The ionosphere, as the largest and least predictable error source, its behavior cannot be observed at all places simultaneously. The confidence bound, called the grid ionospheric vertical error(GIVE), can only be dete...The ionosphere, as the largest and least predictable error source, its behavior cannot be observed at all places simultaneously. The confidence bound, called the grid ionospheric vertical error(GIVE), can only be determined with the aid of a threat model which is used to restrict the expected ionospheric behavior. However, the spatial threat model at present widespread used, which is based on fit radius and relative centroid metric(RCM), is too conservative or the resulting GIVEs will be too large and will reduce the availability of satellite-based augmentation system(SBAS). In this paper, layered two-dimensional parameters, the vertical direction double RCMs, are introduced based on the spatial variability of the ionosphere. Comparing with the traditional threat model, the experimental results show that the user ionospheric vertical error(UIVE) average reduction rate reaches 16%. And the 95% protection level of conterminous United States(CONUS) is 28%, even under disturbed days, which reaches about 5% reduction rates.The results show that the system service performance has been improved better.展开更多
In order to evaluate all attack paths in a threat tree,based on threat modeling theory,a weight distribution algorithm of the root node in a threat tree is designed,which computes threat coefficients of leaf nodes in ...In order to evaluate all attack paths in a threat tree,based on threat modeling theory,a weight distribution algorithm of the root node in a threat tree is designed,which computes threat coefficients of leaf nodes in two ways including threat occurring possibility and the degree of damage.Besides,an algorithm of searching attack path was also obtained in accordence with its definition.Finally,an attack path evaluation system was implemented which can output the threat coefficients of the leaf nodes in a target threat tree,the weight distribution information,and the attack paths.An example threat tree is given to verify the effectiveness of the algorithms.展开更多
Cyber Threat Intelligence(CTI)is a valuable resource for cybersecurity defense,but it also poses challenges due to its multi-source and heterogeneous nature.Security personnel may be unable to use CTI effectively to u...Cyber Threat Intelligence(CTI)is a valuable resource for cybersecurity defense,but it also poses challenges due to its multi-source and heterogeneous nature.Security personnel may be unable to use CTI effectively to understand the condition and trend of a cyberattack and respond promptly.To address these challenges,we propose a novel approach that consists of three steps.First,we construct the attack and defense analysis of the cybersecurity ontology(ADACO)model by integrating multiple cybersecurity databases.Second,we develop the threat evolution prediction algorithm(TEPA),which can automatically detect threats at device nodes,correlate and map multisource threat information,and dynamically infer the threat evolution process.TEPA leverages knowledge graphs to represent comprehensive threat scenarios and achieves better performance in simulated experiments by combining structural and textual features of entities.Third,we design the intelligent defense decision algorithm(IDDA),which can provide intelligent recommendations for security personnel regarding the most suitable defense techniques.IDDA outperforms the baseline methods in the comparative experiment.展开更多
The construction industry has long faced the challenge of introducing collaborative systems among multiple stakeholders.This challenge creates a high level of rigidity in terms of processing shared information related...The construction industry has long faced the challenge of introducing collaborative systems among multiple stakeholders.This challenge creates a high level of rigidity in terms of processing shared information related to different processes,robust holistic regulations,payment actualizations,and resource utilization across different nodes.The need for a digital platform to crossconnect all stakeholders is necessary.A blockchain-based platform is a prime candidate to improve the industry in general and the construction supply chain(CSC)in particular.In this paper,a literature review is presented to establish the main challenges that CSC faces in terms of its effects on productivity and efficiency.In addition,the effect of applying blockchain platforms on a case study is presented and analyzed from performance and security level.The analysis aims to emphasize that blockchain,as presented in this paper,is a viable solution to the challenges in the CSC regardless of the risks associated with the security and robustness of the flow of information and data protection.Moreover,a threat analysis of applying a blockchain model on the CSC industry is introduced.This model indicates potential attacks and possible countermeasures to prevent the attacks.Future work is needed to expand,quantify,and optimize the threat model and conduct simulations considering proposed countermeasures for the different blockchain attacks outlined in this study.展开更多
