Multi-Zone-Wise Blockchain Based Intrusion Detection and Prevention System for IoT Environment

Blockchain merges technology with the Internet of Things (IoT) for addressing security and privacy-related issues. However, conventional blockchain suffers from scalability issues due to its linear structure, which increases the storage overhead, and Intrusion detection performed was limited with attack severity, leading to performance degradation. To overcome these issues, we proposed MZWB (Multi-Zone-Wise Blockchain) model. Initially, all the authenticated IoT nodes in the network ensure their legitimacy by using the Enhanced Blowfish Algorithm (EBA), considering several metrics. Then, the legitimately considered nodes for network construction for managing the network using Bayesian-Direct Acyclic Graph (B-DAG), which considers several metrics. The intrusion detection is performed based on two tiers. In the first tier, a Deep Convolution Neural Network (DCNN) analyzes the data packets by extracting packet flow features to classify the packets as normal, malicious, and suspicious. In the second tier, the suspicious packets are classified as normal or malicious using the Generative Adversarial Network (GAN). Finally, intrusion scenario performed reconstruction to reduce the severity of attacks in which Improved Monkey Optimization (IMO) is used for attack path discovery by considering several metrics, and the Graph cut utilized algorithm for attack scenario reconstruction (ASR). UNSW-NB15 and BoT-IoT utilized datasets for the MZWB method simulated using a Network simulator (NS-3.26). Compared with previous performance metrics such as energy consumption, storage overhead accuracy, response time, attack detection rate, precision, recall, and F-measure. The simulation result shows that the proposed MZWB method achieves high performance than existing works     

Critical Relation Path Aggregation-Based Industrial Control Component Exploitable Vulnerability Reasoning

With the growing discovery of exposed vulnerabilities in the Industrial Control Components (ICCs), identification of the exploitable ones is urgent for Industrial Control System (ICS) administrators to proactively forecast potential threats. However, it is not a trivial task due to the complexity of the multi-source heterogeneous data and the lack of automatic analysis methods. To address these challenges, we propose an exploitability reasoning method based on the ICC-Vulnerability Knowledge Graph (KG) in which relation paths contain abundant potential evidence to support the reasoning. The reasoning task in this work refers to determining whether a specific relation is valid between an attacker entity and a possible exploitable vulnerability entity with the help of a collective of the critical paths. The proposed method consists of three primary building blocks: KG construction, relation path representation, and query relation reasoning. A security-oriented ontology combines exploit modeling, which provides a guideline for the integration of the scattered knowledge while constructing the KG. We emphasize the role of the aggregation of the attention mechanism in representation learning and ultimate reasoning. In order to acquire a high-quality representation, the entity and relation embeddings take advantage of their local structure and related semantics. Some critical paths are assigned corresponding attentive weights and then they are aggregated for the determination of the query relation validity. In particular, similarity calculation is introduced into a critical path selection algorithm, which improves search and reasoning performance. Meanwhile, the proposed algorithm avoids redundant paths between the given pairs of entities. Experimental results show that the proposed method outperforms the state-of-the-art ones in the aspects of embedding quality and query relation reasoning accuracy.     

Fine-Grained Multivariate Time Series Anomaly Detection in IoT

Sensors produce a large amount of multivariate time series data to record the states of Internet of Things (IoT) systems. Multivariate time series timestamp anomaly detection (TSAD) can identify timestamps of attacks and malfunctions. However, it is necessary to determine which sensor or indicator is abnormal to facilitate a more detailed diagnosis, a process referred to as fine-grained anomaly detection (FGAD). Although further FGAD can be extended based on TSAD methods, existing works do not provide a quantitative evaluation, and the performance is unknown. Therefore, to tackle the FGAD problem, this paper first verifies that the TSAD methods achieve low performance when applied to the FGAD task directly because of the excessive fusion of features and the ignoring of the relationship’s dynamic changes between indicators. Accordingly, this paper proposes a multivariate time series fine-grained anomaly detection (MFGAD) framework. To avoid excessive fusion of features, MFGAD constructs two sub-models to independently identify the abnormal timestamp and abnormal indicator instead of a single model and then combines the two kinds of abnormal results to detect the fine-grained anomaly. Based on this framework, an algorithm based on Graph Attention Neural Network (GAT) and Attention Convolutional Long-Short Term Memory (A-ConvLSTM) is proposed, in which GAT learns temporal features of multiple indicators to detect abnormal timestamps and A-ConvLSTM captures the dynamic relationship between indicators to identify abnormal indicators. Extensive simulations on a real-world dataset demonstrate that the proposed algorithm can achieve a higher F1 score and hit rate than the extension of existing TSAD methods with the benefit of two independent sub-models for timestamp and indicator detection.     

