Network on Chip Security - IoT technology is finding new applications every day and everywhere in our daily lives. With that, come new use cases with new challenges in terms of device and data security. One of such challenges arises from the fact that many IoT devices/nodes are no longer being deployed on owners’ premises, but rather on public or private property other than the owner’s. With potential physical access to the IoT node, adversaries can launch many attacks that circumvent conventional protection methods. In this paper, we propose Secure SoC (SecSoC), a secure system-on-chip architecture that mitigates such attacks. This include logical memory dump attacks, bus snooping attacks, and compromised operating systems. SecSoC relies on two main mechanisms, (1) providing security extensions to the compute engine that runs the user application without changing its instruction set, (2) adding a security management unit (SMU) that provide HW security primitives for encryption, hashing, random number generators, and secrets store (keys, certificates, etc.). SecSoC ensures that no secret or sensitive data can leave the SoC IC in plaintext. SecSoC is being implemented in Bluespec SystemVerilog. The experimental results will reveal the area, power, and cycle time overhead of these security extensions. Overall performance (total execution time) will also be evaluated using IoT benchmarks.

Network on Chip Security - The Network-on-Chip (NoC) is the communication heart in Multiprocessors System-on-Chip (MPSoC). It offers an efficient and scalable interconnection platform, which makes it a focal point of potential security threats. Due to outsourcing design, the NoC can be infected with a malicious circuit, known as Hardware Trojan (HT), to leak sensitive information or degrade the system’s performance and function. An HT can form a security threat by consciously dropping packets from the NoC, structuring a Black Hole Router (BHR) attack. This paper presents an end-to-end secure interconnection network against the BHR attack. The proposed scheme is energy-efficient to detect the BHR in runtime with 1\% and 2\% average throughput and energy consumption overheads, respectively.

Network on Chip Security - Coarse-Grained Reconfigurable Arrays (CGRA) implemented using FPGA are widely applied due to the portability and compatibility. As an evolvable hardware (EHW) platform, it also faces hardware security problems, among which hardware Trojans (HTs) is the most prominent threat. HTs are malicious hardware components. Once implanted in the route units (RUs) of the network-on-chip (NoC) in CGRA, it will leak confidential information or destroy the entire system. However, few studies have focused on HT mitigation in RUs of NoC in CGRA. To this end, we present an evolutionary algorithm (EA)-based method to mitigate HT attacks in NoC of CGRA. Specifically, we employ the EA to explore generating the circuit structures that do not contain HT-infected RUs. In the simulation experiments built using Python, this paper reports the experimental results for two target evolutionary circuits in NoC and outlines the effectiveness of the proposed method.

Network Intrusion Detection - Aiming at the problems of low detection accuracy, high false detection rate and high missed detection rate of traditional Intelligent Substation (I-S) secondary system network Intrusion Detection (I-D) methods, a semantic enhanced network I-D method for I-S secondary system is proposed. First of all, through the analysis of the secondary system network of I-S and the existing security risks, the information network security protection architecture is built based on network I-D. Then, the overall structure of I-S secondary network I-D is constructed by integrating CNN and BiLSTM. Finally, the semantic analysis of Latent Dirichlet Allocation (LDA) is introduced to enhance the network I-D model, which greatly improves the detection accuracy. The proposed method is compared with the other two methods under the same conditions through simulation experiments. The results show that the detection accuracy of the proposed method is the highest (95.02\%) in the face of 10 different types of attack traffic, and the false detection rate and missed detection rate are the lowest (1.3\% and 3.8\% respectively). The algorithm performance is better than the other three comparison algorithms.

Network Intrusion Detection - With the continuous development of deep learning technology, the phenolic model of intrusion detection based on deep learning has become a research hotspot. Traditional network attack detection mainly relies on static rules to detect network behavior, so it is difficult to dynamically adapt to the continuous development of network attacks. While deep learning technology is more and more used in the field of security, the text is based on deep learning classification network to design intrusion detection classification model. The appropriate data processing technology is used to preprocess the original intrusion data, and the processed data is used to train the network model. Finally, the performance of the model is tested to achieve high classification accuracy.

Network Intrusion Detection - Network intrusion detection technology has been a popular application technology for current network security, but the existing network intrusion detection technology in the application process, there are problems such as low detection efficiency, low detection accuracy and other poor detection performance. To solve the above problems, a new treatment combining artificial intelligence with network intrusion detection is proposed. Artificial intelligence-based network intrusion detection technology refers to the application of artificial intelligence techniques, such as: neural networks, neural algorithms, etc., to network intrusion detection, and the application of these artificial intelligence techniques makes the automatic detection of network intrusion detection models possible.

