Design of network security processing system in 5G/6gNG-DSS of intelligent model computer

Abstract

In order to solve the problem of low accuracy of evaluation results caused by the impact of throughput and transmission delay on traditional systems in 6G networks, this paper proposes a design method of network security processing system in 5G/6gNG-DSS of intelligent model computer. Supported by the principle of active defense, this paper designs a server-side structure, using ScanHome SH-800/400 embedded scanning module barcode QR code scanning device as the scanning engine. We put an evaluation device on the RISC chip PA-RISC microprocessor. Once the system fails, it will send an early warning signal. Through setting control, data, and cooperation interfaces, it can support the information exchange between subsystems. The higher pulse width modulator TL494:4 pin is used to design the power source. We use the top-down data management method to design the system software flow, build a mathematical model, introduce network entropy to weigh the benefits, and realize the system security evaluation. The experimental results show that the highest evaluation accuracy of the system can reach 98%, which can ensure user information security. Conclusion: The problem of active defense network security is transformed into a dynamic analysis problem, which provides an effective decision-making scheme for managers. The system evaluation based on Packet Tracer software has high accuracy and provides important decisions for network security analysis.

Keywords

Active defense network security assessment packet tracer scanning engine software flow design mathematical model

1. Introduction

Driven by the rapid growth of mobile traffic, the fifth generation (5G) wireless communication has been widely studied in meeting the key performance requirements of Enhanced Mobile Broadband (eMBB), Ultra Reliable Low Delay Communication (uRLLC) and Large Machine Type Communication (mMTC). However, with the further growth of mobile traffic, 5G will encounter technical limitations in supporting large-scale interconnection with highly diversified service requirements. In addition, many emerging use cases and dynamic future scenarios promote the demand for a new paradigm of next-generation wireless communication, namely, 6G wireless communication [1]. The 6G vision can be summarized as: ubiquitous wireless intelligence, ubiquitous services, seamless tracking of ubiquitous services connected with users, ubiquitous wireless connectivity with infrastructure, context-aware intelligent services and applications for everything. It is envisaged that 6G will drive the wireless network through on-demand self-reconfiguration to ensure the improvement of network performance and the growth of service types. The increasing performance requirements of the 6G network will promote the deployment of new technologies, such as terahertz communication, ultra-large antenna, large intelligent surface, visible light communication, etc. Balamurugan et al. developed a framework called IDSGT-NNN. This model combines the attacker and defender mechanism for attack and normal data processing. The proposed IDSGT-NNN model is evaluated against the CICDS-2017 dataset. The performance of the proposed IDSGT-NNN is evaluated by using existing technologies. Simulation analysis shows that the proposed IDSGT-NNN has enhanced performance in terms of accuracy, detection rate and accuracy, F-Score, AUC and FPR [2].

Basically, current security mainly depends on bit-level encryption technology and security protocols at different levels. These solutions adopt the design idea of “patch” and “plug-in”. The standardized protection embodied in the public wireless network is not safe enough. Even if there are enhanced encryption and authentication protocols, they will also impose strong constraints and high additional costs on users of the public network. The existing security protection system that relies on “patch” and “plug-in” network security enhancement schemes cannot meet the requirements, so the 6G network needs efficient and highly available security protection capabilities [3].

2. Research methods

2.1 Performance indicators and key technologies

Figure 1.

Comparison of key indicators of 5G and 6G.

The key performance indicators of 6G include supporting 1 Gbit/s user experience rate, 1 Tbit/s peak rate, 10 $\sim$ 100 $\mu$ s delay, 1 Gbit/(s $\cdot$ m²) regional communication flow, 10⁷ sets/km² connection density and at least 1000 km/h mobility. Figure 1 shows the comparison between the key indicators of 6G and 5G. It can be seen that the key network performance indicators of 6G network have significantly improved compared with 5G [4].

In order to achieve the above key performance indicators, 6G networks need to produce revolutionary innovations in spectrum, coding, antenna and other aspects. However, the final technical implementation of the current 6G network is not clear. Its potential technologies will include terahertz (THz) communication, visible light communication (VLC), new generation channel coding technology, ultra-large antenna technology, wireless communication technology based on artificial intelligence (AI), space-space-sea integrated communication and other key technologies. Table 1 compares and summarizes the literature on 6G, where OAM is orbital angular momentum; SM-MIMO is a very large antenna array; B5G is the last 5G [5, 6]. Table 2 summarizes the differences between 5G and 6G in application scenarios, features and key indicators.

