Cluster DetectionMethod of Endogenous Security Abnormal Attack Behavior in Air Traffic Control Network

In order to enhance the accuracy of Air Traffic Control(ATC)cybersecurity attack detection,in this paper,a new clustering detection method is designed for air traffic control network security attacks.The feature set for ATC cybersecurity attacks is constructed by setting the feature states,adding recursive features,and determining the feature criticality.The expected information gain and entropy of the feature data are computed to determine the information gain of the feature data and reduce the interference of similar feature data.An autoencoder is introduced into the AI(artificial intelligence)algorithm to encode and decode the characteristics of ATC network security attack behavior to reduce the dimensionality of the ATC network security attack behavior data.Based on the above processing,an unsupervised learning algorithm for clustering detection of ATC network security attacks is designed.First,determine the distance between the clustering clusters of ATC network security attack behavior characteristics,calculate the clustering threshold,and construct the initial clustering center.Then,the new average value of all feature objects in each cluster is recalculated as the new cluster center.Second,it traverses all objects in a cluster of ATC network security attack behavior feature data.Finally,the cluster detection of ATC network security attack behavior is completed by the computation of objective functions.The experiment took three groups of experimental attack behavior data sets as the test object,and took the detection rate,false detection rate and recall rate as the test indicators,and selected three similar methods for comparative test.The experimental results show that the detection rate of this method is about 98%,the false positive rate is below 1%,and the recall rate is above 97%.Research shows that this method can improve the detection performance of security attacks in air traffic control network.

Research on College Network Information Security Protection in the Digital Economy Era

In the era of the digital economy,the informatization degree of various industries is getting deeper and deeper,and network information security has also come into people’s eyes.Colleges and universities are in the position of training applied talents,because of the needs of teaching and education,as well as the requirements of teaching reform,the information construction of colleges and universities has been gradually improved,but the problem of network information security is also worth causing people to ponder.The low security of the network environment will cause college network information security leaks,and even hackers will attack the official website of the university and leak the personal information of teachers and students.To solve such problems,this paper studies the protection of college network information security against the background of the digital economy era.This paper first analyzes the significance of network information security protection,then points out the current and moral problems,and finally puts forward specific countermeasures,hoping to create a safe learning environment for teachers and students for reference.

Security Monitoring and Management for the Network Services in the Orchestration of SDN-NFV Environment Using Machine Learning Techniques

Software Defined Network(SDN)and Network Function Virtualization(NFV)technology promote several benefits to network operators,including reduced maintenance costs,increased network operational performance,simplified network lifecycle,and policies management.Network vulnerabilities try to modify services provided by Network Function Virtualization MANagement and Orchestration(NFV MANO),and malicious attacks in different scenarios disrupt the NFV Orchestrator(NFVO)and Virtualized Infrastructure Manager(VIM)lifecycle management related to network services or individual Virtualized Network Function(VNF).This paper proposes an anomaly detection mechanism that monitors threats in NFV MANO and manages promptly and adaptively to implement and handle security functions in order to enhance the quality of experience for end users.An anomaly detector investigates these identified risks and provides secure network services.It enables virtual network security functions and identifies anomalies in Kubernetes(a cloud-based platform).For training and testing purpose of the proposed approach,an intrusion-containing dataset is used that hold multiple malicious activities like a Smurf,Neptune,Teardrop,Pod,Land,IPsweep,etc.,categorized as Probing(Prob),Denial of Service(DoS),User to Root(U2R),and Remote to User(R2L)attacks.An anomaly detector is anticipated with the capabilities of a Machine Learning(ML)technique,making use of supervised learning techniques like Logistic Regression(LR),Support Vector Machine(SVM),Random Forest(RF),Naïve Bayes(NB),and Extreme Gradient Boosting(XGBoost).The proposed framework has been evaluated by deploying the identified ML algorithm on a Jupyter notebook in Kubeflow to simulate Kubernetes for validation purposes.RF classifier has shown better outcomes(99.90%accuracy)than other classifiers in detecting anomalies/intrusions in the containerized environment.

