ISSN 1000-1239 CN 11-1777/TP

Table of Content

01 May 2022, Volume 59 Issue 5
Survey of Copyright Protection Schemes Based on DNN Model
Fan Xuefeng, Zhou Xiaoyi, Zhu Bingbing, Dong Jinwei, Niu Jun, Wang He
2022, 59(5):  953-977.  doi:10.7544/issn1000-1239.20211115
Asbtract ( 263 )   PDF (5252KB) ( 253 )  
Related Articles | Metrics
Emerging technologies such as the deep neural network (DNN) have been rapidly developed and applied in industrial Internet security with unprecedented performance. However, training a DNN model needs to capture a large number of proprietary data in different scenarios in the target application, to require extensive computing resources, and to adjust the network topology with the assistance of experts to properly train the parameters. As valuable intellectual property, DNN model should be technically protected from illegal reproduction, redistribution or abuse. Inspired by the classical watermarking technologies which protect intellectual property rights related to multimedia content, neural network watermarking is currently the DNN model copyright protection method most concerned by researchers. So far, there is no complete description of the application of neural network watermarking in the protection of intellectual property of DNN models. We investigate the relevant work of CCF recommended journals and conferences in recent five years. From the perspective of watermark embedding and extraction, based on the original classification of white box and black box watermarking, the neural network watermarking is extended to gray box and null box. The white box and black box watermarkings are summarized in details according to their different ideas and various task models, and the performances of the four classifications are compared. Finally, we discuss the future challenges and research directions of neural network watermarking, aiming to provide guidance to further promote such technologies for DNN model copyright protection.
Survey of Protocol Security of Industrial Control System
Fang Dongliang, Liu Puzhuo, Qin Chuan, Song Zhanwei, Sun Yuyan, Shi Zhiqiang, Sun Limin
2022, 59(5):  978-993.  doi:10.7544/issn1000-1239.20211132
Asbtract ( 332 )   PDF (2063KB) ( 188 )  
Related Articles | Metrics
Industrial control system (ICS) is an important part of national infrastructure, widely used in energy, manufacturing, transportation, military and other industries, and is an important resource related to the national economy and people’s livelihood. Industrial control protocol is a crucial link for the ICS to achieve the organic linkage of many functions such as real-time data exchange, data acquisition, parameter configuration, status monitoring, abnormal behavior diagnosis, command issuance and execution, etc. Its security issues are closely related to the reliable and stable operations of ICS. In-depth security analysis of industrial control protocols is an important angle for understanding the security threats of ICS, and can provide guidance for the security protection of ICS. We investigate the security work of industrial control protocols from the academia and the industry, including research papers, standards and guidelines, attack incidents, etc. It systematically analyzes and summarizes the security problems faced by industrial control protocols. Firstly, we elaborate on the industrial control network architecture, the role and classification of industrial control protocols, and the comparison with traditional protocols. From the perspective of protocol design, implementation, and application, we conduct an in-depth analysis of industrial control protocol attack threats and security defense solutions. Finally, we discuss about the research trends on the security of industrial control protocols.
Survey on Machine Learning-Based Anomaly Detection for Industrial Internet
Liu Qixu, Chen Yanhui, Ni Jieshuo, Luo Cheng, Liu Caiyun, Cao Yaqin, Tan Ru, Feng Yun, Zhang Yue
2022, 59(5):  994-1014.  doi:10.7544/issn1000-1239.20211147
Asbtract ( 443 )   PDF (1710KB) ( 335 )  
Related Articles | Metrics
Machine learning has achieved great success in computer vision, natural language processing and other fields in the past few years. In recent years, machine learning technology has gradually become one of the mainstream technologies in the field of cyber-security, and many intrusion detection technologies based on machine learning have emerged in the field of the industrial Internet. Aiming at landing machine learning-based intrusion detection technology into the real industrial system network, we conduct an in-depth analysis of related work in the field. We summarize the uniqueness of machine learning-based intrusion detection in the industrial Internet and extract three research points from the workflow of intrusion detection in industrial control system (ICS). Based on the research points that different researches focus on, we divide machine learning-based intrusion detection system (IDS) in ICS into three categories: algorithm design-oriented researches, application challenges and limitations-oriented researches, and ICS attack scenario-oriented researches. The taxonomy shows the significance of different research work as well as exposes the problems existing in the research field at present. It can provide a good research direction and reference for future work. In the end, we propose two promising research directions in this field based on the latest developments in machine learning.
