This PDF file contains the front matter associated with SPIE Proceedings Volume 13516, including the Title Page, Copyright information, Table of Contents, and Conference Committee information.

Ultraviolet optical communication and its networking applications are limited by its technical performance parameters. To address the resulting bandwidth constraints therein, this paper proposes a new credit-based scheduling algorithm and conducts a comparative study between the traditional scheduling algorithm and the credit-based scheduling algorithm for the scenarios of multi-service transmission, relatively large number of service packet transmission, etc., and discusses the characteristics and performance of the different algorithms, under the conditions of bandwidth constraints. The simulation experiment results show that compared with the traditional algorithm, the credit-based scheduling algorithm proposed in this paper is more suitable for the bandwidth-constrained scenarios of UV optical communication, and has more advantages in bandwidth allocation, dynamic adjustment, and reliable service.

In response to network attacks on the intelligent power grid automatic power generation control (AGC) system, a detection and positioning algorithm based on the improved decision tree support vector machine (DT-SVM) algorithm is proposed. This algorithm achieves the judgment of attack types through hierarchical combinations based on the improved SVM binary classifier, and arrange the classification roles of different levels in the decision tree based on the distance between categories and the detection accuracy of the binary classifier to avoid error accumulation. Simulation verification was carried out based on the IEEE 39-node model, and the simulation results show that the proposed improved DT-SVM algorithm has good detection performance.

Focusing on the service access requirements of edge nodes, aiming at the problems of narrow network bandwidth, poor network quality and low transmission rate of the edge nodes, a node service dynamic demand prediction model based on a forgetting curve is established by mapping the node service demand degree through a node service flow image, and a large-flow service content prefetching strategy is proposed based on the characteristics of the node service flow image, so as to shorten the node user access time to the maximum extent and improve the user access efficiency.

With the continuous development of communication technology, the integration of space-based, aerial-based, and ground-based networks has become an important trend in the development of future communication networks. However, this integration is characterized by high complexity and dynamic changes, facing security challenges that traditional ground mobile networks do not possess. This paper first introduces the architecture and characteristics of space-air-ground integrated networks, analyzes the security threats they face, including intra-domain risks and cross-domain risks. In response to these security challenges, this paper proposes a multi-domain network security architecture based on three fundamental security capabilities: trust, defense, and monitoring. This architecture achieves intelligent and autonomous security decision-making and control for multi-domain networks, as well as cross-domain collaborative security protection, thereby effectively ensuring the communication security of space-air-ground integrated networks.

This paper proposes a detection method for malicious Universal Serial Bus (USB) devices, which combines the analysis of electromagnetic leakage signal characteristics with the tap frequency logs. In light of the increasing security threats posed by malicious USB devices in daily applications, this study aims to conduct a comprehensive security assessment of USB devices by capturing the electromagnetic leakage signals generated during the operation of USB devices and combining the tap frequency characteristics generated by the devices. This method can effectively identify potential malicious USB devices, providing strong support for the security of computer systems and network environments.

This paper introduces a robust power wireless private network communication terminal, engineered with the domestic GD32 microcontroller, which is designed to thrive in the challenging conditions of the power sector, particularly for applications centered on new energy sources. The terminal integrates six core modules: an 8kV surge-protected power input module, a supercapacitor power management module, an RS-485 communication isolation interface module, a domestic GD32 digital signal processing module, a security encryption module using an encryption chip specified by the State Grid, and an LTE-230MHz wireless communication module. Its EMI protection ensures stable and reliable communication in high-stakes power business contexts. The terminal not only meets the needs of power distribution and smart building management but also adapts to emerging application scenarios such as virtual power plants and energy storage integration, ensuring secure access and communication. This terminal plays an indispensable role in building and maintaining a stable and secure power wireless private network, providing strong support for the communication infrastructure of the power industry.

An S-box is an essential component in block ciphers, and its cryptography properties play a significant role in the security of the cipher. A good S-box must have high nonlinearity (NL_F) and low differential uniformity (δ_F). In this paper, a rank-sorting hybrid genetic algorithm is designed to find S-boxes that possess high nonlinearity and low difference uniformity. Compared with the traditional genetic algorithm, the rank-sorting hybrid genetic algorithm designed in this work was improved in the following aspects. First, the crossover protection strategy was designed and used in the crossover phase, which can assure the bijectivity of offspring. Second, an elite selection strategy based on the value of the fitness function was utilized in the selection step to prevent the loss of excellent individuals. In particular, a sorting method named the rank-sorting algorithm was proposed and implemented on the selected offspring before the next iteration began. The result of using the rank-sorting algorithm is that the differences between individuals for the next crossover increase, the possibility of generating excellent offspring increases, and the risk of the whole algorithm becoming stuck in local optimal solutions decreases. The simulation results show that when the number of variables is even (8 to 12), the bijective S-boxes with almost high nonlinearity and low differential uniformity can be searched by using the rank-sorting hybrid genetic algorithm.

