基于MODBUS的SCADA系统网络威胁与入侵检测

数据采集与监视控制（SCADA）系统是国家基础设施的重要组成部分,然而近年来SCADA系统一直遭受网络攻击的威胁。在分析SCADA通信协议脆弱性的基础上,描述了23种基于MODBUS的SCADA系统可能面临的网络威胁,这些威胁可分为四大类：信息扫描、响应注入、命令注入以及拒绝服务。利用SCADA系统与物理系统交互的特性,设计了基于协议缺陷和基于系统状态的检测规则。在实验室天然气管道系统的环境下,进行了基于Snort的入侵检测实验,结果验证了入侵检测规则的有效性。     

一种受危险理论启发的网络攻击态势评估方法

基于危险理论,提出了一种新的网络攻击态势评估方法。负责网络攻击检测的传感器部署在网络主机上,传感器中的人工免疫细胞受损或非正常死亡时发出危险信号;具有疫苗分发功能的评估中心通过接收、处理来自各传感器的危险信号并依据算法动态评估网络攻击态势。理论分析和实验结果表明该方法可行,能弥补基于自体/非自体识别机理的传统人工免疫网络态势感知技术自体集庞大、免疫耐受时间长等不足,为计算机网络与信息系统的安全测评提供了一种新途径。     

全球能源互联网物理-信息系统协同仿真平台

在分析全球能源互联网物理-信息系统耦合机制的基础上,对多层级能源网络的结构特点、仿真需求、方法工具进行了比较分析。针对负荷分散控制问题,搭建了物理-信息协同仿真平台。仿真结果表明,通信环境对负荷控制效果具有显著影响,协同仿真平台能够准确反映这一影响,说明了协同仿真的必要性。     

网络空间安全学科人才培养之思考

网络空间安全己被正式批准列为一级学科,该学科的人才培养与己有学科的联系与区别值得深入探讨。分析了该学科和信息与通信工程、计算机科学与技术等相关一级学科的关系,给出了网络空间安全学科的知识体系,将其分为网络空间安全基础理论、物理安全、网络安全、系统安全、数据和信息安全等5个大的学科领域。借鉴基于产出的教育模式,提出了该学科硕士和博士研究生的培养标准,并提出了涵盖5个方向的模块化参考课程体系。最后,给出了对网络空间安全学科人才培养的一些建议。     

干涉合成孔径雷达抗干扰性能分析

在合成孔径雷达的电子对抗研究中,有源欺骗干扰方法得到了很大程度的重视。从合成孔径雷达反对抗的角度出发,就需要研究对有源欺骗干扰方法的反对抗措施。因此,该文对干涉合成孔径雷达(InSAR)的抗干扰性能进行了分析。该文指出利用InSAR可有效地识别有源欺骗干扰,并可在一定程度上消除有源欺骗干扰的影响。其中,对欺骗干扰的识别利用了InSAR的干涉相位图,干扰将使干涉相位图发生畸变。     

基于闭环控制的入侵诱骗系统的探讨与实现

当今,随着网络攻击手段的日趋复杂,被动的防御措施已经不能满足网络安全的需要。入侵诱骗作为一种主动的网络安全防御手段,能对入侵者进行实时监测,了解其动机、技术等,进行有针对性的防御和学习。文章首先引入了入侵诱骗的定义及入侵诱骗技术的现状,并提出了由IDS、防火墙和入侵诱骗系统组成互动的安全防护模型,最后对诱骗的技术及其实现作了介绍,提出了现阶段所面临的问题。     

网络空间安全专业人才培养产教融合研究

分析当前网络空间安全应用型人才培养存在的问题,提出了在产教融合理念下采用OBE构建网络空间安全专业人才培养方案.从基础课程、专业课程、专业实践课程、专业拓展课程、职业类方向课程等角度,构建了面向产出的课程体系,同时提出构建校企深度协同育人生态圈,共建共享师资,共同育人,实现多方共赢.     

Decentralized dynamic event-triggered control for networked control systems under unreliable communication network and actuator saturation

In this paper, the stochastic stability of networked control systems (NCSs) with nonlinear perturbation and parameter uncertainties is studied. A decentralized dynamic event triggering scheme (DDETS) is introduced to reduce energy consumption and network transmission burden. Each channel can decide whether to transmit signals sampled by corresponding sensors through this mechanism. Due to the unreliability of communication network, a new mathematical model of NCSs based on multi-channel fading and hybrid cyber attacks is established, and the actuator is constrained by saturation. A sufficient condition for stochastic stability based on static controller is derived through Lyapunov stability theory, and two numerical examples are given to demonstrate the effectiveness of the method.     

Hybrid-driven-based fuzzy secure filtering for nonlinear parabolic partial differential equation systems with cyber attacks

The problem of hybrid-driven fuzzy filtering for nonlinear semi-linear parabolic partial differential equation systems with dual cyber attacks is investigated. First, a Takagi-Sugeno (T-S) fuzzy model is employed to reconstruct the original nonlinear systems. Second, a hybrid-driven mechanism is applied for filter design to balance the systems' performance and the limited network resource consumption under dual cyber attacks composed of deception and denial of service attacks. Based on the Lyapunov direct method, sufficient conditions to guarantee the stability of the augmented system are obtained, and the parameters of the designed filter are earned with explicit form. Finally, a simulation example with robust analysis and comparative analysis is provided to illustrate the effectiveness of the proposed method.     

Preventing Cloud Network from Spamming Attacks Using Cloudflare and KNN

Cloud computing is one of the most attractive and cost-saving models, which provides online services to end-users. Cloud computing allows the user to access data directly from any node. But nowadays, cloud security is one of the biggest issues that arise. Different types of malware are wreaking havoc on the clouds. Attacks on the cloud server are happening from both internal and external sides. This paper has developed a tool to prevent the cloud server from spamming attacks. When an attacker attempts to use different spamming techniques on a cloud server, the attacker will be intercepted through two effective techniques: Cloudflare and K-nearest neighbors (KNN) classification. Cloudflare will block those IP addresses that the attacker will use and prevent spamming attacks. However, the KNN classifiers will determine which area the spammer belongs to. At the end of the article, various prevention techniques for securing cloud servers will be discussed, a comparison will be made with different papers, a conclusion will be drawn based on different results.