Advanced Persistent Threat(APT)is now the most common network assault.However,the existing threat analysis models cannot simultaneously predict the macro-development trend and micro-propagation path of APT attacks.The...Advanced Persistent Threat(APT)is now the most common network assault.However,the existing threat analysis models cannot simultaneously predict the macro-development trend and micro-propagation path of APT attacks.They cannot provide rapid and accurate early warning and decision responses to the present system state because they are inadequate at deducing the risk evolution rules of network threats.To address the above problems,firstly,this paper constructs the multi-source threat element analysis ontology(MTEAO)by integrating multi-source network security knowledge bases.Subsequently,based on MTEAO,we propose a two-layer threat prediction model(TL-TPM)that combines the knowledge graph and the event graph.The macro-layer of TL-TPM is based on the knowledge graph to derive the propagation path of threats among devices and to correlate threat elements for threat warning and decision-making;The micro-layer ingeniously maps the attack graph onto the event graph and derives the evolution path of attack techniques based on the event graph to improve the explainability of the evolution of threat events.The experiment’s results demonstrate that TL-TPM can completely depict the threat development trend,and the early warning results are more precise and scientific,offering knowledge and guidance for active defense.展开更多
Threat modeling is of increasing importance to IT security,and it is a complex and resource demanding task.The aim of automating threat modeling is to simplify model creation by using data that are already available.H...Threat modeling is of increasing importance to IT security,and it is a complex and resource demanding task.The aim of automating threat modeling is to simplify model creation by using data that are already available.However,the collected data often lack context;this can make the automated models less precise in terms of domain knowledge than those created by an expert human modeler.The lack of domain knowledge in modeling automation can be addressed with ontologies.In this paper,we introduce an ontology framework to improve automatic threat modeling.The framework is developed with conceptual modeling and validated using three different datasets:a small scale utility lab,water utility control network,and university IT environment.The framework produced successful results such as standardizing input sources,removing duplicate name entries,and grouping application software more logically.展开更多
Threat modeling is of increasing importance to IT security,and it is a complex and resource demanding task.The aim of automating threat modeling is to simplify model creation by using data that are already available.H...Threat modeling is of increasing importance to IT security,and it is a complex and resource demanding task.The aim of automating threat modeling is to simplify model creation by using data that are already available.However,the collected data often lack context;this can make the automated models less precise in terms of domain knowledge than those created by an expert human modeler.The lack of domain knowledge in modeling automation can be addressed with ontologies.In this paper,we introduce an ontology framework to improve automatic threat modeling.The framework is developed with conceptual modeling and validated using three different datasets:a small scale utility lab,water utility control network,and university IT environment.The framework produced successful results such as standardizing input sources,removing duplicate name entries,and grouping application software more logically.展开更多
This paper examines how cybersecurity is developing and how it relates to more conventional information security. Although information security and cyber security are sometimes used synonymously, this study contends t...This paper examines how cybersecurity is developing and how it relates to more conventional information security. Although information security and cyber security are sometimes used synonymously, this study contends that they are not the same. The concept of cyber security is explored, which goes beyond protecting information resources to include a wider variety of assets, including people [1]. Protecting information assets is the main goal of traditional information security, with consideration to the human element and how people fit into the security process. On the other hand, cyber security adds a new level of complexity, as people might unintentionally contribute to or become targets of cyberattacks. This aspect presents moral