In recent years,machine learning has made great progress in intrusion detection,network protection,anomaly detection,and other issues in cyberspace.However,these traditional machine learning algorithms usually require...In recent years,machine learning has made great progress in intrusion detection,network protection,anomaly detection,and other issues in cyberspace.However,these traditional machine learning algorithms usually require a lot of data to learn and have a low recognition rate for unknown attacks.Among them,“one-shot learning”,“few-shot learning”,and“zero-shot learning”are challenges that cannot be ignored for traditional machine learning.The more intractable problem in cyberspace security is the changeable attack mode.When a new attack mode appears,there are few or even zero samples that can be learned.Meta-learning comes from imitating human problem-solving methods as humans can quickly learn unknown things based on their existing knowledge when learning.Its purpose is to quickly obtain a model with high accuracy and strong generalization through less data training.This article first divides the meta-learning model into five research directions based on different principles of use.They are model-based,metric-based,optimization-based,online-learning-based,or stacked ensemble-based.Then,the current problems in the field of cyberspace security are categorized into three branches:cyber security,information security,and artificial intelligence security according to different perspectives.Then,the application research results of various meta-learning models on these three branches are reviewed.At the same time,based on the characteristics of strong generalization,evolution,and scalability of meta-learning,we contrast and summarize its advantages in solving problems.Finally,the prospect of future deep application of meta-learning in the field of cyberspace security is summarized.展开更多
The new generation of world information technology revolution has promoted the vigorous development and rapid transform of the new economy.The in-depth implementation of a series of Chinese important national strategi...The new generation of world information technology revolution has promoted the vigorous development and rapid transform of the new economy.The in-depth implementation of a series of Chinese important national strategies such as“Made in China 2025”and“Internet+”is urgently needed the support of innovative and outstanding emerging engineering talents with cross-border integration abilities.Therefore,interdisciplinary education plays an important role in the training of the needed emerging engineering talents.Taking cybersecurity as an example,this paper summarizes the professional’s requirements and proposes the educational objectives of Harbin Institute of Technology.Then the objective oriented curriculum system and the teaching model emphasizing project-based learning are introduced.The practice and effect of interdisciplinary education are discussed and analyzed in four aspects including curriculum system,faculty,students and academy education.Finally,suggestions are made on the individualized education and sustainable competitiveness cultivation of the emerging engineering talents.展开更多
Three technical problems should be solved urgently in cyberspace security:the timeliness and accuracy of network attack detection,the credibility assessment and prediction of the security situation,and the effectivene...Three technical problems should be solved urgently in cyberspace security:the timeliness and accuracy of network attack detection,the credibility assessment and prediction of the security situation,and the effectiveness of security defense strategy optimization.Artificial intelligence(AI)algorithms have become the core means to increase the chance of security and improve the network attack and defense ability in the application of cyberspace security.Recently,the breakthrough and application of AI technology have provided a series of advanced approaches for further enhancing network defense ability.This work presents a comprehensive review of AI technology articles for cyberspace security applications,mainly from 2017 to 2022.The papers are selected from a variety of journals and conferences:52.68%are from Elsevier,Springer,and IEEE journals and 25%are from international conferences.With a specific focus on the latest approaches in machine learning(ML),deep learning(DL),and some popular optimization algorithms,the characteristics of the algorithmic models,performance results,datasets,potential benefits,and limitations are analyzed,and some of the existing challenges are highlighted.This work is intended to provide technical guidance for researchers who would like to obtain the potential of AI technical methods for cyberspace security and to provide tips for the later resolution of specific cyberspace security issues,and a mastery of the current development trends of technology and application and hot issues in the field of network security.It also indicates certain existing challenges and gives directions for addressing them effectively.展开更多
With rapid development of cyber technology,cyber networks help promote various countries’political,economic and social development,but also incubate new threats to national security.Various Western major countries ha...With rapid development of cyber technology,cyber networks help promote various countries’political,economic and social development,but also incubate new threats to national security.Various Western major countries have adopted national cyber security strategy in order to safeguard their key facilities and cyber security.Some international organizations also incorporate cyber security into their agenda and vigorously push member countries to conduct cyber security cooperation.In view of future trends,cyber security is a common challenge faced by various countries in the world,and global problems need global cooperation,however,the global cyberspace governance should be a formidable task considering that cyber space governance is a new issue and encounters the difference of national interests.展开更多