With the rapid development and application of distributed systems and Ethernet technology, higher requirements have been put forward for the clock synchronization of the global network. The IEEE1588 protocol is able to achieve high-precision clock synchronization, which meets the time accuracy requirements of real-time distributed systems. Therefore, this paper introduces the principle of the IEEE1588 clock synchronization technology and constructs a test environment to analyze the clock synchronization accuracy it can achieve from both theoretical calculation and experimental test. The results show that IEEE1588 clock synchronization can achieve sub-microsecond level time synchronization, with high-precision clock synchronization capability, and can be widely used in high real-time distributed systems.

Spectrum resources are becoming increasingly scarce with the explosive growth of communication requirements. Introducing Device-to-Device (D2D) communication technology into cellular networks is a feasible solution to enhance spectral efficiency. However, potential performance degradation caused by severe interference between cellular and D2D links is a pressing and thorny issue that needs to be addressed. This paper investigates the joint channel allocation and power control problem for D2D communications in cellular networks, proposing a joint channel-power allocation strategy based on the Differential Evolution (DE) algorithm to achieve a tradeoff between system capacity and fairness. The resource allocation problem is first converted into an integer programming problem with constrained boundaries, which has been proven to be NP-hard. Subsequently, a novel fitness function is designed, which introduces the Jain's Fairness Index based on user satisfaction and a special penalty factor, thereby achieving a balance between system capacity and fairness. Simulation results indicate that the proposed algorithm not only effectively optimizes the fitness function with partial channel state information (CSI), but also significantly outperforms the Simulated Annealing (SA) algorithm.

To address the issue of ground stations being unable to directly communicate with user satellites and the inability to conduct direct two-way measurements, this paper describes the multi-path cross-band measurement regenerative frequency coherent retransmission technology suitable for the unified carrier system. By employing a frequency coherent retransmission error elimination method and designing coherent retransmission ratio factors between different bands, the coherence of regenerative frequency retransmission across multiple channels is ensured. This allows the transmit and receive frequencies in multi-path retransmission to satisfy the relationship of regenerative coherent retransmission, thereby enabling real-time positioning and orbit determination for user satellites. This method can also be combined and designed according to different application scenarios and frequency band requirements. Theoretical analysis and simulation results demonstrate that this approach eliminates the impact of relay satellite clock errors on frequency coherent retransmission, ensures the coherence between multi-hop transmit and receive frequencies, and thus meets the requirement of a multi-hop velocity measurement error of less than 0.1 mm/s(ECSS-E-50-02A), showing promising prospects for engineering applications.

While the Internet of Things (IoT) has greatly facilitated our daily lives, this trend has encountered numerous security challenges in data storing and sharing especially for sensitive personal data. Identity-Based Broadcast Encryption (IBBE) is an efficient cryptographic technique to securely share messages among multiple users. Nevertheless, to prevent access by users who were previously authorized but now lack permission, user revocation should be integrated into IBBE. Despite several previous Revocable Identity-Based Broadcast Encryption (RIBBE) schemes were proposed, they are not practical for resource-constrained IoT devices due to their high computational cost during encryption and decryption, as well as the significant storage needs for the revocation list. To tackle these issues, we propose an outsourced RIBBE scheme that is appropriate for resource-constrained IoT devices. It not only effectively implements user revocation but also leverages a cloud server to handle complex calculations. Additionally, our scheme is designed to resist collusion attacks, enhancing overall security. Performance evaluation describes the great practicality and efficiency of our scheme.

In recent years, the field of drone swarms has become a high ground for military powers to compete for. With low cost-effectiveness ratio and high robustness, drone swarms can bring subversive changes to future war forms and put forward higher requirements for electronic countermeasures. Based on the research and analysis of the main technologies of anti-drone swarm, this paper puts forward the basic ideas and measures of electronic countermeasures solutions, and puts forward suggestions of system construction to deal with drone swarm from the overall perspective, which has certain foresight and innovation.

