New changes are taking place in nontraditional security fields,characterized by the increase in confrontation and conflict,the intensification of threats,and diversification.The interconnectivity,unpredictability,and ...New changes are taking place in nontraditional security fields,characterized by the increase in confrontation and conflict,the intensification of threats,and diversification.The interconnectivity,unpredictability,and transmissibility of nontraditional security threats are unprecedented.The emergence and even perpetuation of the above-mentioned new features are both attributed to objective factors,such as social development,ideological shifts,and scientific and technological advancement,and are closely related to the moves of certain major countries to instigate the so-called remarkable power competition recklessly and boost geopolitical contest.The rapid resurgence of securitization in global politics is hidden behind the rise of nontraditional security threats.Nontraditional security issues have generally entered a dynamic phase,which exerts an impact on the international security environment and the global landscape.A growing number of countries have emphasized on the realistic and urgent threat of nontraditional security challenges to their national security.These countries have tended to achieve traditional security goals via nontraditional means and tackle nontraditional security challenges with traditional mindsets.Thus,the boundary between traditional and nontraditional security issues is increasingly blurred.The methodology that dichotomizes traditional and nontraditional security issues may no longer be useful during assessments of major threats confronting national security.The connotations of peace and war have significantly changed in the new era.Distinguishing"hot"security issues from"cold"ones or traditional security issues from nontraditional ones is difficult.Such distinction requires consideration of all security issues when recognizing and addressing national security challenges.Thus,these increasingly complex security issues must be analyzed within a wide context of the oncein-a-century changes occurring worldwide and China should pursue a holistic approach to national security as a fundamental principle in response to various threats.展开更多
Non-traditional security issues have arisen since the 1960s,especially after the end of the Cold War,and are becoming a major issue in world security and politics.This reflects tremendous changes in the world situatio...Non-traditional security issues have arisen since the 1960s,especially after the end of the Cold War,and are becoming a major issue in world security and politics.This reflects tremendous changes in the world situation.With diverse causes and plural referent objects,non-traditional security issues cover nearly all the problems in the world today and make development difficult to sustain.This raises the question of whether human society and the earth can survive.Power politics one-sidedly stresses the role of power,endangering the harmonious development of nations and the whole of human society.It is not at all conducive to the solution of non-traditional security issues.The solution of non-traditional security issues demands cooperation from all actors in the international community.Multiple means are needed to solve these issues.Equal dialogue between all the actors,which can easily be attained,will play an effective role,as long as all actors respect each other's differences.展开更多
Programmable Logic Controllers(PLC),core of industrial control systems,is widely used in industrial control systems.The security of PLC is the key to the security of industrial control systems.Nowadays,a large number ...Programmable Logic Controllers(PLC),core of industrial control systems,is widely used in industrial control systems.The security of PLC is the key to the security of industrial control systems.Nowadays,a large number of industrial control systems are connected to the Internet which exposes the PLC equipment to the Internet,and thus raising security concerns.First of all,we introduce the basic principle of PLC in this paper.Then we analyze the PLC code security,firmware security,network security,virus vulnerability and Modbus communication protocol by reviewing the previous related work.Finally,we make a summary of the current security protection methods.展开更多
The emergence of various technologies such as terahertz communications,Reconfigurable Intelligent Surfaces(RIS),and AI-powered communication services will burden network operators with rising infrastructure costs.Rece...The emergence of various technologies such as terahertz communications,Reconfigurable Intelligent Surfaces(RIS),and AI-powered communication services will burden network operators with rising infrastructure costs.Recently,the Open Radio Access Network(O-RAN)has been introduced as a solution for growing financial and operational burdens in Beyond 5G(B5G)and 6G networks.O-RAN promotes openness and intelligence to overcome the limitations of traditional RANs.By disaggregating conventional Base Band Units(BBUs)into O-RAN Distributed Units(O-DU)and O-RAN Centralized Units(O-CU),O-RAN offers greater flexibility for upgrades and network automation.However,this openness introduces new security challenges compared to traditional RANs.Many existing studies overlook these security requirements of the O-RAN networks.To gain deeper insights into the O-RAN system and security,this paper first provides an overview of the general O-RAN architecture and its diverse use cases relevant to B5G and 6G applications.We then delve into specifications of O-RAN security threats and requirements,aiming to mitigate security vulnerabilities effectively.By providing a comprehensive understanding of O-RAN architecture,use cases,and security considerations,thisworkserves as a valuable resource for future research in O-RAN and its security.展开更多