Uncertain security threats caused by vulnerabilities and backdoors are the most serious and difficult problem in cyberspace.This paper analyzes the philosophical and technical causes of the existence of so-called"...Uncertain security threats caused by vulnerabilities and backdoors are the most serious and difficult problem in cyberspace.This paper analyzes the philosophical and technical causes of the existence of so-called"dark functions"such as system vulnerabilities and backdoors,and points out that endogenous security problems cannot be completely eliminated at the theoretical and engineering levels;rather,it is necessary to develop or utilize the endogenous security functions of the system architecture itself.In addition,this paper gives a definition for and lists the main technical characteristics of endogenous safety and security in cyberspace,introduces endogenous safety and security mechanisms and characteristics based on dynamic heterogeneous redundancy(DHR)architecture,and describes the theoretical implications of a coding channel based on DHR.展开更多
The frequent explosion of Internet worms has been one of the most serious problems in cyberspace security. In this paper, by analyzing the worm's propagation model, we propose a new worm warning system based on the m...The frequent explosion of Internet worms has been one of the most serious problems in cyberspace security. In this paper, by analyzing the worm's propagation model, we propose a new worm warning system based on the method of system identification, and use recursive least squares algorithm to estimate the worm's infection rate. The simulation result shows the method we adopted is an efficient way to conduct Internet worm warning.展开更多
As an active defenses technique,multivariant execution(MVX)can detect attacks by monitoring the consistency of heterogeneous variants with parallel execution.Compared with patch-style passive defense,MVX can defend ag...As an active defenses technique,multivariant execution(MVX)can detect attacks by monitoring the consistency of heterogeneous variants with parallel execution.Compared with patch-style passive defense,MVX can defend against known and even unknown vulnerability-based attacks without relying on attack feature information.However,variants generated with software diversity technologies will introduce new vulnerabilities when they execute in parallel.First,we analyze the security of MVX theory from the perspective of formal description.Then we summarize the general forms and techniques for attacks against MVX,and analyze the new vulnerabilities arising from the combination of variant generation technologies.We propose SecMVX,a secure MVX architecture and variant generation technology.Experimental evaluations based on CVEs and SPEC 2006 benchmark show that SecMVX introduces 11.29%of the average time overhead,and avoids vulnerabilities caused by the improper combination of variant generation technologies while keeping the defensive ability of MVX.展开更多
U.S.strategies open the door to cyber warfare The United States is preparing for the next generation of war,one that will not be fought on traditional theatersland,sea and air-but in thew orld of computers and informa...U.S.strategies open the door to cyber warfare The United States is preparing for the next generation of war,one that will not be fought on traditional theatersland,sea and air-but in thew orld of computers and information networks:cyberspace.展开更多
基金supported by Hebei Province Natural Science Fund for Distinguished Young Scholars (NO.E2020209082).
文摘In recent years,machine learning has made great progress in intrusion detection,network protection,anomaly detection,and other issues in cyberspace.However,these traditional machine learning algorithms usually require a lot of data to learn and have a low recognition rate for unknown attacks.Among them,“one-shot learning”,“few-shot learning”,and“zero-shot learning”are challenges that cannot be ignored for traditional machine learning.The more intractable problem in cyberspace security is the changeable attack mode.When a new attack mode appears,there are few or even zero samples that can be learned.Meta-learning comes from imitating human problem-solving methods as humans can quickly learn unknown things based on their existing knowledge when learning.Its purpose is to quickly obtain a model with high accuracy and strong generalization through less data training.This article first divides the meta-learning model into five research directions based on different principles of use.They are model-based,metric-based,optimization-based,online-learning-based,or stacked ensemble-based.Then,the current problems in the field of cyberspace security are categorized into three branches:cyber security,information security,and artificial intelligence security according to different perspectives.Then,the application research results of various meta-learning models on these three branches are reviewed.At the same time,based on the characteristics of strong generalization,evolution,and scalability of meta-learning,we contrast and summarize its advantages in solving problems.Finally,the prospect of future deep application of meta-learning in the field of cyberspace security is summarized.
基金supported in part by the Ministry of Education of the People’s Republic of China under the Emerging Engineering Education Research and Practice Projects of”Research and Practice on the Cooperative Education Model of Industry-Academic Cooperation in the Emerging Engineering Education System of Chinese Universities”and“Exploration and Practice of Engineering Talent Education Model with Multidisciplinary Integration”and under Grant 18JDGC014,and by the Shandong Provincial Department of Education under Grant M2018B336.
