Visible to the public Biblio

Found 634 results

Filters: Keyword is Conferences  [Clear All Filters]
Liu, Songsong, Feng, Pengbin, Sun, Kun.  2021.  HoneyBog: A Hybrid Webshell Honeypot Framework against Command Injection. 2021 IEEE Conference on Communications and Network Security (CNS). :218—226.
Web server is an appealing target for attackers since it may be exploited to gain access to an organization’s internal network. After compromising a web server, the attacker can construct a webshell to maintain a long-term and stealthy access for further attacks. Among all webshell-based attacks, command injection is a powerful attack that can be launched to steal sensitive data from the web server or compromising other computers in the network. To monitor and analyze webshell-based command injection, we develop a hybrid webshell honeypot framework called HoneyBog, which intercepts and redirects malicious injected commands from the front-end honeypot to the high-fidelity back-end honeypot for execution. HoneyBog can achieve two advantages by using the client-server honeypot architecture. First, since the webshell-based injected commands are transferred from the compromised web server to a remote constrained execution environment, we can prevent the attacker from launching further attacks in the protected network. Second, it facilitates the centralized management of high-fidelity honeypots for remote honeypot service providers. Moreover, we increase the system fidelity of HoneyBog by synchronizing the website files between the front-end and back-end honeypots. We implement a prototype of HoneyBog using PHP and the Apache web server. Our experiments on 260 PHP webshells show that HoneyBog can effectively intercept and redirect injected commands with a low performance overhead.
Aslanyan, Hayk, Arutunian, Mariam, Keropyan, Grigor, Kurmangaleev, Shamil, Vardanyan, Vahagn.  2020.  BinSide : Static Analysis Framework for Defects Detection in Binary Code. 2020 Ivannikov Memorial Workshop (IVMEM). :3–8.
Software developers make mistakes that can lead to failures of a software product. One approach to detect defects is static analysis: examine code without execution. Currently, various source code static analysis tools are widely used to detect defects. However, source code analysis is not enough. The reason for this is the use of third-party binary libraries, the unprovability of the correctness of all compiler optimizations. This paper introduces BinSide : binary static analysis framework for defects detection. It does interprocedural, context-sensitive and flow-sensitive analysis. The framework uses platform independent intermediate representation and provide opportunity to analyze various architectures binaries. The framework includes value analysis, reaching definition, taint analysis, freed memory analysis, constant folding, and constant propagation engines. It provides API (application programming interface) and can be used to develop new analyzers. Additionally, we used the API to develop checkers for classic buffer overflow, format string, command injection, double free and use after free defects detection.
Ajiri, Victor, Butakov, Sergey, Zavarsky, Pavol.  2020.  Detection Efficiency of Static Analyzers against Obfuscated Android Malware. 2020 IEEE 6th Intl Conference on Big Data Security on Cloud (BigDataSecurity), IEEE Intl Conference on High Performance and Smart Computing, (HPSC) and IEEE Intl Conference on Intelligent Data and Security (IDS). :231–234.
Mobile antivirus technologies incorporate static analysis which involves the analysis of programs without its execution. This process relies on pattern matching against a signature repository to identify malware, which can be easily tricked by transformation techniques such as obfuscation. Obfuscation as an evasion technique renders character strings disguised and incomprehensive, to prevent tampering and reengineering, which poses to be a valuable technique malware developers adopt to evade detection. This paper attempts to study the detection efficiency of static analyzers against obfuscated Android malware. This study is the first step in a larger project attempting to improve the efficiency of malware detectors.
Li, Ziqing, Feng, Guiling.  2020.  Inter-Language Static Analysis for Android Application Security. 2020 IEEE 3rd International Conference on Information Systems and Computer Aided Education (ICISCAE). :647–650.
The Android application market will conduct various security analysis on each application to predict its potential harm before put it online. Since almost all the static analysis tools can only detect malicious behaviors in the Java layer, more and more malwares try to avoid static analysis by taking the malicious codes to the Native layer. To provide a solution for the above situation, there's a new research aspect proposed in this paper and defined as Inter-language Static Analysis. As all the involved technologies are introduced, the current research results of them will be captured in this paper, such as static analysis in Java layer, binary analysis in Native layer, Java-Native penetration technology, etc.
Stegemann-Philipps, Christian, Butz, Martin V..  2021.  Learn It First: Grounding Language in Compositional Event-Predictive Encodings. 2021 IEEE International Conference on Development and Learning (ICDL). :1–6.