Deep learning frameworks promote the development of artificial intelligence and demonstrate considerable potential in numerous applications.However,the security issues of deep learning frameworks are among the main ri...Deep learning frameworks promote the development of artificial intelligence and demonstrate considerable potential in numerous applications.However,the security issues of deep learning frameworks are among the main risks preventing the wide application of it.Attacks on deep learning frameworks by malicious internal or external attackers would exert substantial effects on society and life.We start with a description of the framework of deep learning algorithms and a detailed analysis of attacks and vulnerabilities in them.We propose a highly comprehensive classification approach for security issues and defensive approaches in deep learning frameworks and connect different attacks to corresponding defensive approaches.Moreover,we analyze a case of the physical-world use of deep learning security issues.In addition,we discuss future directions and open issues in deep learning frameworks.We hope that our research will inspire future developments and draw attention from academic and industrial domains to the security of deep learning frameworks.展开更多
Hadoop technology is followed by some security issues. At its beginnings, developers paid attention to the development of basic functionalities mostly, and proposal of security components was not of prime interest. Be...Hadoop technology is followed by some security issues. At its beginnings, developers paid attention to the development of basic functionalities mostly, and proposal of security components was not of prime interest. Because of that, the technology remained vulnerable to malicious activities of unauthorized users whose purpose is to endanger system functionalities or to compromise private user data. Researchers and developers are continuously trying to solve these issues by upgrading Hadoop’s security mechanisms and preventing undesirable malicious activities. In this paper, the most common HDFS security problems and a review of unauthorized access issues are presented. First, Hadoop mechanism and its main components are described as the introduction part of the leading research problem. Then, HDFS architecture is given, and all including components and functionalities are introduced. Further, all possible types of users are listed with an accent on unauthorized users, which are of great importance for the paper. One part of the research is dedicated to the consideration of Hadoop security levels, environment and user assessments. The review also includes an explanation of Log Monitoring and Audit features, and detail consideration of authorization and authentication issues. Possible consequences of unauthorized access to a system are covered, and a few recommendations for solving problems of unauthorized access are offered. Honeypot nodes, security mechanisms for collecting valuable information about malicious parties, are presented in the last part of the paper. Finally, the idea for developing a new type of Intrusion Detector, which will be based on using an artificial neural network, is presented. The detector will be an integral part of a new kind of virtual honeypot mechanism and represents the initial base for future scientific work of authors.展开更多
The Intemet is a popular channel for allowing more and more users to exchange information without geographical limitations and time restrictions. Therefore, a large amount of digital data, such as digital images, text...The Intemet is a popular channel for allowing more and more users to exchange information without geographical limitations and time restrictions. Therefore, a large amount of digital data, such as digital images, text, audio, and video, is transmitted over the Intemet. Unfortunately, sensitive digital data can be intercepted by malicious users of the Internet, so the development of techniques for ensuring the secrecy and security of data during transmission has become a top priority.展开更多
To some extent, China’s security environment depends on if it has active creation, understanding, attention and vigilance on the common interests of the surrounding areas and groups of states, and if it could take ti...To some extent, China’s security environment depends on if it has active creation, understanding, attention and vigilance on the common interests of the surrounding areas and groups of states, and if it could take timely and proper countermeasures. In my personal view, two principles should be taken into consideration. The first principle is展开更多
Because of the advanced developments in information technology and networking, a user can easily communicate with others via the Internet. In daily life, users can buy a lot of products through the e-commerce market. ...Because of the advanced developments in information technology and networking, a user can easily communicate with others via the Internet. In daily life, users can buy a lot of products through the e-commerce market. Thus, how to protect users' private data from being compromised on the Internet has become a very important research issue in recent years.展开更多
With the growing of digitized data transforming on Internet,the issues of information security,data privacy,and forensic analysis have become more and more attracted.Researchers have provided solutions for problems in...With the growing of digitized data transforming on Internet,the issues of information security,data privacy,and forensic analysis have become more and more attracted.Researchers have provided solutions for problems in the field.The objective of this special issue is to present research and development activities in the various aspects.After a very careful review,展开更多
Journal of Electronic Science and Technology (JEST) invites manuscript submissions in the area of Network and Communication Security (NCS). This special issue of JEST will focus on recent theoretical and applicati...Journal of Electronic Science and Technology (JEST) invites manuscript submissions in the area of Network and Communication Security (NCS). This special issue of JEST will focus on recent theoretical and application achievements in NCS. It is intended to highlight and summarize the major developments that have occurred over the past few years. Topic scopes to be covered include:展开更多
