With the advent of the era of big data, the process of globalization is accelerated, the economic and political exchanges between countries become more frequent, the competition for data becomes more and more fierce, and the cross-border flow of data is inevitable. Although the European Union, the United States and other major international economies give priority to the deployment of cross-border data, which provides effective reference for different countries, with the increasingly urgent demand for cross-border data flow, the related issues of national security and personal data protection are gradually highlighted. First, by combing existing research works on cross-border data flow, starting from the concept of data cross-border, we summarize their advantages and disadvantages; then, starting from the core data security technology and regulatory mechanism, we systematically analyze and compare cross-border data current situation of the flow of multiple countries ; finally, based on the collation and summary of existing works, we discuss the shortcomings and challenges of China's existing data cross-border management system, put forward targeted suggestions and solutions, and look forward to the research and development trends in this field. 

 Cybersecurity vulnerabilities have become an important cyber weapon of various countries. To strengthen national control over security vulnerabilities, governments of various countries have released the vulnerability equities process (VEP), which evaluates vulnerabilities at the government level, and decides to disclose them for the purpose of protecting national interests or retain security vulnerability. At present, the vulnerability equities process faces the problems of low penetration rate, low transparency, and a low degree of standardization. To deal with this situation, the development of the vulnerability equities process was studied, and the current situation of the formulation of VEP procedures worldwide was analyzed and compared. It analyzes and compares the current situation of the world-wide VEP program formulation, mainly enumerating the current mature VEP. At the same time, discussed how to establish a standardized procedure for the vulnerability equities process, pointed out the challenges faced by the vulnerability equities process, and propose solutions. Finally, it provided some suggestions for my country to establish a vulnerability equities process.

Threat intelligence can help organizations to study the possible security situation and situation, and make security decisions and emergency response accordingly. However, in order to effectively utilize all kinds of threat intelligence, the expression of threat intelligence needs to be normalized and standardized. The United States has long established and operated a complete set of threat intelligence standard system, while the construction of China's standard system is still in its infancy. This paper summarizes the standardization work of some international countries (organizations) in the field of cyber threat intelligence, and makes a comparative analysis of China's national standard and the American STIX standard from four aspects, such as release history, model framework, information examples and platform application. This paper summarizes the advantages of the standardization of cyber threat intelligence in the United States in terms of project positioning, model construction and ecological construction, and puts forward three suggestions for the standardization of China in the future.

Advanced persistent threat attacks refer to long-term customized attacks on high-value targets, which will leave scattered traces on different hosts. At the same time, attackers will use various technologies to hide their actions in normal system activities, so it is difficult for analysts to observe them. In order to analyze it and take countermeasures, it is necessary to develop a new generation of threat detection and attack reconstruction tools, so that analysts can quickly determine whether there is a major intrusion, understand the process of attackers undermining system security, and determine the impact of attacks. Causality analysis is one of the most concerned methods and has strong robustness. In this paper, the advanced persistent threat attack is briefly introduced first, then the basic attack reconstruction schemes relying on causality analysis are discussed, and the threat detection and attack reconstruction schemes based on anomaly analysis, heuristic and graphic analysis methods are emphatically analyzed. The existing schemes are evaluated, and the challenges faced by the current attack reconstruction system are analyzed. Finally, the potential research directions of attack reconstruction are discussed and prospected.

 The construction of cybersecurity workforce is an important factor to build China's strength in cyberspace, science and technology. Strengthening the construction of cybersecurity workforce has become the core demand of safeguarding national cybersecurity and building China's strength in cyberspace. At present, China has made some achievements in the construction of cybersecurity discipline, vocational education and training, talent selection and so on. On the whole, there are still some problems in China's cybersecurity workforce, such as large quantity gap, low ability and quality, unreasonable structure, and so on. There is still a certain gap with the requirements of ensuring national cybersecurity and promoting the construction of network power. It is necessary to further strengthen the construction of cyber security workforce. This paper analyzes the relevant policies and standards of cybersecurity workforce in the United States and China, and puts forward some suggestions on the standardization of cybersecurity workforce construction in China.

At present, the form of distributed denial of service (DDoS) attacks against the web application layer is becoming more and more strict. However, the research on the mitigation methods of this kind of DDoS is less and the technology is not mature enough. It mainly focuses on the detection and traffic cleaning in the attack process and lacks active detection methods for the vulnerability of web server resource consumption. Therefore, this paper proposes a detection model and evaluation framework for the vulnerability of web service resource consumption, which can detect the vulnerability of web service resource consumption and evaluate the vulnerability of web service resource consumption. The purpose is to analyze and understand the vulnerability of web service resource consumption before web service is attacked, so as to provide a reference for website security performance optimization and defense measures Support. Through the actual evaluation of a website, the effectiveness of the model and framework is verified. The vulnerability of web service resource consumption can be detected and evaluated through the actual application website, and the vulnerability of web service resource consumption can be found.