questions since it is becoming more widely accepted that society has a duty to protect weaker members of society, including children [1]. The study emphasizes how important cyber security is on a larger scale, with many countries creating plans and laws to counteract cyberattacks. Nevertheless, a lot of these sources frequently neglect to define the differences or the relationship between information security and cyber security [1]. The paper focus on differentiating between cybersecurity and information security on a larger scale. The study also highlights other areas of cybersecurity which includes defending people, social norms, and vital infrastructure from threats that arise from online in addition to information and technology protection. It contends that ethical issues and the human factor are becoming more and more important in protecting assets in the digital age, and that cyber security is a paradigm shift in this regard [1].展开更多
Radio Frequency IDentification(RFID)and related technologies such as Near Field Communication(NFC)are becoming essential in industrial contexts thanks to their ability to perform contactless data exchange,either devic...Radio Frequency IDentification(RFID)and related technologies such as Near Field Communication(NFC)are becoming essential in industrial contexts thanks to their ability to perform contactless data exchange,either device-to-device or tag-to-device.One of the three main operation modes of NFC,called read/write mode,makes use of the latter type of interaction.It is extensively used in business information systems that make use of NFC tags to provide the end-user with augmented information in one of several available NFC data exchange formats,such as plain text,simple URLs or enriched URLs.Using a wide variety of physical form factors,NFC-compatible tags(wireless transponders)are currently available in many locations with applications going from smart posters,contactless tokens,tap-and-go payments or transport ticketing to automated device configuration,patient identification at hospitals or inventory management within supply chains.Most of these applications handle sensitive processes or data.This paper proposes a complete security threat model for the read/write operation mode of NFC used in Next Generation Industrial IoT(Nx-IIoT)contexts.This model,based on a wellknown methodology,STRIDE,allows developers and users to identify NFC applications vulnerabilities or weaknesses,analyze potential threats,propose risk management strategies,and design mitigation mechanisms to mention only some significant examples.展开更多
随着全球气候变暖的加剧,极端强降水事件发生频率明显增加,对经济社会发展及人民生命财产安全构成重大威胁。开展短时强降水的预报研究对于防灾减灾具有重要意义。基于湖北省区域自动站降水资料、短时强降水概率预报产品和中尺度高分辨...随着全球气候变暖的加剧,极端强降水事件发生频率明显增加,对经济社会发展及人民生命财产安全构成重大威胁。开展短时强降水的预报研究对于防灾减灾具有重要意义。基于湖北省区域自动站降水资料、短时强降水概率预报产品和中尺度高分辨率数值模式资料,采用邻域最优概率法和多模式融合技术对湖北省1~12 h短时强降水的落区进行预报与检验评估。结果表明,邻域法明显提高了中尺度数值模式对短时强降水的预报能力,其中面积邻域法的效果优于单点邻域法,CMAMESO、CMA-SH9和WH-RUC模式的最优面积概率均为5%,最优邻域半径分别为50、60、60 km;多模式融合预报方法较单模式单点邻域法表现出明显优势,2023年、2024年4—9月短时强降水的1~12 h TS评分均表现为正技巧,分别提高0.014、0.020;改进后的多模式融合方法对短时强降水的命中率有大幅提升,尤其是在湖北省2023年8月7日和2024年6月28日的多次强对流过程预报中均有提前精准预报。展开更多
The article is dedicated to the development of software application with graphical user interface for analyzing of the operation of Integrated System of Data Defense from cyber-threats (ISDD) which includes subsystems...The article is dedicated to the development of software application with graphical user interface for analyzing of the operation of Integrated System of Data Defense from cyber-threats (ISDD) which includes subsystems of detection and elimination of vulnerabilities existing in the system, as well as Requests of Unauthorized Access (RUA). In the subsystems of eliminations of vulnerabilities and queues of unauthorized access considered as multichannel queueing systems with corresponding servers and queues, at random times there come requests to fix threats detected by the system. It is supposed that flows of requests demanding to eliminate threats coming to the mentioned subsystems of queueing systems are described with the Poisson distribution of probabilities, but processes of their elimination obey exponential law. For the system described above, there has been developed software realization of graphical interface which allows easily to change input parameters and observe graphical reflection of changes of the output indicators of the system.展开更多
The genus Pachypodium are succulent shrubs and small trees found in Southern Africa. Climate change is identified as one the most important threat impacting plant and animal species in the South Africa today, and in t...The genus Pachypodium are succulent shrubs and small trees found in Southern Africa. Climate change is identified as one the most important threat impacting plant and animal species in the South Africa today, and in this case study, we examined the Pachypodium bispinosum and Pachypodium succulentum species in South Africa, which are becoming more vulnerable due to climate change impacts as well as human threats. This study investigates the climate change impacts on the two Pachypodium species, as well as the biodiversity threats facing the Pachypodium species today, and provides evidence regarding the importance of the study to understanding the climate change impacts on the Pachypodium species by showing the underlying variables affecting the changes.展开更多