The application of drone inspection with airports and an online system has been significantly expanded to encompass smart power grid inspection. The communication infrastructure for this application is based on serial, 4G/5G cellular, wireless remote and Ethernet, with a deep fusion into the industrial network of the power grid. The intricacy of the protocol stack and topology necessitates the implementation of robust mechanisms for data integrity verification, cyber threats monitoring and defense. Furthermore, drones are susceptible to damage during automated inspection, and the deployment of anti-drone measures may result in the destruction of aircraft and the impairment of power facilities. The Integrated Anti-Anti-Drone (IAAD) mechanics on the drone system are implemented by a combination of three cryptographic elements: (1) a cryptographic mechanism set working with the security protocol, (2) physical anti-disassembly and auto key destruction, (3) code/data encryption mechanics. Finally, an analysis of the experimental system is presented to further validate the applicability of the technology to power grid inspection.

Covert communication frequently employs the use of environmental background signals or the fabrication of analogous signals to deceive Willie, that is, to utilize the environment as a shield and enhance the concealment of transmission signals. Direct-to-direct communication plays a pivotal role in 5G systems, offering proximate data services and facilitating the transfer of sensitive data. In compact communication networks, frequency division multiplexing can be utilized at the base station (BS) to transmit artificial noise. The objective is to deceive those attempting to detect concealed signals. Furthermore, the potential of using a full-duplex base station to reduce the complexity of communication between different nodes is being considered. Full-duplex communication is a crucial technology for 5G networks and has been the subject of extensive research in recent years. The development of full-duplex base station models for small communication networks has also become a prominent area of study. In light of these developments, this paper proposes the use of a full-duplex base station with multiple antennas to facilitate D2D concealed communication. This paper presents a methodology for evaluating the concealment performance of a wireless communication system. The proposed approach employs the average minimum error probability (AMEP) as a performance metric. It also derives the expressions for the minimum average detection error probability and the maximum effective concealment communication rate. The results demonstrate that by optimizing the system parameters, such as the number of antennas and the power of the artificial noise source, the concealment communication rate can be enhanced.

With the continuous deepening of the application of 5G technology in various industries, the aviation industry's flight test business is also accelerating the rapid transformation and upgrading of the 5G aviation test support model: deploying safe and reliable 5G networks in scattered test fields and laboratories, connecting test objects, basic test facilities, special test equipment, test engineers and management personnel, and information systems, effectively solving the new challenges encountered by existing test modes, Fully integrate 5G technology into cross factory and institute collaborative sharing of test data, and comprehensively break through barriers to data sharing and business collaboration between testing and flight testing. This paper focuses on aviation equipment flight test application, carries out research on the top-level architecture of 5G dedicated test and test network, proposes a 5G dedicated test and test network architecture for flight test, and introduces the wireless network, transmission network, core network architecture and edge computing scheme of dedicated 5G network in detail. Realize remote test monitoring and command collaboration in different locations, intelligent control of test sites, and rapid download of airborne collected flight test data; Establish a 5G network ecosystem for data sharing throughout the entire experimental process, support and optimize major business activities such as product design and development, production trial production, experimental verification, comprehensive support, and resource management. The 5G based testing and testing network is the first proposed in the domestic aviation testing field and also at a leading level in international testing system applications, which can be promoted and applied to other military testing fields.

A target detection algorithm based on the fusion of LiDAR and camera is proposed for the problems of single sensors in target detection, such as the camera is sensitive to light conditions and difficult to obtain the three-dimensional position of the target, while LiDAR is difficult to accurately determine the target species. Firstly, a point cloud target detection method based on Euclidean clustering is used to divide the point cloud into multiple clusters; secondly, on the basis of the 3D target detection of the point cloud, the fusion rule is derived by comparing the consistency of the detection results of a large number of images with the 3D point cloud, and judging whether it is the same target according to the IOU. Subsequently, experimental validation is carried out, and the results show that the fused target detection is effective in various scenarios, with an error of 5.6% and an accuracy of 94.4%, which meets the needs of multidisciplinary applications.

Many new ideas have been proposed regarding color image encryption schemes based on PWLCM over the past few years; however, research in this area remains limited. This study proposes a completely new scheme that can achieve good performance with only one encryption. First, each channel of the color image is divided into 8 bit planes using bit plane decomposition techniques (BBD) and divided into two groups of high four bits and low four bits. Then, the two groups are converted into binary sequences A1 and A2. This are processed by chaotic mapping, cyclic shift and exclusive OR (XOR) operation to generate B1 and B2, and then the elements of B1 and B2 are exchanged through chaotic mapping to obtain C1 and C2. Finally, C1 and C2 are converted back to bit planes and combined into an encrypted image. Simulation results demonstrate that the scheme can effectively encrypt color images.