Security Implications of Edge Computing in Cloud Networks

Security issues in cloud networks and edge computing have become very common. This research focuses on analyzing such issues and developing the best solutions. A detailed literature review has been conducted in this regard. The findings have shown that many challenges are linked to edge computing, such as privacy concerns, security breaches, high costs, low efficiency, etc. Therefore, there is a need to implement proper security measures to overcome these issues. Using emerging trends, like machine learning, encryption, artificial intelligence, real-time monitoring, etc., can help mitigate security issues. They can also develop a secure and safe future in cloud computing. It was concluded that the security implications of edge computing can easily be covered with the help of new technologies and techniques.

Security-Reliability Tradeoff Analysis for Jamming Aided Decode-and-Forward Relay Networks

In this paper,we explore a cooperative decode-and-forward(DF)relay network comprised of a source,a relay,and a destination in the presence of an eavesdropper.To improve physical-layer security of the relay system,we propose a jamming aided decodeand-forward relay(JDFR)scheme combining the use of artificial noise and DF relaying which requires two stages to transmit a packet.Specifically,in stage one,the source sends confidential message to the relay while the destination acts as a friendly jammer and transmits artificial noise to confound the eavesdropper.In stage two,the relay forwards its re-encoded message to the destination while the source emits artificial noise to confuse the eavesdropper.In addition,we analyze the security-reliability tradeoff(SRT)performance of the proposed JDFR scheme,where security and reliability are evaluated by deriving intercept probability(IP)and outage probability(OP),respectively.For the purpose of comparison,SRT of the traditional decode-and-forward relay(TDFR)scheme is also analyzed.Numerical results show that the SRT performance of the proposed JDFR scheme is better than that of the TDFR scheme.Also,it is shown that for the JDFR scheme,a better SRT performance can be obtained by the optimal power allocation(OPA)between the friendly jammer and user.

Machine Learning Models for Heterogenous Network Security Anomaly Detection

The increasing amount and intricacy of network traffic in the modern digital era have worsened the difficulty of identifying abnormal behaviours that may indicate potential security breaches or operational interruptions. Conventional detection approaches face challenges in keeping up with the ever-changing strategies of cyber-attacks, resulting in heightened susceptibility and significant harm to network infrastructures. In order to tackle this urgent issue, this project focused on developing an effective anomaly detection system that utilizes Machine Learning technology. The suggested model utilizes contemporary machine learning algorithms and frameworks to autonomously detect deviations from typical network behaviour. It promptly identifies anomalous activities that may indicate security breaches or performance difficulties. The solution entails a multi-faceted approach encompassing data collection, preprocessing, feature engineering, model training, and evaluation. By utilizing machine learning methods, the model is trained on a wide range of datasets that include both regular and abnormal network traffic patterns. This training ensures that the model can adapt to numerous scenarios. The main priority is to ensure that the system is functional and efficient, with a particular emphasis on reducing false positives to avoid unwanted alerts. Additionally, efforts are directed on improving anomaly detection accuracy so that the model can consistently distinguish between potentially harmful and benign activity. This project aims to greatly strengthen network security by addressing emerging cyber threats and improving their resilience and reliability.

Machine Learning Empowered Security and Privacy Architecture for IoT Networks with the Integration of Blockchain

The Internet of Things(IoT)is growing rapidly and impacting almost every aspect of our lives,fromwearables and healthcare to security,traffic management,and fleet management systems.This has generated massive volumes of data and security,and data privacy risks are increasing with the advancement of technology and network connections.Traditional access control solutions are inadequate for establishing access control in IoT systems to provide data protection owing to their vulnerability to single-point OF failure.Additionally,conventional privacy preservation methods have high latency costs and overhead for resource-constrained devices.Previous machine learning approaches were also unable to detect denial-of-service(DoS)attacks.This study introduced a novel decentralized and secure framework for blockchain integration.To avoid single-point OF failure,an accredited access control scheme is incorporated,combining blockchain with local peers to record each transaction and verify the signature to access.Blockchain-based attribute-based cryptography is implemented to protect data storage privacy by generating threshold parameters,managing keys,and revoking users on the blockchain.An innovative contract-based DOS attack mitigation method is also incorporated to effectively validate devices with intelligent contracts as trusted or untrusted,preventing the server from becoming overwhelmed.The proposed framework effectively controls access,safeguards data privacy,and reduces the risk of cyberattacks.The results depict that the suggested framework outperforms the results in terms of accuracy,precision,sensitivity,recall,and F-measure at 96.9%,98.43%,98.8%,98.43%,and 98.4%,respectively.

