Design and Implementation of Power Network Security Protection System Based on Internet of Things

With the progress of society, the power industry is also constantly developing. This puts forward higher requirements for the safety of our country’s power grid system. In order to ensure the stable and reliable operation of the power supply network and the economic rationality, stability and security, this article first elaborates the concept of network security and network security management, secondly, it analyzes the network security protection technology. Finally, it studies the design and implementation of a store network security protection system based on the Internet of Things.

INFORMATION AND TELECOMMUNICATION NETWORK SECURITY MANAGEMENT METHODOLOGY

Исследуются вопросы ситуативного управления сложными динамическими системами. Анализируются релевантные работы в области ситуативного управления системами защиты. Приводятся результаты разработки алгоритма эффектив -ного управления, позволяющего уменьшать пространство состояний управляемого объекта. Показано, что представленная методика позволяет спрогнозировать количество итераций управления в зависимости от сегмента пространства состояний и выбранного количества переходов. Данный подход позволяет воздействовать на сложные динамические системы в реальном времени, причем затраты на вычислительные мощности системы управления и ее подсистем сокращаются. The issues of situational management of complex dynamic systems are investigated. Relevant works in the field of situational management of protection systems are analyzed. The article presents the results of the development of an efficient control algorithm that allows reducing the state space of the controlled object. The presented technique makes it possible to predict the number of control iterations depending on the segment of the state space and the selected number of transitions. This approach allows you to act on complex dynamic systems in real time, while the cost of the computing power of the control system and its subsystems is reduced. Keywords: INFORMATION AND TELECOMMUNICATION NETWORK, SCRIPT FORECAST, MANAGEMENT SYSTEM, SITUATIONAL MANAGEMENT, ITCN SECURITY SYSTEM

Root Cause Analysis for Autonomous Optical Network Security Management

<div>The ongoing evolution of optical networks towards autonomous systems supporting high-performance services be-yond 5G requires advanced functionalities for automated security management. These functionalities need to support risk reduction, security diagnostics and incident remediation strategies. To cope with evolving security threat scenarios, security diagnostic approaches should be able to detect and identify the nature not only of existing attack techniques, but also those hitherto unknown or insufficiently represented. Machine Learning (ML)-based algorithms have been shown to perform well when identifying known attack types, but cannot guarantee precise identification of unknown attacks. This makes Root Cause Analysis (RCA) a crucial tool to enable timely attack response when human intervention is unavoidable.</div><div>We address these challenges by establishing an ML-based framework for security assessment and analyzing RCA alter-natives for physical-layer attacks. We first scrutinize different Network Management System (NMS) architectures and the corresponding ML-based security assessment functionalities. We then investigate the applicability of supervised and unsupervised learning (SL and UL) approaches for RCA and propose a novel UL-based RCA algorithm called Distance-Based Root Cause Analysis (DB-RCA). Extensive validation of the framework’s applicability and performance in the context of autonomous optical network security management is carried out using an experimental physical-layer security dataset, evaluating the benefits and drawbacks of the SL- and UL-based RCA techniques. Besides confirming that SL-based approaches can be trained to provide precise RCA output for known attack types, the study shows that the proposed UL-based RCA approach offers meaningful insights into the properties of anomalies caused by novel attack types, thus supporting the human security officers in advancing the physical-layer security diagnostics.</div>

Root Cause Analysis for Autonomous Optical Network Security Management

<div>The ongoing evolution of optical networks towards autonomous systems supporting high-performance services be-yond 5G requires advanced functionalities for automated security management. These functionalities need to support risk reduction, security diagnostics and incident remediation strategies. To cope with evolving security threat scenarios, security diagnostic approaches should be able to detect and identify the nature not only of existing attack techniques, but also those hitherto unknown or insufficiently represented. Machine Learning (ML)-based algorithms have been shown to perform well when identifying known attack types, but cannot guarantee precise identification of unknown attacks. This makes Root Cause Analysis (RCA) a crucial tool to enable timely attack response when human intervention is unavoidable.</div><div>We address these challenges by establishing an ML-based framework for security assessment and analyzing RCA alter-natives for physical-layer attacks. We first scrutinize different Network Management System (NMS) architectures and the corresponding ML-based security assessment functionalities. We then investigate the applicability of supervised and unsupervised learning (SL and UL) approaches for RCA and propose a novel UL-based RCA algorithm called Distance-Based Root Cause Analysis (DB-RCA). Extensive validation of the framework’s applicability and performance in the context of autonomous optical network security management is carried out using an experimental physical-layer security dataset, evaluating the benefits and drawbacks of the SL- and UL-based RCA techniques. Besides confirming that SL-based approaches can be trained to provide precise RCA output for known attack types, the study shows that the proposed UL-based RCA approach offers meaningful insights into the properties of anomalies caused by novel attack types, thus supporting the human security officers in advancing the physical-layer security diagnostics.</div>