While language learning in infants and toddlers progresses somewhat seamlessly, in artificial systems the grounding of language in knowledge structures that are learned from sensorimotor experiences remains a hard challenge. Here we introduce LEARNA, which learns event-characterizing abstractions to resolve natural language ambiguity. LEARNA develops knowledge structures from simulated sensorimotor experiences. Given a possibly ambiguous descriptive utterance, the learned knowledge structures enable LEARNA to infer environmental scenes, and events unfolding within, which essentially constitute plausible imaginations of the utterance’s content. Similar event-predictive structures may help in developing artificial systems that can generate and comprehend descriptions of scenes and events.
Chen, Wenhu, Gan, Zhe, Li, Linjie, Cheng, Yu, Wang, William, Liu, Jingjing.  2021.  Meta Module Network for Compositional Visual Reasoning. 2021 IEEE Winter Conference on Applications of Computer Vision (WACV). :655–664.
Neural Module Network (NMN) exhibits strong interpretability and compositionality thanks to its handcrafted neural modules with explicit multi-hop reasoning capability. However, most NMNs suffer from two critical draw-backs: 1) scalability: customized module for specific function renders it impractical when scaling up to a larger set of functions in complex tasks; 2) generalizability: rigid pre-defined module inventory makes it difficult to generalize to unseen functions in new tasks/domains. To design a more powerful NMN architecture for practical use, we propose Meta Module Network (MMN) centered on a novel meta module, which can take in function recipes and morph into diverse instance modules dynamically. The instance modules are then woven into an execution graph for complex visual reasoning, inheriting the strong explainability and compositionality of NMN. With such a flexible instantiation mechanism, the parameters of instance modules are inherited from the central meta module, retaining the same model complexity as the function set grows, which promises better scalability. Meanwhile, as functions are encoded into the embedding space, unseen functions can be readily represented based on its structural similarity with previously observed ones, which ensures better generalizability. Experiments on GQA and CLEVR datasets validate the superiority of MMN over state-of-the-art NMN designs. Synthetic experiments on held-out unseen functions from GQA dataset also demonstrate the strong generalizability of MMN. Our code and model are released in Github1.
Maruyama, Yoshihiro.  2021.  Learning, Development, and Emergence of Compositionality in Natural Language Processing. 2021 IEEE International Conference on Development and Learning (ICDL). :1–7.
There are two paradigms in language processing, as characterised by symbolic compositional and statistical distributional modelling, which may be regarded as based upon the principles of compositionality (or symbolic recursion) and of contextuality (or the distributional hypothesis), respectively. Starting with philosophy of language as in Frege and Wittgenstein, we elucidate the nature of language and language processing from interdisciplinary perspectives across different fields of science. At the same time, we shed new light on conceptual issues in language processing on the basis of recent advances in Transformer-based models such as BERT and GPT-3. We link linguistic cognition with mathematical cognition through these discussions, explicating symbol grounding/emergence problems shared by both of them. We also discuss whether animal cognition can develop recursive compositional information processing.
Stepanov, Daniil, Akhin, Marat, Belyaev, Mikhail.  2021.  Type-Centric Kotlin Compiler Fuzzing: Preserving Test Program Correctness by Preserving Types. 2021 14th IEEE Conference on Software Testing, Verification and Validation (ICST). :318—328.
Kotlin is a relatively new programming language from JetBrains: its development started in 2010 with release 1.0 done in early 2016. The Kotlin compiler, while slowly and steadily becoming more and more mature, still crashes from time to time on the more tricky input programs, not least because of the complexity of its features and their interactions. This makes it a great target for fuzzing, even the basic forms of which can find a significant number of Kotlin compiler crashes. There is a problem with fuzzing, however, closely related to the cause of the crashes: generating a random, non-trivial and semantically valid Kotlin program is hard. In this paper, we talk about type-centriccompilerfuzzing in the form of type-centricenumeration, an approach inspired by skeletal program enumeration [1] and based on a combination of generative and mutation-based fuzzing, which solves this problem by focusing on program types. After creating the skeleton program, we fill the typed holes with fragments of suitable type, created via generation and enhanced by semantic-aware mutation. We implemented this approach in our Kotlin compiler fuzzing framework called Backend Bug Finder (BBF) and did an extensive evaluation, not only testing the real-world feasibility of our approach, but also comparing it to other compiler fuzzing techniques. The results show our approach to be significantly better compared to other fuzzing approaches at generating semantically valid Kotlin programs, while creating more interesting crash-inducing inputs at the same time. We managed to find more than 50 previously unknown compiler crashes, of which 18 were considered important after their triage by the compiler team.