Research on Network Security Level Protection Measurement Strategy in the Context of Cloud Platforms

Platforms facilitate information exchange,streamline resources,and reduce production and management costs for companies.However,some viral information may invade and steal company resources,or lead to information leakage.For this reason,this paper discusses the standards for cybersecurity protection,examines the current state of cybersecurity management and the risks faced by cloud platforms,expands the time and space for training on cloud platforms,and provides recommendations for measuring the level of cybersecurity protection within cloud platforms in order to build a solid foundation for them.

Research on the Construction of Computer Network Security System in Middle School Campus Network

In order to improve the security of high school campus networks,this paper introduces the goal,system composition,and function of the network security of high school campus networks,and puts forward a series of strategies,including the establishment of network security protection system,data backup and recovery mechanism,and strengthening network security management and training.Through these strategies,the safety and stable operation of the campus network can be ensured,the quality of education can be improved,and school’s development can be promoted.

Network Security Situation Prediction Based on TCAN-BiGRU Optimized by SSA and IQPSO

The accuracy of historical situation values is required for traditional network security situation prediction(NSSP).There are discrepancies in the correlation and weighting of the various network security elements.To solve these problems,a combined prediction model based on the temporal convolution attention network(TCAN)and bi-directional gate recurrent unit(BiGRU)network is proposed,which is optimized by singular spectrum analysis(SSA)and improved quantum particle swarmoptimization algorithm(IQPSO).This model first decomposes and reconstructs network security situation data into a series of subsequences by SSA to remove the noise from the data.Furthermore,a prediction model of TCAN-BiGRU is established respectively for each subsequence.TCAN uses the TCN to extract features from the network security situation data and the improved channel attention mechanism(CAM)to extract important feature information from TCN.BiGRU learns the before-after status of situation data to extract more feature information from sequences for prediction.Besides,IQPSO is proposed to optimize the hyperparameters of BiGRU.Finally,the prediction results of the subsequence are superimposed to obtain the final predicted value.On the one hand,IQPSO compares with other optimization algorithms in the experiment,whose performance can find the optimum value of the benchmark function many times,showing that IQPSO performs better.On the other hand,the established prediction model compares with the traditional prediction methods through the simulation experiment,whose coefficient of determination is up to 0.999 on both sets,indicating that the combined prediction model established has higher prediction accuracy.

A New Model for Network Security Situation Assessment of the Industrial Internet

To address the problem of network security situation assessment in the Industrial Internet,this paper adopts the evidential reasoning(ER)algorithm and belief rule base(BRB)method to establish an assessment model.First,this paper analyzes the influencing factors of the Industrial Internet and selects evaluation indicators that contain not only quantitative data but also qualitative knowledge.Second,the evaluation indicators are fused with expert knowledge and the ER algorithm.According to the fusion results,a network security situation assessment model of the Industrial Internet based on the ER and BRB method is established,and the projection covariance matrix adaptive evolution strategy(P-CMA-ES)is used to optimize the model parameters.This method can not only utilize semiquantitative information effectively but also use more uncertain information and prevent the problem of combinatorial explosion.Moreover,it solves the problem of the uncertainty of expert knowledge and overcomes the problem of low modeling accuracy caused by insufficient data.Finally,a network security situation assessment case of the Industrial Internet is analyzed to verify the effectiveness and superiority of the method.The research results showthat this method has strong applicability to the network security situation assessment of complex Industrial Internet systems.It can accurately reflect the actual network security situation of Industrial Internet systems and provide safe and reliable suggestions for network administrators to take timely countermeasures,thereby improving the risk monitoring and emergency response capabilities of the Industrial Internet.