Table 1

Research progress of 6G key performance technical indicators

6G network architecture	Potential technical methods	Main contributions
Large autonomous 6G network architecture	Terahertz communication, SM-MIMO, large intelligent reflector, holographic beamforming, OAM multiplexing, visible light communication, laser communication, blockchain-based spectrum sharing, quantum communication, molecular communication	Propose 6G vision and discuss 6G indicators and potential technologies
Comfortable, safe and intelligent integrated network architecture	UHF band, deep learning, intelligent reflector	Compare the main businesses of 5G, B5G and 6G, and analyze the potential technical methods from various aspects
Green 6G network architecture	Terahertz communication, visible light communication, molecular communication, quantum communication, distributed security blockchain, flexible smart materials, energy collection and management	Propose the concept of green 6G vision and discuss potential key technologies
Intelligent network architecture	6G big data analysis, AI closed-loop optimization, intelligent wireless communication	Analyze the vision of 6G from the perspective of intelligence, and introduce AI’s empowerment of 6G
–	Micro cell, integrated frequency band transceiver, large intelligent reflector, edge artificial intelligence, ground – air – satellite integrated network, energy transfer and collection, sixth sense network, limit network, holographic radio and photodiode coupled antenna array, cognitive radio based on AI and photonics	Introduce the vision of 6G, discuss the new indicators and potential key technologies of 6G, and put forward the problems faced by 6G in its development
–	Terahertz communication, visible light communication, sparse theory – compressed sensing, new channel coding, ultra-large antenna technology, flexible spectrum technology, wireless communication technology based on AI, air, space and sea integrated communication, wireless tactile network	A comprehensive and clear overview of 6G’s vision, enabling and potential key technologies

Table 2

Comparison of 5G and 6G application scenarios and key indicators

Mobile commu-nication system	Application scenario	Application	Charac-teristic	Maximum rate	User experi-ence rate	Time delay	Data area traffic	Equip-ment density	Support mobility
5G	eMBB URLLC mMTC	VR/AR/pano- ramic video UHD video Internet of Vehicles Internet of Things Smart city/factory/ family Telemedicine Wearable device	Cloud, software, virtuali-zation, slicing	20 Gbit/s	0.1 Gbit/s	1 ms	10 Mbit/(s $\cdot$ m²)	10⁶ sets/km²	500km/h
6G	FeMBB ERLLC umMTC LDHMC ELPC	Tactile Internet Full sensory digi- tal transmission Fully automatic driving Industrial Internet Space travel, deep-sea sightseeing Bio-nano Internet of Things	Intelli-gence, cloud, software, virtuali-zation, slicing	$\geqslant$ 1 Tbit/s	1 Gbit/s	10 $\sim$ 100 $\mu$ s	1 Gbit/(s $\cdot$ m²)	10⁷sets/km²	$\geqslant$ 1000km/h

Mobile commu-nication system

Application scenario

Application

Charac-teristic

Maximum rate

User experi-ence rate

Time delay

Data area traffic

Equip-ment density

Support mobility

eMBB

URLLC

mMTC

VR/AR/pano-

ramic video

UHD video

Internet of Vehicles

Internet of Things

Smart city/factory/

family

Telemedicine

Wearable device

Cloud, software, virtuali-zation, slicing

20 Gbit/s

0.1 Gbit/s

1 ms

10 Mbit/(s

\cdot

m²)

10⁶ sets/km²

500km/h

FeMBB

ERLLC

umMTC

LDHMC

ELPC

Tactile Internet

Full sensory digi-

tal transmission

Fully automatic

driving

Industrial

Internet

Space travel,

deep-sea

sightseeing

Bio-nano Internet

of Things

Intelli-gence, cloud, software, virtuali-zation, slicing

\geqslant

1 Tbit/s

1 Gbit/s

\sim

100

\mu

1 Gbit/(s

\cdot

m²)

10⁷sets/km²

\geqslant

1000km/h

2.2 Network architecture

After extensive research, this paper finds that the existing 6G related literature is mainly about putting forward vision and analyzing and discussing potential technologies. Because many technologies are still immature, it is difficult to determine a specific framework. This paper uses the proposed framework of space-space integration autonomous network to illustrate. This model is mainly an extension of the 5G network architecture for space-space integration, and clarifies the basic idea and framework of space-space integration autonomous system. Structurally, 6G will be a four-layer large-scale network, which can be divided into four network layers: space, air, ground and underwater [7].