Network Intrusion Detection - Intrusion detection is important in the defense in depth network security framework and a hot topic in computer network security in recent years. In this paper, an effective method for anomaly intrusion detection with low overhead and high efficiency is presented and applied to monitor the abnormal behavior of processes. The method is based on rough set theory and capable of extracting a set of detection rules with the minimum size to form a normal behavior model from the record of system call sequences generated during the normal execution of a process. Based on the network security knowledge base system, this paper proposes an intrusion detection model based on the network security knowledge base system, including data filtering, attack attempt analysis and situation assessment engine. In this model, evolutionary self organizing mapping is used to discover multi - target attacks of the same origin; The association rules obtained by time series analysis method are used to correlate online alarm events to identify complex attacks scattered in time; Finally, the corresponding evaluation indexes and corresponding quantitative evaluation methods are given for host level and LAN system level threats respectively. Compared with the existing IDS, this model has a more complete structure, richer knowledge available, and can more easily find cooperative attacks and effectively reduce the false positive rate.

Network Intrusion Detection - Under the background of the continuous improvement of Chinese social modernization and development level and the comprehensive popularization of information technology, data mining technology is becoming more and more widely used, but the corresponding network security problems occur frequently, which causes serious constraints to the improvement of data mining technology level.Therefore, this paper analyzes the simulation measures of cloud computing network security intrusion detection model based on data mining technology, to ensure that under the cloud computing environment, network intrusion effectively prevents concealment, degeneration, unpredictable, effectively realize the real-time monitoring network intrusion target, and improve the application value of relevant technologies.

Network Intrusion Detection - With the development of computing technology, data security and privacy protection have also become the focus of researchers; along with this comes the issue of network link security and reliability, and these issues have become the focus of discussion when studying network security. Intrusion detection is an effective means to assist in network malicious traffic detection and maintain network stability; to meet the ever-changing demand for network traffic identification, intrusion detection models have undergone a transformation from traditional intrusion detection models to machine learning intrusion detection models to deep intrusion detection models. The efficiency and superiority of deep learning have been proven in fields such as image processing, but there are still some problems in the field of network security intrusion detection: the models are not targeted when processing data, the models have poor generalization ability, etc. The combinatorial neural network proposed in this paper can effectively propose a solution to the problems of existing models, and the CL-IDS model proposed in this paper has a better performance on the KDDCUP99 dataset as demonstrated by relevant experiments.

Network Coding - Precise binary code vulnerability detection is a significant research topic in software security. Currently, the majority of software is released in binary form, and the corresponding vulnerability detection approaches for binary code are desired. Existing deep learning-based detection techniques can only detect binary code vulnerabilities but cannot precisely identify the types of vulnerabilities. This paper proposes a Binary code-based Hybrid neural network for Multiclass Vulnerability Detection, dubbed BHMVD. BHMVD generates binary slices according to the control dependence and data dependence of library/API function calls, and then extracts syntax features from binary slices to generate type slices, which can help identify vulnerability types. This paper uses a hybrid neural network of CNN-BLSTM to extract vulnerability features from binary and type slices. The former extracts local features, while the latter extracts global features. Experiment results on 19 types of vulnerabilities show that BHMVD is effective for binary code-based multiclass vulnerability detection, and using a hybrid neural network can improve detection ability.

Network Coding - Unmanned Aerial Vehicles (UAVs) are drawing enormous attention in both commercial and military applications to facilitate dynamic wireless communications and deliver seamless connectivity due to their flexible deployment, inherent line-ofsight (LOS) air-to-ground (A2G) channels, and high mobility. These advantages, however, render UAV-enabled wireless communication systems susceptible to eavesdropping attempts. Hence, there is a strong need to protect the wireless channel through which most of the UAV-enabled applications share data with each other. There exist various error correction techniques such as Low Density Parity Check (LDPC), polar codes that provide safe and reliable data transmission by exploiting the physical layer but require high transmission power. Also, the security gap achieved by these error-correction techniques must be reduced to improve the security level. In this paper, we present deep learning (DL) enabled punctured LDPC codes to provide secure and reliable transmission of data for UAVs through the Additive White Gaussian Noise (AWGN) channel irrespective of the computational power and channel state information (CSI) of the Eavesdropper. Numerical result analysis shows that the proposed scheme reduces the Bit Error Rate (BER) at Bob effectively as compared to Eve and the Signal to Noise Ratio (SNR) per bit value of 3.5 dB is achieved at the maximum threshold value of BER. Also, the security gap is reduced by 47.22 \% as compared to conventional LDPC codes.