Enhanced Security with Improved Defensive Routing Mechanism in Wireless Sensor Networks

In recent scenario of Wireless Sensor Networks(WSNs),there are many application developed for handling sensitive and private data such as military information,surveillance data,tracking,etc.Hence,the sensor nodes of WSNs are distributed in an intimidating region,which is non-rigid to attacks.The recent research domains of WSN deal with models to handle the WSN communications against malicious attacks and threats.In traditional models,the solution has been made for defending the networks,only to specific attacks.However,in real-time applications,the kind of attack that is launched by the adversary is not known.Additionally,on developing a security mechanism for WSN,the resource constraints of sensor nodes are also to be considered.With that note,this paper presents an Enhanced Security Model with Improved Defensive Routing Mechanism(IDRM)for defending the sensor network from various attacks.Moreover,for efficient model design,the work includes the part of feature evaluation of some general attacks of WSNs.The IDRM also includes determination of optimal secure paths and Node security for secure routing operations.The performance of the proposed model is evaluated with respect to several factors;it is found that the model has achieved better security levels and is efficient than other existing models in WSN communications.It is proven that the proposed IDRM produces 74%of PDR in average and a minimized packet drop of 38%when comparing with the existing works.

Multivariate Aggregated NOMA for Resource Aware Wireless Network Communication Security

NonorthogonalMultiple Access(NOMA)is incorporated into the wireless network systems to achieve better connectivity,spectral and energy effectiveness,higher data transfer rate,and also obtain the high quality of services(QoS).In order to improve throughput and minimum latency,aMultivariate Renkonen Regressive Weighted Preference Bootstrap Aggregation based Nonorthogonal Multiple Access(MRRWPBA-NOMA)technique is introduced for network communication.In the downlink transmission,each mobile device’s resources and their characteristics like energy,bandwidth,and trust are measured.Followed by,the Weighted Preference Bootstrap Aggregation is applied to recognize the resource-efficient mobile devices for aware data transmission by constructing the different weak hypotheses i.e.,Multivariate Renkonen Regression functions.Based on the classification,resource and trust-aware devices are selected for transmission.Simulation of the proposed MRRWPBA-NOMA technique and existing methods are carried out with different metrics such as data delivery ratio,throughput,latency,packet loss rate,and energy efficiency,signaling overhead.The simulation results assessment indicates that the proposed MRRWPBA-NOMA outperforms well than the conventional methods.

Strengthening the Security of Supervised Networks by Automating Hardening Mechanisms

In recent years, the place occupied by the various manifestations of cyber-crime in companies has been considerable. Indeed, due to the rapid evolution of telecommunications technologies, companies, regardless of their size or sector of activity, are now the target of advanced persistent threats. The Work 2035 study also revealed that cyber crimes (such as critical infrastructure hacks) and massive data breaches are major sources of concern. Thus, it is important for organizations to guarantee a minimum level of security to avoid potential attacks that can cause paralysis of systems, loss of sensitive data, exposure to blackmail, damage to reputation or even a commercial harm. To do this, among other means, hardening is used, the main objective of which is to reduce the attack surface within a company. The execution of the hardening configurations as well as the verification of these are carried out on the servers and network equipment with the aim of reducing the number of openings present by keeping only those which are necessary for proper operation. However, nowadays, in many companies, these tasks are done manually. As a result, the execution and verification of hardening configurations are very often subject to potential errors but also highly consuming human and financial resources. The problem is that it is essential for operators to maintain an optimal level of security while minimizing costs, hence the interest in automating hardening processes and verifying the hardening of servers and network equipment. It is in this logic that we propose within the framework of this work the reinforcement of the security of the information systems (IS) by the automation of the mechanisms of hardening. In our work, we have, on the one hand, set up a hardening procedure in accordance with international security standards for servers, routers and switches and, on the other hand, designed and produced a functional application which makes it possible to: 1) Realise the configuration of the hardening;2) Verify them;3) Correct the non conformities;4) Write and send by mail a verification report for the configurations;5) And finally update the procedures of hardening. Our web application thus created allows in less than fifteen (15) minutes actions that previously took at least five (5) hours of time. This allows supervised network operators to save time and money, but also to improve their security standards in line with international standards.