基金supported by the National Natural Science Foundation of China(41304024)
文摘The ionosphere, as the largest and least predictable error source, its behavior cannot be observed at all places simultaneously. The confidence bound, called the grid ionospheric vertical error(GIVE), can only be determined with the aid of a threat model which is used to restrict the expected ionospheric behavior. However, the spatial threat model at present widespread used, which is based on fit radius and relative centroid metric(RCM), is too conservative or the resulting GIVEs will be too large and will reduce the availability of satellite-based augmentation system(SBAS). In this paper, layered two-dimensional parameters, the vertical direction double RCMs, are introduced based on the spatial variability of the ionosphere. Comparing with the traditional threat model, the experimental results show that the user ionospheric vertical error(UIVE) average reduction rate reaches 16%. And the 95% protection level of conterminous United States(CONUS) is 28%, even under disturbed days, which reaches about 5% reduction rates.The results show that the system service performance has been improved better.
基金Supported by National Natural Science Foundation of China (No.90718023)National High-Tech Research and Development Program of China (No.2007AA01Z130)
文摘In order to evaluate all attack paths in a threat tree,based on threat modeling theory,a weight distribution algorithm of the root node in a threat tree is designed,which computes threat coefficients of leaf nodes in two ways including threat occurring possibility and the degree of damage.Besides,an algorithm of searching attack path was also obtained in accordence with its definition.Finally,an attack path evaluation system was implemented which can output the threat coefficients of the leaf nodes in a target threat tree,the weight distribution information,and the attack paths.An example threat tree is given to verify the effectiveness of the algorithms.
文摘Cyber Threat Intelligence(CTI)is a valuable resource for cybersecurity defense,but it also poses challenges due to its multi-source and heterogeneous nature.Security personnel may be unable to use CTI effectively to understand the condition and trend of a cyberattack and respond promptly.To address these challenges,we propose a novel approach that consists of three steps.First,we construct the attack and defense analysis of the cybersecurity ontology(ADACO)model by integrating multiple cybersecurity databases.Second,we develop the threat evolution prediction algorithm(TEPA),which can automatically detect threats at device nodes,correlate and map multisource threat information,and dynamically infer the threat evolution process.TEPA leverages knowledge graphs to represent comprehensive threat scenarios and achieves better performance in simulated experiments by combining structural and textual features of entities.Third,we design the intelligent defense decision algorithm(IDDA),which can provide intelligent recommendations for security personnel regarding the most suitable defense techniques.IDDA outperforms the baseline methods in the comparative experiment.
文摘The construction industry has long faced the challenge of introducing collaborative systems among multiple stakeholders.This challenge creates a high level of rigidity in terms of processing shared information related to different processes,robust holistic regulations,payment actualizations,and resource utilization across different nodes.The need for a digital platform to crossconnect all stakeholders is necessary.A blockchain-based platform is a prime candidate to improve the industry in general and the construction supply chain(CSC)in particular.In this paper,a literature review is presented to establish the main challenges that CSC faces in terms of its effects on productivity and efficiency.In addition,the effect of applying blockchain platforms on a case study is presented and analyzed from performance and security level.The analysis aims to emphasize that blockchain,as presented in this paper,is a viable solution to the challenges in the CSC regardless of the risks associated with the security and robustness of the flow of information and data protection.Moreover,a threat analysis of applying a blockchain model on the CSC industry is introduced.This model indicates potential attacks and possible countermeasures to prevent the attacks.Future work is needed to expand,quantify,and optimize the threat model and conduct simulations considering proposed countermeasures for the different blockchain attacks outlined in this study.