Network Coding - With the continuous development of the Internet, artificial intelligence, 5G and other technologies, various issues have started to receive attention, among which the network security issue is now one of the key research directions for relevant research scholars at home and abroad. This paper researches on the basis of traditional Internet technology to establish a security identification system on top of the network physical layer of the Internet, which can effectively identify some security problems on top of the network infrastructure equipment and solve the identified security problems on the physical layer. This experiment is to develop a security identification system, research and development in the network physical level of the Internet, compared with the traditional development of the relevant security identification system in the network layer, the development in the physical layer, can be based on the physical origin of the protection, from the root to solve part of the network security problems, can effectively carry out the identification and solution of network security problems. The experimental results show that the security identification system can identify some basic network security problems very effectively, and the system is developed based on the physical layer of the Internet network, and the protection is carried out from the physical device, and the retransmission symbol error rates of CQ-PNC algorithm and ML algorithm in the experiment are 110 and 102, respectively. The latter has a lower error rate and better protection.

Network Coding - Aiming at the problem of security transmission in the space-terrestrial integrated networks, this paper proposes a physical layer secure transmission architecture based on concatenated LT and LDPC Codes. The outer code LT code adopts real-time random sampling coding, which can form a complex random interconnection structure and fully expand the randomness. The inner code LDPC code generates different codes through the random change of cyclic shift vector, Reduce the node interconnection deterioration caused by randomization on soft decision decoding, and obtain weak randomness high-performance error correction coding through storage optimized high-performance check matrix combined with soft decision decoding. The analysis and simulation results show that the proposed security transmission method not only improves the security of transmission, but also maintains the high transmission efficiency. Therefore it can be applied to the field of secure communication.

Network Coding - Network Coding (NC) enabled cellular networks can be penetrated by faulty packets that deviates the target nodes from decoding packets received. Even a little amount of pollution can be very quickly spread to remaining packets because of the resource exploitation at intermediary nodes. Numerous methods for protecting against data pollution attacks have been developed in the last few years. Another popular alternative is the Homomorphic Message Authentication Code (HMAC). Hackers can target HMAC by tampering with the end-of-packet tags, known as tag pollution assaults, in order to evade detection. To prevent data pollution and tag pollution assaults, a HMAC-based method can be used using two separate MAC tags. In the 5G wireless communication, small cells and collaborative networks have been extensively investigated. The use of network coding in wireless networks can increase throughput while consuming less power. Strong integrity procedures are essential for a coding environment to combat threats like pollution assaults and take full advantage of network coding. Latency and computation overhead can be reduced while maintaining security by modifying and optimising the existing integrity algorithms. This research focuses on analysing security threats in NC enabled small cells.

Network Coding - We propose and investigate a novel scheme of delay attack-resistant network based on optical code division multiple access (OCDMA). The bit error rate (BER) is analyzed theoretically, and the closed expression of BER is obtained. The system has a corresponding optimal threshold to minimize the BER in different cases. At the same transmission power, the BER will decrease when the code weight increases. Furthermore, the maximum number of users is different with different code weight and transmission power. Optisystem simulation results show that OCDMA system has delay attack-resistant performance, which can effectively improve the physical layer security of optical network.

Network Coding - This paper proposes a hybrid encryption scheme for multi-relay (MR) physical-layer network coding (PNC). Based on the three-relay (3R) bidirectional communication model, first, we discuss the throughput performance of the PNC compared with the traditional scheme (TS) and network coding (NC) system. Through the analysis of transmission efficiency, the superior throughput of the PNC system is demonstrated. Then, to further improve the security of the communication system, we give a scheme of advanced encryption standard (AES) and RivestShamir-Adleman (RSA) hybrid encryption, namely AR hybrid encryption. Finally, we embed the AR hybrid encryption into the multi-relay PNC communication system. At relay nodes of the ARPNC system, we focus on solving the problem of signal mapping. In the meantime, to reduce the performance loss caused by the increase of relay nodes, we exploit Low-Density Parity-Check (LDPC) code to enhance the decoding accuracy. The experimental results and security analysis show that the proposed scheme can boost the system throughput and transmission dependability and stronger the security of the communication system.

Network Coding - This paper introduces a method to improve the transmission model of BigNum network coding. The main contents include the research status of network coding, the principle of BigNum network coding, the security problems existing in the existing technology, the new coding matrix proposed for the problem, the beneficial effect of the new matrix and comparison. In this paper, to improve the security of BigNum network coding, we propose two new coding matrix forms: random number matrix and Fibonacci generation matrix. We also give a proof of the invertibility of Fibonacci generate matrix.

Network Coding - Network coding is getting wider and wider applications. Among which, many studies aim to leverage network coding to improve network security. However, a clear security classification and hierarchy is still missing so far. By classifying and articulating existing schemes, this paper proposed a security hierarchy of network coding system for the community. Four security grades: basic security, weak security, perfect security, and strong security, are tiered with different security strength. The tenet and implementation of them are expounded. The hierarchy helps delineate, classify, and differentiate secure network coding.