Applying an Improved Dung Beetle Optimizer Algorithm to Network Traffic Identification

Network traffic identification is critical for maintaining network security and further meeting various demands of network applications.However,network traffic data typically possesses high dimensionality and complexity,leading to practical problems in traffic identification data analytics.Since the original Dung Beetle Optimizer(DBO)algorithm,Grey Wolf Optimization(GWO)algorithm,Whale Optimization Algorithm(WOA),and Particle Swarm Optimization(PSO)algorithm have the shortcomings of slow convergence and easily fall into the local optimal solution,an Improved Dung Beetle Optimizer(IDBO)algorithm is proposed for network traffic identification.Firstly,the Sobol sequence is utilized to initialize the dung beetle population,laying the foundation for finding the global optimal solution.Next,an integration of levy flight and golden sine strategy is suggested to give dung beetles a greater probability of exploring unvisited areas,escaping from the local optimal solution,and converging more effectively towards a global optimal solution.Finally,an adaptive weight factor is utilized to enhance the search capabilities of the original DBO algorithm and accelerate convergence.With the improvements above,the proposed IDBO algorithm is then applied to traffic identification data analytics and feature selection,as so to find the optimal subset for K-Nearest Neighbor(KNN)classification.The simulation experiments use the CICIDS2017 dataset to verify the effectiveness of the proposed IDBO algorithm and compare it with the original DBO,GWO,WOA,and PSO algorithms.The experimental results show that,compared with other algorithms,the accuracy and recall are improved by 1.53%and 0.88%in binary classification,and the Distributed Denial of Service(DDoS)class identification is the most effective in multi-classification,with an improvement of 5.80%and 0.33%for accuracy and recall,respectively.Therefore,the proposed IDBO algorithm is effective in increasing the efficiency of traffic identification and solving the problem of the original DBO algorithm that converges slowly and falls into the local optimal solution when dealing with high-dimensional data analytics and feature selection for network traffic identification.

Social-ecological perspective on the suicidal behaviour factors of early adolescents in China:a network analysis

Background In early adolescence,youth are highly prone to suicidal behaviours.Identifying modifiable risk factors during this critical phase is a priority to inform effective suicide prevention strategies.Aims To explore the risk and protective factors of suicidal behaviours(ie,suicidal ideation,plans and attempts)in early adolescence in China using a social-ecological perspective.Methods Using data from the cross-sectional project‘Healthy and Risky Behaviours Among Middle School Students in Anhui Province,China',stratified random cluster sampling was used to select 5724 middle school students who had completed self-report questionnaires in November 2020.Network analysis was employed to examine the correlates of suicidal ideation,plans and attempts at four levels,namely individual(sex,academic performance,serious physical llness/disability,history of self-harm,depression,impulsivity,sleep problems,resilience),family(family economic status,relationship with mother,relationship with father,family violence,childhood abuse,parental mental illness),school(relationship with teachers,relationship with classmates,school-bullying victimisation and perpetration)and social(social support,satisfaction with society).Results In total,37.9%,19.0%and 5.5%of the students reported suicidal ideation,plans and attempts in the past 6 months,respectively.The estimated network revealed that suicidal ideation,plans and attempts were collectively associated with a history of self-harm,sleep problems,childhood abuse,school bullying and victimisation.Centrality analysis indicated that the most influential nodes in the network were history of self-harm and childhood abuse.Notably,the network also showed unique correlates of suicidal ideation(sex,weight=0.60;impulsivity,weight=0.24;family violence,weight=0.17;relationship with teachers,weight=-0.03;school-bullying perpetration,weight=0.22),suicidal plans(social support,weight=-0.15)and suicidal attempts(relationship with mother,weight=-0.10;parental mental llness,weight=0.61).Conclusions This study identified the correlates of suicidal ideation,plans and attempts,and provided practical implications for suicide prevention for young adolescents in China.Firstly,this study highlighted the importance of joint interventions across multiple departments.Secondly,the common risk factors of suicidal ideation,plans and attempts were elucidated.Thirdly,this study proposed target interventions to address the unique influencing factors of suicidal ideation,plans and attempts.

