Jiangxing Wu

DOI: https://doi.org/10.1016/j.eng.2021.05.015

IF: 12.834

2022-01-01

Engineering

Abstract:Uncertain security threats caused by vulnerabilities and backdoors are the most serious and difficult problem in cyberspace. This paper analyzes the philosophical and technical causes of the existence of so-called "dark functions" such as system vulnerabilities and backdoors, and points out that endogenous security problems cannot be completely eliminated at the theoretical and engineering levels; rather, it is necessary to develop or utilize the endogenous security functions of the system architecture itself. In addition, this paper gives a definition for and lists the main technical characteristics of endogenous safety and security in cyberspace, introduces endogenous safety and security mechanisms and characteristics based on dynamic heterogeneous redundancy (DHR) architecture, and describes the theoretical implications of a coding channel based on DHR. (c) 2021 THE AUTHOR. Published by Elsevier LTD on behalf of Chinese Academy of Engineering and Higher Education Press Limited Company. This is an open access article under the CC BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/).

Xinsheng JI,Jiangxing WU,Liang JIN,Kaizhi HUANG,Yajun CHEN,Xiaoli SUN,Wei YOU,Shumin HUO,Jing YANG

DOI: https://doi.org/10.1631/fitee.2200060

IF: 2.526

2022-01-01

Frontiers of Information Technology & Electronic Engineering

Abstract:The sixth-generation mobile communication (6G) networks will face more complex endogenous security problems, and it is urgent to propose new universal security theories and establish new practice norms to deal with the “unknown unknown” security threats in cyberspace. This paper first expounds the new paradigm of cyberspace endogenous security and introduces the vision of 6G cyberspace security. Then, it analyzes the security problems faced by the 6G core network, wireless access network, and emerging associated technologies in detail, as well as the corresponding security technology development status and the integrated development of endogenous security and traditional security. Furthermore, this paper describes the relevant security theories and technical concepts under the guidance of the new paradigm of endogenous security.

Xiaoyu Liu,Haizhou Wang,Cuixia Li

DOI: https://doi.org/10.3390/electronics13112185

IF: 2.9

2024-06-04

Electronics

Abstract:The development of society has deepened the application of the Internet in production and daily life. At the same time, network security risks are becoming increasingly severe. For the security problems faced in cyberspace, most of the traditional defenses are currently focused on blocking the discovered vulnerabilities. However, these methods not only rely on prior knowledge of vulnerabilities but also fail to address the security issues brought about by the protection program itself. In view of this, endogenous security, which emphasizes the importance of not relying on a priori knowledge and not bringing in new security problems, has received increasing attention. This review provides a detailed introduction to endogenous security and its related issues, which is lacking in the field of network security. Firstly, this paper outlines the detrimental effects of vulnerabilities, identifies issues within moving target defense, and contrasts it with mimic defense. Additionally, the concepts, models, principles, and application scenarios of endogenous security are introduced. Finally, the challenges encountered by this technology are comprehensively summarized, and potential future development trends are further explored.

engineering, electrical & electronic,physics, applied,computer science, information systems

Hongchao Hu,Zhen Ling,Yuewu Wang,Qi Li,Liang Jin,Jiangxing Wu

DOI: https://doi.org/10.23919/jcc.2021.9521141

2021-01-01

China Communications

Abstract:Computing is the foundation of cyberspace, and all activities in cyberspace are built on the basis of computing. At the same time, cyberspace and its underlying infrastructure are vulnerable to a wide range of risks stemming from both physical and cyber threats and hazards. With the further expan-sion of the scope of cyberspace, e.g., information technology being increasingly integrated with physi-cal infrastructure operations, computing and security still considered as one of the least investigated and exploited regions. In the past years, significant prog-ress has been made with respect to advanced com-puting and endogenous security theories and tech-nologies, and commercial advanced computing and endogenous security devices and systems are antici-pated to become a reality in the near future.

