Pub Date : 2022-04-21DOI: 10.1109/IEEECONF52377.2022.10013347
Zhiping Lu, Hongchao Hu, Shumin Huo, Shuyi Li
Artificial intelligence (AI) has developed rapidly in recent decades and is widely used in many fields, such as natural language processing, voice recognition, and especially computer vision (CV). However, the endogenous security problems brought by the AI model itself, leading to the emergence of adversarial examples (AEs), which can fool the AI models and cause a serious impact on the classification. In recent years, researches show that ensemble learning methods are effective both in generating or detecting AEs. By integrating to generate AEs, the attackers can implement stronger and good transferability attacks to the target models. On the other hand, ensemble learning methods can also be used in defenses that can improve the robustness against AEs. In this paper, we focus on the ensemble learning methods in the CV field, and first introduce the classic adversarial attack and defense technologies. Then, we survey the ensemble learning methods in the adversarial environment and divide them into three types of frameworks (i.e., parallel, sequential, and hybrid). To the best of our knowledge, we are the first to analyze the recent proposed attacks and defenses in the adversarial environment from the perspective of these ensemble frameworks. Additionally, we summarize the advantages and disadvantages of these ensemble methods and frameworks. In the end, we give some suggestions for using ensemble frameworks, and we put forward several opinions from the aspects of attacks, defenses, and evaluations for future research directions in this field.
{"title":"Ensemble Learning Methods of Adversarial Attacks and Defenses in Computer Vision: Recent Progress","authors":"Zhiping Lu, Hongchao Hu, Shumin Huo, Shuyi Li","doi":"10.1109/IEEECONF52377.2022.10013347","DOIUrl":"https://doi.org/10.1109/IEEECONF52377.2022.10013347","url":null,"abstract":"Artificial intelligence (AI) has developed rapidly in recent decades and is widely used in many fields, such as natural language processing, voice recognition, and especially computer vision (CV). However, the endogenous security problems brought by the AI model itself, leading to the emergence of adversarial examples (AEs), which can fool the AI models and cause a serious impact on the classification. In recent years, researches show that ensemble learning methods are effective both in generating or detecting AEs. By integrating to generate AEs, the attackers can implement stronger and good transferability attacks to the target models. On the other hand, ensemble learning methods can also be used in defenses that can improve the robustness against AEs. In this paper, we focus on the ensemble learning methods in the CV field, and first introduce the classic adversarial attack and defense technologies. Then, we survey the ensemble learning methods in the adversarial environment and divide them into three types of frameworks (i.e., parallel, sequential, and hybrid). To the best of our knowledge, we are the first to analyze the recent proposed attacks and defenses in the adversarial environment from the perspective of these ensemble frameworks. Additionally, we summarize the advantages and disadvantages of these ensemble methods and frameworks. In the end, we give some suggestions for using ensemble frameworks, and we put forward several opinions from the aspects of attacks, defenses, and evaluations for future research directions in this field.","PeriodicalId":193681,"journal":{"name":"2021 International Conference on Advanced Computing and Endogenous Security","volume":"23 6","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-04-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114126215","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2022-04-21DOI: 10.1109/IEEECONF52377.2022.10013106
Jingnuo Peng, Kaizhi Huang, Shuaifang Xiao, Qian Han
Physical layer key generation is one of the promising candidate technology schemes for communication network encryption as it promises to solve the difficulties in traditional cryptographic mechanisms. However, due to the existence of unequal key bits in the process of key generation, the practical application of physical layer key generation is greatly hindered. In this paper, in order to eliminate the key inconsistency problem, we propose a Polar code-based information reconciliation scheme (PIRS) by combining the design mechanism of the 5th generation (5G) physical control channel processing flow in the 5G physical layer protocol. The Monte Carlo simulation results show that our proposed method can significantly reduce the key disagreement rate (KDR) and increase the key generation rate (KGR) for both parties in communication, even when the signal-to-noise ratio is low.
