User Station Security Protection Method Based on Random Domain Name Detection and Active Defense

The power monitoring system is the most important production management system in the power industry. As an important part of the power monitoring system, the user station that lacks grid binding will become an important target of network attacks. In order to perceive the network attack events on the user station side in time, a method combining real-time detection and active defense of random domain names on the user station side was proposed. Capsule network (CapsNet) combined with long short-term memory network (LSTM) was used to classify the domain names extracted from the traffic data. When a random domain name is detected, it sent instructions to routers and switched to update their security policies through the remote terminal protocol (Telnet), or shut down the service interfaces of routers and switched to block network attacks. The experimental results showed that the use of CapsNet combined with LSTM classification algorithm can achieve 99.16% accuracy and 98% recall rate in random domain name detection. Through the Telnet protocol, routers and switches can be linked to make active defense without interrupting services.

Research on active defense decision-making method for cloud boundary networks based on reinforcement learning of intelligent agent

The cloud boundary network environment is characterized by a passive defense strategy,discrete defense actions,and delayed defense feedback in the face of network attacks,ignoring the influence of the external environment on defense decisions,thus resulting in poor defense effectiveness.Therefore,this paper proposes a cloud boundary network active defense model and decision method based on the reinforcement learning of intelligent agent,designs the network structure of the intelligent agent attack and defense game,and depicts the attack and defense game process of cloud boundary network;constructs the observation space and action space of reinforcement learning of intelligent agent in the non-complete information environment,and portrays the interaction process between intelligent agent and environment;establishes the reward mechanism based on the attack and defense gain,and encourage intelligent agents to learn more effective defense strategies.the designed active defense decision intelligent agent based on deep reinforcement learning can solve the problems of border dynamics,interaction lag,and control dispersion in the defense decision process of cloud boundary networks,and improve the autonomy and continuity of defense decisions.

DLP:towards active defense against backdoor attacks with decoupled learning process

Deep learning models are well known to be susceptible to backdoor attack,where the attacker only needs to provide a tampered dataset on which the triggers are injected.Models trained on the dataset will passively implant the backdoor,and triggers on the input can mislead the models during testing.Our study shows that the model shows different learning behaviors in clean and poisoned subsets during training.Based on this observation,we propose a general training pipeline to defend against backdoor attacks actively.Benign models can be trained from the unreli-able dataset by decoupling the learning process into three stages,i.e.,supervised learning,active unlearning,and active semi-supervised fine-tuning.The effectiveness of our approach has been shown in numerous experiments across various backdoor attacks and datasets.

Optimal guidance against active defense ballistic missiles via differential game strategies

The optimal guidance problem for an interceptor against a ballistic missile with active defense is investigated in this paper.A class of optimal guidance schemes are proposed based on linear quadratic differential game method and numerical solution of Riccati differential equation.By choosing proper parameters, the proposed guidance schemes are able to drive the interceptor to the target and away from the defender simultaneously.Additionally, fuel cost, control saturation,chattering phenomenon and parameters selection were taken into account.Satisfaction of the proposed guidance schemes of the saddle point condition is proven theoretically.Finally, nonlinear numerical examples are included to demonstrate the effectiveness and performance of the developed guidance approaches.Comparison of control performance between different guidance schemes are presented and analysis.

Cooperative differential games guidance laws for multiple attackers against an active defense target

This paper is concerned with a scenario of multiple attackers trying to intercept a target with active defense.Three types of agents are considered in the guidance:The multiple attackers,the target and the defender,where the attackers aim to pursuit the target from different directions and evade from the defender simultaneously.The guidance engagement is formulated in the framework of a zero-sum two-person differential game between the two opposing teams,such that the measurements on the maneuver of the target or estimations on the defending strategy of the defender can be absent.Cooperation of the attackers resides in two aspects:redundant interception under the threat of the defender and the relative intercept geometry with the target.The miss distances,the relative intercept angle errors and the costs of the agents are combined into a single performance index of the game.Such formulation enables a unitary approach to the design of guidance laws for the agents.To minimize the control efforts and miss distances for the attackers,an optimization method is proposed to find the best anticipated miss distances to the defender under the constraint that the defender is endowed with a capture radius.Numerical simulations with two cases are conducted to illustrate the effectiveness of the proposed cooperative guidance law.

