System logs record system states and significant events at various critical points to help debug performance issues and failures. Therefore, the rapid and accurate detection of the system log is crucial to the security and stability of the system. In this paper, proposed is a novel attention-based neural network model, which would learn log patterns from normal execution. Concretely, our model adopts a GRU module with attention mechanism to extract the comprehensive and intricate correlations and patterns embedded in a sequence of log entries. Experimental results demonstrate that our proposed approach is effective and achieve better performance than conventional methods.

Existing cyber deception technologies (e.g., operating system obfuscation) can effectively disturb attackers' network reconnaissance and hide fingerprint information of valuable cyber assets (e.g., containers). However, they exhibit ineffectiveness against skilled attackers. In this study, a proactive fingerprint deception method is proposed, termed as Continuously Anonymizing Containers' Fingerprints (CACF), which modifies the container's fingerprint in the cloud resource pool to satisfy the anonymization standard. As demonstrated by experimental results, the CACF can effectively increase the difficulty for attackers.

Network embedding has attracted an increasing amount of attention in recent years due to its wide-ranging applications in graph mining tasks such as vertex classification, community detection, and network visualization. Network embedding is an important method to learn low-dimensional representations of vertices in networks, aiming to capture and preserve the network structure. Almost all the existing network embedding methods adopt the so-called Skip-gram model in Word2vec. However, as a bag-of-words model, the skip-gram model mainly utilized the local structure information. The lack of information metrics for vertices in global network leads to the mix of vertices with different labels in the new embedding space. To solve this problem, in this paper we propose a Network Representation Learning method with Deep Metric Learning, namely DML-NRL. By setting the initialized anchor vertices and adding the similarity measure in the training progress, the distance information between different labels of vertices in the network is integrated into the vertex representation, which improves the accuracy of network embedding algorithm effectively. We compare our method with baselines by applying them to the tasks of multi-label classification and data visualization of vertices. The experimental results show that our method outperforms the baselines in all three datasets, and the method has proved to be effective and robust.

More and more attacks are found due to the insecure channel between different network domains in legacy mobile network. In this letter, we discover an attack exploiting SUCI to track a subscriber in 5G network, which is directly caused by the insecure air channel. To cover this issue, a secure authentication scheme is proposed utilizing the existing PKI mechanism. Not only dose our protocol ensure the authentication signalling security in the channel between UE and SN, but also SN and HN. Further, formal methods are adopted to prove the security of the proposed protocol.

5G network will serve billions of people worldwide in the near future and protecting human privacy from being violated is one of its most important goals. In this paper, we carefully studied the 5G authentication protocols (namely 5G AKA and EAP-AKA') and a location sniffing attack exploiting 5G authentication protocols vulnerability is found. The attack can be implemented by an attacker through inexpensive devices. To cover this vulnerability, a fix scheme based on the existing PKI mechanism of 5G is proposed to enhance the authentication protocols. The proposed scheme is successfully verified with formal methods and automatic verification tool TAMARIN. Finally, the communication overhead, computational cost and storage overhead of the scheme are analyzed. The results show that the security of the fixed authentication protocol is greatly improved by just adding a little calculation and communication overhead.