{"title":"Secret Key Generation Using Polar Code-Based Reconciliation Method in 5G","authors":"Jingnuo Peng, Kaizhi Huang, Shuaifang Xiao, Qian Han","doi":"10.1109/IEEECONF52377.2022.10013106","DOIUrl":"https://doi.org/10.1109/IEEECONF52377.2022.10013106","url":null,"abstract":"Physical layer key generation is one of the promising candidate technology schemes for communication network encryption as it promises to solve the difficulties in traditional cryptographic mechanisms. However, due to the existence of unequal key bits in the process of key generation, the practical application of physical layer key generation is greatly hindered. In this paper, in order to eliminate the key inconsistency problem, we propose a Polar code-based information reconciliation scheme (PIRS) by combining the design mechanism of the 5th generation (5G) physical control channel processing flow in the 5G physical layer protocol. The Monte Carlo simulation results show that our proposed method can significantly reduce the key disagreement rate (KDR) and increase the key generation rate (KGR) for both parties in communication, even when the signal-to-noise ratio is low.","PeriodicalId":193681,"journal":{"name":"2021 International Conference on Advanced Computing and Endogenous Security","volume":"18 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-04-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114793375","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2022-04-21DOI: 10.1109/IEEECONF52377.2022.10013340
Chengqian Guo, Fan Lang, Qiongxiao Wang, Jingqiang Lin
Single sign-on (SSO) services are widely deployed on the Internet as the identity management and authentication infrastructure. In an SSO system, after authenticated by the identity providers (IdPs), a user is allowed to log into relying parties (RPs) by submitting an identity proof. However, SSO introduces the potential leakage of user privacy, which is indicated by NIST. That is (a) a curious IdP could track a user's all visits to any RPs and (b) collusive RPs could link the user's identities across different RPs, to learn the user's activity profile. NIST suggests that the Pairwise Pseudonymous Identifier (PPID) should be adopted to prevent collusive RPs from linking the same user, as PPID mechanism enables an IdP to provide a user with multiple individual IDs for different RPs. However, PPID mechanism cannot protect users from IdP's tracking, as it still exposes RP identity to IdP. In this paper, we propose an SSO system, named UP-SSO, providing the enhanced PPID mechanism to protect a user's profile of RP visits from both the curious IdP and the collusive RPs by integrating PPID and SGX. It separates an IdP service into two parts, the server-side service and user-side service. The generation of PPID is shifted from IdP server to user client, so that IdP server no longer needs to learn RP ID. The integrity of user client can be verified by IdP through remote attestation. The detailed design of UP-SSO is described in this paper, and the systemic analysis is provided to guarantee its security. We implemented the prototype system of UP-SSO, and the evaluation of the prototype system shows the overhead is modest.
{"title":"UP-SSO: Enhancing the User Privacy of SSO by Integrating PPID and SGX","authors":"Chengqian Guo, Fan Lang, Qiongxiao Wang, Jingqiang Lin","doi":"10.1109/IEEECONF52377.2022.10013340","DOIUrl":"https://doi.org/10.1109/IEEECONF52377.2022.10013340","url":null,"abstract":"Single sign-on (SSO) services are widely deployed on the Internet as the identity management and authentication infrastructure. In an SSO system, after authenticated by the identity providers (IdPs), a user is allowed to log into relying parties (RPs) by submitting an identity proof. However, SSO introduces the potential leakage of user privacy, which is indicated by NIST. That is (a) a curious IdP could track a user's all visits to any RPs and (b) collusive RPs could link the user's identities across different RPs, to learn the user's activity profile. NIST suggests that the Pairwise Pseudonymous Identifier (PPID) should be adopted to prevent collusive RPs from linking the same user, as PPID mechanism enables an IdP to provide a user with multiple individual IDs for different RPs. However, PPID mechanism cannot protect users from IdP's tracking, as it still exposes RP identity to IdP. In this paper, we propose an SSO system, named UP-SSO, providing the enhanced PPID mechanism to protect a user's profile of RP visits from both the curious IdP and the collusive RPs by integrating PPID and SGX. It separates an IdP service into two parts, the server-side service and user-side service. The generation of PPID is shifted from IdP server to user client, so that IdP server no longer needs to learn RP ID. The integrity of user client can be verified by IdP through remote attestation. The detailed design of UP-SSO is described in this paper, and the systemic analysis is provided to guarantee its security. We implemented the prototype system of UP-SSO, and the evaluation of the prototype system shows the overhead is modest.","PeriodicalId":193681,"journal":{"name":"2021 International Conference on Advanced Computing and Endogenous Security","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-04-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126064107","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2022-04-21DOI: 10.1109/IEEECONF52377.2022.10013103
Delei Nie, Hong Yu
Although the mimic system can effectively defend against known or unknown vulnerabilities / backdoor attacks, some encryption protocols such as SSH will produce different encryption results on different executors, even with the same processor, the same operating system, the same encryption protocol and the same plaintext, which leads to difficulty in output arbitration. To solve this problem, this paper proposes an encryption source normalization method, which can make different executors generate same ciphertext by normalizing the source of the random number and synchronizing the length of output data, so that the output of heterogeneous executers can be successfully arbitrated by the scheduler. This method is verified by experiments using SSH protocol. Test results show that this method can effectively solve the encryption problem of mimic system.
