Industrial Control Systems - Machine tool is known as the mother of industry. CNC machine tool is the embodiment of modern automatic control productivity. In the context of the rapid development of the industrial Internet, a large number of equipment and systems are interconnected through the industrial Internet, realizing the flexible adaptation from the supply side to the demand side. As the a typical core system of industrial Internet, CNC system is facing the threat of industrial virus and network attack. The problem of information security is becoming more and more prominent. This paper analyzes the security risks of the existing CNC system from the aspects of terminal security, data security and network security. By comprehensively using the technologies of data encryption, identity authentication, digital signature, access control, secure communication and key management, this paper puts forward a targeted security protection and management scheme, which effectively strengthens the overall security protection ability.

Industrial Control Systems - With the introduction of the national “carbon peaking and carbon neutrality” strategic goals and the accelerated construction of the new generation of power systems, cloud applications built on advanced IT technologies play an increasingly important role in meeting the needs of digital power business. In view of the characteristics of the current power industrial control system operation support cloud platform with wide coverage, large amount of log data, and low analysis intelligence, this paper proposes a cloud platform network security behavior audit method based on FP-Growth association rule algorithm, aiming at the uniqueness of the operating data of the cloud platform that directly interacts with the isolated system environment of power industrial control system. By using the association rule algorithm to associate and classify user behaviors, our scheme formulates abnormal behavior judgment standards, establishes an automated audit strategy knowledge base, and improves the security audit efficiency of power industrial control system operation support cloud platform. The intelligent level of log data analysis enables effective discovery, traceability and management of internal personnel operational risks.

Industrial Control Systems - The Industrial Internet expands the attack surface of industrial control systems(ICS), bringing cybersecurity threats to industrial controllers located in operation technology(OT) networks. Honeypot technology is an important means to detect network attacks. However, the existing honeypot system cannot simulate business logic and is difficult to resist highly concealed APT attacks. This paper proposes a high-simulation ICS security defense framework based on virtualization technology. The framework utilizes virtualization technology to build twins for protected control systems. The architecture can infer the execution results of control instructions in advance based on actual production data, so as to discover hidden attack behaviors in time. This paper designs and implements a prototype system and demonstrates the effectiveness and potential of this architecture for ICS security.

Industrial Control Systems - The industrial Internet platform has been applied to various fields of industrial production, effectively improving the data flow of all elements in the production process, improving production efficiency, reducing production costs, and ensuring the market competitiveness of enterprises. The premise of the effective application of the industrial Internet platform is the interconnection of industrial equipment. In the industrial Internet platform, industrial robot is a very common industrial control device. These industrial robots are connected to the control network of the industrial Internet platform, which will have obvious advantages in production efficiency and equipment maintenance, but at the same time will cause more serious network security problems. The industrial robot system based on the industrial Internet platform not only increases the possibility of industrial robots being attacked, but also aggravates the loss and harm caused by industrial robots being attacked. At the same time, this paper illustrates the effects and scenarios of industrial robot attacks based on industrial interconnection platforms from four different scenarios of industrial robots being attacked. Availability and integrity are related to the security of the environment.

The rapid improvement of computer and network technology not only promotes the improvement of productivity and facilitates people s life, but also brings new threats to production and life. Cyberspace security has attracted more and more attention. Different from traditional cyberspace security, APT attacks on key networks or infrastructure, with the main goal of stealing intellectual property, confidential information or sabotage, seriously threatening the interests and security of governments, enterprises and scientific research institutions. Timely detection and blocking is particularly important. The purpose of this paper is to study the security of software supply chain in power industry based on BAS technology. The experimental data shows that Type 1 projects account for the least amount and Type 2 projects account for the highest proportion. Type 1 projects have high unit price contracts and high profits, but the number is small and the time for signing orders is long.