On, Mehmet Berkay, Chen, Humphry, Proietti, Roberto, Yoo, S.J. Ben.  2021.  Sparse Optical Arbitrary Waveform Measurement by Compressive Sensing. 2021 IEEE Photonics Conference (IPC). :1—2.
We propose and experimentally demonstrate a compressive sensing scheme based on optical coherent receiver that recovers sparse optical arbitrary signals with an analog bandwidth up to 25GHz. The proposed scheme uses 16x lower sampling rate than the Nyquist theorem and spectral resolution of 24.4MHz.
Perarasi, T., Vidhya, S., Moses M., Leeban, Ramya, P..  2020.  Malicious Vehicles Identifying and Trust Management Algorithm for Enhance the Security in 5G-VANET. 2020 Second International Conference on Inventive Research in Computing Applications (ICIRCA). :269—275.
In this fifth generation of vehicular communication, the security against various malicious attacks are achieved by using malicious vehicles identification and trust management (MAT) algorithm. Basically, the proposed MAT algorithm performs in two dimensions, they are (i) Node trust and (ii) information trust accompanied with a digital signature and hash chain concept. In node trust, the MAT algorithm introduces the special form of key exchanging algorithm to every members of public group key, and later the vehicles with same target location are formed into cluster. The public group key is common for each participant but everyone maintain their own private key to produce the secret key. The proposed MAT algorithm, convert the secrete key into some unique form that allows the CMs (cluster members) to decipher that secrete key by utilizing their own private key. This key exchanging algorithm is useful to prevent the various attacks, like impersonate attack, man in middle attack, etc. In information trust, the MAT algorithm assigns some special nodes (it has common distance from both vehicles) for monitoring the message forwarding activities as well as routing behavior at particular time. This scheme is useful to predict an exact intruder and after time out the special node has dropped all the information. The proposed MAT algorithm accurately evaluates the trustworthiness of each node as well as information to control different attacks and become efficient for improving a group lifetime, stability of cluster, and vehicles that are located on their target place at correct time.
Dong, Wenyu, Yang, Bo, Wang, Ke, Yan, Junzhi, He, Shen.  2021.  A Dual Blockchain Framework to Enhance Data Trustworthiness in Digital Twin Network. 2021 IEEE 1st International Conference on Digital Twins and Parallel Intelligence (DTPI). :144—147.
Data are the basis in Digital Twin (DT) to set up bidirectional mapping between physical and virtual spaces, and realize critical environmental sensing, decision making and execution. Thus, trustworthiness is a necessity in data content as well as data operations. A dual blockchain framework is proposed to realize comprehensive data security in various DT scenarios. It is highly adaptable, scalable, evolvable, and easy to be integrated into Digital Twin Network (DTN) as enhancement.
de Biase, Maria Stella, Marulli, Fiammetta, Verde, Laura, Marrone, Stefano.  2021.  Improving Classification Trustworthiness in Random Forests. 2021 IEEE International Conference on Cyber Security and Resilience (CSR). :563—568.
Machine learning algorithms are becoming more and more widespread in industrial as well as in societal settings. This diffusion is starting to become a critical aspect of new software-intensive applications due to the need of fast reactions to changes, even if temporary, in data. This paper investigates on the improvement of reliability in the Machine Learning based classification by extending Random Forests with Bayesian Network models. Such models, combined with a mechanism able to adjust the reputation level of single learners, may improve the overall classification trustworthiness. A small example taken from the healthcare domain is presented to demonstrate the proposed approach.
Gao, Xiaotong, Ma, Yanfang, Zhou, Wei.  2021.  The Trustworthiness Measurement Model of Component-based Software Based on the Subjective and Objective Weight Allocation Method. 2021 IEEE 21st International Conference on Software Quality, Reliability and Security Companion (QRS-C). :478—486.
