Research on network risk assessment based on attack graph of expected benefits-rate by Wenfu LIU, Jianmin PANG, Xin ZHOU, Nan LI, Feng YUE

“…As Internet applications and services become more and more extensive, the endless network attacks lead to great risks and challenges to the security of information systems.As a model-based network security risk analysis technology, attack graph is helpful to find the vulnerability between network nodes and the harm of being attacked.It has been proved to be an effective method to find and prevent network security risks.Attack graph is mainly divided into state-based attack graph and attribute-based attack graph.Due to the problem of state explosion in state-based attack graph, most researchers prefer the attribute-based attack graph for network risk assessment.In view of the existing researches on attribute-based attack graph, they excessively rely on the vulnerability of network nodes and the essential attributes of atomic attack.However, they ignore that rational attackers usually choose specific attack paths by maximizing attack benefits.Then, a network risk assessment framework and a quantification method of attack benefits-rate based on expected benefits-rate attack graph were proposed.The network risk assessment framework took the open vulnerability resource database, the new vulnerabilities found by the vulnerability mining system and the big data related to network attack and defense as the basic data source.The network risk assessment framework also took the open source big data platform as the analysis tool to mine and calculate the elements related to attack cost and attack benefit.Using the concepts of cost, benefit and benefit-rate in economics, the calculation model of expected benefit-rate of atomic attack was constructed.By constructing the attribute-based attack graph of the target network, the expected benefit-rate of atomic attack on the attack path was calculated, and the expected benefit-rate list of all possible attack paths was generated.Furthermore, taking the expected goal as the starting point, the search was carried out according to the specific optimization strategy (backtracking method, greedy algorithm, dynamic programming).And the complete attack path with the maximum benefit-rate was obtained, which provided the basis for network risk assessment.The simulation results show the effectiveness and rationality of the proposed expected benefit-rate attack graph network risk assessment method, which can provide support for discovering and preventing network security problems.…”
Get full text

Reputation detection based on incomplete distribution for mobile agent in wireless sensor networks by Yang Yang, Xiaoyu Jin, Su Yao, Xuesong Qiu, Liu Liu

“…Mobile agent is a kind of program which can transfer via asynchronous mode independently in the sensor network with outstanding prospects in application. …”
Get full text

A Particle Swarm Optimization Algorithm for Deployment of Sensor Nodes in WSN Network by Jie Liang, Lu Wang, Qingchang Ji

“…In order to solve the problems of security hidden dangers in the process of node location due to the characteristics of limited resources, open deployment, and being unattended in wireless sensor networks, this paper proposes a mainstream location algorithm combined with the current WSN node. …”
Get full text

Fare Design in Urban Transit Network considering Elastic Demand and Adverse Weather’s Impact by Jiantong Zhang, Biyu Lv, Guichao Tian, Wenchi Liu

Get full text

Environmental Disinfection Based on Mobile Intelligent Networking Highly Efficient Ultraviolet Light Machines by Chun-Yen Chung, Wen-Tsai Sung, Lin-Chi Wang, Lailatus Siami, John Paul Santos

Get full text

FRR: A Fast Routing Recovery mechanism minimizing network formation time in smart grids by Giancarlo C. Heck, Ananias A. Quispe, Patryk H. da Fonseca, Osni S. Junior, Roberto A. Hexsel, Luiz C.P. Albini

Get full text

Optimization design of liquid crystal-based reconfigurable intelligent surface-assisted indoor visible light communication systems by Lisu YU, Xinxin LÜ, Run ZHONG, Mingli ZHANG, Zhenghai WANG, Yuhao WANG

“…Visible light communication (VLC) is a promising technology for sixth-generation (6G) networks, offering a broad, license-free spectrum, enhanced security, and protection from radio frequency (RF) interference. …”
Get full text

Enhancing urban agriculture networks: A clustering and multicriteria decision-making approach to sustainability indicators and governance by Jiangwei Kong, Mengxi Gao, Hind Alofaysan, Dilafruz Fayziyeva, Zhi Liu

“…This research highlights food security via an urban agricultural network in the larger Miami metropolitan region, which includes Palm Beach, Broward, and Miami-Dade counties. …”
Get full text

TPCM-based trusted PXE boot method for servers by Guojie LIU, Jianbiao ZHANG

“…The PXE startup mechanism downloads operating system files through the network and starts the operating system,which is widely used in server network startup.It is widely used in server network startup.The PXE boot process is secured and trusted through trusted computing technology to prevent the PXE boot file from being tampered with maliciously,ensuring the safe and reliable operation of the server.The cyber security classified protection standard requires that the system boot program and system program of the server device be trusted and verified based on the trusted root.A TPCM-based server trusted PXE boot method based on the requirements of classified protection standard was proposed to ensure the security and trust of the server's BIOS firmware,PXE bootfiles,and Linux system files.When the server performs PXE boot,TPCM measured BIOS firmware,BIOS boot environment measured PXE boot files,and PXE boot environment measured Linux system files.Taking TPCM as the root of trust,one level of measurement,one level of trust,and a chain of trust were established to achieve a trusted server operating environment.The proposed method was tested on a domestically-controlled,self-controllable Shenwei server.The experimental results show that the proposed method is feasible.…”
Get full text

High-performance directional fuzzing scheme based on deep reinforcement learning by Tian XIAO, Zhihao JIANG, Peng TANG, Zheng HUANG, Jie GUO, Weidong QIU