Space network layer: support space Internet services in space travel and other applications, and provide wireless coverage for areas not covered, not served and underserved by the ground network through the intensive deployment of low-Earth orbit, medium-orbiting Earth and geostationary orbit satellites. For large-capacity satellite-ground transmission, millimeter-wave communication satellites will be deployed. At the same time, laser communication can realize long-distance transmission between satellites in free space.

Air network layer: the system works in low frequency, microwave and millimeter wave bands, and provides more flexible and reliable connection for emergencies or remote mountainous areas through intensive use of flight base stations, such as unmanned aerial vehicles and floating base stations. The positioning characteristics of floating base stations help to connect the optical interface defined by 6G to the space network and the accessible UAV base stations [8, 9].

Ground network layer: the main solution to provide wireless coverage for most human activities. In order to meet the service demand of data rate up to 1 Tbit/s, THz band is used; The ground network will support low frequency, microwave, millimeter wave and THz bands (i.e. full band). The path loss of millimeter wave (mmWave) and THz communication is very large, and more small base stations need to be deployed. Therefore, the 6G ground network will be an ultra-dense heterogeneous network, and ultra-high capacity terahertz transmission channels need to be deployed.

Underwater network layer: Internet coverage services will be provided for remote and deep sea activities with military or commercial applications. Because water has different propagation characteristics from land, underwater acoustic communication and laser communication can be used to realize high-speed data transmission of underwater two-way communication, and more underwater hubs can be deployed.

With the help of Packet Tracer software, this paper completes the design of the active defense network security evaluation system applicable to the 6G network, and analyzes the design process of the entire system through the terminal security access and access control list network security issues [10].

2.3 Communication security technology

System Model: 5G/6G NG-DSS (Network Security Processing System) for Intelligent Model Computers

Problem Definition: Design a 5G/6G NG-DSS intelligent model computer that can effectively handle network security issues and protect the confidentiality, integrity, and availability of network communication. The system should have the following characteristics:

1.
Efficient real-time monitoring and detection: The system should be able to monitor network traffic in real time and detect potential network security threats and attacks, including malware, intrusion attempts, Data breach, etc. The system shall be able to use the intelligent model to conduct real-time analysis and classification of network traffic to identify abnormal behaviors and attack patterns.
2.
Adaptive defense mechanism: The system should be able to automatically adjust and apply corresponding defense mechanisms based on detected threats and attack types, including firewall rules, intrusion detection and prevention systems (IDS/IPS), traffic filtering, etc. The system should be able to automatically update defense strategies based on real-time situations to adapt to constantly changing network security threats.
3.
High performance data processing and analysis capabilities: The system should have high-performance data processing and analysis capabilities, capable of processing large-scale network communication data for real-time data analysis, mining, and modeling. The system shall be able to use machine learning and deep learning technology to intelligently analyze and predict network traffic data to improve the accuracy and efficiency of network security.
4.
Secure communication and storage: The system should adopt secure communication protocols and encryption mechanisms to ensure the confidentiality and integrity of network communication. The system shall have a secure storage mechanism to encrypt, store and control access to sensitive data and logs to prevent unauthorized access and Data breach.
5.
Scalability and flexibility: The system should have good scalability and flexibility, and be able to adapt to the constantly growing network size and complexity. The system should support modular design to enable functional expansion and customized configuration as needed to meet the needs of different users and scenarios.

Figure 2.
Threats in communication security.

The innovative integration of artificial intelligence, big data and other technologies and the flexible and ubiquitous application of software definition slices in different application scenarios in 6G will further realize the ubiquitous availability of information on the basis of 5G network and promote the digitalization of all industries in the whole society. The threats involved in communication security are shown in Fig. 2. The heterogeneous integration of 6G network access, miniaturization of equipment and access points, slicing of different applications, and the marginalization of communication capabilities all contribute to more secure communication problems.
2.4 Active defense principle

The active defense network function can operate safely in the big data environment. Combined with network monitoring technology, it can ensure users to use safely in a safe environment. The active defense system is implemented under the condition of ensuring user information security. Based on the original system defense technology, Packet Tracer software is used [11, 12]. The active defense principle is shown in Fig. 3.

Figure 3.

Active defense principle.