Haifeng Zhou,Chunming Wu,Ming Jiang,Boyang Zhou,Wen Gao,Tingting Pan,Min Huang

DOI: https://doi.org/10.1109/mcom.2015.7081074

IF: 9.03

2015-01-01

IEEE Communications Magazine

Abstract:The past few years have witnessed revolutionary advances in network technology. Along with new techniques such as SDN come lots of new network security challenges. Conventional network security mechanisms are incompetent to overcome these challenges, since they are built on a static network configuration that facilitates attackers in finding the weaknesses of a network. In this article, we conceive a novel conceptual network security mechanism, the evolving defense mechanism (EDM), to resolve current and future security problems. EDM is based on a bio-inspired idea of network configuration variations. According to the security requirements of the system, the user, and the network security state, EDM selects an efficient network configuration variation strategy to prevent corresponding security threats. Combined with SDN implementation, EDM resolves security problems from a new angle and is capable of evolving with new network security technology. We sketch a way to implement EDM and present its reference framework, which serves as an ecosystem and coexisting environment for various kinds of network configuration variations. The proposed mechanism avoids the deficiency of conventional mechanisms and has potential to cope with emerging security threats.

HOU Zhi-Qiang,LIU Dong-Hua,HE GE,XU Zhi-Wei

DOI: https://doi.org/10.3969/j.issn.1002-137X.2005.02.010

2005-01-01

Computer Science

Abstract:With the developing and changing of computing patterns,the assessing technology of users also face new requirements. In networks with loosely-coupled and dynamic resources,an access mechanism characteristic of time-in- dependent, space-independent and physics-independent, which is called 3A(Anytime, Anywhere,and on Any device) access paradigm, should be provided for users. This paper analyzes the visions and requirements of 3A access paradigm and proposes three basic characters of the 3A paradigm,namely continuation,mobility and adaptability. Ad- ditionally we summarize and compare several solutions and relative technologies that support the three characters.

JiangXing Wu

DOI: https://doi.org/10.1051/sands/2022001

2022-01-01

Abstract:The common endogenous security problems in cyberspace and related attack threats have posed subversive challenges to conventional theories and methods of functional safety. In the current design of the cyber physical system (CPS), functional safety and cyber security are increasingly intertwined and inseparable, which evolve into the generalized functional safety (S&S) problem. The conventional reliability and cybersecurity technologies are unable to provide security assurance with quantifiable design and verification metrics in response to the cyberattacks in hardware and software with common endogenous security problems, and the functional safety of CPS facilities or device has become a frightening ghost. The dynamic heterogeneity redundancy (DHR) architecture and coding channel theory (CCT) proposed by the cyberspace endogenous security paradigm could handle random failures and uncertain network attacks in an integrated manner, and its generalized robust control mechanism can solve the universal problem of quantitative design for functional safety under probability or improbability perturbation. As a generalized functional safety enabling structure, DHR opens up a new direction to solve the common endogenous security problems in the cross-disciplinary fields of cyberspace.

Michael D. Adams,Seth D. Hitefield,Bruce Hoy,Michael C. Fowler,T. Charles Clancy

DOI: https://doi.org/10.48550/arXiv.1311.0257

2013-11-01

Cryptography and Security

Abstract:A significant limitation of current cyber security research and techniques is its reactive and applied nature. This leads to a continuous 'cyber cycle' of attackers scanning networks, developing exploits and attacking systems, with defenders detecting attacks, analyzing exploits and patching systems. This reactive nature leaves sensitive systems highly vulnerable to attack due to un-patched systems and undetected exploits. Some current research attempts to address this major limitation by introducing systems that implement moving target defense. However, these ideas are typically based on the intuition that a moving target defense will make it much harder for attackers to find and scan vulnerable systems, and not on theoretical mathematical foundations. The continuing lack of fundamental science and principles for developing more secure systems has drawn increased interest into establishing a 'science of cyber security'. This paper introduces the concept of using cybernetics, an interdisciplinary approach of control theory, systems theory, information theory and game theory applied to regulatory systems, as a foundational approach for developing cyber security principles. It explores potential applications of cybernetics to cyber security from a defensive perspective, while suggesting the potential use for offensive applications. Additionally, this paper introduces the fundamental principles for building non-stationary systems, which is a more general solution than moving target defenses. Lastly, the paper discusses related works concerning the limitations of moving target defense and one implementation based on non-stationary principles.