Due to its decentralized trust mechanism, blockchain is increasingly used as a trust intermediary for multi-party cooperation to reduce the cost and risk of maintaining centralized trust nowadays. And as the requirements for privacy and high throughput, consortium blockchain is widely used in data sharing and business cooperation in practical application scenarios. Nowadays, the protection of traditional medicine has been regarded as human intangible cultural heritage in recent years, but this kind of protection still faces the problem that traditional medicine prescriptions are unsuitable for disclosure and difficult to protect. Hyperledger is a consortium blockchain featuring authorized access, high throughput, and tamper-resistance, making it ideal for privacy protection and information depository in traditional medicine protection. This study proposes a solution for intellectual property protection of traditional medicine by using a blockchain platform to record prescription iterations and clinical trial data. The privacy and confidentiality of Hyperledger can keep intellectual property information safe and private. In addition, the author proposes to invite the Patent Offices and legal institutions to join the blockchain network, maintain users properties and issue certificates, which can provide a legal basis for rights protection when infringement occurs. Finally, the researchers have built a system corresponding to the scheme and tested the system. The test outcomes of the system can explain the usability of the system. And through the test of system throughput, under low system configuration, it can reach about 200 query operations per second, which can meet the application requirements of relevant organizations and governments.

[Purpose/meaning] In this paper, a unified scheme based on blockchain technology to realize the three modules of intellectual property confirmation, utilization, and protection of rights at the application layer is constructed, to solve the problem of unbalanced and inadequate resource distribution and development level in the field of industrial intellectual property. [Method/process] Based on the application of the core technology of blockchain in the field of intellectual property, this paper analyzes the pain points in the current field of intellectual property, and selects matching blockchain types according to the protection of intellectual property and the different decisions involved in the transaction process, to build a heterogeneous multi-chain model based on blockchain technology. [Conclusion] The heterogeneous multi-chain model based on Polkadot[1] network is proposed to realize the intellectual property protection scheme of a heterogeneous multi-chain model, to promote collaborative design and product development between regions, and to make up for the shortcomings of technical exchange, and weaken the phenomenon of "information island" in a certain extent. [Limitation/deficiency] The design of smart contracts in the field of intellectual property, the development of cross-chain protocols, and the formulation of national standards for blockchain technology still need to be developed and improved. At the same time, the intellectual property protection model designed in this paper needs to be verified in the application of practical cases.

Nowadays, the popularity of intelligent terminals makes malwares more and more serious. Among the many features of application, the call graph can accurately express the behavior of the application. The rapid development of graph neural network in recent years provides a new solution for the malicious analysis of application using call graphs as features. However, there are still problems such as low accuracy. This paper established a large-scale data set containing more than 40,000 samples and selected the class call graph, which was extracted from the application, as the feature and used the graph embedding combined with the deep neural network to detect the malware. The experimental results show that the accuracy of the detection model proposed in this paper is 97.7\%; the precision is 96.6\%; the recall is 96.8\%; the F1-score is 96.4\%, which is better than the existing detection model based on Markov chain and graph embedding detection model.

The rapid development of network information technology, individual’s information networks security has become a very critical issue in our daily life. Therefore, it is necessary to study the malware propagation model system. In this paper, the traditional integer order malware propagation model system is extended to the field of fractional-order. Then we analyze the asymptotic stability of the fractional-order malware propagation model system when the equilibrium point is the origin and the time delay is 0. Next, the asymptotic stability and bifurcation analysis of the fractional-order malware propagation model system when the equilibrium point is the origin and the time delay is not 0 are carried out. Moreover, we study the asymptotic stability of the fractional-order malware propagation model system with an interior equilibrium point. In the end, so as to verify our theoretical results, many numerical simulations are provided.

This paper provides an end-to-end solution to defend against known microarchitectural attacks such as speculative execution attacks, fault-injection attacks, covert and side channel attacks, and unknown or evasive versions of these attacks. Current defenses are attack specific and can have unacceptably high performance overhead. We propose an approach that reduces the overhead of state-of-art defenses by over 95%, by applying defenses only when attacks are detected. Many current proposed mitigations are not practical for deployment; for example, InvisiSpec has 27% overhead and Fencing has 74% overhead while protecting against only Spectre attacks. Other mitigations carry similar performance penalties. We reduce the overhead for InvisiSpec to 1.26% and for Fencing to 3.45% offering performance and security for not only spectre attacks but other known transient attacks as well, including the dangerous class of LVI and Rowhammer attacks, as well as covering a large set of future evasive and zero-day attacks. Critical to our approach is an accurate detector that is not fooled by evasive attacks and that can generalize to novel zero-day attacks. We use a novel Generative framework, Evasion Vaccination (EVAX) for training ML models and engineering new security-centric performance counters. EVAX significantly increases sensitivity to detect and classify attacks in time for mitigation to be deployed with low false positives (4 FPs in every 1M instructions in our experiments). Such performance enables efficient and timely mitigations, enabling the processor to automatically switch between performance and security as needed.