According to the traditional active defense technology, Packet Tracer software is used to combine the monitoring principle with the prediction principle to form the active defense principle. The net end entropy is introduced into the system to weigh the benefits, which can avoid the interference of abnormal information carried by normal information. The network security evaluation system structure is designed according to this principle.

2.5 System structure design

Vulnerability scanning technology, firewall technology and intrusion detection technology are the most common effective means of network security defense at present. Vulnerability scanning technology is a network anti-attack capability technology that actively checks network security and timely blocks vulnerabilities. It is also the most important link in end-of-network security assurance measures [13, 14]. The overall structure design of network security evaluation system is shown in Fig. 4.

Figure 4.

Overall structure design of network security evaluation system

The client scans the system configuration and sends the configuration file to the alarm component. According to the determined scanning strategy, the host and network scanning methods are used to collect comprehensive vulnerability information, detect target vulnerabilities from the operating system layer, and transmit the scanning results to the evaluation module. The evaluation module calculates all the scanned vulnerability information and evaluates the system security according to the set comprehensive analysis function.

2.5.1 Server-side structure design

Figure 5.

Structural design of server.

The server-side structure design is shown in Fig. 5, which is composed of client, server, scan engine, result database, vulnerability database, rule database, etc.

1) Scanning engine

The scanning engine is the most important part of the antivirus software. When operating the antivirus software to scan a disk drive, the files under the entire disk drive need to be sent to the scanning engine for scanning. The scanning only passes through a user interface, without any packaged core program. ScanHomeSH-800/400 embedded scanning module barcode QR code scanning equipment is used as the scanning engine [15].

Through the SH-800 RS serial port interface, each scanning plug-in can be connected with each other, and the scanning program can be executed, and the results can be stored in the scanning result library.

2) Result database

During the scanning process, once the network is found to have a vulnerability, it is necessary to store the relevant information of the vulnerability in the result database. After the scanning task is completed, all data obtained by the server should be transmitted to the client for user evaluation.

3) Vulnerability database

When using the host to scan the external environment, it is necessary to combine the information returned by the host with the vulnerability database information to determine whether the system has vulnerabilities.

4) Rule database

Obtain relevant data from the vulnerability database and configure important rules to be stored in the rule database.

2.5.2 Evaluation device

The evaluation device consists of evaluation terminal, information receiving, external GSM module and host. Combined with ScanHome SH-800/400 scan engine, the evaluation device is designed on RISC chip PA-RISC microprocessor to minimize the power consumption during normal operation. Once the system fails, the evaluation device will immediately send an early warning signal to remind the user of active defense. The network security is poor [16].

2.5.3 Circuit design

The reliability of the switching power supply directly affects the reliability of the whole system. Starting from the protection of various circuits in the switching power supply, the starting circuit of the CNC switching power supply is analyzed to provide protection for the hardware equipment. The switching power supply circuit is responsible for providing power for the whole system. When there are many high-power electrical equipment, if the reliability of the switching power supply is not high, it means that the poor protection makes the system work abnormally, which is easy to cause equipment damage. In view of the above problems, the higher pulse width modulator TL494:4 pin is used for power supply design, as shown in Fig. 6.

Figure 6.

Power switch design.

In Fig. 6, the TL494 pin is a deadband control. The safe deadband time can be controlled by converting the power tube, and the switch can also be started by controlling the drive chip. At the moment of system startup, the capacitor does not establish voltage, and the output pulse of the pulse width modulator is blocked by the capacitor. As the voltage at both ends of the capacitor increases gradually, the pin voltage decreases gradually, and the drive pulse width continues to widen. If the auxiliary power supply fails one day, the triode will be on. At this time, it is necessary to cut off the drive pulse to ensure that the power switch will not stop working.

2.5.4 Design of system software

The system software part is designed in a top-down data management mode. The design flow of the system software part is shown in Fig. 7.

Figure 7.

Design flow of system software.

The system creates a test evaluation project according to the evaluation requirements, and assigns the asset identification task to the project identification module; The project identification module enters the complete identification information according to the target information, carries out ID identification for each assigned information, generates a corresponding list, and then transfers it to the control module; Fill in the test evaluation tasks according to the project list, and distribute the tasks to the subtasks in turn; The project identification online detection, malicious code identification, security analysis and other four parts of the system complete the corresponding tests according to the assigned tasks, and complete the software design by submitting the test results to the control system.