Software trustworthiness includes many attributes. Reasonable weight allocation of trustworthy attributes plays a key role in the software trustworthiness measurement. In practical application, attribute weight usually comes from experts' evaluation to attributes and hidden information derived from attributes. Therefore, when the weight of attributes is researched, it is necessary to consider weight from subjective and objective aspects. Firstly, a novel weight allocation method is proposed by combining the Fuzzy Analytical Hierarchy Process (FAHP) method and the Criteria Importance Though Intercrieria Correlation (CRITIC) method. Secondly, based on the weight allocation method, the trustworthiness measurement models of component-based software are established according to the four combination structures of components. Thirdly, some metric criteria of the model are proved to verify the reasonability. Finally, a case is used to illustrate the practicality of the model.
Deng, Yuxin, Chen, Zezhong, Du, Wenjie, Mao, Bifei, Liang, Zhizhang, Lin, Qiushi, Li, Jinghui.  2021.  Trustworthiness Derivation Tree: A Model of Evidence-Based Software Trustworthiness. 2021 IEEE 21st International Conference on Software Quality, Reliability and Security Companion (QRS-C). :487—493.
In order to analyze the trustworthiness of complex software systems, we propose a model of evidence-based software trustworthiness called trustworthiness derivation tree (TDT). The basic idea of constructing a TDT is to refine main properties into key ingredients and continue the refinement until basic facts such as evidences are reached. The skeleton of a TDT can be specified by a set of rules, which is convenient for automated reasoning in Prolog. We develop a visualization tool that can construct the skeleton of a TDT by taking the rules as input, and allow a user to edit the TDT in a graphical user interface. In a software development life cycle, TDTs can serve as a communication means for different stakeholders to agree on the properties about a system in the requirement analysis phase, and they can be used for deductive reasoning so as to verify whether the system achieves trustworthiness in the product validation phase. We have piloted the approach of using TDTs in more than a dozen real scenarios of software development. Indeed, using TDTs helped us to discover and then resolve some subtle problems.
McCormack, Matt, Vasudevan, Amit, Liu, Guyue, Sekar, Vyas.  2021.  Formalizing an Architectural Model of a Trustworthy Edge IoT Security Gateway. 2021 IEEE 27th International Conference on Embedded and Real-Time Computing Systems and Applications (RTCSA). :93—102.
Today’s edge networks continue to see an increasing number of deployed IoT devices. These IoT devices aim to increase productivity and efficiency; however, they are plagued by a myriad of vulnerabilities. Industry and academia have proposed protecting these devices by deploying a “bolt-on” security gateway to these edge networks. The gateway applies security protections at the network level. While security gateways are an attractive solution, they raise a fundamental concern: Can the bolt-on security gateway be trusted? This paper identifies key challenges in realizing this goal and sketches a roadmap for providing trust in bolt-on edge IoT security gateways. Specifically, we show the promise of using a micro-hypervisor driven approach for delivering practical (deployable today) trust that is catered to both end-users and gateway vendors alike in terms of cost, generality, capabilities, and performance. We describe the challenges in establishing trust on today’s edge security gateways, formalize the adversary and trust properties, describe our system architecture, encode and prove our architecture trust properties using the Alloy formal modeling language. We foresee our trustworthy security gateway architecture becoming a practical and extensible formal foundation towards realizing robust trust properties on today’s edge security gateway implementations.
Butler, Martin, Butler, Rika.  2021.  The Influence of Mobile Operating Systems on User Security Behavior. 2021 IEEE 5th International Conference on Cryptography, Security and Privacy (CSP). :134—138.
Mobile security remains a concern for multiple stakeholders. Safe user behavior is crucial key to avoid and mitigate mobile threats. The research used a survey design to capture key constructs of mobile user threat avoidance behavior. Analysis revealed that there is no significant difference between the two key drivers of secure behavior, threat appraisal and coping appraisal, for Android and iOS users. However, statistically significant differences in avoidance motivation and avoidance behavior of users of the two operating systems were displayed. This indicates that existing threat avoidance models may be insufficient to comprehensively deal with factors that affect mobile user behavior. A newly introduced variable, perceived security, shows a difference in the perceptions of their level of protection among the users of the two operating systems, providing a new direction for research into mobile security.
Suo, Siliang, Huang, Kaitian, Kuang, Xiaoyun, Cao, Yang, Chen, Liming, Tao, Wenwei.  2021.  Communication Security Design of Distribution Automation System with Multiple Protection. 2021 IEEE International Conference on Consumer Electronics and Computer Engineering (ICCECE). :750—754.