The security of Energy Data collection is the basis of achieving reliability and security intelligent of smart grid. The newest security communication of Data collection is Zero Trust communication; The Strategy of Zero Trust communication is that don’t trust any device of outside or inside. Only that device authenticate is successful and software and hardware is more security, the Energy intelligent power system allow the device enroll into network system, otherwise deny these devices. When the device has been communicating with the Energy system, the Zero Trust still need to detect its security and vulnerability, if device have any security issue or vulnerability issue, the Zero Trust deny from network system, it ensures that Energy power system absolute security, which lays a foundation for the security analysis of intelligent power unit.

Under the situation of regular epidemic prevention and control, teleworking has gradually become a normal working mode. With the development of modern information technologies such as big data, cloud computing and mobile Internet, it's become a problem that how to build an effective security defense system to ensure the information security of teleworking in complex network environment while ensuring the availability, collaboration and efficiency of teleworking. One of the solutions is Zero Trust Network(ZTN), most enterprise infrastructures will operate in a hybrid zero trust/perimeter-based mode while continuing to invest in IT modernization initiatives and improve organization business processes. In this paper, we have systematically studied the zero trust principles, the logical components of zero trust architecture and the key technology of zero trust network. Based on the abstract model of zero trust architecture and information security technologies, a prototype has been realized which suitable for iOS terminals to access enterprise resources safely in teleworking mode.

Wireless mesh networks are increasingly deployed as a flexible and low-cost alternative for providing wireless services for a variety of applications including community mesh networking, medical applications, and disaster ad hoc communications, sensor and IoT applications. However, challenges remain such as interference, contention, load imbalance, and congestion. To address these issues, previous work employ load adaptive routing based on load sensitive routing metrics. On the other hand, such approach does not immediately improve network performance because the load estimates used to choose routes are themselves affected by the resulting routing changes in a cyclical manner resulting to oscillation. Although this is not a new phenomenon and has been studied in wired networks, it has not been investigated extensively in wireless mesh and/or sensor networks. We present these instabilities and how they pose performance, security, and energy issues to these networks. Accordingly, we present a feedback-aware mapping system called FARM that handles these instabilities in a manner analogous to a control system with feedback control. Results show that FARM stabilizes routes that improves network performance in throughput, delay, energy efficiency, and security.

The Internet of Things (IoT) continuously grows as applications require connectivity and sensor networks are being deployed in multiple application domains. With the increased applicability demand, the need for testing and development frameworks also increases. This paper presents a novel simulation framework for testing IPv6 over Low Power Wireless Personal Networks (6LoWPAN) networks using the Mininet-WiFi simulator. The goal of the simulation framework is to allow easier automation testing of large-scale networks and to also allow easy configuration. This framework is a starting point for many development scenarios targeting traffic management, Quality of Service (QoS) or security network features. A basic smart city simulation is presented which demonstrates the working principles of the framework.

With the rapid development of the Internet of Things (IoT), a large amount of data is exchanged between various communicating devices. Since the data should be communicated securely between the communicating devices, the network security is one of the dominant research areas for the 6LoWPAN IoT applications. Meanwhile, 6LoWPAN devices are vulnerable to attacks inherited from both the wireless sensor networks and the Internet protocols. Thus intrusion detection systems have become more and more critical and play a noteworthy role in improving the 6LoWPAN IoT networks. However, most intrusion detection systems focus on the attacked areas in the IoT networks instead of precisely on certain IoT nodes. This may lead more resources to further detect the compromised nodes or waste resources when detaching the whole attacked area. In this paper, we therefore proposed a new precisional detection strategy for 6LoWPAN Networks, named as PDS-6LoWPAN. In order to validate the strategy, we evaluate the performance and applicability of our solution with a thorough simulation by taking into account the detection accuracy and the detection response time.