Root Cause Analysis for Autonomous Optical Network Security Management

<div>The ongoing evolution of optical networks towards autonomous systems supporting high-performance services be-yond 5G requires advanced functionalities for automated security management. These functionalities need to support risk reduction, security diagnostics and incident remediation strategies. To cope with evolving security threat scenarios, security diagnostic approaches should be able to detect and identify the nature not only of existing attack techniques, but also those hitherto unknown or insufficiently represented. Machine Learning (ML)-based algorithms have been shown to perform well when identifying known attack types, but cannot guarantee precise identification of unknown attacks. This makes Root Cause Analysis (RCA) a crucial tool to enable timely attack response when human intervention is unavoidable.</div><div>We address these challenges by establishing an ML-based framework for security assessment and analyzing RCA alter-natives for physical-layer attacks. We first scrutinize different Network Management System (NMS) architectures and the corresponding ML-based security assessment functionalities. We then investigate the applicability of supervised and unsupervised learning (SL and UL) approaches for RCA and propose a novel UL-based RCA algorithm called Distance-Based Root Cause Analysis (DB-RCA). Extensive validation of the framework’s applicability and performance in the context of autonomous optical network security management is carried out using an experimental physical-layer security dataset, evaluating the benefits and drawbacks of the SL- and UL-based RCA techniques. Besides confirming that SL-based approaches can be trained to provide precise RCA output for known attack types, the study shows that the proposed UL-based RCA approach offers meaningful insights into the properties of anomalies caused by novel attack types, thus supporting the human security officers in advancing the physical-layer security diagnostics.</div>

Campus Computer Network Construction Simulation and Cyber Security Technology

With the rapid development of the network age, the network has become an indispensable part of our daily life and work. Computer network is also an indispensable part in campus. How to build a suitable computer network according to the campus environment has become an important problem. Then, while improving the level of network security management, it helps the school carry out its work smoothly. Therefore, this paper expounds the construction scheme of campus computer network, so as to help the campus computer network more perfect.

Computer Network Security Management System in University Information Construction

In the process of using the computer network, the main page is hacked, the virus overflows, the information is stolen and so on, which brings the inestimable loss to the security of the campus network. Therefore, how to improve the security of campus computer network has become a common concern. This paper discusses the importance of network security in Colleges and universities, and points out the factors that threaten the network security in Colleges and universities. Based on the analysis of the security problems existing in the computer network system and the current situation of network security management in Colleges and universities, this paper puts forward some measures to strengthen the computer network security management in Colleges and universities. This paper studies and designs a set of computer intranet terminal security management system which is suitable for the characteristics of colleges and universities, including domain management subsystem, patch management subsystem, access control subsystem and platform monitoring subsystem. This paper makes a comprehensive analysis of the functions of each subsystem, and introduces the corresponding management processes and strategies. This paper describes the relationship between the subsystems and analyzes the interface between the architecture and other application systems.

A Method for TLS Malicious Traffic Identification Based on Machine Learning

With more and more malicious traffic using TLS protocol encryption, efficient identification of TLS malicious traffic has become an increasingly important task in network security management in order to ensure communication security and privacy. Most of the traditional traffic identification methods on TLS malicious encryption only adopt the common characteristics of ordinary traffic, which results in the increase of coupling among features and then the low identification accuracy. In addition, most of the previous work related to malicious traffic identification extracted features directly from the data flow without recording the extraction process, making it difficult for subsequent traceability. Therefore, this paper implements an efficient feature extraction method with structural correlation for TLS malicious encrypted traffic. The traffic feature extraction process is logged in modules, and the index is used to establish relevant information links, so as to analyse the context and facilitate subsequent feature analysis and problem traceability. Finally, Random Forest is used to realize efficient TLS malicious traffic identification with an accuracy of up to 99.38%.