World Frontier Technology Development Report 2023 "World Information Technology Development Report" (7) Network and Information Security Technology

Data comes from: "World Frontier Technology Development Report 2023" and the Internet

1 Overview

In 2022, network and information security technology will continue to advance to cope with the further deterioration of the network security situation. Encryption technology continues to be upgraded, firewall and intrusion detection technology continue to evolve, and artificial intelligence and cloud security technology further improve the efficiency of network security protection. In the future, network security technology will continue to evolve to adapt to higher and more complex requirements in the field of network security.

2. Key technologies for network security

With the explosive growth in the number of Internet interfaces and applications, network security has been greatly affected, mainly reflected in the following three aspects:

First, the attack surface has expanded, and every new interface and application may become a vulnerability exploited by attackers; second,
with the increase in data storage and circulation, hub data leakage has increased sharply;
third, the increase in interfaces has changed the identity authentication and authorization process. become more complex and more prone to security vulnerabilities.

The network security situation is becoming more complex, and network systems need to be better managed and protected to resist attacks and prevent data leaks.

2.1 US Special Operations Command holds cyber challenge to find edge security technology

In April 2022, the United States Special Operations Command (SOCOM) held the Edge Network Security Challenge to identify technologies that can provide edge security capabilities. SOCOM is looking for technologies that can provide endpoint security for edge devices, cloud security to protect edge data, and Network Edge Security to protect Special Operations Forces environments. The ubiquity of IoT devices has led to a variety of edge computing devices and endpoints everywhere, and contestants need to ensure that decisions are made based on trusted data and have protection against zero-day attacks. In the second phase of the challenge, SOCOM will evaluate entrants based on their own technical strengths, independent of other solutions.

2.2 Cardiff University in the UK developed a method to block cyber attacks within 1 second

In May 2022, Cardiff University in the UK developed a new method that can block cyber attacks within 1 second. This method is based on technologies such as artificial intelligence and machine learning, and achieves defense by monitoring and predicting malware behavior rather than traditional code analysis. By simulating specific malware operation modes through training, the computer can predict the malware's next intrusion method within 1 second, effectively avoiding defense failure caused by attackers replacing malicious code. This method has been proven successful in preventing up to 92% of files on your computer from being corrupted, and it only takes an average of 0.3 seconds to remove a piece of malware.

2.3 Chinese researchers develop new method to detect malicious web pages

In July 2022, researchers from South Korea's Far East University and Namseoul University developed a new method for detecting malicious web pages. Unlike existing methods, the new approach revolves around identifying and analyzing common attack patterns used during the distribution of malicious code in websites to detect malicious web pages. The researchers first collected data on 500 malicious websites to analyze the methods most commonly used by these websites to distribute malicious code. The researchers then focused on the programming techniques and scripts used in these malicious codes and counted the number of times each technique was used in malicious websites. Finally, the researchers developed a formula to determine a given website's "risk score." This method can effectively detect malicious websites based on script mode, and the algorithm complexity and memory load are very low. The new approach will help enhance the security of network users while serving cybersecurity education by gathering information about malicious code distribution patterns.

2.4 Incheon University in South Korea has developed a 5G-based artificial intelligence malware classification system that can be used for next-generation network security

In November 2022, a research team at Incheon National University in South Korea developed a 5G-based artificial intelligence malware classification system that can be used for next-generation network security. The research team used a deep learning network method called grayscale image visualization to analyze malware and classify malware attacks into different types through a multi-stage convolutional neural network architecture. At the same time, the research team also integrated the security system with 5G to achieve high-throughput transmission of real-time data and low-latency diagnosis. In the future, this research is expected to be applied to scenarios such as the Industrial Internet of Things, smart cities, and autonomous driving.

3. Key technologies for data security

Data security technology refers to technology used to protect data from unauthorized access, use, alteration, leakage, destruction and other threats, mainly including authentication, encryption, anti-virus software, firewalls, access control, backup and recovery, etc. technology designed to ensure the confidentiality, integrity and availability of data during transmission, storage and processing. Its functions include: first, to protect sensitive information such as financial information, personal information, and business secrets from being leaked and abused; second, to improve data integrity and ensure that data is not changed or deleted. In the context of frequent network security incidents, data security technology has increasingly become a powerful guarantee for information security.