Concept and Research Framework for Coordinated Situation Awareness and Active Defense of Cyber-physical Power Systems Against Cyber-attacks

Due to the tight coupling between the cyber and physical sides of a cyber-physical power system(CPPS),the safe and reliable operation of CPPSs is being increasingly impacted by cyber security.This situation poses a challenge to traditional security defense systems,which considers the threat from only one side,i.e.,cyber or physical.To cope with cyberattacks,this paper reaches beyond the traditional one-side security defense systems and proposes the concept of cyber-physical coordinated situation awareness and active defense to improve the ability of CPPSs.An example of a regional frequency control system is used to show the validness and potential of this concept.Then,the research framework is presented for studying and implementing this concept.Finally,key technologies for cyber-physical coordinated situation awareness and active defense against cyber-attacks are introduced.

Analytical game strategies for active UAV defense considering response delays OA

In the realm of aerial warfare,the protection of Unmanned Aerial Vehicles(UAVs) against adversarial threats is crucial.In order to balance the impact of response delays and the demand for onboard applications,this paper derives three analytical game strategies for the active defense of UAVs from differential game theory,accommodating the first-order dynamic delays.The targeted UAV executes evasive maneuvers and launches a defending missile to intercept the attacking missile,which constitutes a UAVMissile-Defender(UMD) three-body game problem.We explore two distinct operational paradigms:the first involves the UAV and the defender working collaboratively to intercept the incoming threat,while the second prioritizes UAV self-preservation,with independent maneuvering away from potentially sacrificial engagements.Starting with model linearization and order reduction,the Collaborative Interception Strategy(CIS) is first derived via a linear quadratic differential game formulation.Building upon CIS,we further explore two distinct strategies:the Informed Defender Interception Strategy(IDIS),which utilizes UAV maneuvering information,and the Unassisted Defender Interception Strategy(UDIS),which does not rely on UAV maneuvering information.Additionally,we investigate the conditions for the existence of saddle point solutions and their relationship with vehicle maneuverability and response agility.The simulations demonstrate the effectiveness and advantages of the proposed strategies.

Research on Cyberspace Attack and Defense Confrontation Technology

This paper analyzes the characteristics of Interact space and confrontation, discussed on the main technology of network space attack and defense confrontation. The paper presents the realization scheme of network space attack defense confrontation system, and analyzes its feasibility. The technology and the system can provide technical support for the system in the network space of our country development, and safeguard security of network space in China, promote the development of the network space security industry of China, it plays an important role and significance to speed up China＇ s independent controllable security products development.

Novel 18β-glycyrrhetinic acid amide derivatives show dual-acting capabilities for controlling plant bacterial diseases through ROS-mediated antibacterial efficiency and activating plant defense responses

Natural products have long been a crucial source of,or provided inspiration for new agrochemical discovery.Naturally occurring 18β-glycyrrhetinic acid shows broad-spectrum bioactivities and is a potential skeleton for novel drug discovery.To extend the utility of 18β-glycyrrhetinic acid for agricultural uses,a series of novel 18β-glycyrrhetinic acid amide derivatives were prepared and evaluated for their antibacterial potency.Notably,compound 5k showed good antibacterial activity in vitro against Xanthomonas oryzae pv.oryzae(Xoo,EC50=3.64 mg L–1),and excellent protective activity(54.68%)against Xoo in vivo.Compound 5k induced excessive production and accumulation of reactive oxygen species in the tested pathogens,resulting in damaging the bacterial cell envelope.More interestingly,compound 5k could increase the activities of plant defense enzymes including catalase,superoxide dismutase,peroxidase,and phenylalanine ammonia lyase.Taken together,these enjoyable results suggested that designed compounds derived from 18β-glycyrrhetinic acid showed potential for controlling intractable plant bacterial diseases by disturbing the balance of the phytopathogen’s redox system and activating the plant defense system.

