Aiming at the problem of security transmission in the space-terrestrial integrated networks, this paper proposes a physical layer secure transmission architecture based on concatenated LT and LDPC Codes. The outer code LT code adopts real-time random sampling coding, which can form a complex random interconnection structure and fully expand the randomness. The inner code LDPC code generates different codes through the random change of cyclic shift vector, Reduce the node interconnection deterioration caused by randomization on soft decision decoding, and obtain weak randomness high-performance error correction coding through storage optimized high-performance check matrix combined with soft decision decoding. The analysis and simulation results show that the proposed security transmission method not only improves the security of transmission, but also maintains the high transmission efficiency. Therefore it can be applied to the field of secure communication.
Authored by Ruijia Yuan, Tianjiao Xie, Jianhua Zhang
Network Coding - Network Coding (NC) enabled cellular networks can be penetrated by faulty packets that deviates the target nodes from decoding packets received. Even a little amount of pollution can be very quickly spread to remaining packets because of the resource exploitation at intermediary nodes. Numerous methods for protecting against data pollution attacks have been developed in the last few years. Another popular alternative is the Homomorphic Message Authentication Code (HMAC). Hackers can target HMAC by tampering with the end-of-packet tags, known as tag pollution assaults, in order to evade detection. To prevent data pollution and tag pollution assaults, a HMAC-based method can be used using two separate MAC tags. In the 5G wireless communication, small cells and collaborative networks have been extensively investigated. The use of network coding in wireless networks can increase throughput while consuming less power. Strong integrity procedures are essential for a coding environment to combat threats like pollution assaults and take full advantage of network coding. Latency and computation overhead can be reduced while maintaining security by modifying and optimising the existing integrity algorithms. This research focuses on analysing security threats in NC enabled small cells.
Authored by Chanumolu Kumar, Nandhakumar Ramachandran, Ch Priyanka, Spandana Mande
Network Coding - We propose and investigate a novel scheme of delay attack-resistant network based on optical code division multiple access (OCDMA). The bit error rate (BER) is analyzed theoretically, and the closed expression of BER is obtained. The system has a corresponding optimal threshold to minimize the BER in different cases. At the same transmission power, the BER will decrease when the code weight increases. Furthermore, the maximum number of users is different with different code weight and transmission power. Optisystem simulation results show that OCDMA system has delay attack-resistant performance, which can effectively improve the physical layer security of optical network.
Authored by Mandong Liu, Peng Ouyang, Jianhua Ji, Ming Xu
Network Coding - This paper proposes a hybrid encryption scheme for multi-relay (MR) physical-layer network coding (PNC). Based on the three-relay (3R) bidirectional communication model, first, we discuss the throughput performance of the PNC compared with the traditional scheme (TS) and network coding (NC) system. Through the analysis of transmission efficiency, the superior throughput of the PNC system is demonstrated. Then, to further improve the security of the communication system, we give a scheme of advanced encryption standard (AES) and RivestShamir-Adleman (RSA) hybrid encryption, namely AR hybrid encryption. Finally, we embed the AR hybrid encryption into the multi-relay PNC communication system. At relay nodes of the ARPNC system, we focus on solving the problem of signal mapping. In the meantime, to reduce the performance loss caused by the increase of relay nodes, we exploit Low-Density Parity-Check (LDPC) code to enhance the decoding accuracy. The experimental results and security analysis show that the proposed scheme can boost the system throughput and transmission dependability and stronger the security of the communication system.
Authored by Yanru Yang, Meng Tang, Haihua Li, Guofeng Zeng, Jianhua Chen, Yongtao Yu