Hua-shan CHEN,Lan PI,Feng LIU,Dong-dai LIN

DOI: https://doi.org/10.3969/j.issn.1671-1122.2015.03.001

2015-01-01

Abstract:With the rapid development of information technology, internet is playing an increasingly important role across the world. A trustworthy cyberspace has been closely related to national interests and has become a focus of national security and social stability. However, the past security research often focused on the solutions to speciifc threats, which sometimes was termed engineering. But we don’t have a clear understanding of many fundamental problems and universal laws of cybersecurity, that is, cybersecurity research lacks a ifrm scientiifc foundation and theoretical support. In contrast to the past engineering approach, in the recent two years, we have seen a growing push within the research community of information security to promote the study of cybersecurity as a science. This paper introduces the background of developing a science of cybersecurity, depicts the scientiifc connotation of cybersecurity and discusses ifve hard problems in the science of cybersecurity. Finally, the perspective of cybersecurity research is also proposed in this paper.

Bel G. Raggad,Sahbi Sidhom

DOI: https://doi.org/10.48550/arXiv.0712.4215

2007-12-27

Other Computer Science

Abstract:Despite all visible dividers, the Internet is getting us closer and closer, but with a great price. Our security is the price. The international community is fully aware of the urgent need to secure the cyberspace as you see the multiplication of security standards and national schemes interpreting them beyond borders: ISO 15408, ISO 17799, and ISO 27001. Even though some countries, including the Security Big Six (SB6), are equipped with their security books and may feel relatively safe; this remains a wrong sense of security as long as they share their networks with entities of less security. The standards impose security best practices and system specifications for the development of information security management systems. Partners beyond borders have to be secure as this is only possible if all entities connected to the partnership remain secure. Unfortunately, there is no way to verify the continuous security of partners without periodic security auditing and certification, and members who do not comply should be barred from the partnership. This concept also applies to the cyber space or the electronic society. In order to clean our society from cyber crimes and cyber terrorism we need to impose strict security policies and enforce them in a cooperative manner. The paper discusses a country's effort in the development of a national security strategy given its security economic intelligence position, its security readiness, and its adverse exposure.

JI Xinsheng,HUANG Kaizhi,WU Jiangxing,CHEN Yajun,YOU Wei

DOI: https://doi.org/10.11959/j.issn.2096−8930.2023014

2023-01-01

Abstract:The space-integrated-ground information network in 6G is facing security challenges due to its characteristics, such as the high exposure of the network, high-speed movement of nodes, limited computing resources.Moreover, new security issues are certainly introduced in the development of new architectures, new applications, new technologies and so on.It is urgent to propose new universal security theories to overcome safety and security threats by the integrated solutions.For this purpose, this paper first expounded the cyberspace endogenous security and proposed its endogenous security architecture.Then, under the guidance of the cyberspace endogenous security theory, the relevant security theory and practice norms were respectively discussed for onboard systems, 6G ground mobile networks, and satellite-ground links.Finally, the authentication and encryption mechanism of the communication and security integration from the aspects of security authentication and high security communication encryption, and the integration of traditional security technology and endogenous security were analyzed.