With the continuous development of information technology, microservice architecture and container technology have gradually become a powerful technical support for the digital transformation of enterprise asset operations. Facing the unique challenges of the operation of power grid assets, this paper makes full use of the data of power grid assets, and designs the three-layer technical architecture of data layer, service layer and presentation layer based on the microservice architecture and container technology, so as to create the auxiliary decision system for power grid asset operation, and realize the unified integration of power grid asset data, effectively improves the digitization, visualization and intelligence level of power grid assets, assists the management and leadership to fully grasp and quickly analyze the operation of power grid assets, and supports various management decisions.

Trusted Computing technology represents a significant element of cyber security systems, serving to guarantee the integrity and accessibility of data and systems. The incorporation of Trusted Computing introduces a series of security detection and verification mechanisms to the host system, consequently impacting the performance of host system startup and application operation. In this paper, following an analysis of the verification mechanisms of Trusted Computing, a parallel verification mechanism is proposed. The objective is to facilitate the parallel operation of the host system program and the TPM-based file verification process, thereby enhancing the operational efficiency of the trusted computing system. Through the configurable and micro-intervention design scheme, flexible expansion and configuration within the existing Trusted Computing technology framework can be achieved.

Based on the security of distributed machine learning data and model based on remote proof, a cross-domain dynamic remote proof scheme based on ring signature improves the efficiency of computer cluster proof, the application of dynamic signature, realizes the real-time measurement of the confidence of computer cluster, and strengthens the real-time protection of data and model. Computers with different security domain may adopt different remote proof mechanism, and convert the proof information of different proof methods into unified proof information, thus realizes the cross-domain dynamic remote proof between computer clusters. Noise is added when the cloud server distributes data to a distributed computer cluster. Due to the particularity of distributed architecture and the unsolution of indefinite equations, the enemy cannot conspire with one or more computers to steal data or the model parameters trained by endpoints. Finally, the safety of this method is verified through safety analysis and experimental analysis, and the computational overhead required in the proof process is reduced compared with other methods.

Despite the revolution and convenience cloud computing has brought about, its huge energy usage is still a threat to environmental sustainability. Accurate cloud workload prediction enables cloud systems to manage and utilize resources more efficiently, which is a critical step in solving energy consumption problems. To address the issue of previous models' inability to capture non-stationary temporal features of cloud workload data, and the lack of predictive generalization for cloud workload with different patterns, a differential evolution based Non-stationary Transformer model is proposed to validate the feasibility of the model for cloud workload prediction problem in this paper. In the experimental part of the thesis, the model and the benchmark models are applied to the prediction task of cloud workloads in Google clusters with different load patterns. Through comparative experiments, the effectiveness and generalizability of differential evolution based Non-stationary Transformer model over cloud workload prediction task is demonstrated, and its predictive performance can meet or even exceed most of the benchmark models.

Infrared images are susceptible to Gaussian noise during acquisition and transmission. To meet the quality requirements for infrared image data in image processing, an asymptotic Non-Local Means (NLM) algorithm based on an improved Scharr operator was proposed for denoising infrared images of electrical equipment. Firstly, the RGB infrared images were converted to the Y channel. Secondly, the improved Scharr operator was used to adjust the computation weights of the NLM algorithm, better preserving the edge details of the images. To optimize the denoising effect, a multi-layer pyramid was constructed, and a layer-by-layer denoising fusion method was adopted to obtain the initially denoised images. Finally, for the residual noise in the initially denoised images, asymptotic denoising was employed, adjusting the filter parameters based on the image characteristics for secondary denoising, followed by image reconstruction to obtain the denoised images. Experimental results showed that the proposed algorithm achieved clear and complete denoised images, with Peak Signal-to-Noise Ratio (PSNR) and Structural Similarity (SSIM) improved by 0.78 to 4.95 and 0.01 to 0.08, respectively, compared to other methods. This indicated that the method is effective for high-efficiency denoising of infrared images of electrical equipment.