文摘Advanced Persistent Threat(APT)is now the most common network assault.However,the existing threat analysis models cannot simultaneously predict the macro-development trend and micro-propagation path of APT attacks.They cannot provide rapid and accurate early warning and decision responses to the present system state because they are inadequate at deducing the risk evolution rules of network threats.To address the above problems,firstly,this paper constructs the multi-source threat element analysis ontology(MTEAO)by integrating multi-source network security knowledge bases.Subsequently,based on MTEAO,we propose a two-layer threat prediction model(TL-TPM)that combines the knowledge graph and the event graph.The macro-layer of TL-TPM is based on the knowledge graph to derive the propagation path of threats among devices and to correlate threat elements for threat warning and decision-making;The micro-layer ingeniously maps the attack graph onto the event graph and derives the evolution path of attack techniques based on the event graph to improve the explainability of the evolution of threat events.The experiment’s results demonstrate that TL-TPM can completely depict the threat development trend,and the early warning results are more precise and scientific,offering knowledge and guidance for active defense.
基金This work has received funding from the European Unions H2020 research and innovation programme under the Grant Agreement No.832907Swedish Governmental Agency for Innovation Systems(Vinnova),the Swedish Energy Agency,SweGRIDS,and STandUP for Energy.
文摘Threat modeling is of increasing importance to IT security,and it is a complex and resource demanding task.The aim of automating threat modeling is to simplify model creation by using data that are already available.However,the collected data often lack context;this can make the automated models less precise in terms of domain knowledge than those created by an expert human modeler.The lack of domain knowledge in modeling automation can be addressed with ontologies.In this paper,we introduce an ontology framework to improve automatic threat modeling.The framework is developed with conceptual modeling and validated using three different datasets:a small scale utility lab,water utility control network,and university IT environment.The framework produced successful results such as standardizing input sources,removing duplicate name entries,and grouping application software more logically.
基金received funding from the European Unions H2020 research and innovation programme under the Grant Agreement No.832907Swedish Governmental Agency for Innovation Systems(Vinnova)the Swedish Energy Agency,SweGRIDS,and STandUP for Energy.
文摘Threat modeling is of increasing importance to IT security,and it is a complex and resource demanding task.The aim of automating threat modeling is to simplify model creation by using data that are already available.However,the collected data often lack context;this can make the automated models less precise in terms of domain knowledge than those created by an expert human modeler.The lack of domain knowledge in modeling automation can be addressed with ontologies.In this paper,we introduce an ontology framework to improve automatic threat modeling.The framework is developed with conceptual modeling and validated using three different datasets:a small scale utility lab,water utility control network,and university IT environment.The framework produced successful results such as standardizing input sources,removing duplicate name entries,and grouping application software more logically.
文摘This paper examines how cybersecurity is developing and how it relates to more conventional information security. Although information security and cyber security are sometimes used synonymously, this study contends that they are not the same. The concept of cyber security is explored, which goes beyond protecting information resources to include a wider variety of assets, including people [1]. Protecting information assets is the main goal of traditional information security, with consideration to the human element and how people fit into the security process. On the other hand, cyber security adds a new level of complexity, as people might unintentionally contribute to or become targets of cyberattacks. This aspect presents moral questions since it is becoming more widely accepted that society has a duty to protect weaker members of society, including children [1]. The study emphasizes how important cyber security is on a larger scale, with many countries creating plans and laws to counteract cyberattacks. Nevertheless, a lot of these sources frequently neglect to define the differences or the relationship between information security and cyber security [1]. The paper focus on differentiating between cybersecurity and information security on a larger scale. The study also highlights other areas of cybersecurity which includes defending people, social norms, and vital infrastructure from threats that arise from online in addition to information and technology protection. It contends that ethical issues and the human factor are becoming more and more important in protecting assets in the digital age, and that cyber security is a paradigm shift in this regard [1].