Research and Challenges on Reverse Analysis Technology of Industrial Control Protocol
Huang Tao, Fu Anmin, Ji Yukai, Mao An, Wang Zhanfeng, Hu Chao
2022, 59(5):  1015-1034.  doi:10.7544/issn1000-1239.20211149
Asbtract ( 203 )   PDF (1455KB) ( 122 )  
Related Articles | Metrics
In recent years, the security incidents of the industrial Internet have become more frequent, especially the industrial control systems (ICS), which reveals that there are already many hidden security risks in ICS. Meanwhile, most of the attack and defense methods against those ICS security risks need to analyze the industrial control protocol. However, most of the private industrial control protocols in ICS have typical characteristics that are completely different from ordinary Internet protocols, such as structure, field accuracy and periodicity, and as a result, those reverse analysis techniques for Internet protocols are generally not directly applicable to industrial control protocols. Therefore, the reverse analysis technology for industrial control protocols has become a research hotspot in academia and industry recently. In the paper, firstly, the structural characteristics of industrial control protocols are illustrated and summarized with two typical industrial control protocols. Secondly, we introduce the frameworks for reverse analysis of industrial control protocols, and deeply analyze the characteristics of frameworks based on program execution and packet sequence respectively. Then the industrial control protocols reverse methods based on packet sequence are analyzed and compared in detail from multiple perspectives, such as the degree of human-computer participation and the extraction method of protocol format. Finally, we discuss the characteristics and shortcomings of the existing reverse analysis methods, and prospect and analyze the future research directions of industrial control protocol reverse analysis technology.
Survey of Industrial Control Systems Security
Yang Ting, Zhang Jiayuan, Huang Zaiqi, Chen Yujie, Huang Chenglong, Zhou Wei, Liu Peng, Feng Tao, Zhang Yuqing
2022, 59(5):  1035-1053.  doi:10.7544/issn1000-1239.20211154
Asbtract ( 407 )   PDF (1446KB) ( 245 )  
Related Articles | Metrics
In addition to the application of manufacturing industries, industrial control systems are also widely used in critical infrastructure such as transportation, energy, and water treatment industries. Accelerated application of digital, network, and intelligent technologies in industrial control systems, more and more smart devices are connected to it, leading to severe challenges to its security. Therefore, the security of industrial control systems has attracted the attention of researchers. In order to let the researchers systematically understand the current research progress, we have researched the core database of Web of Science, EI database, the network and information security related papers of CCF recommended international academic conferences and other high-level research work in the past three years. First, the architecture of industrial control systems is introduced, then the security threats that ICS faces are introduced. Moreover, according to the architecture of the industrial control systems, we divide the security research work into three parts: the communication security of industrial control system and cloud, the communication security of human machine interface (HMI) to device, the security of device firmware and other security research issues, analyze them from the perspective of attack and defense. Finally, we put forward the main challenges that security research faces, identify open problems for future research directions.