A Security Trade-Off Scheme of Anomaly Detection System in IoT to Defend against Data-Tampering Attacks

Internet of Things(IoT)is vulnerable to data-tampering(DT)attacks.Due to resource limitations,many anomaly detection systems(ADSs)for IoT have high false positive rates when detecting DT attacks.This leads to the misreporting of normal data,which will impact the normal operation of IoT.To mitigate the impact caused by the high false positive rate of ADS,this paper proposes an ADS management scheme for clustered IoT.First,we model the data transmission and anomaly detection in clustered IoT.Then,the operation strategy of the clustered IoT is formulated as the running probabilities of all ADSs deployed on every IoT device.In the presence of a high false positive rate in ADSs,to deal with the trade-off between the security and availability of data,we develop a linear programming model referred to as a security trade-off(ST)model.Next,we develop an analysis framework for the ST model,and solve the ST model on an IoT simulation platform.Last,we reveal the effect of some factors on the maximum combined detection rate through theoretical analysis.Simulations show that the ADS management scheme can mitigate the data unavailability loss caused by the high false positive rates in ADS.

Research on Physical Layer Security in Cognitive Wireless Networks with Multiple Eavesdroppers Based on Resource Allocation Algorithm

With the rapid development of the Internet of Things (IoT), non-Orthogonal Multiple Access (NOMA) technology and cognitive wireless network are two promising technologies to improve the spectral efficiency of the system, which have been widely concerned in the field of wireless communication. However, due to the importance of ownership and privacy protection, the IoT system must provide corresponding security mechanisms. From the perspective of improving the transmission security of CR-NOMA system based on cognitive wireless network, and considering the shortcomings of traditional relay cooperative NOMA system, this paper mainly analyzes the eavesdropping channel model of multi-user CR-NOMA system and derives the expressions of system security and rate to improve the security performance of CR-NOMA system. The basic idea of DC planning algorithm and the scheme of sub-carrier power allocation to improve the transmission security of the system were introduced. An algorithm for DC-CR-NOMA was proposed to maximize the SSR of the system and minimize the energy loss. The simulation results show that under the same complexity, the security and speed of the system can be greatly improved compared with the traditional scheme.

Pluggable multitask diffractive neural networks based on cascaded metasurfaces

Optical neural networks have significant advantages in terms of power consumption,parallelism,and high computing speed,which has intrigued extensive attention in both academic and engineering communities.It has been considered as one of the powerful tools in promoting the fields of imaging processing and object recognition.However,the existing optical system architecture cannot be reconstructed to the realization of multi-functional artificial intelligence systems simultaneously.To push the development of this issue,we propose the pluggable diffractive neural networks(P-DNN),a general paradigm resorting to the cascaded metasurfaces,which can be applied to recognize various tasks by switching internal plug-ins.As the proof-of-principle,the recognition functions of six types of handwritten digits and six types of fashions are numerical simulated and experimental demonstrated at near-infrared regimes.Encouragingly,the proposed paradigm not only improves the flexibility of the optical neural networks but paves the new route for achieving high-speed,low-power and versatile artificial intelligence systems.

Repositioning fertilizer manufacturing subsidies for improving food security and reducing greenhouse gas emissions in China

China removed fertilizer manufacturing subsidies from 2015 to 2018 to bolster market-oriented reforms and foster environmentally sustainable practices.However,the impact of this policy reform on food security and the environment remains inadequately evaluated.Moreover,although green and low-carbon technologies offer environmental advantages,their widespread adoption is hindered by prohibitively high costs.This study analyzes the impact of removing fertilizer manufacturing subsidies and explores the potential feasibility of redirecting fertilizer manufacturing subsidies to invest in the diffusion of these technologies.Utilizing the China Agricultural University Agri-food Systems model,we analyzed the potential for achieving mutually beneficial outcomes regarding food security and environmental sustainability.The findings indicate that removing fertilizer manufacturing subsidies has reduced greenhouse gas(GHG)emissions from agricultural activities by 3.88 million metric tons,with minimal impact on food production.Redirecting fertilizer manufacturing subsidies to invest in green and low-carbon technologies,including slow and controlled-release fertilizer,organic-inorganic compound fertilizers,and machine deep placement of fertilizer,emerges as a strategy to concurrently curtail GHG emissions,ensure food security,and secure robust economic returns.Finally,we propose a comprehensive set of government interventions,including subsidies,field guidance,and improved extension systems,to promote the widespread adoption of these technologies.