混成时空Petri网的CPS实时事件模型

在分析网络物理系统（ CPS）特点的基础上,提出了一种新的CPS体系结构,并对事件进行形式化定义。提出了一种新的CPS物理实体的形式化建模方法。在Petri网的基础上引入时空因素和连续变量,构造了混成时空Petri网（ HSPN）模型,使其不仅能够描述物理实体逻辑和时间层次的行为,而且能够描述物理实体位置变迁所引起的状态变化。将其应用于实时事件CPS模型设计,以医疗控制系统为例,分析建模方法的可行性。     

内存取证研究与进展

网络攻击内存化和网络犯罪隐遁化,使部分关键数字证据只存在于物理内存或暂存于页面交换文件中,这使得传统的基于文件系统的计算机取证不能有效应对.内存取证作为传统文件系统取证的重要补充,是计算机取证科学的重要组成部分,通过全面获取内存数据、详尽分析内存数据,并在此基础上提取与网络攻击或网络犯罪相关的数字证据,近年来,内存取证已赢得安全社区的持续关注,获得了长足的发展与广泛应用,在网络应急响应和网络犯罪调查中发挥着不可替代的作用.首先回顾了内存取证研究的起源和发展演化过程;其次介绍了操作系统内存管理关键机制;然后探讨了内存取证的数据获取和分析方法,归纳总结目前内存取证研究的最新技术;最后讨论了内存取证存在的问题、发展趋势和进一步的研究方向.     

Cooperative attack strategy design via H−/H∞ scheme for linear cyber‐physical systems

This paper studies the problem of cooperative attack strategy design for cyber‐physical systems modeled by discrete‐time linear systems. A function that reflects the attacker's target is established, and a linear attack strategy is designed based on the objective function, in which the attack signal is unknown but energy bounded, while the statistical information of the existing ones is required to be known. Unlike the existing analysis methods for attack strategy, new Lyapunov functions that depend on the system states at different instants are constructed in the attack strategy analysis, and the sensitivity to the state estimator and the robustness against the detector are both enhanced on attack signals through using the H_?/H_∞ scheme. Finally, two simulation examples are given to show that the designed attack strategy achieves larger estimation errors and smaller detection probability simultaneously than the existing design methods.     

Observer‐based consensus control of nonlinear multiagent systems under semi‐Markovian switching topologies and cyber attacks

This article investigates the leader‐following consensus of nonlinear multiagent systems under semi‐Markovian switching topologies and cyber attacks. Unlike the related works, the communication channels considered herein are subjected to successful but recoverable attacks, and when the channels work well, the network topology is time‐varying and described by a semi‐Markovian switching topology. Due to the effect of attacks, the communication network is intermittently paralyzed. For the cases that the transition rates of semi‐Markovian switching topologies are completely known and partially unknown, observer‐based control protocols and sufficient conditions are proposed, respectively, to ensure the consensus of the systems in the mean square sense. Finally, simulation examples are given to illustrate the validity of the theoretical results.     

基于恶意代码传播日志的网络安全态势分析

网络安全态势一直是网络安全从业人员的关注点。本文基于2018年10月至2019年3月的我国恶意代码的传播日志,利用恶意代码的静态特征、动态特征及其传播特征对网络态势进行分析。然后基于社区发现算法,对其中传播最广泛的Mirai家族程序构成的网络进行团伙发现,结果表明,社区发现算法能够将Mirai网络识别为多个社区,社区间的域名资源具有明显的差异性,社区内域名资源具有相似性。     

From risk factors to detection and intervention: a practical proposal for future work on cyberbullying

While there is an increasing flow of media stories reporting cases of cyberbullying, particularly within online social media, research efforts in the academic community are scattered over different topics across the social science and computer science academic disciplines. In this work, we explored research pertaining to cyberbullying, conducted across disciplines. We mainly sought to understand scholarly activity on intelligence techniques for the detection of cyberbullying when it occurs. Our findings suggest that the vast majority of academic contributions on cyberbullying focus on understanding the phenomenon, risk factors, and threats, with the prospect of suggesting possible protection strategies. There is less work on intelligence techniques for the detection of cyberbullying when it occurs, while currently deployed algorithms seem to detect the problem only up to some degree of success. The article summarises the current trends aiming to encourage discussion and research with a new scope; we call for more research tackling the problem by leveraging statistical models and computational mechanisms geared to detect, intervene, and prevent cyberbullying. Coupling intelligence techniques with specific web technology problems can help combat this social menace. We argue that a multidisciplinary approach is needed, with expertise from human–computer interaction, psychology, computer science, and sociology, for current challenges to be addressed and significant progress to be made.     

Survey on cyber deception

The asymmetric situation of network attacks and defenses is one of the key issues of current network security.Cyber deception was a revolutionary technology introduced by defenders to alter the asymmetric situation.By thwarting an attacker's cognitive processes,defenders can mislead attackers,hence causing them to take specific actions that aid network security defenses.In this way,defenders can log attackers'behavior and method,increase cost for the attackers to launch a successful attack,as well as reduce the probability of an attacker's success.Cyber deception formally and classify cyber deception into four classes was defined.Then,the cyber deceptions’development was divided into three stages,and each stage’s character was decided.Next,a hierarchical model to describe the existing work was proposed.At last,the countermeasures in cyber deception and the development trends in this field was discussed.     

面向SCADA的网络攻击对电力系统可靠性的影响

电力系统的运行和控制越来越依赖于数据采集与监控(SCADA)系统。通过攻击SCADA,攻击者可以操纵信息或重新配置设备动作参数使断路器跳闸。考虑几种常见的攻击SCADA使断路器跳闸的方式,利用攻击树模型评估不同攻击场景的成功率。在断路器常规可靠性模型基础上,考虑SCADA受网络攻击的影响,建立断路器修正后的强迫停运率模型。利用非序贯蒙特卡洛方法计算电力系统可靠性指标。用IEEE-RTS79系统仿真,分析不同攻击场景对电力系统可靠性的影响,验证了该方法的可行性与有效性。     

Emerging Applications for Cyber Transportation Systems

Recent advances in connected vehicles and autonomous driving are going to change the face of ground trans- portation as we know it. This paper describes the design and evaluation of several emerging applications for such a cyber transportation system （CTS）. These applications have been designed using holistic approaches, which consider the unique roles played by the human drivers, the transportation system, and the communication network. They can improve driver safety and provide on-road infotainment. They can also improve transportation operations and efficiency, thereby benefiting travelers and attracting investment from both government agencies and private businesses to deploy infrastructures and bootstrap the evolutionary process of CTS.     

线性定常系统的Petri网解耦控制

将Petri网与现代控制理论相结合,应用于连续系统的性能分析如可控性、可观性和稳定性等已日益普遍,但Petri网应用于系统的解耦控制研究很少.提出了广义连续自控网系统的形式化定义,描述了线性定常系统的广义连续自控网系统模型并分析了广义连续自控网系统模型与状态空间描述的等效性.基于状态反馈动态解耦的基本原理,探讨了利用Petri网模型结构实现线性定常系统解耦控制的新方法.该方法采用图的遍历算法,可有效的判断系统的可解耦性以及实现解耦控制律,避免了传统解耦控制方法中计算所需的大量矩阵运算.最后给出了两个具体的应用实例.