ATSSC:An Attack Tolerant System in Serverless Computing

Serverless computing is a promising paradigm in cloud computing that greatly simplifies cloud programming.With serverless computing,developers only provide function code to serverless platform,and these functions are invoked by its driven events.Nonetheless,security threats in serverless computing such as vulnerability-based security threats have become the pain point hindering its wide adoption.The ideas in proactive defense such as redundancy,diversity and dynamic provide promising approaches to protect against cyberattacks.However,these security technologies are mostly applied to serverless platform based on“stacked”mode,as they are designed independent with serverless computing.The lack of security consideration in the initial design makes it especially challenging to achieve the all life cycle protection for serverless application with limited cost.In this paper,we present ATSSC,a proactive defense enabled attack tolerant serverless platform.ATSSC integrates the characteristic of redundancy,diversity and dynamic into serverless seamless to achieve high-level security and efficiency.Specifically,ATSSC constructs multiple diverse function replicas to process the driven events and performs cross-validation to verify the results.In order to create diverse function replicas,both software diversity and environment diversity are adopted.Furthermore,a dynamic function refresh strategy is proposed to keep the clean state of serverless functions.We implement ATSSC based on Kubernetes and Knative.Analysis and experimental results demonstrate that ATSSC can effectively protect serverless computing against cyberattacks with acceptable costs.

Preventing Hardware Trojans in Switch Chip Based on Payload Decoupling

Hardware Trojans in integrated circuit chips have the characteristics of being covert,destructive,and difficult to protect,which have seriously endangered the security of the chips themselves and the information systems to which they belong.Existing solutions generally rely on passive detection techniques.In this paper,a hardware Trojans active defense mechanism is designed for network switching chips based on the principle of encryption algorithm.By encoding the data entering the chip,the argot hidden in the data cannot trigger the hardware Trojans that may exist in the chip,so that the chip can work normally even if it is implanted with a hardware Trojans.The proposed method is proved to be effective in preventing hardware Trojans with different trigger characteristics by simulation tests and practical tests on our secure switching chip.

Active resilient defense control against false data injection attacks in smart grids

The emerging of false data injection attacks(FDIAs)can fool the traditional detection methods by injecting false data,which has brought huge risks to the security of smart grids.For this reason,a resilient active defense control scheme based on interval observer detection is proposed in this paper to protect smart grids.The proposed active defense highlights the integration of detection and defense against FDIAs in smart girds.First,a dynamic physical grid model under FDIAs is modeled,in which model uncertainty and parameter uncertainty are taken into account.Then,an interval observer-based detection method against FDIAs is proposed,where a detection criteria using interval residual is put forward.Corresponding to the detection results,the resilient defense controller is triggered to defense the FDIAs if the system states are affected by FDIAs.Linear matrix inequality(LMI)approach is applied to design the resilient controller with H_(∞)performance.The system with the resilient defense controller can be robust to FDIAs and the gain of the resilient controller has a certain gain margin.Our active resilient defense approach can be built in real time and show accurate and quick respond to the injected FDIAs.The effectiveness of the proposed defense scheme is verified by the simulation results on an IEEE 30-bus grid system.

Linear-quadratic and norm-bounded combined differential game guidance scheme with obstacle avoidance for attacking defended aircraft in three-player engagement OA

A differential game guidance scheme with obstacle avoidance,based on the formulation of a combined linear quadratic and norm-bounded differential game,is designed for a three-player engagement scenario,which includes a pursuer,an interceptor,and an evader.The confrontation between the players is divided into four phases(P1-P4)by introducing the switching time,and proposing different guidance strategies according to the phase where the static obstacle is located:the linear quadratic game method is employed to devise the guidance scheme for the energy optimization when the obstacle is located in the P1 and P3 stages;the norm-bounded differential game guidance strategy is presented to satisfy the acceleration constraint under the circumstance that the obstacle is located in the P2 and P4 phases.Furthermore,the radii of the static obstacle and the interceptor are taken as the design parameters to derive the combined guidance strategy through the dead-zone function,which guarantees that the pursuer avoids the static obstacle,and the interceptor,and attacks the evader.Finally,the nonlinear numerical simulations verify the performance of the game guidance strategy.