HuanGuo Zhang,WenBao Han,XueJia Lai,DongDai Lin,JianFeng Ma,JianHua Li

DOI: https://doi.org/10.1007/s11432-015-5433-4

2015-11-01

Science China Information Sciences

Abstract:Along with the rapid development and wide application of information technology, human society has entered the information era. In this era, people live and work in cyberspace. Cyberspace is the collection of all information systems; it is the information environment for human survival. Therefore, it is necessary to ensure the security of cyberspace. This paper gives a comprehensive introduction to research and development in this field, with a description of existing problems and some currently active research topics in the areas of cyberspace itself, cyberspace security, cryptography, network security, information system security and information content security.

computer science, information systems,engineering, electrical & electronic

Liang JIN,Yangming LOU,Xiaoli SUN,Zhou ZHONG,Xiaoming XU,Ming YI,Kaizhi HUANG,Xinsheng JI,Jiangxing WU

DOI: https://doi.org/10.1360/ssi-2021-0095

2021-01-01

Scientia Sinica Informationis

Abstract:The open integration, heterogeneous coexistence, and intelligent interconnection of 6G networks will cause unknown and complex security threats. The current pattern of security lagging behind the development of communications will inevitably be difficult to deal with. Hence, the 6G era must break the mindset and give birth to an iconic technology that has a truly intergenerational effect. Endogenous security technology starts from the common and inherent security problems caused by the inherent defects of wireless networks, which can resist unknown security threats and integrate communication/security/services endogenously through structure-oriented solutions. This paper discusses the endogenous security issues and concepts of 6G wireless networks; proposes the application vision of endogenous security in typical scenarios, such as 6G ultra-high-rate broadband communications, ultra-large connections and ultra-low latency, and integrated space -ground coverage; and presents several potential key technologies and solutions.

Jiangxing Wu,Hong Zou,Xiangyang Xue,Fan Zhang,Yuting Shang

DOI: https://doi.org/10.15302/j-sscae-2023.06.018

2023-01-01

Abstract:Cyber resilience engineering is a technical approach embraced by countries and regions such as the United States and Europe to implement digital transformation and address network security challenges under new circumstances. It aims to keep the barriers to entry high for digital technologies based on the cyber resilience standard and to improve the digital infrastructure security capability of China from both the application service and device supply sides. This study focuses on the impact and challenges brought by the initiatives of cyber resilience engineering in the United States and Europe on the development of new-generation network information technology in China. It starts from a concept introduction of resilience, cyber resilience, and cyber resilience engineering. Subsequently, it elaborates on the application progress of cyber resilience engineering in the United States and Europe in terms of policy drivers, strategic considerations, and development dilemmas. Moreover, the study goes further to propose a dynamic heterogeneous redundancy architecture based on an endogenous security and safety (ESS) theory. It describes and illustrates the intrinsic mechanism, basic concepts, and application methods of cyber resilience empowered by ESS. Furthermore, we propose that China should accelerate innovation to offset the combined effects of cyber resilience engineering in developed countries, introduce a cyber resilience policy and law system with Chinese characteristics, establish corresponding regulatory systems to clarify the network security responsibilities, establish a quantifiable, verifiable, and credible testing and evaluation system, and boost the holistic implementation of cyber resilience with a multi-pronged approach including financial marketization, hoping to systematically enhance the cyber resilience and strength of China.

Jiang Zhiwen,Li Tao,Hu Aiqun

DOI: https://doi.org/10.1109/iccc51575.2020.9344972

2020-12-11

Abstract:At present, attacks on various information systems for cyberspace security are becoming more diverse and intense. In addition, the security of important information systems is threatened. The original security system is expert in preventing risks, but the shortcomings of lack of initiative and flexibility are gradually exposed. The high adaptability and strong evolution of biological systems can be used to fill this gap in capabilities and provide new ideas for cyberspace security. This paper proposes a security system based on the bionic immune mechanism, studies the human immune and neural reflex mechanisms, and arranges neurons in each part of the information system, so that every basic module in the system has both functional and security characteristics. In the process of task execution, the information of the module is continuously collected through neurons, and errors are sensed through feedback, and then strategies are set at the decision-making level of the information system to solve problems or even avoid problems. Through the analysis of the information system model, it shows that this endogenous security system based on bionic immunity is effective, and the correctness of the theory is supported by constructing a prototype system and analyzing the operating conditions of the system under different strategies.