With the development of the power Internet of Things architecture, the higher requirements for the data security storage in the data layer have been put forward. In order to realize the fine-grained access control of the data resources of the distributed database in the power Internet of Things, a scheme of using zero-trust architecture was proposed to protect database resources. In this paper, the dynamic trust management was discussed to make real-time and context-based decision and authorization for access request, and the method of fine-grained access control of resources is used to realize the minimum authorization of access subjects. Finally, the methods of optimizing access control performance by multi-granularity strategy matching and permission expansion were introduced.

In recent years, with the rapid development of Internet of Things (IoT) technology, a large number of Internet of Things devices have emerged in the cyberspace, such as network printers, network cameras and routers. However, the network security situation is getting worse.  Large-scale network attacks initiated by terminal devices connected to the Internet frequently occur, causing a series of adverse effects, such as information leakage and personnel property damage.  Establishing a fingerprint generation system for IoT devices to accurately identify device types is of great significance to the unified security control of the IoT. We propose a real-time automatic detection and recognition solution for IoT devices based on traffic fingerprints. This solution contains two main modules, including automatic detection and fingerprint recognition.  First, passive listening is used to collect messages sent by different IoT devices. Based on the differences in the header fields of different devices, a series of multi-classification algorithms are used to identify the device type. Simulation experiments show that the scheme can achieve an average prediction accuracy of 93.75%.

The extensive application of the Internet of Things in various fields has caused a spurt of equipment growth. Terminal device authentication has become a key issue for the security management and control of IoT access. At present, blockchain technology has begun to be applied to the security of the Internet of Things business, but there is no effective solution for device authentication based on the blockchain. Based on block header synchronization verification and Simple Payment Verification (SPV) technology, this paper proposes a device authentication method based on blockchain transaction verification, which reduces the risk of leakage of key credentials during the communication process, and reduces the block chain’s transaction confirmation through the consensus mechanism Waiting for the delay provides a reliable and efficient security access mechanism for IoT devices.

The organic combination of Internet of Vehicles and intelligent vehicles has produced Intelligent connected vehicle. Intelligent connected vehicle realizes the information exchange of people, vehicles and roads through on-board sensing system and information terminal, which is based on emerging technologies such as artificial intelligence and 5G communication technology. However, while the manufacturers integrate the emerging intelligent network technology into the car to bring convenience, rapidity, intelligence and comfort to customers, there are also many information security problems. This paper first introduces the booming trend of intelligent connected vehicles and the increasing security issues. While giving the definition and architecture of intelligent connected vehicles, the relationship between “intelligence” and “connected” and the differences in technical routes at home and abroad are compared. The current security threats faced by intelligent connected vehicles are summarized and analyzed. Combined with the technical architecture differences between intelligent connected vehicles and traditional vehicles, the attacks are divided into two categories: traditional attacks and new attacks, and the corresponding security defense countermeasures for each attack are given.Finally, the current research status of intelligent connected vehicles safety is summarized, and suggestions for the research direction of the current environment are put forward.

 In recent years, with the continuous shortening of the software development cycle, a large number of open source code is used in modern software projects, and software developers tend to focus only on the security of the part of the project code they are responsible for, and rarely pay attention to the security of the open source code used in the project, and it is difficult for users to correspond the vulnerability entries in the traditional vulnerability repository to the current software version. and existing vulnerabilities There are some differences between existing version control schemes and those of open source code, so a vulnerability repository that can accurately collect open source code vulnerability intelligence and precisely match vulnerabilities is essential. This paper first introduces the potential security challenges brought by the widespread use of open source code, then analyzes in detail the existing open source vulnerability repository platforms and conducts a comparative study of existing open source vulnerability databases from several dimensions, then gives the problems and challenges faced by the construction of current open source vulnerability databases, and finally gives some suggestions for building open source vulnerability databases.

As an effective carrier of practical teaching, competitions focus on examining students' creative ability and practical ability, and are an important means to improve talent training ability. The National College Student Information Security Competition is currently the only competition in the field of cyberspace security that has been shortlisted for college discipline competitions. It has been held for 13 sessions since 2008. This article will take the work competition as an example, through the collection, processing and statistics of recent competition information and award-winning data, for the first time to analyze the information security competition. By digging the hidden information and laws behind the winning data of the competition, exploring the internal connection between the topic selection direction of the winning works and the development and demand of security technology, we hope to provide theoretical and data references for colleges and students participating in such information security competitions in the future.