Survey of Ubiquitous Computing Security
Li Yin, Chen Yong, Zhao Jingxin, Yue Xinghui, Zheng Chen, Wu Yanjun, Wu Gaofei
2022, 59(5):  1054-1081.  doi:10.7544/issn1000-1239.20211248
Asbtract ( 285 )   PDF (3193KB) ( 374 )  
Related Articles | Metrics
With the development of ubiquitous computing technology and ubiquitous operating system (UOS), ubiquitous computing has become a hot research topic both in industry and academy. As classic ubiquitous computing scenarios, smart home, industrial Internet of things, self-driving, and cloud computing, have become increasingly prosperous, and their security issues have attracted the attention of researchers. Currently, as the related research on ubiquitous computing security is in its initial stage, there is still no general security methods that can solve the emerging security issues of ubiquitous computing. In this paper, we firstly review the current status of ubiquitous computing, UOS, and summarize its architecture. Then, we analyze and summarize the state-of-the-art research effort on ubiquitous computing security, and divide security issues into three major aspects: system security, device security and communication security. We discuss the security issues and related research effort in four classic ubiquitous computing scenarios. Through in-depth analysis of the shortcomings of existing research and the causes of security problem, we summarize eight key technical challenges and opportunities in ubiquitous computing security. Finally, we discuss every challenge, and point out the potential security research directions of ubiquitous computing in future.
Quantum K-Nearest Neighbor Classification Algorithm for Privacy Data Analysis of Industrial Internet
Chang Yan, Lin Yusheng, Huang Siwei, Zhang Shibin
2022, 59(5):  1082-1091.  doi:10.7544/issn1000-1239.20211146
Asbtract ( 164 )   PDF (854KB) ( 150 )  
Related Articles | Metrics
It is of great significance to analyze and utilize the massive human, machine, thing and system data contained in industrial Internet to optimize the manufacturing system and service system covering the whole industrial chain and value chain. However, the processing and analysis of industrial Internet big data brings us opportunities at the same time, but also unprecedented privacy concerns. Privacy security is an important part of industrial Internet security. Research on big data analysis algorithms of industrial Internet with privacy protection has been very urgent and severe. Industrial Internet big data processing also has higher requirements for privacy, efficiency and accuracy. We propose a quantum K-nearest neighbor (KNN) algorithm with privacy-protecting characteristics, and find an encryption method for the original training sample set and the sample to be tested, so that the ciphertext sample input to the quantum cloud server can get the same prediction result as the original sample input. In this algorithm, because of the inversion of a prediction result corresponding to N+1 input data, it is difficult to deduce the model, parameters, input data and related attribute characteristics from the prediction results obtained by multiple visits to the quantum cloud server. Therefore, the proposed algorithm can well resist model extraction attack, model reverse attack, member inference attack, attribute inference attack and so on. Compared with the existing quantum machine learning algorithm with privacy protection, it is found that the privacy protection scheme in this paper is superior to the existing schemes in three aspects of privacy, complexity and availability, which achieves privacy protection without increasing additional computing overhead, reducing the efficiency and availability of the algorithm, and affecting the accuracy of the algorithm. We provide a new method to protect the privacy of quantum machine learning and a new idea to improve the comprehensive performance of industrial Internet big data analysis in terms of privacy, efficiency and accuracy, which has important theoretical value and practical significance.
Action Identification Without Bounds on Applications Based on Self-Attention Mechanism
Wang Chong, Wei Ziling, Chen Shuhui
2022, 59(5):  1092-1104.  doi:10.7544/issn1000-1239.20211158
Asbtract ( 183 )   PDF (969KB) ( 177 )  
Related Articles | Metrics
In recent years, the industrial Internet has experienced a rapid development. However, like the traditional Internet, the industrial Internet also faces a large number of threats from cyber-attacks and sensitive information leakage risks. Traffic classification technology, especially fine-grained application action identification, can assist network managers in detecting abnormal behaviors and discovering privacy leakage risks. It provides the security of the industrial Internet. Whereas, the existing action identification technology relies on the pre-segmentation of the action bounds in the traffic. In this case, existing methods cannot identify actions without bounds, which are difficult to be used in real scenes. Therefore, an action identification algorithm without bounds is proposed. Firstly, we build a packet-level identification model based on self-attention mechanism to classify packets. Then we propose an action aggregation algorithm to acquire action sequence from the classification results of packets. Finally, we establish two new indicators to measure the quality of the identification result. To verify the feasibility of our algorithm, we take WeChat as an example to conduct experiments. The results show that the model can achieve a sequential precision of up to 90%. This research is expected to greatly promote the practical application of action identification technology.
