Software defined Internet of Vehicles (SD-IoV) is an emerging paradigm for accomplishing Industrial Things (IIoT). Unfortunately, SD-IoV still faces security challenges. Traditional solutions respond after attacks happening, which low-effective. To cope with this problem, moving target defense (MTD) was proposed to modify network configurations dynamically. However, current MTD IIoT has several drawbacks: 1) it cannot handle highly dynamic environments; 2) strategy lacks intelligence because...

With rapid development of emerging technologies for Internet Things (IoT), digital twins (DT) have been proposed to support a wide variety applications. A mobile network is expected be integrated with DT form (DTMN). Unfortunately, DTMN still faces security threats, which attracted great research attention. Current defense mechanisms are mostly static, i.e., responding after attacks happening. To solve the aforementioned problem, moving target (MTD) has as an innovative solution. However,...

With the explosive growth of Internet traffic, large sensitive and valuable information is at risk cyber attacks, which are mostly preceded by network reconnaissance. A moving target defense technique called host address mutation (HAM) helps facing However, there still exist several fundamental problems in HAM: 1) current approaches cannot be self-adaptive to adversarial strategies; 2) state time-varying because each decides whether mutate IP address; 3) most methods mainly focus on...

Existing static defenses for online service systems can be fragile and costly due to the continuity of ubiquitous cyber attacks. LAD has become a promising technology tackle this problem. However, security defense mechanism itself is often neglected as mainly focuses on fortifying protected target. This would allow new deductive attack encroach LADs by inferring undermining strategy, then whole completely invalidated once all. Such problem leads urgent need develop technologies with...

Moving target defense (MTD) is an emerging proactive technology, which can reduce the risk of vulnerabilities exploited by attacker. As a crucial component MTD, route mutation (RM) faces few fundamental problems defending against sophisticated Distributed-Denial Service (DDoS) attacks: 1) it unable to make optimal selection due insufficient learning in attack behaviors and 2) because network situation time varying, RM also lacks self-adaptation parameters. In this article, we propose...

Vehicular Ad hoc Networks (VANETs) are prone to packet drop attacks because of their inherent distributed architecture and dynamic topology. Existing security schemes mainly focus on multi-path trust-based routing. Unfortunately, the former causes high energy consumption latter requires trust assessment, which is not easy implement in practice. Route mutation (RM) emerging as an active defense technology that changes routes periodically. Traditional RM conceived for fixed network topologies,...

Network function virtualization (NFV) supports the rapid development of service chain (SFC), which efficiently connects a sequence network virtual instances (VNFIs) placed into physical infrastructures. Current SFC migration mechanisms usually keep static deployment after finishing certain objectives, and methods mostly provide resource allocation for VNFIs. Therefore, adversary has enough time to plan devastating attacks in-service SFCs. Fortunately, moving target defense (MTD) was proposed...

These years, Deep Neural Networks (DNNs) have shown unprecedented performance in many areas. However, some recent studies revealed their vulnerability to small perturbations added on source inputs. Furthermore, we call the ways generate these perturbations’ adversarial attacks, which contain two types, black-box and white-box according adversaries’ access target models. In order overcome problem of attackers’ unreachabilities internals DNN, researchers put forward a series strategies....

Modern vehicles in Intelligent Transportation Systems (ITS) can communicate with each other as well roadside infrastructure units (RSUs) order to increase transportation efficiency and road safety. For example, there are techniques alert drivers advance about traffic incidents help them avoid congestion. Threats these systems, on the hand, limit benefits of technologies. Securing ITS itself is an important concern design implementation. In this paper, we provide a security model which...

With the increasingly rich of vulnerability related data and extensive application machine learning methods, software analysis methods based on is becoming an important research area information security. In this paper, up-to-date well-known works in were analyzed deeply. A framework for was proposed. And existing described compared, limitations these discussed. The future directions put forward end.

In the feature matching of some Vehicular Ad Hoc Network (VANET) technologies, users' privacy disclosure issue has seriously threatened personal safety and caused considerable economic loss. this paper, we proposed Oblivious Transfer (OT) protocol Private Set Intersection (PSI) to protect in situation VANET's matching. our schema, an efficient k-out-of- n OT is constructed. Then, adopted give a PSI with equality test. Based on protocol, two parties VANET can obtain intersection their...

Recent studies have demonstrated deep neural network-based image classifiers are vulnerable to adversarial examples. Although many existing methods could obtain outstanding attack performance, they often require certain information about the attacked model, e.g., output category scores. Meanwhile, optimization-based need steps generate In practice, we label but Besides, compared those samples with large semantic gaps, Panda and Gibbon, most not easy find examples on small Tabby Cat Egyptian...

Albeit the popularity of federated learning (FL), recently emerging model-inversion and poisoning attacks arouse extensive concerns towards privacy or model integrity, which catalyzes developments secure (SFL) methods. Nonetheless, collisions between its two equally crucial elements in collaborative scenarios, are relatively underexplored. Individuals' wish to "hide crowd" for frequently clashes with aggregators' need resist abnormal participants integrity (i.e., incompatibility Byzantine...

Kubernetes (K8s) has become a core technology for cloud-native applications. However, design flaw of the external IP in K8s leads to service-oriented man-in-the-middle attack. Existing solutions (e.g., script monitor) attempt address it passively, which allows attackers enough analysis time bypass these static rule reviews. Differently, we propose mutation-enabled proactive defense mechanism, aiming change asymmetry between and defenders. It involves mutation (i.e., network identification)...

For the reasons that defect remedy is an endless arduous work for static network defense technologies and cyberspace security remains unguaranteed, moving target (MTD) proposed to stem tide. Whereas, as important branch of MTD, route mutation still have limitations against some sophisticated adversaries like Advanced Persistent Threat (APT), multiple-step complex or combined attacks. In this paper, we propose a new spatio-temporal method based on MTD. We first take maximization resistibility...