Due to the widespread use of the Internet of Things (IoT) in recent years, the need for IoT technologies to handle communications with the rest of the globe has grown dramatically. Wireless sensor networks (WSNs) play a vital role in the operation of the IoT. The creation of Internet of Things operating systems (OS), which can handle the newly constructed IoT hardware, as well as new protocols and procedures for all communication levels, all of which are now in development, will pave the way for the future. When compared to other devices, these gadgets require a comparatively little amount of electricity, memory, and other resources. This has caused the scientific community to become more aware of the relevance of IoT device operating systems as a result of their findings. These devices may be made more versatile and powerful by including an operating system that contains real-time capabilities, kernel, networking, and other features, among other things. IEEE 802.15.4 networks are linked together using IPv6, which has a wide address space and so enables more devices to connect to the internet using the 6LoWPAN protocol. It is necessary to address some privacy and security issues that have arisen as a result of the widespread use of the Internet, notwithstanding the great benefits that have resulted. For the Internet of Things operating systems, this research has provided a network security architecture that ensures secure communication by utilizing the Cooja network simulator in combination with the Contiki operating system and demonstrate and explained how the nodes can protect from the network layer and physical layer attacks. Also, this research has depicted the energy consumption results of each designated node type during the authentication and communication process. Finally, proposed a few further improvements for the architecture which will enhance the network layer protection.

The most widely used protocol for routing across the 6LoWPAN stack is the Routing Protocol for Low Power and Lossy (RPL) Network. However, the RPL lacks adequate security solutions, resulting in numerous internal and external security vulnerabilities. There is still much research work left to uncover RPL's shortcomings. As a result, we first implement the worst parent selection (WPS) attack in this paper. Second, we offer an intrusion detection system (IDS) to identify the WPS attack. The WPS attack modifies the victim node's objective function, causing it to choose the worst node as its preferred parent. Consequently, the network does not achieve optimal convergence, and nodes form the loop; a lower rank node selects a higher rank node as a parent, effectively isolating many nodes from the network. In addition, we propose DWA-IDS as an IDS for detecting WPS attacks. We use the Contiki-cooja simulator for simulation purposes. According to the simulation results, the WPS attack reduces system performance by increasing packet transmission time. The DWA-IDS simulation results show that our IDS detects all malicious nodes that launch the WPS attack. The true positive rate of the proposed DWA-IDS is more than 95%, and the detection rate is 100%. We also deliberate the theoretical proof for the false-positive case as our DWA-IDS do not have any false-positive case. The overhead of DWA-IDS is modest enough to be set up with low-power and memory-constrained devices.

The Internet of Things (IoT) is a technology that has evolved to make day-to-day life faster and easier. But with the increase in the number of users, the IoT network is prone to various security and privacy issues. And most of these issues/attacks occur during the routing of the data in the IoT network. Therefore, for secure routing among resource-constrained nodes of IoT, the RPL protocol has been standardized by IETF. But the RPL protocol is also vulnerable to attacks based on resources, topology formation and traffic flow between nodes. The attacks like DoS, Blackhole, eavesdropping, flood attacks and so on cannot be efficiently defended using RPL protocol for routing data in IoT networks. So, defense mechanisms are used to protect networks from routing attacks. And are classified into Secure Routing Protocols (SRPs) and Intrusion Detection systems (IDs). This paper gives an overview of the RPL attacks and the defense mechanisms used to detect or mitigate the RPL routing attacks in IoT networks.

Although 6LoWPAN has brought about a revolutionary leap in networking for Low-power Lossy Networks, challenges still exist, including security concerns that are yet to answer. The most common type of attack on 6LoWPANs is the network layer, especially routing attacks, since the very members of a 6LoWPAN network have to carry out packet forwarding for the whole network. According to the initial purpose of IoT, these nodes are expected to be resource-deficient electronic devices with an utterly stochastic time pattern of attachment or detachment from a network. This issue makes preserving their authenticity or identifying their malignity hard, if not impossible. Since 6LoWPAN is a successor and a hybrid of previously developed wireless technologies, it is inherently prone to cyber-attacks shared with its predecessors, especially Wireless Sensor Networks (WSNs) and WPANs. On the other hand, multiple attacks have been uniquely developed for 6LoWPANs due to the unique design of the network layer protocol of 6LoWPANs known as RPL. While there exist publications about attacks on 6LoWPANs, a comprehensive survey exclusively on RPL-specific attacks is felt missing to bold the discrimination between the RPL-specific and non-specific attacks. Hence, the urge behind this paper is to gather all known attacks unique to RPL in a single volume.