This paper constructs a supermarket decision-making model based on improved genetic algorithm and XGBoost. It analyzes the data distribution through the Shapiro–Wilk normality test, uses the exponential function to describe the relationship between the total sales volume and the cost-plus pricing, and builds the XGBoost prediction model to optimize the replenishment cost. The profit model is improved based on the genetic algorithm, and the probability density function is introduced to correct the fitting error of sparse data. The fitness function is defined to determine the replenishment quantity and pricing strategy of single products. The data-driven model is improved by using linear regression and canonical correlation analysis. Finally, the calculation formula of typical variables is obtained, and the optimal estimation of single product replenishment and pricing is realized.

In view of the shortcomings of the evaluation method and ignoring the weights of experts in the traditional approach of customer requirements (CRs) importance determination, this study proposes an improved method for deciding the importance of CRs based on social network analysis (SNA) and preference consensus. Firstly, the hesitant fuzzy linguist preference relation (HFLPR) is used to represent the experts’ preference evaluations between CRs, and the consistencies of HFLPR matrices are measured. Secondly, SNA is introduced to describe the trust relationships among experts, and the comprehensive weights of experts are calculated in combination with the consensus levels of the preference evaluations. Finally, according to the total collective performance scores of HFLPR matrices, the importance of CRs is ranked. To demonstrate the feasibility and effectiveness of the proposed method, an example regarding the product development of fully automatic washing machines is provided.

With the rapid development of rail transit in China, people usually choose to travel by subway, and the subway train system has become an urgent requirement for the advancement of rail transit. This article primarily focuses on the problem of the signal data of subway trains being easily attacked during communication with the central system and proposes a blockchain-based data encryption scheme. The scheme adopts a combination of on-chain and off-chain storage, which reduces the storage pressure of the blockchain. The blockchain is used to encrypt and store the communication data, which ensures data consistency and non-repudiation. At the same time, by employing identity-based proxy re-encryption algorithms, encrypted data is shared between two peer entities without providing valid information to third parties. This method safeguards data privacy and achieves secure data sharing.

In recent years, the industrial Internet has made great progress in the context of the country's vigorous promotion of new infrastructure, but the integration of industrial control systems and the Internet has also brought more network security risks to the industrial control industry. Existing industrial control network security protection technology still has many shortcomings, such as the intrusion detection model for stealth attack detection accuracy is not high, high interaction honeypot is difficult to adapt to a variety of industrial control scenarios and so on. In this paper, we design and implement a large-scale industrial control network equipment assets malicious threat risk identification, this research designs and implements the session flow intrusion detection according to the TCP/IP protocol stack model to parse each Ethernet frame, and extract the session flow from the packet through the session flow identification. A highly interactive honeypot is designed and implemented which logs the attacker's attacks at two levels. Finally, a plug-in industrial control protocol parsing framework is implemented. The experimental results show that this research provides effective malicious threat risk identification for industrial control network devices, which can detect and prevent potential security threats in time, safeguard the stable operation of these critical infrastructures, and prevent production accidents and social disorder caused by cyber-attacks.

To address the complexity of classifying network attack big data, the high dependency on prior knowledge, and the need to improve algorithm classification performance, this paper proposes a deep learning network based on CNN for classifying and detecting network attacks in network security situation awareness. A network feature transfer learning method is introduced to solve the detection and training efficiency problems of the CNN algorithm for complex data features in a big data environment. By optimizing the performance of the CNN algorithm, similarity distance is applied to solve the issue of low classification accuracy caused by data category imbalance, thus improving the efficiency and accuracy of algorithm classification calculations. Extensive simulation experiments were conducted to detect abnormal features of network attacks, and the improved CNN model was compared with the latest deep learning algorithms to verify the model's performance and target detection efficiency. The research provides a new idea for using deep learning methods to detect intrusion attacks in the context of complex network data.

With the rapid development of Web technologies, HTML functions are increasingly widely used in Web applications. However, the security issues of HTML functions have also emerged, becoming a major hidden danger in cybersecurity. This paper aims to systematically explore and study the security vulnerabilities of HTML functions in Web websites. Through actual case analysis, we demonstrate how to use the oncopy event to manipulate users' clipboard content to achieve potential attacks. The research results show that these vulnerabilities are widespread in existing Web applications and can be easily exploited maliciously, leading to user information leakage and system damage. Through in-depth research on these vulnerabilities, we have proposed a series of effective protective measures and best practices to help developers improve security when writing HTML code.