According to the design process of the software part, the Packet Tracer software is used to evaluate the security of the active defense network. In Packet Tracer software, network equipment such as switches, routers and network cards are provided. Among them, the switch is responsible for providing tabs, connecting the switch port with the terminal, and binding with the MAC address of the network card, so as to realize the safe access of the terminal equipment to the switch. The router verifies whether the network is safe through routing, configures the corresponding key, constructs a mathematical model, introduces the network entropy to weigh the benefits, and finally carries out the security evaluation [18].

2.5.5 Mathematical model construction

Let $Q=\{q_{1},q_{2}\}$ be a set, $q_{1}$ indicates attacker, $q_{2}$ indicates defender; $E^{k}=\{E_{1}^{k},E_{2}^{k},\ldots,E_{m}^{k}\}$ indicates the space where the event occurs; $E_{i}^{1}=\{(e_{i}^{1},h_{i}^{1},\pi_{i}^{1})\mid 0<\pi_{i}^{1}<1,\sum\pi_{i}^% {1}=1\}$ represents the attack behavior $e_{i}^{1}$ represents the malicious behavior of the attacker, $h_{i}^{1}$ represents the device that the attacker attacks. The attack behavior is divided into five levels according to the type of device, and $\pi_{i}^{1}$ represents the probability of the malicious attack of the attacker.

In different network defense states, the defense and attack levels are converted, and a mathematical model is built according to the relationship between defense and attack behavior, as shown in Eq. (1):

$\displaystyle S_{ij}^{l}=Q_{ij}^{l}+\sum_{l=1}^{K}P_{ij}^{l}(R_{l}\mid s_{l},E% _{i}^{1},E_{i}^{2})E_{i},P_{ij}^{l}\ldots 0$ (1)

where: $Q_{ij}^{l}$ represents the actions of both defense and attack parties; $R_{l}$ represents the entropy difference of network state; $s_{l}$ indicates the state of the entire network after the attack is successful.

2.5.6 Introduce network entropy to weigh benefits

Due to the interference of external environment in the process of model construction, the network is not safe and the result of security evaluation is not accurate. Therefore, it is necessary to introduce network entropy to weigh the benefits.

The entropy difference of network state is as the following Eq. (2):

$\displaystyle\Delta K=\sum_{i}I_{i}\Delta K_{\text{hostli}}+\sum_{j}\lambda_{j% }\Delta K_{\text{hostlj}}$

(2) $\displaystyle\Delta K_{\text{hostli}}=\Delta K_{m}$

where: $\Delta K_{\text{hostli}}$ represents the total value of the entropy difference of different indicators after the network is attacked; $I_{i}$ represents the importance of hardware equipment; $\Delta K_{\text{hostli}}$ represents the impact of the attack on the whole system; $\lambda$ is the influence factor. Fully consider the interests of both sides of defense and attack behavior, and conduct quantitative effect screening. If the attack behavior is greater than the defense behavior, it means that the attacker has successfully invaded the entire system using the method, and take the income of the defender as the evaluation index under the given environment.
2.5.7 Safety assessment

In the process of security evaluation, by analyzing the balanced disposal scheme under the security state, it is necessary to obtain the best security state of the network and evaluate its state. Set in as the indicator information in the active defense network terminal under big data. Set the initialization vector to the following Eq. (3):

$\displaystyle\text{in}^{0}=(\text{in}_{1}^{0},\text{in}_{2}^{0},\ldots,\text{% in}_{k}^{0},)$ (3)

On this basis, obtain the quantitative effect value out of attack behavior countermeasure, namely the following Eq. (4):

$\displaystyle\text{out}=\frac{\text{in}^{0}}{\text{in}^{0}_{k}}$ (4)

Combined with the above formula, update the vector, calculate the entropy difference of different evaluation stages, and obtain the probability under the equilibrium state, so as to analyze the active defense situation and complete the final security evaluation of the active defense network.

2.6 6G network security model

The security model and technology of 6G should provide comprehensive and reliable security protection for differentiated 6G application scenarios and new network architecture. Due to the huge number of terminals in the 6G application scenario, high requirements for security protection level and high requirements for safety energy efficiency, the 6G security architecture should meet the following requirements.

Distributed model training: The 6G network has the characteristics of high AI, and the centralized training of models will pose a great security threat, which requires a distributed model training scheme to improve.

Visible light security: As an emerging communication technology in 6G, visible light needs to be supported by a physical layer security mechanism different from radio frequency communication.