In today's society, with the continuous development of artificial intelligence, artificial intelligence technology plays an increasingly important role in social and economic development, and hass become the fastest growing, most widely used and most influential high-tech in the world today one. However, at the same time, information technology has also brought threats to network security to the entire network world, which makes information systems also face huge and severe challenges, which will affect the stability and development of society to a certain extent. Therefore, comprehensive analysis and research on information system security is a very necessary and urgent task. Through the security assessment of the information system, we can discover the key hidden dangers and loopholes that are hidden in the information source or potentially threaten user data and confidential files, so as to effectively prevent these risks from occurring and provide effective solutions; at the same time To a certain extent, prevent virus invasion, malicious program attacks and network hackers' intrusive behaviors. This article adopts the experimental analysis method to explore how to apply the most practical, advanced and efficient artificial intelligence theory to the information system security assessment management, so as to further realize the optimal design of the information system security assessment management system, which will protect our country the information security has very important meaning and practical value. According to the research results, the function of the experimental test system is complete and available, and the security is good, which can meet the requirements of multi-user operation for security evaluation of the information system.

Cyberspace is the fifth largest activity space after land, sea, air and space. Safeguarding Cyberspace Security is a major issue related to national security, national sovereignty and the legitimate rights and interests of the people. With the rapid development of artificial intelligence technology and its application in various fields, cyberspace security is facing new challenges. How to help the network security personnel grasp the security trend at any time, help the network security monitoring personnel respond to the alarm information quickly, and facilitate the tracking and processing of the monitoring personnel. This paper introduces a method of using situational awareness micro application actual combat attack and defense robot to quickly feed back the network attack information to the monitoring personnel, timely report the attack information to the information reporting platform and automatically block the malicious IP.

Artificial intelligence is a subfield of computer science that refers to the intelligence displayed by machines or software. The research has influenced the rapid development of smart devices that have a significant impact on our daily lives. Science, engineering, business, and medicine have all improved their prediction powers in order to make our lives easier in our daily tasks. The quality and efficiency of regions that use artificial intelligence has improved, as shown in this study. It successfully handles data organisation and environment difficulties, allowing for the development of a more solid and rigorous model. The pace of life is quickening in the digital age, and the PC Internet falls well short of meeting people’s needs. Users want to be able to get convenient network information services at any time and from any location

Several excellent devices can communicate without the need for human intervention. It is one of the fastest-growing sectors in the history of computing, with an estimated 50 billion devices sold by the end of 2020. On the one hand, IoT developments play a crucial role in upgrading a few simple, intelligent applications that can increase living quality. On the other hand, the security concerns have been noted to the cross-cutting idea of frameworks and the multidisciplinary components connected with their organization. As a result, encryption, validation, access control, network security, and application security initiatives for gadgets and their inherent flaws cannot be implemented. It should upgrade existing security measures to ensure that the ML environment is sufficiently protected. Machine learning (ML) has advanced tremendously in the last few years. Machine insight has evolved from a research center curiosity to a sensible instrument in a few critical applications.

Transformer is the key equipment of power system, and its stable operation is very important to the security of power system In practical application, with the progress of technology, the performance of transformer becomes more and more important, but faults also occur from time to time in practical application, and the traditional manual fault diagnosis needs to consume a lot of time and energy. At present, the rapid development of artificial intelligence technology provides a new research direction for timely and accurate detection and treatment of transformer faults. In this paper, a method of transformer fault diagnosis using artificial neural network is proposed. The neural network algorithm is used for off-line learning and training of the operation state data of normal and fault states. By adjusting the relationship between neuron nodes, the mapping relationship between fault characteristics and fault location is established by using network layer learning, Finally, the reasoning process from fault feature to fault location is realized to realize intelligent fault diagnosis.

Intelligent transportation systems, such as connected vehicles, are able to establish real-time, optimized and collision-free communication with the surrounding ecosystem. Introducing the internet of things (IoT) in connected vehicles relies on deployment of massive scale sensors, actuators, electronic control units (ECUs) and antennas with embedded software and communication technologies. Combined with the lack of designed-in security for sensors and ECUs, this creates challenges for security engineers and architects to identify, understand and analyze threats so that actions can be taken to protect the system assets. This paper proposes a novel STRIDE-based threat model for IoT sensors in connected vehicle networks aimed at addressing these challenges. Using a reference architecture of a connected vehicle, we identify system assets in connected vehicle sub-systems such as devices and peripherals that mostly involve sensors. Moreover, we provide a prioritized set of security recommendations, with consideration to the feasibility and deployment challenges, which enables practical applicability of the developed threat model to help specify security requirements to protect critical assets within the sensor network.