Current Issue : April - June Volume : 2021 Issue Number : 2 Articles : 5 Articles
Based on the research of business continuity and information security of the Internet of Things (IoT), a key business node identification model for the Internet of Things security is proposed. First, the business nodes are obtained based on the business process, and the importance decision matrix of business nodes is constructed by quantifying the evaluation attributes of nodes. Second, the attribute weights are improved by the analytic hierarchy process (AHP) and entropy weighting method from subjective and objective dimensions to form the combination weight decision matrix, and the analytic hierarchy process and entropy weighting VIKOR (AE-VIKOR) method are used to calculate the business node importance coefficient to identify the key nodes. Finally, according to the NSL-KDD dataset, the network security events of IoT network intrusion detection based on machine learning are monitored purposefully, and after the information security event occurs in the smart mobile phone, which impacts through IoT on the business system, the impact of the key business node on business continuity is analyzed, and the business continuity risk value is calculated to evaluate the business risk to prove the effectiveness of the model. The experimental results of the civil aviation departure business show that the AE-VIKOR method can effectively identify key business node, and the impact of the key business node on business continuity is analyzed, which further proves the efficiency and accuracy of the model in identifying the key business node....
With the development of wireless rechargeable sensor networks (WRSNs ), security issues of WRSNs have attracted more attention from scholars around the world. In this paper, a novel epidemic model, SILS(Susceptible, Infected, Low-energy, Susceptible), considering the removal, charging and reinfection process of WRSNs is proposed. Subsequently, the local and global stabilities of disease-free and epidemic equilibrium points are analyzed and simulated after obtaining the basic reproductive number R0. Detailedly, the simulations further reveal the unique characteristics of SILS when it tends to being stable, and the relationship between the charging rate and R0. Furthermore, the attack-defense game between malware and WRSNs is constructed and the optimal strategies of both players are obtained. Consequently, in the case of R0 < 1 and R0 > 1, the validity of the optimal strategies is verified by comparing with the non-optimal control group in the evolution of sensor nodes and accumulated cost....
Industrial control systems (ICS) involve many key industries, which once attacked will cause heavy losses. However, traditional passive defense methods of cybersecurity have difficulty effectively dealing with increasingly complex threats; a knowledge graph is a new idea to analyze and process data in cybersecurity analysis. We propose a novel overall framework of data-driven industrial control network security defense, which integrated fragmented multisource threat data with an industrial network layout by a cybersecurity knowledge graph. In order to better correlate data to construct a knowledge graph, we propose a distant supervised relation extraction model ResPCNN-ATT; it is based on a deep residual convolutional neural network and attention mechanism, reduces the influence of noisy data in distant supervision, and better extracts deep semantic features in sentences by using deep residuals. We empirically demonstrate the performance of the proposed method in the field of general cybersecurity by using dataset CSER; the model proposed in this paper achieves higher accuracy than other models. And then, the dataset ICSER was used to construct a cybersecurity knowledge graph (CSKG) on the basis of analyzing specific industrial control scenarios, visualizing the knowledge graph for further security analysis to the industrial control system....
Aiming at the security problems caused by the access of a large number of new advanced metering system (AMI) equipment and the rapid growth of new business data interaction volume and interaction frequency, a lightweight data security protection method for power Internet of things (IoT) is proposed. Firstly, based on the “cloud-edge-end” AMI system architecture, a multilevel anonymous authentication method is proposed to reduce the complexity of low-end equipment access without reauthentication when smart meters and other devices access the system. Then, when fully homomorphic encryption is used for data encryption transmission, the lightweight packet recombination protocol is introduced, the lightweight hash function is used to reduce the calculation cost, and the sliding address window mechanism is used to reduce the packet loss rate. Finally, improved secure multiparty computing (SMPC) is used to achieve frequency hopping data aggregation, using shared key to calculate local shared value for key update, reducing data interaction between massive devices and AMI cloud security server, and improving broadband utilization in data aggregation process. The experiment results indicate that the proposed method obtained better utilization in bandwidth and shorter average data collection completion time. Besides, the proposed method can ensure the information security in the interaction process....
5G applications face security risks due to the new technology used and the performance requirements of the specific application scenario. This paper analyzes the security requirements and presents hierarchical solutions for stakeholders to build secure 5G applications. First, we summarize the technical characteristics and typical usage scenarios of 5G. Then, we analyze the security and privacy risks faced by 5G applications and related security standards and research work. Next, we give the system reference architecture and overall security and privacy solutions for 5G applications. Based on the three major application scenarios of eMBB, uRLLC, and mMTC, we also provide specific suggestions for coping with security and privacy risks. Finally, we present a use case of industrial terminal access control and make conclusions of this paper....
Loading....