Named Data Networking (NDN) is an emerging network architecture that fundamentally shifts from the conventional Internet communication model by focusing on data-centricity. However, the openness of networks poses a significant risk of unauthorized access to sensitive data, thereby challenging the preservation of data security and integrity. To address this issue, Nazatul et al. have recently proposed a role-based access control framework (NDN-RBE) tailored to enhance data access security within the NDN environment. Despite their assertion of the NDN-RBE scheme's ability to ensure secure data access control through identity verification based on anonymous signatures, our analysis reveals inherent vulnerabilities during the verification phase, rendering it susceptible to signature forgery attacks. This paper aims to provide a comprehensive examination of signature forgery attack methodologies, delving into the underlying reasons for its insecurity. Furthermore, it concludes by presenting practical recommendations for enhancing the security robustness of the NDN-RBE framework. If the vulnerabilities are addressed, stakeholders can better safeguard data integrity and confidentiality within the NDN ecosystem, ensuring its viability in the evolving landscape of network architectures.

In the current cloud environment, most systems employ single-factor authentication using a username and password, which are not suitable for applications with higher security requirements. In many fields such as schools, hospitals, etc., there is a demand for multiple levels of security due to their specificity. Identity authentication and security level authentication are the first steps to ensuring system security in multilevel environment. Some resolutions may require costly hardware or lead to low performance in efficiency. In this paper, we propose a digital certificate-based authentication system for multi-level security environment. Users and the authentication center can perform mutual authentication via digital signatures in untrusted network environments. Users with different security levels are isolated by root certificates, and hash algorithm is used to iteratively encrypt keys to improve authentication efficiency.

Flight test safety monitoring is an important means to improve the efficiency of test aircraft flight tests and ensure flight test safety. Aiming at the test aircraft flight test risk analysis and safety monitoring needs, this paper proposes a real-time monitoring technology for the whole process of flight test risks based on a hierarchical safety model. Through the extraction and risk level classification of the whole process of flight test safety risks, the flight test safety risk items and risk levels are obtained; then, by constructing a hierarchical safety model for test aircraft, the risk causes of flight test risks are analyzed and complete flight test safety information is captured; then, the knowledge graph is used to store large-scale flight test safety knowledge, and at the same time, a fast retrieval algorithm is used in the real-time monitoring process to realize the rapid identification and efficient retrieval of flight test risks based on telemetry data; finally, a test aircraft safety monitoring software with safety critical parameters as the core is designed to assist monitoring personnel in making decisions, and ultimately achieve the goal of timely discovery, timely warning, and timely disposal of safety risks during the monitoring process.

The transient faults caused by high-energy particles in the space radiation environment impact the reliability of routing algorithms in network communication mechanisms, where SDC (Silent Data Corruption) poses a significant threat to space-based network systems due to its insidious nature. Given that existing SDC fault tolerance methods do not incorporate the characteristics of space-based network communication mechanisms and require time-consuming fault injections, this paper proposes a method for strengthening the SDC vulnerability of network routing algorithms based on GCN (Graph Convolutional Networks). First, the impact of transient faults on routing algorithms is analyzed, and a fault model of the routing algorithm is constructed. Next, the instruction features and instruction dependencies of the routing algorithm are extracted to construct an instruction dependency graph. Then, a GCN-based instruction SDC vulnerability prediction model is constructed and trained to predict the SDC vulnerability of the routing algorithm instructions. Finally, the routing algorithm is reinforced to enable self-detection and fault tolerance of SDC. Experimental results show that, compared to existing methods, the proposed method achieves higher accuracy in SDC vulnerability prediction and detection rates without requiring large-scale fault injection.

In view of the great significance of the Internet of Things technology to the construction of security management and control in chemical parks, this paper designs a network transmission technology of security management and control equipment based on ZigBee, which realizes the data transmission and control of various monitoring terminals such as cameras and sensors. At the same time, the security control of the park is designed in detail in three parts: basic security management, monitoring and early warning of major hazard sources and video monitoring. The results show that the security management and control system of the park effectively solves the existing problems of security risks in the park from three aspects: basic security management, monitoring and early warning of major hazard sources and video monitoring, improves the efficiency and level of supervision of the park management committee, and provides factual basis and construction experience for risk management, early warning and decision-making of other chemical parks in China.

APT attacks are highly dangerous and covert, making them difficult to detect using conventional security measures. Causal analysis based on trace graphs has become a common method for APT detection. However, previous work has encountered several issues, such as the inability to fully utilize contextual information from trace graphs, the requirement for prior records of APT attacks, and excessive computational overhead. This paper proposes an effective self-supervised learning-based method for APT detection. By leveraging provenance graphs and graph representation learning techniques, this method enables multi-granularity detection and effectively accomplishes the task of system anomaly detection. The model adopts outlier detection techniques, enabling APT detection at both the entity level and batch log level. We evaluated our method on three public datasets, and the results demonstrate that our approach achieves optimal detection performance while significantly outperforming existing APT detection methods in terms of computational overhead.