{"title":"Encryption Source Normalization Method for Mimic System","authors":"Delei Nie, Hong Yu","doi":"10.1109/IEEECONF52377.2022.10013103","DOIUrl":"https://doi.org/10.1109/IEEECONF52377.2022.10013103","url":null,"abstract":"Although the mimic system can effectively defend against known or unknown vulnerabilities / backdoor attacks, some encryption protocols such as SSH will produce different encryption results on different executors, even with the same processor, the same operating system, the same encryption protocol and the same plaintext, which leads to difficulty in output arbitration. To solve this problem, this paper proposes an encryption source normalization method, which can make different executors generate same ciphertext by normalizing the source of the random number and synchronizing the length of output data, so that the output of heterogeneous executers can be successfully arbitrated by the scheduler. This method is verified by experiments using SSH protocol. Test results show that this method can effectively solve the encryption problem of mimic system.","PeriodicalId":193681,"journal":{"name":"2021 International Conference on Advanced Computing and Endogenous Security","volume":"127 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-04-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122107858","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2022-04-21DOI: 10.1109/IEEECONF52377.2022.10013098
Jingjing Guo, Xuewan Zhang, Li You, Xiaoming Xu, Di Zhang
In this paper, the symbol error rate (SER) per-formance of sparse vector coding (SVC) for the short packet transmission over independent and identically distributed (i. i. d.) k - u shadowed fading channels is studied. We firstly analyze the signal to interference plus noise ratio (SINR) of the SVC scheme and show that the corresponding signal to noise ratio (SNR) performance can be improved with the increasing number of resource blocks compared to the conventional baseline, which indicates that the reliability of the system is improved. Then, we derive the simple SER analytical expression over the $kappa-mu$ fading scenario with low computational complexity. The versatility of the $kappa-mu$ fading model determines that the other well-known fading distributions and their inclusive ones can be derived as special cases. Simulation results indicate the validness of our derivations, and that the SVC scheme can greatly improve the system reliability with longer spreading sequences.
{"title":"Performance Analysis of Sparse Vector Coding over $kappa-mu$ Fading Channel","authors":"Jingjing Guo, Xuewan Zhang, Li You, Xiaoming Xu, Di Zhang","doi":"10.1109/IEEECONF52377.2022.10013098","DOIUrl":"https://doi.org/10.1109/IEEECONF52377.2022.10013098","url":null,"abstract":"In this paper, the symbol error rate (SER) per-formance of sparse vector coding (SVC) for the short packet transmission over independent and identically distributed (i. i. d.) k - u shadowed fading channels is studied. We firstly analyze the signal to interference plus noise ratio (SINR) of the SVC scheme and show that the corresponding signal to noise ratio (SNR) performance can be improved with the increasing number of resource blocks compared to the conventional baseline, which indicates that the reliability of the system is improved. Then, we derive the simple SER analytical expression over the $kappa-mu$ fading scenario with low computational complexity. The versatility of the $kappa-mu$ fading model determines that the other well-known fading distributions and their inclusive ones can be derived as special cases. Simulation results indicate the validness of our derivations, and that the SVC scheme can greatly improve the system reliability with longer spreading sequences.","PeriodicalId":193681,"journal":{"name":"2021 International Conference on Advanced Computing and Endogenous Security","volume":"16 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-04-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114617159","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
For current Internet is confronted with some defects such as structural rigidity, single function, and protocol-independent, the functions, performance and efficiency of the Internet were promoted from the perspective of the data plane, it proposes to support computing definable programmable data based on the full-dimensional defined polymorphic smart network. It uses in-network calculations to offload network functions to programmable network elements (programmable switches) to improve operational efficiency and flexibility. This article first uses the protocol-independent P4 language to realize the definable forwarding of the data plane; on this basis, a new forwarding model is designed, adding calculation functions that are not originally supported by P4, and the calculation is definable; finally, DES encryption is used as the calculation Function verification, and think and discuss the experimental process.