Quantum cryptography security: It is expected that large-scale quantum computers will be commercially available in the 6G era, and the cryptography based on quantum computing is worth studying.

Energy efficiency and security: In addition to the characteristics of mobile and miniaturization of users’ mobile devices in 6G networks, many small base stations and other communication infrastructure will also tend to be mobile. Energy consumption is a very important issue, and security algorithms with good energy efficiency need to be designed to provide security protection.

Intelligent security: On the one hand, with the expansion of the scope of the 6G network and the increase of equipment, network attacks are not only more and more common, but also more and more complex in terms of attack methods. It is difficult to cope with a large number of and changeable attacks by relying solely on artificial forces and fixed defense mechanisms [19]. Therefore, it is necessary to use AI to predict network attacks and adjust the appropriate security capabilities, and design security solutions based on AI. At the same time, AI can bring convenience to the increasingly complex network security configuration. On the other hand, the integration of AI brings new security requirements for 6G network security, and new security specifications need to be designed for intelligent systems.

The design of the 6G network security architecture needs to meet the above new security requirements and challenges, including new services, new technologies, new features and new equipment forms. The design principles of the 6G network security architecture include: decentralized processing of centralized data, consideration of security issues brought by new communication technologies and equipment forms, strengthening of privacy protection capabilities, and the need for intelligent development of security means. Based on the survey results of 6G network security scenarios and by extending the 3GPP 5G security architecture model, this paper believes that the security architecture of 6G network in the future will have an architecture similar to Fig. 8.

Figure 8.

6G Network security architecture.

According to the prediction of 6G network security design, this paper believes that the future 6G network security architecture will include the following 5 security domains.

Terminal equipment security: Similar to 5G network, how to ensure the security of mass access equipment itself will become the basis for ensuring the future 6G security. There will be a large number of micro/small devices in the 6G network, which have various forms and extensive functions, such as wearable micro devices, electronic textiles, tactile sensing devices and human implants. The data acquired and transmitted by these devices generally involve important human digital features or human brain thinking information. First of all, it is necessary to develop differentiated security strategies for different types of devices, so that each device has its own security protection capability according to security requirements. Micro and small devices often have relatively strict low power consumption requirements, so the energy collection capacity of the device and the energy consumption of the security algorithm and protocol itself need to be comprehensively considered when formulating the security strategy.

Application domain security: ensure secure communication between users and business providers. Application domain security is oriented to the applications that users actually use. It involves users’ security experience and interests. Its security needs are many, such as virus Trojan detection, script injection, zero-day vulnerability, etc. The security protection methods involved may include code audit, encrypted traffic analysis, pattern recognition and other related technical content [20].

Physical layer channel/antenna security protection: The 6G network will adopt some new physical layer technologies, such as cell-free large-scale MIMO (multiple in multiple out), intelligent reflector (IRS), visible light communication, etc. For the new physical layer communication technology, the previous physical layer security scheme is no longer applicable. It is necessary to propose corresponding physical layer security scheme for the new physical layer technology, such as VLC, which is directly different from the traditional radio communication in the media of transmitting data. It is necessary to take security measures for the unique physical properties of visible light. In addition, the future 6G will be a wireless communication network integrating space, space and sea. In addition to the wireless communication transmission on the ground, it also needs to support real-time communication in the sea, sky and space. The information transmission mode and transmission media in these space areas are significantly different from the wireless communication on the ground. Different security strategies need to be used in different space areas to meet the security requirements of communication.

Software Defined Network (SDN) and Slice Security: A typical feature of 5G network is to realize the pre-deployment of network functions through the software of communication functions, thus reducing the delay of business communication and improving the responsiveness of the network. In the 6G network, the application of software-defined network and network slicing will be more common than the 5G network. It can be predicted that a large number of network slices will be built in the 6G network according to different business scenarios and software function virtualization technology to meet the special network performance requirements in the 6G network. Therefore, how to ensure the security of the establishment and management of the network slice, such as the authorization security of the UE access slice and the slice isolation security, will become a problem that needs to be solved in the 6G network security.

Basic security of cryptography: Quantum computers are expected to be commercialized in the next few years, which means that attackers also have the ability to use quantum computers to crack modern cryptographic algorithms. The cryptography system of the 6G network must take into account the large quantum computing capabilities of the attacker. It should design a new public key cryptography algorithm based on the potential of the large capacity of the quantum computer.