LIU Caixia,JI Xinsheng,WU Jiangxing

DOI: https://doi.org/10.11959/j.issn.1000−436x.2022176

2022-01-01

Abstract:Based on the understanding of the mobile communication essential characteristics and the mobile communication network inherent characteristics, from a new perspective, the genetic defects existing in the mobile communication network inherent mechanism, especially in the mobility management mechanism were analyzed.These genetic defects would not disappear with the intergenerational development of mobile communication network, therefore, they were also known as endogenous security defects or endogenous security common problems of mobile communication networks.The endogenous security threats that may be introduced by security defects such as “acquiescence in information authenticity” and “ubiquitous data visibility” were pointed out.Under the guidance of the cyberspace endogenous security theory, the ideas and methods to solve the endogenous security common problems in mobile communication networks were proposed, such as breaking the “default trust” with “zero trust” and realizing the “user data limited visibility” with“variable implicit mapping”.

CHEN Zhike,XIONG Wei

DOI: https://doi.org/10.3783/j.issn.2095-3828.2013.01.020

2013-01-01

Abstract:Cyberspace has been playing more and more important role in national security and social development.So researches on cyberspace are being carried on in a lot of countries all over the world.According to the research status quo of the US cyberspace,the paper concludes the development of cyberspace concept,explains the status and function of cyberspace,and analyzes the important measures that America realizes the strategical target,which includes developing cyberspace strategies and policies,developing cyberpower and implementing "internet freedom" strategy and etc.It has certain reference value for our country's cyberspace.

Yu Xiaofeng,Wang Jiangli

2006-01-01

Abstract:Non-traditional security provides a new perspective for research on security theory.How non-traditional security is defined and its boundary,setting,and paradigm are clarified are key to coming to a better understanding of non-traditional security.Based on the definition of security,the authors compare the similarities and differences between traditional and non-traditional security,and review different ways of non-traditional security keeping,such as global security,common security,cooperative security,and hegemony security.Finally,the authors propose that a paradigm of “peace cooperationism” be constructed to achieve the goal of a harmonious world.

Anne-Sophie Martin

DOI: https://doi.org/10.1080/14777622.2023.2195101

2023-04-06

Astropolitics

Abstract:In the last decades, space activities have become more automated and digitized due to the technological development. As such, it is crucial to consider cyberspace and its risks to guarantee safety, security, and long-term sustainability of space activities, as well as to ensure that activities in outer space are carried out for the benefit of humankind. The paper assumes that both areas are global commons and numerous interactions exist between them, notably in terms of cybersecurity. Indeed, there is an increasing risk of attack against satellites, including interferences, jamming, and hacking, which reveals that the security aspects of satellite systems and data transmission cannot be overlooked, and the risk of cyberwarfare is real. Cybersecurity regulations at international, regional, and national levels to determine the potential elements applicable to space activities are examined in this paper. The paper stresses the need to bring together actors involved in the domain of cyber and in space activities with the aim to implement a structured, appropriated, and responsive regulatory framework to cyberthreats by considering the interdependence between these two areas. In this regard, it is argued that a compartmentalized approach with relation to cyber and outer space should be avoided.

Jiangxing Wu

DOI: https://doi.org/10.1007/s11432-021-3480-9

2022-01-01

Science China Information Sciences

Abstract:This paper summarizes the evolution logic, technical connotation, presupposition, applicable scope, and existing problems of information networks from the perspective of the development paradigm. This work aims to meet the requirements of symbiosis and coexistence, evolution and revolution, and integration of the function safety and network security of diversified networks and applications. Accordingly, we demonstrate the scientific necessity of the revolution of the information network development paradigm and propose the polymorphic network (PINet) paradigm that separates technical systems and the supporting environment. On this basis, we clarify the core idea, system form, and operation logic of the PINet paradigm and analyze the key technologies of the PINet paradigm in detail. Finally, we propose an engineering implementation scheme of the PINet paradigm, which explores possible methods and approaches to high-quality information networks at the development paradigm level.