Modern communication allows billions of objects in the physical world as well as virtual environments to exchange data with each other in an autonomous way so as to create smart environments. However, modern communica...Modern communication allows billions of objects in the physical world as well as virtual environments to exchange data with each other in an autonomous way so as to create smart environments. However, modern communication also introduces new challenges for the security of systems and processes and the privacy of individuals. There is an increasing demand for development of new security and privacy approaches to guarantee the security, privacy, integ- rity, and availability of resources in modern communication.展开更多
Cloud computing is the provision of hosted resources,comprising software,hardware and processing over the World Wide Web.The advantages of rapid deployment,versatility,low expenses and scalability have led to the wide...Cloud computing is the provision of hosted resources,comprising software,hardware and processing over the World Wide Web.The advantages of rapid deployment,versatility,low expenses and scalability have led to the widespread use of cloud computing across organizations of all sizes,mostly as a component of the combination/multi-cloud infrastructure structure.While cloud storage offers significant benefits as well as cost-effective alternatives for IT management and expansion,new opportunities and challenges in the context of security vulnerabilities are emerging in this domain.Cloud security,also recognized as cloud computing security,refers to a collection of policies,regulations,systematic processes that function together to secure cloud infrastructure systems.These security procedures are designed to safeguard cloud data,to facilitate regulatory enforcement and to preserve the confidentiality of consumers,as well as to lay down encryption rules for specific devices and applications.This study presents an overview of the innovative cloud computing and security challenges that exist at different levels of cloud infrastructure.In this league,the present research work would be a significant contribution in reducing the security attacks on cloud computing so as to provide sustainable and secure services.展开更多
Reliable transmission is vital to the success of the next generation ofcommunications technologies and Fifth Generation (5G) networks. Many sensitive applications, such as eHealth and medical services, can benefit fr...Reliable transmission is vital to the success of the next generation ofcommunications technologies and Fifth Generation (5G) networks. Many sensitive applications, such as eHealth and medical services, can benefit from a 5G network. The Internet of Medical Things (IoMT) is a new field that fosters themaintenance of trust among various IoMT Device to Device (D2D) modern technologies. In IoMT the medical devices have to be connected through a wirelessnetwork and constantly needs to be self-configured to provide consistent and effi-cient data transmission. The medical devices need to be connected with sophisticated protocols and architecture to handle the synergy of the monitoring devices.Today, one of the commonly used algorithms in D2D communication is the Optimized Link State Routing protocol (OLSR). The OLSR is considerably good ateffectively utilizing the bandwidth and reserving the paths. One of the majorattack against the OLSR is the Node isolation attack, also known as the Gray holedenial of service attack. The Gray hole attack exploits the vulnerabilities presentwith sharing the topological information of the network. The attackers may usethis topological information to maliciously disconnect the target nodes from theexisting network and stops rendering the communication services to the victimnode. Hence, considering the sensitivity and security concerns of the data usedin e-Health applications, these types of attacks must be detected and disabledproactively. In this work, a novel Node Authentication (NA) with OLSR is proposed. The simulation experiments illustrated that the proposed protocol has anexcellent Packet Delivery Ratio, minimal End-End delay, and minimal Packet losswhen compared to the Ad-hoc On-Demand Distance Victor (AODV) protocol andthe proposed authentication scheme was able to protect the OLSR protocol from anode isolation attack.展开更多
文摘New changes are taking place in nontraditional security fields,characterized by the increase in confrontation and conflict,the intensification of threats,and diversification.The interconnectivity,unpredictability,and transmissibility of nontraditional security threats are unprecedented.The emergence and even perpetuation of the above-mentioned new features are both attributed to objective factors,such as social development,ideological shifts,and scientific and technological advancement,and are closely related to the moves of certain major countries to instigate the so-called remarkable power competition recklessly and boost geopolitical contest.The rapid resurgence of securitization in global politics is hidden behind the rise of nontraditional security threats.Nontraditional security issues have generally entered a dynamic phase,which exerts an impact on the international security environment and the global landscape.A growing number of countries have emphasized on the realistic and urgent threat of nontraditional security challenges to their national security.These countries have tended to achieve traditional security goals via nontraditional means and tackle nontraditional security challenges with traditional mindsets.Thus,the boundary between traditional and nontraditional security issues is increasingly blurred.The methodology that dichotomizes traditional and nontraditional security issues may no longer be useful during assessments of major threats confronting national security.The connotations of peace and war have significantly changed in the new era.Distinguishing"hot"security issues from"cold"ones or traditional security issues from nontraditional ones is difficult.Such distinction requires consideration of all security issues when recognizing and addressing national security challenges.Thus,these increasingly complex security issues must be analyzed within a wide context of the oncein-a-century changes occurring worldwide and China should pursue a holistic approach to national security as a fundamental principle in response to various threats.