{"title":"A programmable data plane that supports definable computing","authors":"Zeying Liu, Pengshuai Cui, Yuxiang Hu, Yongji Dong, Kaifei Tang, Lei Xue","doi":"10.1109/IEEECONF52377.2022.10013327","DOIUrl":"https://doi.org/10.1109/IEEECONF52377.2022.10013327","url":null,"abstract":"For current Internet is confronted with some defects such as structural rigidity, single function, and protocol-independent, the functions, performance and efficiency of the Internet were promoted from the perspective of the data plane, it proposes to support computing definable programmable data based on the full-dimensional defined polymorphic smart network. It uses in-network calculations to offload network functions to programmable network elements (programmable switches) to improve operational efficiency and flexibility. This article first uses the protocol-independent P4 language to realize the definable forwarding of the data plane; on this basis, a new forwarding model is designed, adding calculation functions that are not originally supported by P4, and the calculation is definable; finally, DES encryption is used as the calculation Function verification, and think and discuss the experimental process.","PeriodicalId":193681,"journal":{"name":"2021 International Conference on Advanced Computing and Endogenous Security","volume":"41 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-04-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128546480","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2022-04-21DOI: 10.1109/IEEECONF52377.2022.10013335
Jinchuan Pei, Yuxiang Hu, L. Tian
Time-Sensitive Networking (TSN) is one of the core network technologies of the future industrial internet. It is improved on the basis of the traditional Ethernet, and provides low jitter, low delay and high reliability deterministic data transmission guarantee for time-sensitive data traffic. This paper first gives an overview of time-sensitive networking, and then focuses on four key mechanisms in TSN: time synchronization, traffic scheduling and shaping, reliability of traffic transmission, and network resource configuration and management. Finally, we analyze the development trend of key technologies in TSN and make a summary.
{"title":"A Review on Key Mechanisms of Time-Sensitive Networking","authors":"Jinchuan Pei, Yuxiang Hu, L. Tian","doi":"10.1109/IEEECONF52377.2022.10013335","DOIUrl":"https://doi.org/10.1109/IEEECONF52377.2022.10013335","url":null,"abstract":"Time-Sensitive Networking (TSN) is one of the core network technologies of the future industrial internet. It is improved on the basis of the traditional Ethernet, and provides low jitter, low delay and high reliability deterministic data transmission guarantee for time-sensitive data traffic. This paper first gives an overview of time-sensitive networking, and then focuses on four key mechanisms in TSN: time synchronization, traffic scheduling and shaping, reliability of traffic transmission, and network resource configuration and management. Finally, we analyze the development trend of key technologies in TSN and make a summary.","PeriodicalId":193681,"journal":{"name":"2021 International Conference on Advanced Computing and Endogenous Security","volume":"43 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-04-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124958673","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2022-04-21DOI: 10.1109/IEEECONF52377.2022.10013333
Zijing Liu, Zheng Zhang, Ruicheng Xi, Pengzhe Zhu, Bolin Ma
Redundant execution technology is one of the effective ways to improve the safety and reliability of computer systems. By rationally configuring redundant resources, adding components with the same function, using the determined redundant execution logic to coordinate and efficiently execute synchronously can effectively ensure high availability of the machine and system. Fault-tolerant is based on redundant execution, which is the primary method of dealing with system hardware failures. Recently, multi-threading redundancy has realized the continuous development of fault-tolerant technology, which makes the processing granularity of the system tolerate random failure factors gradually reduced. At the same time, intrusion tolerant technology has also been continuously developed with the emergence of multi-variant execution technology. It mainly uses the idea of dynamic heterogeneous redundancy to construct a set of variants with equivalent functions and different structures to complete the detection and processing of threats outside the system. We summarize the critical technologies of redundant execution to achieve fault tolerance and intrusion tolerance in recent years, sorts out the role of redundant execution in the development process from fault tolerance technology to intrusion tolerance technology, classify redundant execution technologies at different levels, finally point out the development prospects of redundant execution technology in multiple application fields and future technical research directions.