3. Result analysis

With the help of Packet Tracer software, the design of the active defense end-of-network security evaluation system based on Packet Tracer software is verified and analyzed from the simulation experiment.

3.1 Purpose of simulation experiment

On the Packet Tracer software, computer network security is realized by configuring terminal security access. The system can be safely connected to the network by binding the switch port and the terminal address: secure routing can be realized through the routing protocol OSPF plaintext authentication; Configure standard access list on the router to achieve packet filtering.

3.2 Network topology of simulation experiment

Based on the principle of clear and secret encryption of the OSPF routing protocol, the access control list determines all the rules of the various OSPF routes. protocol, and design and complete the topology of the network security simulation experiment.

According to the network topology, the configuration address information is shown in Table 3.

Table 3
IP address information

Network equipment	IP address	Subnet mask
P0	192.168.1.2	255.255.255.0
P1	192.168.1.4	255.255.255.0
P2	192.168.1.3	255.255.255.0
P3	192.168.2.1	255.255.255.0
Server0	192.168.3.1	255.255.255.0

Figure 9.

Accuracy comparison results of two systems under different throughput.

3.3 Experimental results and analysis

Take throughput and transmission delay as basic indicators to verify the evaluation accuracy of the active defense network security evaluation system.

3.3.1 Analysis of the impact of throughput on evaluation accuracy

On the premise of ensuring that the data frame is not lost, the equipment can maintain the maximum transmission rate, continuously change the length of the data frame, and achieve the rapid acquisition of the receiver frame rate. However, because the throughput needs to be tested online, there can be no interruption during the experimental analysis. Compare and analyze the evaluation accuracy of traditional system and Packet Tracer software system, and the results are shown in Fig. 9.

It can be seen from Fig. 9 that with the increasing throughput, the evaluation accuracy of the two systems gradually decreases. When the throughput is 150 bits, the evaluation accuracy of the traditional system and the system based on Packet Tracer software reach the lowest, which is 90% and 22% respectively. It can be seen that under different throughput, the evaluation accuracy of the system based on Packet Tracer software is higher than that of the traditional system.

3.3.2 Analysis of the impact of transmission delay on evaluation accuracy

The Intel Core i7 processor was used to test the signal transmission and reception time and the media transmission time. The two systems were affected by the transmission delay. The comparison of the accuracy of the evaluation results is shown in Table 4 and Fig. 10.

Table 4
Accuracy comparison results of two systems under transmission delay

	Traditional system			System based on Packet Tracer software
Number of experiments/times	Signal reception	Media transmission	Accuracy/%	Signal reception	Media transmission	Accuracy/%
1	*	Normal	62	*	Normal	98
2	Normal	*	61	Normal	*	97
3	*	Normal	58	*	Normal	96
4	Normal	*	57	Normal	*	97
5	*	Normal	42	*	Normal	97

Note: “*” indicates delay.

Figure 10.

Accuracy of two systems under transmission delay.

By comparing the two systems, it can be seen that whether the signal reception is delayed or the media transmission is delayed, the evaluation accuracy of the software system based on Packet Tracer is higher than that of the traditional system [21]. To sum up, we can draw the conclusion of simulation experiment that the design of active defense network security evaluation system based on Packet Tracer software is reasonable.

4. Conclusion

At present, there are many network security assessment systems in China, and some have even been put into use. However, these systems are all aimed at network security vulnerability detection, and the interference problem for risk assessment has not been solved. In the big data environment, the introduction of network entropy to weigh the benefits can transform the problem of active defense network security into a dynamic analysis problem and provide managers with effective decision-making solutions. The system evaluation based on Packet Tracer software has high accuracy and provides important decisions for network security analysis. Due to the rapid growth of massive data, the regular introduction of security implementation schemes cannot be implemented, so the dynamic security assessment needs to be studied.

References

Ospanova

Zharkimbekova

Kussepova

Tokkuliyeva

Kokkoz

. Cloud service for protecting computer networks of enterprises using intelligent hardware and software devices based on raspberry pi microcomputers. Acta Polytechnica Hungarica. 2022; 19(4): 85-103.

Balamurugan

Mehbodniya

Kariri

Yadav

Kumar

Haq

. Network optimization using defender system in cloud computing security based intrusion detection system withgame theory deep neural network (idsgt-dnn). Pattern Recognition Letters. 2022 Apr: 156.