文摘Non-traditional security issues have arisen since the 1960s,especially after the end of the Cold War,and are becoming a major issue in world security and politics.This reflects tremendous changes in the world situation.With diverse causes and plural referent objects,non-traditional security issues cover nearly all the problems in the world today and make development difficult to sustain.This raises the question of whether human society and the earth can survive.Power politics one-sidedly stresses the role of power,endangering the harmonious development of nations and the whole of human society.It is not at all conducive to the solution of non-traditional security issues.The solution of non-traditional security issues demands cooperation from all actors in the international community.Multiple means are needed to solve these issues.Equal dialogue between all the actors,which can easily be attained,will play an effective role,as long as all actors respect each other's differences.
基金This work is funded by the National Key Research and Development Plan(Grant No.2018YFB0803504)the National Natural Science Foundation of China(Nos.61702223,61702220,61871140,U1636215)the Opening Project of Shanghai Trusted Industrial Control Platform.
文摘Programmable Logic Controllers(PLC),core of industrial control systems,is widely used in industrial control systems.The security of PLC is the key to the security of industrial control systems.Nowadays,a large number of industrial control systems are connected to the Internet which exposes the PLC equipment to the Internet,and thus raising security concerns.First of all,we introduce the basic principle of PLC in this paper.Then we analyze the PLC code security,firmware security,network security,virus vulnerability and Modbus communication protocol by reviewing the previous related work.Finally,we make a summary of the current security protection methods.
基金supported by the Research Program funded by the SeoulTech(Seoul National University of Science and Technology).
文摘The emergence of various technologies such as terahertz communications,Reconfigurable Intelligent Surfaces(RIS),and AI-powered communication services will burden network operators with rising infrastructure costs.Recently,the Open Radio Access Network(O-RAN)has been introduced as a solution for growing financial and operational burdens in Beyond 5G(B5G)and 6G networks.O-RAN promotes openness and intelligence to overcome the limitations of traditional RANs.By disaggregating conventional Base Band Units(BBUs)into O-RAN Distributed Units(O-DU)and O-RAN Centralized Units(O-CU),O-RAN offers greater flexibility for upgrades and network automation.However,this openness introduces new security challenges compared to traditional RANs.Many existing studies overlook these security requirements of the O-RAN networks.To gain deeper insights into the O-RAN system and security,this paper first provides an overview of the general O-RAN architecture and its diverse use cases relevant to B5G and 6G applications.We then delve into specifications of O-RAN security threats and requirements,aiming to mitigate security vulnerabilities effectively.By providing a comprehensive understanding of O-RAN architecture,use cases,and security considerations,thisworkserves as a valuable resource for future research in O-RAN and its security.
基金supported by the National Key Research and Development Program of China(No.2018YFB0803403)Fundamental Research Funds for the Central Universities(Nos.FRF-AT-19-009Z and FRF-BD-19-012A)National Social Science Fund of China(No.18BGJ071)。
文摘Deep learning frameworks promote the development of artificial intelligence and demonstrate considerable potential in numerous applications.However,the security issues of deep learning frameworks are among the main risks preventing the wide application of it.Attacks on deep learning frameworks by malicious internal or external attackers would exert substantial effects on society and life.We start with a description of the framework of deep learning algorithms and a detailed analysis of attacks and vulnerabilities in them.We propose a highly comprehensive classification approach for security issues and defensive approaches in deep learning frameworks and connect different attacks to corresponding defensive approaches.Moreover,we analyze a case of the physical-world use of deep learning security issues.In addition,we discuss future directions and open issues in deep learning frameworks.We hope that our research will inspire future developments and draw attention from academic and industrial domains to the security of deep learning frameworks.
文摘Hadoop technology is followed by some security issues. At its beginnings, developers paid attention to the development of basic functionalities mostly, and proposal of security components was not of prime interest. Because of that, the technology remained vulnerable to malicious activities of unauthorized users whose purpose is to endanger system functionalities or to compromise private user data. Researchers and developers are continuously trying to solve these issues by upgrading Hadoop’s security mechanisms and preventing undesirable malicious activities. In this paper, the most common HDFS security problems and a review of unauthorized access issues are presented. First, Hadoop mechanism and its main components are described as the introduction part of the leading research problem. Then, HDFS architecture is given, and all including components and functionalities are introduced. Further, all possible types of users are listed with an accent on unauthorized users, which are of great importance for the paper. One part of the research is dedicated to the consideration of Hadoop security levels, environment and user assessments. The review also includes an explanation of Log Monitoring and Audit features, and detail consideration of authorization and authentication issues. Possible consequences of unauthorized access to a system are covered, and a few recommendations for solving problems of unauthorized access are offered. Honeypot nodes, security mechanisms for collecting valuable information about malicious parties, are presented in the last part of the paper. Finally, the idea for developing a new type of Intrusion Detector, which will be based on using an artificial neural network, is presented. The detector will be an integral part of a new kind of virtual honeypot mechanism and represents the initial base for future scientific work of authors.