An Integrated Protection Method of Moving Target Defense and Access Control Based on IPv6 Network
Li Zhenyu, Ding Yong, Yuan Fang, Zhang Kun
2022, 59(5):  1105-1119.  doi:10.7544/issn1000-1239.20211118
Asbtract ( 154 )   PDF (3034KB) ( 246 )  
Related Articles | Metrics
With the rising 5G technology, many industrial Internet devices are deployed in 5G networks. However, there are many network attacks on the current Internet, which causes a large number of industrial Internet devices to face huge security threats. Therefore, industrial Internet devices urgently need newer security technologies to secure them. In this paper, an access-control-supported moving target defense method based on the IP version 6 (IPv6) network is proposed. First, we propose three mechanisms to assist random IP address generation, including random address generation mechanism, time difference redundancy mechanism, and the multithread supported lockless random IP address selection mechanism. The combined use of the above three mechanisms can effectively improve the performance and stability of the moving target processor. Then, we propose a method of replacing the original packet with a random address by a moving target processor, which can realize the transmission of random addresses on the Internet. Here, we use access control technology in moving target processors, which can enhance protection for industrial Internet devices. Finally, experiments show that the moving target defense with the access control technology has little impact on the original network and is extremely secure. Hence, the method proposed in this paper can satisfy the prerequisites for practical application.
An Edge Zero-Trust Model Against Compromised Terminals Threats in Power IoT Environments
Feng Jingyu, Yu Tingting, Wang Ziying, Zhang Wenbo, Han Gang, Huang Wenhua
2022, 59(5):  1120-1132.  doi:10.7544/issn1000-1239.20211129
Asbtract ( 92 )   PDF (2465KB) ( 97 )  
Related Articles | Metrics
With the continuous penetration of information technology into the power industry, the exposure of power IoT networks has been further increased. Attackers can use compromised terminals as the springboard to infiltrate the network, and thus stealing sensitive data or doing damage in the power industry system. Aiming at the bottleneck of zero-trust centralized deployment of massive power terminals access, an edge zero-trust model is proposed. Around the dense power terminals, zero-trust engine should be deployed in manner of distributed multi- points. Trust factors are collected in real time and stored on the blockchain. By maintaining a consortium blockchain called TF_chain, the storage edge servers can synchronously share trust factors generated by power terminals on the move, and thus facilitating traceability and preventing tampering. The abnormal and sensitive factors are extracted to carry out dynamic trust evaluation. The trust value can be rapidly attenuated by the sudden behaviors of compromised terminals, so as to fast prevent their threats during the authentication. A lightweight signcryption method is adopted to ensure the security of authentication information transmitted from edge to cloud. The simulation results show that the proposed model can disperse the zero-trust processing load of centralized deployment and effectively fight against compromised terminals threats under the condition of marginal deployment.