This paper presents a comprehensive assessment method of the security of open source components. The process is constructed using three analytical techniques: hierarchical analysis, expert scoring, and linear weighting. These techniques are employed to identify the parameters that affect the security of open source software. The parameters are then used to evaluate the security of open source components. The evaluation results can inform decisions on the introduction of open source components.

As the Industrial Internet of Things (IIoT) rapidly evolves, cybersecurity issues have become increasingly prominent. Traditional centralized intrusion detection methods face significant challenges, including privacy, security, and computational resource limitations with large-scale heterogeneous data. This paper proposes a federated learning-based intrusion detection method, combining Convolutional Neural Networks (CNN) and Gated Recurrent Units (GRU) with Isolation Trees for anomaly detection and removal. This approach addresses the non-independent and identically distributed (non-IID) data in IIoT and provides personalized local model training. Experimental results show that the proposed method significantly improves intrusion detection accuracy and real-time performance.

As the reliance of businesses and organizations on online operations continues to grow, the importance of addressing software security vulnerabilities becomes increasingly critical. This paper delves into the phenomenon of Denial of Service (DoS) attacks in PHP web applications, focusing on the exploitation of recursive function calls that lead to DoS vulnerabilities. We analyze the causes of DoS vulnerabilities in CVEs to illustrate how such vulnerabilities can be exploited and extract a transferable model from this analysis, highlighting its commonality in web development. Potential attack methods and risks are discussed in detail. Additionally, an automated detection tool has been developed to identify high-risk vulnerability points in developers' code. This research provides valuable insights and practical solutions for PHP developers and security professionals to enhance the resilience of web applications against DoS attacks.

A quantum secret sharing (QSS) scheme with single photons was proposed, the trusted third party (TTP) encoded the secret value into conjugate single quantum states, in the revealing phase each participant performs the corresponding unitary operation on the single photon sequence sequentially according to its’ private key, and the participants can recover the secret value only through one round of interaction with the TTP and two round of interactions between themselves, further more any dishonest action and malicious attack can be detected.

With the growing popularity of the Internet and digital technology, network security threats are increasing, and people's demand for advanced security defense means is rising. By combining advanced deep learning algorithms, AI based network security defense systems can provide real-time, automated threat detection and response. They can not only detect known threat patterns, but also learn to identify new and unknown attack techniques. Based on the requirements of computer network security, this article designs a computer network security protection system. The system applies an artificial intelligence analysis engine and combines hardware and software design optimization to achieve multi-level security protection measures. After testing, the system has high capabilities in data capture rate, restoration rate, data encryption and protection, and can provide an effective solution for the security protection of computer networks.

With the rapid development of technology, the network environment is becoming increasingly complex, and security issues are becoming more prominent. Network security situational awareness is an important method for assessing the status of network security and predicting the future direction of network development. An information security situational awareness method based on situational awareness, and evaluating and predicting the performance of various machine learning methods in information security situational awareness.

The utilization of convolutional neural networks has become pervasive across numerous sectors, including areas like visual identification and linguistic processing. Yet, there is a growing concern among users regarding the vulnerability of their privacy, stemming from the accessibility of model parameters. Then we take inspiration from differential privacy. By adding Gaussian noise to the training parameters, we finally realize the privacy preservation. This study implements an optimized image recognition technique that utilizes gradient layer clipping to enhance the efficacy of the model while maintaining differential privacy. Additionally, we employ the analytical Gaussian mechanism to bolster our approach. Findings indicate that at a privacy parameter ϵ of 8.0, the model achieves an accuracy rate of 96.46% on the MNIST dataset and 61.10% on the CIFAR-10 dataset; Meanwhile, with a privacy parameter ϵ of 2.0, the model's accuracy rate is 94.0% for MNIST and 58.79% for CIFAR-10.

With the rapid development of the power Internet of Things and the increasing number of IoT devices and application scenarios, new requirements are put forward for the reliability and efficiency of equipment access certification. Aiming at the problems of low efficiency and malicious attack of traditional authentication methods, this paper proposes a group authentication algorithm based on regional grouping and aggregate signcryption. Firstly, according to the characteristics of IoT devices, a distributed authentication scheme based on regional grouping is designed. Then each group relies on aggregation signcryption technology for group authentication of IoT devices. Finally, the calculation and communication cost of the algorithm are compared and analyzed. The results show that the proposed algorithm can improve the authentication efficiency.