文摘The new generation of world information technology revolution has promoted the vigorous development and rapid transform of the new economy.The in-depth implementation of a series of Chinese important national strategies such as“Made in China 2025”and“Internet+”is urgently needed the support of innovative and outstanding emerging engineering talents with cross-border integration abilities.Therefore,interdisciplinary education plays an important role in the training of the needed emerging engineering talents.Taking cybersecurity as an example,this paper summarizes the professional’s requirements and proposes the educational objectives of Harbin Institute of Technology.Then the objective oriented curriculum system and the teaching model emphasizing project-based learning are introduced.The practice and effect of interdisciplinary education are discussed and analyzed in four aspects including curriculum system,faculty,students and academy education.Finally,suggestions are made on the individualized education and sustainable competitiveness cultivation of the emerging engineering talents.
文摘Three technical problems should be solved urgently in cyberspace security:the timeliness and accuracy of network attack detection,the credibility assessment and prediction of the security situation,and the effectiveness of security defense strategy optimization.Artificial intelligence(AI)algorithms have become the core means to increase the chance of security and improve the network attack and defense ability in the application of cyberspace security.Recently,the breakthrough and application of AI technology have provided a series of advanced approaches for further enhancing network defense ability.This work presents a comprehensive review of AI technology articles for cyberspace security applications,mainly from 2017 to 2022.The papers are selected from a variety of journals and conferences:52.68%are from Elsevier,Springer,and IEEE journals and 25%are from international conferences.With a specific focus on the latest approaches in machine learning(ML),deep learning(DL),and some popular optimization algorithms,the characteristics of the algorithmic models,performance results,datasets,potential benefits,and limitations are analyzed,and some of the existing challenges are highlighted.This work is intended to provide technical guidance for researchers who would like to obtain the potential of AI technical methods for cyberspace security and to provide tips for the later resolution of specific cyberspace security issues,and a mastery of the current development trends of technology and application and hot issues in the field of network security.It also indicates certain existing challenges and gives directions for addressing them effectively.
文摘With rapid development of cyber technology,cyber networks help promote various countries’political,economic and social development,but also incubate new threats to national security.Various Western major countries have adopted national cyber security strategy in order to safeguard their key facilities and cyber security.Some international organizations also incorporate cyber security into their agenda and vigorously push member countries to conduct cyber security cooperation.In view of future trends,cyber security is a common challenge faced by various countries in the world,and global problems need global cooperation,however,the global cyberspace governance should be a formidable task considering that cyber space governance is a new issue and encounters the difference of national interests.
基金supported by the National Natural Science Foundation Innovation Group Project(61521003)。
文摘Uncertain security threats caused by vulnerabilities and backdoors are the most serious and difficult problem in cyberspace.This paper analyzes the philosophical and technical causes of the existence of so-called"dark functions"such as system vulnerabilities and backdoors,and points out that endogenous security problems cannot be completely eliminated at the theoretical and engineering levels;rather,it is necessary to develop or utilize the endogenous security functions of the system architecture itself.In addition,this paper gives a definition for and lists the main technical characteristics of endogenous safety and security in cyberspace,introduces endogenous safety and security mechanisms and characteristics based on dynamic heterogeneous redundancy(DHR)architecture,and describes the theoretical implications of a coding channel based on DHR.
文摘The frequent explosion of Internet worms has been one of the most serious problems in cyberspace security. In this paper, by analyzing the worm's propagation model, we propose a new worm warning system based on the method of system identification, and use recursive least squares algorithm to estimate the worm's infection rate. The simulation result shows the method we adopted is an efficient way to conduct Internet worm warning.
基金National Key Research and Development Program of China(Grant No.2018YF0804003)the National Key Research and Development Program of China under Grant No.2017YFB0803204.
文摘As an active defenses technique,multivariant execution(MVX)can detect attacks by monitoring the consistency of heterogeneous variants with parallel execution.Compared with patch-style passive defense,MVX can defend against known and even unknown vulnerability-based attacks without relying on attack feature information.However,variants generated with software diversity technologies will introduce new vulnerabilities when they execute in parallel.First,we analyze the security of MVX theory from the perspective of formal description.Then we summarize the general forms and techniques for attacks against MVX,and analyze the new vulnerabilities arising from the combination of variant generation technologies.We propose SecMVX,a secure MVX architecture and variant generation technology.Experimental evaluations based on CVEs and SPEC 2006 benchmark show that SecMVX introduces 11.29%of the average time overhead,and avoids vulnerabilities caused by the improper combination of variant generation technologies while keeping the defensive ability of MVX.
文摘U.S.strategies open the door to cyber warfare The United States is preparing for the next generation of war,one that will not be fought on traditional theatersland,sea and air-but in thew orld of computers and information networks:cyberspace.