With the wide spread of the applications of the internet of things (IoT), more and more IoT devices appear in our lives, including smart meters, smart homes, smart wear and so on. While they bring convenience to people's lives, many security and privacy issues arise because of the interaction of IoT devices through wireless open channels. Identity authentication is one of the key technologies to solve the security and privacy issues of IoT. The traditional point-to-point authentication schemes do not consider the massive resource-limited nodes, while group authentication is an authentication technology that can simultaneously verify a group of members, which provides a new idea for the authentication of IoT nodes. However, the existing group authentication schemes for IoT are vulnerable to some security risks, which cannot resist malicious attacks such as forgery attack, replay attack and cannot prevent the group manager from cheating group members. In this paper, a lightweight verifiable group authentication scheme for IoT based on verifiable secret sharing technology is proposed, which resists the deception of the group manager. In addition, nodes may dynamically join or leave the network in IoT scenarios. Given this situation, key updating based on the verifiable group authentication scheme is designed to update group members' authority. Security analysis shows that this scheme satisfies the correctness and confidentiality, and it can resist malicious attacks such as replay attack, forgery attack, impersonation attack. Performance analysis and experimental simulation show that this scheme reduces the computational cost of group members while it ensures security compared with the existing typical group authentication schemes for IoT.

In recent years, automated sandboxes have been widely deployed for malware analysis and detection. However, with the rapid increase column of malware and the enhancement of anti-analysis capabilities, how to effectively handle these massive malware analysis tasks and improve the efficiency of sandbox system is an important research topic. Based on the characteristics of different learning methods and malware dynamic and static features, this paper proposes a malware detection method based on a hybrid learning model. We extract static fuzzy-hash features and dynamic behavior features of malware, then unsupervised clustering learning is combined with supervised classification learning. Experiments show that using only 0.02% of the analysis time improves the detection speed of the entire system by 25.6% without affecting the detection accuracy.

Software-Defined Networking (SDN) separates data plane from control plane,which makes it more flexible,opening and programmable,compared with traditional IP networks.However,the separation incurs many security problems.In this paper,we find that we can construct controller-to-switch loop (CSL) attacks by leveraging dedicated rules and well constructed packets.The attacks can effectively exhaust controller resource,which leads to denial of service (DoS).The existing OpenFlow policy verification schemes only focus on detecting data plane loop,and cannot detect such controller-to-switch loops.In order to detect CSL attacks,we proposed a novel policy verification scheme.The scheme constructs a packet forwarding graph by analyzing network update events and packet-out messages,and efficiently identifies the forwarding loops by traversing the graph.In order to evaluate our defense,we implement it in the Floodlight controller,and perform experiments with Mininet.The experimental results show that our defense can precisely detect the loop attacks and effectively throttle them.

Industrial internet is rapidly growing up while encountering severe information security risks at the same time. Aiming at the problem that traditional intrusion detection methods are low in accuracy and difficult to adapt to the massive unbalanced data of industrial Internet, an industrial Internet intrusion detection method based on capsule network is proposed. Firstly, a module involved feature extraction module is constructed based on the residual block, and a global average pooling layer is introduced to get high-quality data features. Secondly, the dynamic routing algorithm is introduced. The intrusion data features are clustered through iteration, and classification are completed in the module based on capsule network. The test results out of the data set from sensor network with Modbus/TCP protocol used in gas pipeline show that the method can improve the accuracy rate while extracting features implicitly. Compared to the listed algorithms, the proposed method in this paper performs better in test indexes with stronger robustness to unbalanced data and is closer to meet the needs of intrusion detection from industrial Internet.

Compared with the terrestrial wireless communication system, information secure transmission has become a more challenging research topic as a result of the wide coverage of satellite communication. In order to improve the physical layer security performance of multibeam satellite communication system in multicast transmission mode, two beamforming(BF) algorithms based on different channel state information(CSI) are studied in this paper. Under the condition that both legitimate user and eavesdropper CSI are known accurately, a secure BF algorithm based on semidefinite program(SDP) and penalty function is proposed. An iterative robust secure BF algorithm is proposed under the condition that the legitimate user CSI is known accurately but the eavesdropper CSI has errors. Finally, computer simulation not only verifies the correctness and effectiveness of the proposed BF algorithms in this paper, but also shows that the robust algorithm effectively reduce the influence of channel information errors on security performance of the system.

We research on cooperative information security transmitting using energy harvest amplify-and-forward relay in the wireless information and power transfer network with multiple eavesdroppers. Two low-complexity methods using zero-space beaforming technique are proposed. Using the prior location information of receiver or eavesdroppers, our methods project the target vector to the zero space of receiver or eavesdroppers. Computational complexity of the method is lower than that of classical method since space freedom of the target vector is reduced. Furthermore, second method induces the eavesdropper's mutual information of objective function to be zero, the original quasi-convex problem is transformed into a convex form. Thus, computational complexity of the method is apparently reduced compared with that of classical method. Result of experiment verify validity of our proposed methods.