Traditional network architecture can no longer meet the development needs of technologies such as cloud computing and big data. SDN network architecture has the characteristics of high openness and programmability, which can quickly respond to changes in business requirements. SDN decouples the control management function of the network from the data forwarding function, simplifies network configuration work based on logic centralized controllers and open programming interfaces, thereby achieving a flat management mode and flexible data forwarding function. The centralized control and programmability of SDN networks also pose significant security threats to SDN. Based on the CSE-CIC-IDS2018 dataset, this article tests the performance of various intelligent learning algorithms, analyzes data flows, distinguishes normal data from abnormal data, improves detection accuracy, and has practical significance for the security defense of SDN networks.

This paper proposed a hybrid Network Security Situation Prediction (NSSP) sequence neural network model, which integrates CNN, LSTM, and Multihead Attention mechanisms, and experimented with various techniques to enhance the nonlinearity and generalization ability of neural networks. We constructed NSSP sequence datasets on two publicly available anomaly detection datasets and validated the effectiveness and accuracy of our proposed method. The RMSE values of our proposed method on the testing datasets of UNSW-NB15-January 22, UNSW-NB15-February 17, and KDDCup99 are 2.262E-07, 2.275E-03, and 4.938E-05 respectively. The MAE values are 4.756E-04, 2.667E-02, and 3.322E-04 respectively.

Aiming at the shortcomings of current location privacy protection methods for internet of vehicles (IoV) in terms of balancing location privacy and service availability, high communication overhead, and susceptibility to inference attacks, a k-anonymity location privacy protection method for IOV based on service similarity is proposed to effectively defend against inference attacks. The concept of service similarity is introduced to generate a service similarity map, and based on the service similarity degree, the partition where the vehicle is located is merged with other partitions to form the Anonymous candidate area that meets the service quality requirements of the vehicle. When selecting the k-anonymity set, the anonymity entropy is used to quantify the user's enquiry probability, and the k-anonymity set with the largest entropy is generated to effectively undercut the inference attack. A greedy algorithm is used to randomly select a location point in the anonymity set to request the service in order to reduce the resource overhead. And experimental results and analysis show that the method reduces the communication overhead by an average of 48.75% and improves the privacy preservation degree and service availability by an average of 42.99% and 45.84% compared to the comparison method. The proposed method improves the privacy preservation degree and service availability, reduces the resource overhead and is effective against inference attacks.

Crowdsourcing is a way to solve complex tasks by publicly collecting solutions on the network. The crowdsourcing system that provides task completion and solution reuse facilitates human life and promotes economic development. With the rise of blockchain technology, it is possible to design and implement a decentralized crowdsourcing scheme. However, due to the nature of data sharing on the blockchain, there are many challenges in the blockchain-based crowdsourcing scheme. In this paper, we first classify the required properties of blockchain-based decentralized crowdsourcing scheme including fairness, reusability and integrity. And then we propose a novel blockchain-based secure crowdsourcing scheme to support solution reuse using the Pedersen commitment, Paillier cryptosystem, secure hash function and Diffie-Hellman key exchange. The security analysis shows that our scheme satisfies the above requirements. Finally, we simulated the crowdsourcing task that may exist in the real world and evaluated the experimental results.

Formal methods (FM) are a pivotal technology for ensuring the safety and reliability of software systems. These methods are centered around the application of precise mathematical principles to verify the security and dependability of software. Formal methods have been widely employed in the verification of critical systems, with the increasing significance of concurrent programs in the context of the growing prevalence of parallel computing architectures like multi-core processors. However, the efficiency of formal methods in verifying concurrent programs is often low, which hinders their broader adoption and application. Addressing this issue, this study proposes an efficient formal verification method tailored for concurrent programs. This method bifurcates the verification process of concurrent programs into two stages: proving sequential correctness and verifying other attributes. In the first stage, leveraging theorem-proving strategies and large language model (LLM) technology, the method assists in proving the sequential correctness of concurrent programs. The second stage, based on model checking technology, involves transforming the program to narrow down the verification scope before using model checking tools to verify other security attributes of the program. Experimental results have shown that the proposed method significantly reduces the state space that needs to be searched during verification, thereby enhancing the efficiency of concurrent program verification.