图的正交(g,f)-因子分解

设ｇ和ｆ分别是定义在图Ｇ的顶点集合Ｖ（Ｇ）上的整数值函数且对每一个ｘ∈Ｖ（Ｇ）有２≤ｇ（ｘ）≤ｆ（ｘ）．证明了若Ｇ是（ｍｇ＋ｍ－１,ｍｆ－ｍ＋１）—图,则对Ｇ中任意一个给定的有ｍ条边的子图Ｈ,Ｇ有一个（ｇ,ｆ）—因子分解与Ｈ正交．     

Drawings of graphs on surfaces with few crossings

We give drawings of a complete graphK _n withO(n ⁴ log² g/g) many crossings on an orientable or nonorientable surface of genusg 2. We use these drawings ofK _n and give a polynomial-time algorithm for drawing any graph withn vertices andm edges withO(m ² log² g/g) many crossings on an orientable or nonorientable surface of genusg 2. Moreover, we derive lower bounds on the crossing number of any graph on a surface of genusg 0. The number of crossings in the drawings produced by our algorithm are within a multiplicative factor ofO(log² g) from the lower bound (and hence from the optimal) for any graph withm 8n andn ²/m g m/64.The research of the third and the fourth authors was partially supported by Grant No. 2/1138/94 of the Slovak Academy of Sciences and by EC Cooperative action IC1000 Algorithms for Future Technologies (Project ALTEC). A preliminary version of this paper was presented at WG93 and published in Lecture Notes in Computer Science, Vol. 790, 1993, pp. 388–396.     

Simulating BPP using a general weak random source

We show how to simulate BPP and approximation algorithms in polynomial time using the output from a -source. A -source is a weak random source that is asked only once forR bits, and must output anR-bit string according to some distribution that places probability no more than 2^–R on any particular string. We also give an application to the unapproximability of MAX CLIQUE.This paper appeared in preliminary form in theProceedings of the 32nd Annual Symposium on Foundations of Computer Science, 1991, pp. 79–89. Most of this research was done while the author was at U.C. Berkeley, and supported by an AT&T Graduate Fellowship, NSF PYI Grant No. CCR-8896202, and NSF Grant No. IRI-8902813. Part of this research was done while the author was at MIT, supported by an NSF Postdoctoral Fellowship, NSF Grant No. 92-12184 CCR, and DARPA Grant No. N00014-92-J-1799. Part of this research was done at UT Austin, where the author was supported by NSF NYI Grant No. CCR-9457799.     

基于PERT图的虚拟拆装过程建模

提出了使用PERT图来建立虚拟拆装过程模型的方法,根据零件之间的约束关系构造PERT图及其对应的依赖矩阵,并且能够根据它来指导虚拟拆装训练过程的实施.所提供的方法在对某设备的虚拟维修中得到了验证.     

二进制翻译中代码生成的子图覆盖算法

二进制翻译技术能够有效解决二进制兼容问题,促进新型体系结构的发展,也是虚拟机技术的重要组成部分,具有重要的研究和应用价值,但是其效率仍然有待提升,特别是目标代码生成的效率。设计了一种高效的目标代码生成算法——代码生成的子图覆盖算法(subgraph covering for code generation,SCCG),能够以尽可能少的代价生成精简的目标代码。该算法应用数据流图对二进制代码中的基本块进行建模,获取指令间的数据相关,并采用基于子图覆盖的贪心算法得到目标代码。在TransARM原型系统中进行了实现和测试,结果表明该算法获得了更优质的目标代码,并且成本得到了有效控制。     

Stability analysis for multi-agent systems using the incidence matrix: Quantized communication and formation control

The spectral properties of the incidence matrix of the communication graph are exploited to provide solutions to two multi-agent control problems. In particular, we consider the problem of state agreement with quantized communication and the problem of distance-based formation control. In both cases, stabilizing control laws are provided when the communication graph is a tree. It is shown how the relation between tree graphs and the null space of the corresponding incidence matrix encode fundamental properties for these two multi-agent control problems.     

Forced consensus in networks of double integrator systems with delayed input

This communique presents forced second-order consensus protocols with communication time-delays for the network of agents with double integrator dynamics and gives a measure of the robustness of the protocols to the communication time-delays. By employing a frequency domain method, it is proven that the forced consensus is achieved asymptotically for appropriate time-delay if the network is connected. Particularly, the maximum fixed time-delay that can be tolerated by the network is found. The forced consensus protocols are distributed in the sense that each agent only needs information from its neighboring agents, which reduces the complexity of connections between agents significantly. Numerical simulation results are provided to demonstrate the effectiveness and the sharpness of the theoretical results.