Security Testing of Visual Perception Module in Autonomous Driving System
Wu Hao, Wang Hao, Su Xing, Li Minghao, Xu Fengyuan, Zhong Sheng
2022, 59(5):  1133-1147.  doi:10.7544/issn1000-1239.20211139
Asbtract ( 109 )   PDF (2425KB) ( 82 )  
Related Articles | Metrics
In recent years, developments of visual perception techniques based on deep learning have significantly promoted the prosperity of autonomous driving in Internet of vehicles scenarios. However, frequent security issues of autonomous driving systems have raised concerns about the future of autonomous driving. Since the behaviors of deep learning systems lack interpretability, testing the robustness of autonomous driving systems based on deep learning is challenging. The existing efforts on security testing for autonomous driving have limitations in scene description, security defect detection, and defect interpretation. Aiming at testing the security of the visual perception module of autonomous driving, we design and implement a scene-driven security testing system. A flexible scene description method that balances authenticity and richness is proposed. We utilize the real-time rendering engine to generate scenes for autonomous driving security testing. We design an efficient scene search algorithm for nonlinear systems that dynamically schedules search plans based on the testing feedback. We also design a failure analyzer to profile the cause of security issues automatically. We reproduce the latest dynamic automatic driving testing system, which is based on the real-time rendering engine, and test the CILRS system and CIL system with our system and the state-of-the-art system. The experimental results show that our system’s failure discovery rate is 1.4 times that of the state-of-the-art scene-driven dynamic testing system in the same amount of time. Further experiments show that our system can find 1 939 and 1 671 scenes through 3 000 dynamically-searched scenes, respectively, which cause security issues in the CIL and CILRS system’s visual perception module. The searched scenes are in three environments: the fields, the country, and the city, and the average search time for each failure-causing scene is 16.86s. From a statistical perspective, our analyzer finds that objects on both sides of the road, rainy weather and red or yellow objects are more likely to cause the CILRS system to fail.
Classification Method of Industrial Internet Intrusion Detection Based on Feature Selection
Ren Jiadong, Zhang Yafei, Zhang Bing, Li Shangyang
2022, 59(5):  1148-1159.  doi:10.7544/issn1000-1239.20211152
Asbtract ( 160 )   PDF (1080KB) ( 281 )  
Related Articles | Metrics
Due to the diversity and differences of industrial Internet access equipment, it is difficult to maintain and vulnerable to attacks. For this security problem, it is necessary to introduce relevant defense systems to identify various intrusion attacks. The traditional intrusion detection system can detect fewer types of attacks, and the network traffic data has poor classification performance due to the redundancy of irrelevant features. Therefore, we propose a classification method for industrial Internet intrusion detection based on feature selection. At first, this method preprocesses the dataset, and determines the strength of the feature by calculating the Pearson correlation coefficient of the feature, and determines the optimal threshold for feature extraction; then, from the perspective of machine learning and deep learning, logistic regression is used. Eight models including logistic regression, support vector machine, K-nearest neighbor, decision tree, random forest, multi-layer perceptron, convolutional neural network, and spatial-temporal network are respectively subjected to binary and multi-classification experiments and evaluated. The experimental results show that the binary classification effect of random forest is the best, and the multi-classification effect of decision tree is the best. Finally, the effectiveness of this method is verified in the real industrial Internet practice.
Survey of 3-Dimensional Point Cloud Processing Based on Deep Learning
Li Jiaojiao, Sun Hongyan, Dong Yu, Zhang Ruohan, Sun Xiaopeng
2022, 59(5):  1160-1179.  doi:10.7544/issn1000-1239.20210131
Asbtract ( 245 )   PDF (1482KB) ( 198 )  
Related Articles | Metrics
Deep learning has shown its superior performance in the structured data analysis such as 2-dimensional images. In recent years, with the development of LIDAR sensing equipment and related technologies, 3-dimensional point cloud scanning and acquisition has become more convenient. That makes the analysis and processing of unstructured point cloud data potential become an important research direction and obtain some progress in many fields such as computer graphics, robot, autonomous driving, virtual and augmented reality. A survey on the research of 3-dimensional point cloud processing of recent years is presented. Focusing on the application of deep learning in 3-dimensional point cloud shape analysis, structure extraction, detection and repair, we introduce the extraction method of point cloud topological structure, and compare the progress of the following research directions with the construction of neural networks as the main method: shape deformation, reconstruction, segmentation, classification, object tracking, scene flow estimation, object detection and pose estimation. Finally, we summarize the commonly used 3-dimensional point cloud public datasets, analyze and compare the characteristics and evaluation indicators of various point cloud processing task methods, and point out their advantages and disadvantages. The challenges and development directions of processing point cloud data based on deep learning are discussed.