At present, the security protection of distribution automation system is faced with complex and diverse operating environment, and the main use of public network may bring greater security risks, there are still some deficiencies. According to the actual situation of distribution automation of China Southern Power Grid, this paper designs multiple protection technology, carries out encryption distribution terminal research, and realizes end-to-end longitudinal security protection of distribution automation system, which is effectively improving the anti-attack ability of distribution terminal.
Iqbal, Shahrear.  2021.  A Study on UAV Operating System Security and Future Research Challenges. 2021 IEEE 11th Annual Computing and Communication Workshop and Conference (CCWC). :0759—0765.
The popularity of Unmanned Aerial Vehicles (UAV) or more commonly known as Drones is increasing recently. UAVs have tremendous potential in various industries, e.g., military, agriculture, transportation, movie, supply chain, and surveillance. UAVs are also popular among hobbyists for photography, racing, etc. Despite the possibilities, many UAV related security incidents are reported nowadays. UAVs can be targeted by malicious parties and if compromised, life-threatening activities can be performed using them. As a result, governments around the world have started to regulate the use of UAVs. We believe that UAVs need an intelligent and automated defense mechanism to ensure the safety of humans, properties, and the UAVs themselves. A major component where we can incorporate the defense mechanism is the operating system. In this paper, we investigate the security of existing operating systems used in consumer and commercial UAVs. We then survey various security issues of UAV operating systems and possible solutions. Finally, we discuss several research challenges for developing a secure operating system for UAVs.
Wang, Junchao, Pang, Jianmin, Shan, Zheng, Wei, Jin, Yao, Jinyang, Liu, Fudong.  2021.  A Software Diversity-Based Lab in Operating System for Cyber Security Students. 2021 IEEE 3rd International Conference on Computer Science and Educational Informatization (CSEI). :296—299.
The course of operating system's labs usually fall behind the state of art technology. In this paper, we propose a Software Diversity-Assisted Defense (SDAD) lab based on software diversity, mainly targeting for students majoring in cyber security and computer science. This lab is consisted of multiple modules and covers most of the important concepts and principles in operating systems. Thus, the knowledge learned from the theoretical course will be deepened with the lab. For students majoring in cyber security, they can learn this new software diversity-based defense technology and understand how an exploit works from the attacker's side. The experiment is also quite stretchable, which can fit all level students.
Tao, Qian, Tong, Yongxin, Li, Shuyuan, Zeng, Yuxiang, Zhou, Zimu, Xu, Ke.  2021.  A Differentially Private Task Planning Framework for Spatial Crowdsourcing. 2021 22nd IEEE International Conference on Mobile Data Management (MDM). :9—18.
Spatial crowdsourcing has stimulated various new applications such as taxi calling and food delivery. A key enabler for these spatial crowdsourcing based applications is to plan routes for crowd workers to execute tasks given diverse requirements of workers and the spatial crowdsourcing platform. Despite extensive studies on task planning in spatial crowdsourcing, few have accounted for the location privacy of tasks, which may be misused by an untrustworthy platform. In this paper, we explore efficient task planning for workers while protecting the locations of tasks. Specifically, we define the Privacy-Preserving Task Planning (PPTP) problem, which aims at both total revenue maximization of the platform and differential privacy of task locations. We first apply the Laplacian mechanism to protect location privacy, and analyze its impact on the total revenue. Then we propose an effective and efficient task planning algorithm for the PPTP problem. Extensive experiments on both synthetic and real datasets validate the advantages of our algorithm in terms of total revenue and time cost.
Li, Xianxian, Fu, Xuemei, Yu, Feng, Shi, Zhenkui, Li, Jie, Yang, Junhao.  2021.  A Private Statistic Query Scheme for Encrypted Electronic Medical Record System. 2021 IEEE 24th International Conference on Computer Supported Cooperative Work in Design (CSCWD). :1033—1039.
In this paper, we propose a scheme that supports statistic query and authorized access control on an Encrypted Electronic Medical Records Databases(EMDB). Different from other schemes, it is based on Differential-Privacy(DP), which can protect the privacy of patients. By deploying an improved Multi-Authority Attribute-Based Encryption(MA-ABE) scheme, all authorities can distribute their search capability to clients under different authorities without additional negotiations. To our best knowledge, there are few studies on statistical queries on encrypted data. In this work, we consider that support differentially-private statistical queries. To improve search efficiency, we leverage the Bloom Filter(BF) to judge whether the keywords queried by users exists. Finally, we use experiments to verify and evaluate the feasibility of our proposed scheme.