{"title":"SoK: A Survey on Redundant Execution Technology","authors":"Zijing Liu, Zheng Zhang, Ruicheng Xi, Pengzhe Zhu, Bolin Ma","doi":"10.1109/IEEECONF52377.2022.10013333","DOIUrl":"https://doi.org/10.1109/IEEECONF52377.2022.10013333","url":null,"abstract":"Redundant execution technology is one of the effective ways to improve the safety and reliability of computer systems. By rationally configuring redundant resources, adding components with the same function, using the determined redundant execution logic to coordinate and efficiently execute synchronously can effectively ensure high availability of the machine and system. Fault-tolerant is based on redundant execution, which is the primary method of dealing with system hardware failures. Recently, multi-threading redundancy has realized the continuous development of fault-tolerant technology, which makes the processing granularity of the system tolerate random failure factors gradually reduced. At the same time, intrusion tolerant technology has also been continuously developed with the emergence of multi-variant execution technology. It mainly uses the idea of dynamic heterogeneous redundancy to construct a set of variants with equivalent functions and different structures to complete the detection and processing of threats outside the system. We summarize the critical technologies of redundant execution to achieve fault tolerance and intrusion tolerance in recent years, sorts out the role of redundant execution in the development process from fault tolerance technology to intrusion tolerance technology, classify redundant execution technologies at different levels, finally point out the development prospects of redundant execution technology in multiple application fields and future technical research directions.","PeriodicalId":193681,"journal":{"name":"2021 International Conference on Advanced Computing and Endogenous Security","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-04-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129771026","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2022-04-21DOI: 10.1109/IEEECONF52377.2022.10013354
Quan Ren, Jiangxing Wu, Zhiyong Sun, Lei He, Bolin Ma, Yuliang Hu
Cyberspace mimic defense (CMD) aims to construct a new controllable and trusted system. It integrates the characteristics of heterogeneous redundant system and robust control system, achieving the security defense and warning capacity of control system. This paper adopts generalized stochastic Petri nets (GSPN) to describe system's architectures and analyze the availability and awareness security of the Cyberspace Mimic Defense System (CMDS), and we analyze the influence of different attacking strength and recovering ability. Besides, we establish the response time model for CMDS service, the results of prototype system show that the proposed method is practicable and effective, and the analysis of parameters gives the situation of degradation of executor performance, ability of recovering and coordinated attack which has useful guidance to the mimic systems engineering practice.
{"title":"Performance Modeling Based on GSPN and Markov for Cyberspace Mimic Defense System","authors":"Quan Ren, Jiangxing Wu, Zhiyong Sun, Lei He, Bolin Ma, Yuliang Hu","doi":"10.1109/IEEECONF52377.2022.10013354","DOIUrl":"https://doi.org/10.1109/IEEECONF52377.2022.10013354","url":null,"abstract":"Cyberspace mimic defense (CMD) aims to construct a new controllable and trusted system. It integrates the characteristics of heterogeneous redundant system and robust control system, achieving the security defense and warning capacity of control system. This paper adopts generalized stochastic Petri nets (GSPN) to describe system's architectures and analyze the availability and awareness security of the Cyberspace Mimic Defense System (CMDS), and we analyze the influence of different attacking strength and recovering ability. Besides, we establish the response time model for CMDS service, the results of prototype system show that the proposed method is practicable and effective, and the analysis of parameters gives the situation of degradation of executor performance, ability of recovering and coordinated attack which has useful guidance to the mimic systems engineering practice.","PeriodicalId":193681,"journal":{"name":"2021 International Conference on Advanced Computing and Endogenous Security","volume":"5 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-04-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"117192860","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2022-04-21DOI: 10.1109/IEEECONF52377.2022.10013349
Chongxin Sun, Youjun Bu, Bo Chen, Desheng Zhang, Zhonglei Chen, Xiangyu Lu, Surong Zhang, Jia Sun
Honeypot is a proactive defence technology introduced by the defence to change the asymmetry of the network offensive and defence game. Through deploying security resources without any production purpose, the defenders can deceive attackers to illegally use them to capture and analyse the attack behaviour to understand the attack tools, methods, speculate the attack intentions and motivations. This paper introduces the development process and the latest development direction of honeypot technology, comprehensively analyses the application situation of artificial intelligence technology in the key mechanisms of honeypot technology, and summarises the latest application of artificial intelligence technology in the deception environment construction, threat data capture and threat data analysis. Finally, the application of artificial intelligence technology in honeypot technology is discussed.
{"title":"Application of Artificial Intelligence Technology in Honeypot Technology","authors":"Chongxin Sun, Youjun Bu, Bo Chen, Desheng Zhang, Zhonglei Chen, Xiangyu Lu, Surong Zhang, Jia Sun","doi":"10.1109/IEEECONF52377.2022.10013349","DOIUrl":"https://doi.org/10.1109/IEEECONF52377.2022.10013349","url":null,"abstract":"Honeypot is a proactive defence technology introduced by the defence to change the asymmetry of the network offensive and defence game. Through deploying security resources without any production purpose, the defenders can deceive attackers to illegally use them to capture and analyse the attack behaviour to understand the attack tools, methods, speculate the attack intentions and motivations. This paper introduces the development process and the latest development direction of honeypot technology, comprehensively analyses the application situation of artificial intelligence technology in the key mechanisms of honeypot technology, and summarises the latest application of artificial intelligence technology in the deception environment construction, threat data capture and threat data analysis. Finally, the application of artificial intelligence technology in honeypot technology is discussed.","PeriodicalId":193681,"journal":{"name":"2021 International Conference on Advanced Computing and Endogenous Security","volume":"40 6","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-04-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114107526","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: