In the Tri-element Peer Authentication (TePA)-based wired Local Area Network (LAN) media access control Security (TLSec), the certificate-based wired LAN security association scheme has communication waste in the exchange key establishment processes and is not suitable for trusted computing environment. To solve these two problems, firstly, an improved certificate-based wired LAN security association scheme was proposed. In this scheme, the exchange key establishment process between the newly added switch and each nonadjacent switch was simplified, thus improving the communication performance of the exchange key establishment processes. Then, a certificate-based wired LAN security association scheme for trusted computing environment was proposed based on the above scheme. In this scheme, the platform authentication of the newly added terminal devices was added in the process of certificate-based authentication, so as to realize the trusted network access of the newly added terminal devices, and effectively prevent the newly added terminal devices from bringing worms, viruses and malicious softwares into the wired LAN. Finally, the two schemes were proved secure by using the Strand Space Model (SSM). In addition, through qualitative and quantitative comparative analysis, the two schemes are better than those proposed in related literatures.

Aiming at the difficulty of finding terrorist attack organizations and the imbalance of terrorist attack data samples, a terrorist attack organization prediction method based on feature selection and hyperparameter optimization was proposed. First, by taking the advantage of Random Forest (RF) in dealing with imbalanced data, the backward feature selection was carried out through the RF iteration. Second, four mainstream classifiers including Decision Tree (DT), RF, Bagging and XGBoost were used to classify and predict terrorist attack organizations, and the Bayesian optimization method was used to optimize the hyperparameters of these classifiers. Finally, the Global Terrorism Database (GTD) was used to evaluate the classification prediction performance of these classifiers on the majority class samples and minority class samples. Experimental results show that the proposed method improves the classification and prediction performance of terrorist attack organizations, and the classification and prediction performance is the best when using RF and Bagging, with the accuracy of 0.823 9 and 0.831 6 respectively. Especially for minority class samples, the classification and prediction performance when using RF and Bagging is significantly improved.

For the communication waste of the exchange key establishment process in Local Area Network (LAN) security association scheme based on pre-shared key, an improved LAN security association scheme was proposed. A pairwise key between a new added switch and the authentication server was generated by improving the authentication and unicast key agreement process based on pre-shared key, and was used to the exchange key agreement processes between the new added switch and other nonadjacent switches. Then, on basis of the above improved scheme, a LAN security association scheme in trusted computing environment was put forward. In the improved authentication and unicast key negotiation process based on pre-shared key, the platform authentication of the terminal device was further increased, thereby realizing the trusted network access of the terminal device, and effectively enhancing the security of the LAN. Finally, the two LAN security association schemes were proved secure in the Strand Space Model (SSM). The results of performance comparison analysis show that the improved scheme reduces the number of exchanged messages and computation complexity of the exchange key agreement processes.