Abbas, Moneeb, Rashid, Muhammad, Azam, Farooque, Rasheed, Yawar, Anwar, Muhammad Waseem, Humdani, Maryum.  2021.  A Model-Driven Framework for Security Labs using Blockchain Methodology. 2021 IEEE International Systems Conference (SysCon). :1–7.
Blockchain technology is the need of an hour for ensuring security and data privacy. However, very limited tools and documentation are available, therefore, the traditional code-centric implementation of Blockchain is challenging for programmers and developers due to inherent complexities. To overcome these challenges, in this article, a novel and efficient framework is proposed that is based on the Model-Driven Architecture. Particularly, a Meta-model (M2 level Ecore Model) is defined that contains the concepts of Blockchain technology. As a part of tool support, a tree editor (developed using Eclipse Modeling Framework) and a Sirius based graphical modeling tool with a drag-drop palette have been provided to allow modeling and visualization of simple and complex Blockchain-based scenarios for security labs in a very user-friendly manner. A Model to Text (M2T) transformation code has also been written using Acceleo language that transforms the modeled scenarios into java code for Blockchain application in the security lab. The validity of the proposed framework has been demonstrated via a case study. The results prove that our framework can be reliably used and further extended for automation and development of Blockchain-based application for security labs with simplicity.
Ismaeel, Khaled, Naumchev, Alexandr, Sadovykh, Andrey, Truscan, Dragos, Enoiu, Eduard Paul, Seceleanu, Cristina.  2021.  Security Requirements as Code: Example from VeriDevOps Project. 2021 IEEE 29th International Requirements Engineering Conference Workshops (REW). :357–363.
This position paper presents and illustrates the concept of security requirements as code – a novel approach to security requirements specification. The aspiration to minimize code duplication and maximize its reuse has always been driving the evolution of software development approaches. Object-Oriented programming (OOP) takes these approaches to the state in which the resulting code conceptually maps to the problem that the code is supposed to solve. People nowadays start learning to program in the primary school. On the other hand, requirements engineers still heavily rely on natural language based techniques to specify requirements. The key idea of this paper is: artifacts produced by the requirements process should be treated as input to the regular object-oriented analysis. Therefore, the contribution of this paper is the presentation of the major concepts for the security requirements as the code method that is illustrated with a real industry example from the VeriDevOps project.
Lv, Tianxiang, Bao, Qihao, Chen, Haibo, Zhang, Chi.  2021.  A Testing Method for Object-oriented Program based on Adaptive Random Testing with Variable Probability. 2021 IEEE 21st International Conference on Software Quality, Reliability and Security Companion (QRS-C). :1155–1156.
Object-oriented program (OOP) is very popular in these years for its advantages, but the testing method for OOP is still not mature enough. To deal with the problem that it is impossible to generate the probability density function by simply numeralizing a point in the test case caused by the complex structure of the object-oriented test case, we propose the Adaptive Random Testing through Test Profile for Object-Oriented software (ARTTP-OO). It generates a test case at the edge of the input field and calculates the distance between object-oriented test cases using Object and Method Invocation Sequence Similarity (OMISS) metric formula. And the probability density function is generated by the distance to select the test cases, thereby realizing the application of ARTTP algorithm in OOP. The experimental results indicate the proposed ARTTP-OO consumes less time cost without reducing the detection effectiveness.
Liu, Wei, Zhao, Tao.  2021.  Vulnerability Assessment and Attack Simulation of Power IoT Based on the Attractiveness of Equipment Assets. 2021 IEEE 4th Advanced Information Management, Communicates, Electronic and Automation Control Conference (IMCEC). 4:1246—1250.
With the rapid development of the electric power Internet-of-Things (power IoT) technology and the widespread use of general-purpose software, hardware and network facilities, the power IoT has become more and more open, which makes the traditional power system face new cyber security threats. In order to find the vulnerable device nodes and attack links in the power IoT system, this paper studies a set of attack path calculation methods and vulnerability node discovery algorithms, which can construct a power IoT attack simulation program based on the value of equipment assets and information attributes. What’s more, this paper has carried on the example analysis and verification on the improved IEEE RBTS Bus 2 system. Based on the above research plan, this paper finally developed a set of power IoT attack simulation tool based on distribution electronic stations, which can well find the vulnerable devices in the system.