3.1 Swiss Federal Institute of Technology Zurich discovered a speculative execution attack method that can threaten Intel and AMD processors

In July 2022, researchers at the Swiss Federal Institute of Technology Zurich (ETH) discovered a speculative execution attack method that can affect microprocessors from Intel and AMD. The researchers named this speculative execution attack method Retbleed. This attack method exploits a feature of modern processors, which is that when the processor encounters a direct or indirect instruction, it predicts the address of the next instruction it will receive and automatically executes it before the prediction is confirmed. Speculative execution attacks access sensitive data in memory by tricking the processor into executing instructions. In response to related vulnerabilities, both companies have released relevant guides to help their customers prevent similar attacks.

3.2 Columbia University in the United States demonstrates the first fully verified ARM confidential computing architecture prototype

In July 2022, researchers from Columbia University demonstrated the key verification technology of ARM Confidential Compute Architecture (ARM CCA), which can protect sensitive private data. ARM CCA is a new feature of the ARMv9-A architecture that relies on firmware to manage the hardware to perform its security assurance measures, so the correctness and security of the firmware are crucial. In the past, engineering teams relied on software testing techniques to test the security of firmware. Columbia University's latest research uses mathematical models to prove the absolute correctness of software and hardware to provide the highest level of security assurance. Currently, ARM processors have been deployed on billions of devices around the world. As ARM CCA becomes more commonly used to protect users' private data, the verification technology demonstrated by Columbia University researchers will significantly improve data protection and security.

3.3 MIT developed a new federated machine learning algorithm

In September 2022, researchers at the Massachusetts Institute of Technology in the United States developed a new federated machine learning algorithm FedLTN. Federated learning is a distributed machine learning technology that protects user data privacy. In the past, federated learning faced problems such as high communication costs, multiple types of distributed data, and non-personalized distributed user models, which seriously affected the performance and deployment of the model. The researchers speed up pruning by optimizing the model size through an iterative pruning process and "rewinding" the rest of the pruned neural network to its original value, but in the process not pruning out the parts of the network that capture user-specific data about the distribution. Important information layer to ensure personalization of distributed user models. Experiments show that FedLTN reduces the size of the federated learning model by nearly 1 order of magnitude, reduces the communication cost of distributed users by 4 to 6 times, and improves overall performance by about 10%.

4. Quantum cryptography technology

Quantum cryptography technology uses the properties of quantum mechanics to ensure the confidentiality of information transmitted through communication channels, which means that the security of the system is guaranteed by the laws of physics and does not rely on the computational complexity of mathematical algorithms. Therefore, quantum cryptography is considered to be more secure than classical cryptography. With the continuous development of quantum technology and the increasing demand for secure communication, quantum cryptography technology is expected to become an important support for privacy and secure communication.

4.1 British Telecom and Japan's Toshiba cooperate to trial the first commercial quantum security network

In April 2022, British Telecom (BT) and Japan's Toshiba launched the first commercial trial of a quantum security network in the UK. BT provides end-to-end encrypted links on its Openreach private fiber network, while Toshiba provides quantum encryption hardware and key management software. British consulting company Ernst & Young Global Limited (EY) uses this network to connect two sites in London, Tower Bridge (Tower Bridge) and Canary Wharf (Canary Wharf). The network aims to explore the possibilities of commercializing quantum technologies.

4.2 Chinese scientists have made new progress in quantum key distribution network research

In July 2022, the team of Academician Guo Guangcan of the University of Science and Technology of China made important progress in the networking of quantum key distribution. The team implemented a non-trusted node quantum key distribution network that is resistant to environmental interference, comprehensively improving the security, availability and reliability of the quantum key distribution network, and taking an important step towards realizing the next generation of quantum networks.

4.3 Korea Institute of Science and Technology completed dual-field quantum key distribution demonstration experiment

In July 2022, Korea Instituts of Science and Technology (KIST) completed a Twin-Field Quantum Key Distribution (TF-QKD) demonstration experiment. TF-QKD is a long-distance communication protocol that can significantly increase the communication distance of quantum key distribution. In the TF-QKD experiment, two users can increase the communication distance by transmitting the quantum signal to an intermediate third party for measurement. This is the second experimental demonstration of TF-QKD network in the world after the University of Toronto in Canada. Unlike the University of Toronto's demonstration based on a ring network structure, the architecture proposed by the KIST team is based on a star network that can be extended to two-to-many networks based on polarization, time division, and wavelength division multiplexing. The research results are expected to promote the commercialization process of QKD.