文摘Radio Frequency IDentification(RFID)and related technologies such as Near Field Communication(NFC)are becoming essential in industrial contexts thanks to their ability to perform contactless data exchange,either device-to-device or tag-to-device.One of the three main operation modes of NFC,called read/write mode,makes use of the latter type of interaction.It is extensively used in business information systems that make use of NFC tags to provide the end-user with augmented information in one of several available NFC data exchange formats,such as plain text,simple URLs or enriched URLs.Using a wide variety of physical form factors,NFC-compatible tags(wireless transponders)are currently available in many locations with applications going from smart posters,contactless tokens,tap-and-go payments or transport ticketing to automated device configuration,patient identification at hospitals or inventory management within supply chains.Most of these applications handle sensitive processes or data.This paper proposes a complete security threat model for the read/write operation mode of NFC used in Next Generation Industrial IoT(Nx-IIoT)contexts.This model,based on a wellknown methodology,STRIDE,allows developers and users to identify NFC applications vulnerabilities or weaknesses,analyze potential threats,propose risk management strategies,and design mitigation mechanisms to mention only some significant examples.
文摘随着全球气候变暖的加剧,极端强降水事件发生频率明显增加,对经济社会发展及人民生命财产安全构成重大威胁。开展短时强降水的预报研究对于防灾减灾具有重要意义。基于湖北省区域自动站降水资料、短时强降水概率预报产品和中尺度高分辨率数值模式资料,采用邻域最优概率法和多模式融合技术对湖北省1~12 h短时强降水的落区进行预报与检验评估。结果表明,邻域法明显提高了中尺度数值模式对短时强降水的预报能力,其中面积邻域法的效果优于单点邻域法,CMAMESO、CMA-SH9和WH-RUC模式的最优面积概率均为5%,最优邻域半径分别为50、60、60 km;多模式融合预报方法较单模式单点邻域法表现出明显优势,2023年、2024年4—9月短时强降水的1~12 h TS评分均表现为正技巧,分别提高0.014、0.020;改进后的多模式融合方法对短时强降水的命中率有大幅提升,尤其是在湖北省2023年8月7日和2024年6月28日的多次强对流过程预报中均有提前精准预报。
文摘The article is dedicated to the development of software application with graphical user interface for analyzing of the operation of Integrated System of Data Defense from cyber-threats (ISDD) which includes subsystems of detection and elimination of vulnerabilities existing in the system, as well as Requests of Unauthorized Access (RUA). In the subsystems of eliminations of vulnerabilities and queues of unauthorized access considered as multichannel queueing systems with corresponding servers and queues, at random times there come requests to fix threats detected by the system. It is supposed that flows of requests demanding to eliminate threats coming to the mentioned subsystems of queueing systems are described with the Poisson distribution of probabilities, but processes of their elimination obey exponential law. For the system described above, there has been developed software realization of graphical interface which allows easily to change input parameters and observe graphical reflection of changes of the output indicators of the system.
文摘The genus Pachypodium are succulent shrubs and small trees found in Southern Africa. Climate change is identified as one the most important threat impacting plant and animal species in the South Africa today, and in this case study, we examined the Pachypodium bispinosum and Pachypodium succulentum species in South Africa, which are becoming more vulnerable due to climate change impacts as well as human threats. This study investigates the climate change impacts on the two Pachypodium species, as well as the biodiversity threats facing the Pachypodium species today, and provides evidence regarding the importance of the study to understanding the climate change impacts on the Pachypodium species by showing the underlying variables affecting the changes.