“…With the continuous growth and advancement of the Internet and information technology, continuous growth and advancement of the Internet and information technology.Nevertheless, these applications’ vulnerabilities pose a severe threat to information security and users’ privacy.Fuzzing was widely used as one of the main tools for automatic vulnerability detection due to its ease of vulnerability recurrence and low false positive errors.It generates test cases randomly and executes the application by optimization in terms of coverage or sample generation to detect deeper program paths.However, the mutation operation in fuzzing is blind and tends to make the generated test cases execute the same program path.Consequently, traditional fuzzing tests have problems such as low efficiency, high randomness of inputs generation and limited pertinence of the program structure.To address these problems, a directional fuzzing based on deep reinforcement learning was proposed, which used deep reinforcement learning networks with information obtained by staking program to guide the selection of the inputs.Besides, it enabled fast approximation and inspection of the program paths that may exist vulnerabilities.The experimental results showed that the proposed approach had better performance than the popular fuzzing tools such as AFL and AFLGO in terms of vulnerability detection and recurrence on the LAVA-M dataset and real applications like LibPNG and Binutils.Therefore, the approach can provide support for further vulnerability mining and security research.…”
Get full text

IoT and Cloud Computing Issues, Challenges and Opportunities: A Review by Mohammed Mohammed Sadeeq, Nasiba M. Abdulkareem, Subhi R. M. Zeebaree, Dindar Mikaeel Ahmed, Ahmed Saifullah Sami, Rizgar R. Zebari

Get full text

ESX: A Self-Generated Control Policy for Remote Access With SSH Based on eBPF by Yuan Zhong, Pengfei Chen, Huxing Zhang

“…Cloud systems that provide remote data and computational access through networks face significant security challenges. Secure Shell (SSH) is one of the most popular methods for remote access, but the leakage of login information presents a substantial security threat, enabling attackers to exploit identities and disrupt systems. …”
Get full text

Módulo de Dados Dinâmicos - MDD: o emprego prático da inteligência territorial by Rodrigo de Freitas Amorim, Thiago França Simonetti

“…It is necessary to make the most of the entire available infrastructure network, using data sharing between different public bodies to advance decision-making more efficiently, enhancing results and reducing operational costs. …”
Get full text

Improved grey wolf optimization algorithm based service function chain mapping algorithm by Yue ZHANG, Junnan ZHANG, Xiaochun WU, Chen HONG, Jingjing ZHOU

“…With the rise of new Internet applications such as the industrial Internet, the Internet of vehicles, and the metaverse, the network’s requirements for low latency, reliability, security, and certainty are facing severe challenges.In the process of virtual network deployment, when using network function virtualization technology, there were problems such as low service function chain mapping efficiency and high deployment resource overhead.The node activation cost and instantiation cost was jointly considered, an integer linear programming model with the optimization goal of minimizing the average deployment network cost was established, and an improved grey wolf optimization service function chain mapping (IMGWO-SFCM) algorithm was proposed.Three strategies: mapping scheme search based on acyclic KSP algorithm, mapping scheme coding and improvement based on reverse learning and nonlinear convergence were added to the standard grey wolf optimization algorithm to form this algorithm.The global search and local search capabilities were well balanced and the service function chain mapping scheme was quickly determined by IMGWO-SFCM.Compared with the comparison algorithm, IMGWO-SFCM reduces the average deployment network cost by 11.86% while ensuring a higher service function chain request acceptance rate.…”
Get full text

Community Participation in Programme Planning for Universal Health Coverage in India: An exploratory study by Yogesh Chandra, Ajai Kumar Jain

Get full text

Markov game modeling of mimic defense and defense strategy determination by Xingming ZHANG, Zeyu GU, Shuai WEI, Jianliang SHEN

“…Network mimic defense technology enhances the robustness of active defense through the redundancy,dynamic and diversity as well as the decision feedback mechanism.However,little work has been done for its security assessment and existing classic game models are not suitable for its dynamic characteristics and lack of universality.A Markov game model was proposed to analyze the transfer relationship between offensive and defensive status and the measurement method of safety and reliability of mimic defense,and calculated the offensive and defensive game equilibrium through non-linear programming algorithm to determine the best defensive strategy considering performance.Experiments give a comparison with the multi-target hiding technique and shows that the mimic defense has a higher defensive effect.Combining with the specific network case,the specific attack and defense path for the exploit of the system vulnerability is given and the effectiveness of the defense strategy algorithm is verified.…”
Get full text

Strengthening health systems to tackle oral diseases in Africa: Africa centers for disease control and prevention’s role by Moréniké Oluwátóyìn Foláyan, Moréniké Oluwátóyìn Foláyan, Adeyinka Ganiyat Ishola, Ahmed Bhayat, Ahmed Bhayat, Maha El Tantawi, Maha El Tantawi, Nicaise Ndembi

Get full text

Digital Sociability: Implications of the COVID-19 Pandemic among Young Adults by Gledson Martins de Jesus, Eduardo Name Risk

“…The results suggest that young people live ambiguously with the sense of security provided by social networks while feeling anxious about the judgment of others regarding their posts.…”
Get full text

Real-Time Mouse Data Protection Method Using GANs for Image-Based User Authentication Based on GetCursorPos() and SetCursorPos() Functions by Jinwook Kim, Kyungroul Lee, Hanjo Jeong

Get full text

Transformative adaptation: from climate-smart to climate-resilient agriculture by Jon Hellin, Eleanor Fisher, Marcus Taylor, Suhas Bhasme, Ana María Loboguerrero

Get full text