文摘The Intemet is a popular channel for allowing more and more users to exchange information without geographical limitations and time restrictions. Therefore, a large amount of digital data, such as digital images, text, audio, and video, is transmitted over the Intemet. Unfortunately, sensitive digital data can be intercepted by malicious users of the Internet, so the development of techniques for ensuring the secrecy and security of data during transmission has become a top priority.
文摘To some extent, China’s security environment depends on if it has active creation, understanding, attention and vigilance on the common interests of the surrounding areas and groups of states, and if it could take timely and proper countermeasures. In my personal view, two principles should be taken into consideration. The first principle is
文摘Because of the advanced developments in information technology and networking, a user can easily communicate with others via the Internet. In daily life, users can buy a lot of products through the e-commerce market. Thus, how to protect users' private data from being compromised on the Internet has become a very important research issue in recent years.
文摘With the growing of digitized data transforming on Internet,the issues of information security,data privacy,and forensic analysis have become more and more attracted.Researchers have provided solutions for problems in the field.The objective of this special issue is to present research and development activities in the various aspects.After a very careful review,
文摘Journal of Electronic Science and Technology (JEST) invites manuscript submissions in the area of Network and Communication Security (NCS). This special issue of JEST will focus on recent theoretical and application achievements in NCS. It is intended to highlight and summarize the major developments that have occurred over the past few years. Topic scopes to be covered include:
文摘Modern communication allows billions of objects in the physical world as well as virtual environments to exchange data with each other in an autonomous way so as to create smart environments. However, modern communication also introduces new challenges for the security of systems and processes and the privacy of individuals. There is an increasing demand for development of new security and privacy approaches to guarantee the security, privacy, integ- rity, and availability of resources in modern communication.
基金This work is funded by Prince Sultan University, Riyadh, the Kingdom of Saudi Arabia.
文摘Cloud computing is the provision of hosted resources,comprising software,hardware and processing over the World Wide Web.The advantages of rapid deployment,versatility,low expenses and scalability have led to the widespread use of cloud computing across organizations of all sizes,mostly as a component of the combination/multi-cloud infrastructure structure.While cloud storage offers significant benefits as well as cost-effective alternatives for IT management and expansion,new opportunities and challenges in the context of security vulnerabilities are emerging in this domain.Cloud security,also recognized as cloud computing security,refers to a collection of policies,regulations,systematic processes that function together to secure cloud infrastructure systems.These security procedures are designed to safeguard cloud data,to facilitate regulatory enforcement and to preserve the confidentiality of consumers,as well as to lay down encryption rules for specific devices and applications.This study presents an overview of the innovative cloud computing and security challenges that exist at different levels of cloud infrastructure.In this league,the present research work would be a significant contribution in reducing the security attacks on cloud computing so as to provide sustainable and secure services.
文摘Reliable transmission is vital to the success of the next generation ofcommunications technologies and Fifth Generation (5G) networks. Many sensitive applications, such as eHealth and medical services, can benefit from a 5G network. The Internet of Medical Things (IoMT) is a new field that fosters themaintenance of trust among various IoMT Device to Device (D2D) modern technologies. In IoMT the medical devices have to be connected through a wirelessnetwork and constantly needs to be self-configured to provide consistent and effi-cient data transmission. The medical devices need to be connected with sophisticated protocols and architecture to handle the synergy of the monitoring devices.Today, one of the commonly used algorithms in D2D communication is the Optimized Link State Routing protocol (OLSR). The OLSR is considerably good ateffectively utilizing the bandwidth and reserving the paths. One of the majorattack against the OLSR is the Node isolation attack, also known as the Gray holedenial of service attack. The Gray hole attack exploits the vulnerabilities presentwith sharing the topological information of the network. The attackers may usethis topological information to maliciously disconnect the target nodes from theexisting network and stops rendering the communication services to the victimnode. Hence, considering the sensitivity and security concerns of the data usedin e-Health applications, these types of attacks must be detected and disabledproactively. In this work, a novel Node Authentication (NA) with OLSR is proposed. The simulation experiments illustrated that the proposed protocol has anexcellent Packet Delivery Ratio, minimal End-End delay, and minimal Packet losswhen compared to the Ad-hoc On-Demand Distance Victor (AODV) protocol andthe proposed authentication scheme was able to protect the OLSR protocol from anode isolation attack.