Network Accountability - Important for cloud services the cloud computing share throw multiple clients , and it is more important to allocate resources for cloud service provider , cloud computing is an infrastructure that provides on demand network services , in relation , the most important feature of the cloud services is that user’s data are hosted in remote . While taking benefit of this new emerging technology, users’ fear of losing command of their own data, is becoming a noteworthy hurdle to the extensive implementation of cloud services. Cloud service provider module is to process data owner request for storing data files and application and provides cloud users log details to data owner for audit purpose, to address this problem framework based on information accountability to keep track and trial of the authentic handling of the users’ data in the cloud. The system proposed that the Data can be fully tracked by the owner and follow up the service agreements by depending on many items which access, usage control and management.

Named Data Network Security - Design of the English APP security verification framework based on fusion IP-Address-MAC data features is studied in the paper. APP is named the client application, including third-party applications on PCs and mobile terminals, that is, smartphones. At present, Praat has become a software commonly used by researchers in the world of experimental phonetics, linguistics, language investigation, language processing and other related fields. Under this background, our target is selected to be the English AP. For the design of the framework, node forms a corresponding topology table according to the neighbor list detected by itself and the topology information obtained from the received TC message. To deal with the challenge of the high robustness, the IP and MAC data analysis are both considered. Through the data collection, processing and the further fusion, the comprehensive system is implemented. The proposed model is tested under different testing scenarios.

Named Data Network Security - Internet of Things (IoT) is becoming an important approach to accomplish healthcare monitoring where critical medical data retrieval is essential in a secure and private manner. Nevertheless, IoT devices have constrained resources. Therefore, acquisition of efficient, secure and private data is very challenging. The current research on applying architecture of Named Data Networking (NDN) to IoT design reveals very promising results. Therefore, we are motivated to combine NDN and IoT, which we call NDN-IoT architecture, for a healthcare application. Inspired by the idea, we propose a healthcare monitoring groundwork integrating NDN concepts into IoT in Contiki NG OS at the network layer that we call µNDN as it is a micro and light-weight implementation. We quantitatively explore the usage of the NDN-IoT approach to understand its efficiency for medical data retrieval. Reliability and delay performances were evaluated and analyzed for a remote health application. Our results, in this study, show that the µNDN architecture performs better than IP architecture when retrieving medical data. Thus, it is worth exploring the µNDN architecture further.

Named Data Network Security - This article provides an overview of the security of VANET, which is a vehicle network. When reviewing this topic, publications of various researchers were considered. The article provides information security requirements for VANET, an overview of security research, an overview of existing attacks, methods for detecting attacks and appropriate countermeasures against such threats.

Named Data Network Security - In networking, the data transmission rate is the coreelement to measure the network performance capability. A stable network infrastructure should support high transmission capacity with guaranteed network quality. In Named Data Networking (NDN), the performance of producer has been a hot topic to be discussed due to its transmission challenges. Hence in this paper, an analysis of transmission delay for single and multiple producers are discussed in detail. The simulation of network transmission delay for single producer and multiple producers is carried out using ndnSIM simulator. The factors that impacting network transmissions, such as sequence number and retransmission times are highlighted. The simulation results provide acceptable data to assist the development of more complextopology for NDN producers.

Named Data Network Security - This research focuses on the interest flooding attack model and its impact on the consumer in the Named Data Networking (NDN) architecture. NDN is a future internet network architecture has advantages compared to the current internet architecture. The NDN communication model changes the communication paradigm from a packet delivery model based on IP addresses to names. Data content needed is not directly taken from the provider but stored in a distributed manner on the router. Other consumer request data can served by nearest router. It will increase the speed of data access and reduce delay. The changes communication model also have an impact on the existing security system. One attack that may occur is the threat of a denial of service (DoS) known as an interest flooding attack. This attack makes the network services are being unavailable. This paper discussed examining the interest flooding attack model that occurred and its impact on the performance of NDN. The result shows that interest flooding attacks can decrease consumer satisfied interest.

Named Data Network Security - Named Data Networking (NDN) is a network with a future internet architecture that changes the point of view in networking from host-centric to data-centric. Named data networking provides a network system where the routing system is no longer dependent on traditional IP. Network packets are routed through nodes by name. When many manufacturers produce packages with different names for several consumers, routing with load balancing is necessary. The case study carried out is to conduct a simulation by connecting all UIN campuses into a topology with the name UIN Topology in Indonesia, using several scenarios to describe the effectiveness of the load balancer on the UIN topology in Indonesia. This study focuses on load balancer applications to reduce delays in Named Data Networking (NDN), the topology of UIN in Indonesia.