Liu

Rokunojjaman

Kumar

ERR

Nazila

Vugar

. Study on intelligent analysis and processing technology of computer big data based on clustering algorithm. Recent Advances in Electrical & Electronic Engineering (Formerly Recent Patents on Electrical & Electronic Engineering). 2023; 16(2): 150-158.

Khan

Abbas

Khan

Farooq

Khan

Siddiqui

Ahmad

. Intelligent model for brain tumor identification using deep learning. Applied Computational Intelligence and Soft Computing. 2022: 1-10.

Shojaeinasab

Charter

Jalayer

Khadivi

Ogunfowora

Raiyani

Najjaran

. Intelligent manufacturing execution systems: A systematic review. Journal of Manufacturing Systems. 2022; 62: 503-522.

. Image processing and recognition algorithm design in intelligent imaging device system. Security and Communication Networks. 2022: 1-10.

Lyu

Zhan

. Global analysis of active defense technologies for unmanned aerial vehicle. IEEE Aerospace and Electronic Systems Magazine. 2022; 37(1): 6-31.

Hong

Yue

Liu

. Vehicle energy system active defense: a health assessment of lithium-ion batteries. International Journal of Intelligent Systems. 2022; 37(12): 10081-10099.

Tang

Chen

Zhao

Huang

. A new dynamic security defense system based on TCP_REPAIR and deep learning. Journal of Cloud Computing. 2023; 12(1): 1-21.

10.

Zheng

Zhao

. Dynamic defenses in cyber security: Techniques, methods and challenges. Digital Communications and Networks. 2022; 8(4): 422-435.

11.

Cheng

Yue

Shen

Chen

. Secure frequency control of hybrid power system under DoS attacks via lie algebra. IEEE Transactions on Information Forensics and Security. 2022; 17: 1172-1184.

12.

Moscarello

Penzo

. The central nucleus of the amygdala and the construction of defensive modes across the threat-imminence continuum. Nature Neuroscience. 2022; 25(8): 999-1008.

13.

Yang

Zhang

Xie

Zhang

. Network security situation assessment with network attack behavior classification. International Journal of Intelligent Systems. 2022; 37(10): 6909-6927.

14.

Mojisola

Misra

Febisola

Abayomi-Alli

Sengul

. An improved random bit-stuffing technique with a modified RSA algorithm for resisting attacks in information security (RBMRSA). Egyptian Informatics Journal. 2022; 23(2): 291-301.

15.

Toyner

Sfenrianto

. Information system security evaluation using cobit 5 framework. Journal of Information System Management (JOISM). 2023; 4(2): 147-157.

16.

Zhao

Gao

Wei

Guo

. Model for network security service provider selection with probabilistic uncertain linguistic TODIM method based on prospect theory. Technological and Economic Development of Economy. 2022; 28(3): 638-654.

17.

Zheng

Zhao

. Dynamic defenses in cyber security: Techniques, methods and challenges. Digital Communications and Networks. 2022; 8(4): 422-435.

18.

Saeed

. Computer network between two departments using cisco packet tracer. Journal of Computing Sciences in Colleges. 2022; 38(4): 70-70.

19.

Ajay

Kumar

Muhammad

Achyut

Cheng

. Intrusion detection and prevention system for an IoT environment. Digit Commun Networks. 2022; 8(4): 540-551.

20.

Atjo

Olii

Manggopa

Rompas

PTD

. The effect of packet tracer simulator media on motivation and learning outcomes of basic network tkj students of cokroaminoto vocational school, kotamobagu. International Journal of Information Technology and Education. 2023; 2(2): 26-44.

21.

Nidhya

Manish

Achyut

Shuchi

Sanjeev

Cheng

. Remodeled chaotic compressive sensing scheme for secure and energy-efficient data forwarding in body-to-body network. Comput Electr Eng. 2022; 97: 107633.

Design of network security processing system in 5G/6gNG-DSS of intelligent model computer

Abstract

Keywords

1. Introduction

2. Research methods

2.1 Performance indicators and key technologies

2.3 Communication security technology

2.5.3 Circuit design

3.1 Purpose of simulation experiment

3.2 Network topology of simulation experiment

Table 3 IP address information

3.3.1 Analysis of the impact of throughput on evaluation accuracy

3.3.2 Analysis of the impact of transmission delay on evaluation accuracy

Table 4 Accuracy comparison results of two systems under transmission delay

References

Table 3
IP address information

Table 4
Accuracy comparison results of two systems under transmission delay