False Data Injection Attack(FDIA),a disruptive cyber threat,is becoming increasingly detrimental to smart grids with the deepening integration of information technology and physical power systems,leading to system unr...False Data Injection Attack(FDIA),a disruptive cyber threat,is becoming increasingly detrimental to smart grids with the deepening integration of information technology and physical power systems,leading to system unreliability,data integrity loss and operational vulnerability exposure.Given its widespread harm and impact,conducting in-depth research on FDIA detection is vitally important.This paper innovatively introduces a FDIA detection scheme:A Protected Federated Deep Learning(ProFed),which leverages Federated Averaging algorithm(FedAvg)as a foundational framework to fortify data security,harnesses pre-trained enhanced spatial-temporal graph neural networks(STGNN)to perform localized model training and integrates the Cheon-Kim-Kim-Song(CKKS)homomorphic encryption system to secure sensitive information.Simulation tests on IEEE 14-bus and IEEE 118-bus systems demonstrate that our proposed method outperforms other state-of-the-art detection methods across all evaluation metrics,with peak improvements reaching up to 35%.展开更多
Memory leak is a common software vulnerability that can decrease the reliability of an application and,in severe cases,even cause program crashes.If there are intentionally triggerable memory leak vulnerabilities in a...Memory leak is a common software vulnerability that can decrease the reliability of an application and,in severe cases,even cause program crashes.If there are intentionally triggerable memory leak vulnerabilities in a program,attackers can exploit these bugs to launch denial-of-service attacks or induce the program to exhibit unexpected behaviors due to low memory conditions.Existing fuzzing techniques primarily focus on improving code coverage,and specialized fuzzing techniques for individual memory-related defects like uncontrolled memory allocation do not address memory leak vulnerabilities.MemLock is the first fuzzing technique to address memory consumption vulnerabilities including memory leakage.However,the coverage-centric guidance mechanism of MemLock introduces a degree of aimlessness in the testing process,that results in low seed quality and slow bug exposure speed.To address this issue,we propose a risk areas guidance-based fuzzing technique called RBZZER.First,RBZZER retains MemLock’s memory consumption-guided mechanism and introduces a novel distance-guided approach to expedite the arrival of fuzzing at the potential memory areas.Second,we introduce a new seed scheduling strategy called risk areas-based seed scheduling,which classifies seeds based on potential memory leak areas in the program and further schedules them,thereby effectively improving the efficiency of discovering memory leak vulnerabilities.Experiments demonstrate that RBZZER outperforms the state-of-the-art fuzzing techniques by finding 52%more program unique crashes than the second-best counterpart.In particular,RBZZER can discover the amount of memory leakage at least 112%more than the other baseline fuzzers.Besides,RBZZER detects memory leaks at an average speed that is 9.10x faster than MemLock.展开更多
基金supported in part by the Sichuan Science and Technology Program(2024YFHZ0015)the Key Laboratory of Data Protection and Intelligent Management,Ministry of Education,Sichuan University(SCUSACXYD202401).
文摘False Data Injection Attack(FDIA),a disruptive cyber threat,is becoming increasingly detrimental to smart grids with the deepening integration of information technology and physical power systems,leading to system unreliability,data integrity loss and operational vulnerability exposure.Given its widespread harm and impact,conducting in-depth research on FDIA detection is vitally important.This paper innovatively introduces a FDIA detection scheme:A Protected Federated Deep Learning(ProFed),which leverages Federated Averaging algorithm(FedAvg)as a foundational framework to fortify data security,harnesses pre-trained enhanced spatial-temporal graph neural networks(STGNN)to perform localized model training and integrates the Cheon-Kim-Kim-Song(CKKS)homomorphic encryption system to secure sensitive information.Simulation tests on IEEE 14-bus and IEEE 118-bus systems demonstrate that our proposed method outperforms other state-of-the-art detection methods across all evaluation metrics,with peak improvements reaching up to 35%.
基金supported by the National Key R&D Program of China(No.2021YFB3101803).
文摘Memory leak is a common software vulnerability that can decrease the reliability of an application and,in severe cases,even cause program crashes.If there are intentionally triggerable memory leak vulnerabilities in a program,attackers can exploit these bugs to launch denial-of-service attacks or induce the program to exhibit unexpected behaviors due to low memory conditions.Existing fuzzing techniques primarily focus on improving code coverage,and specialized fuzzing techniques for individual memory-related defects like uncontrolled memory allocation do not address memory leak vulnerabilities.MemLock is the first fuzzing technique to address memory consumption vulnerabilities including memory leakage.However,the coverage-centric guidance mechanism of MemLock introduces a degree of aimlessness in the testing process,that results in low seed quality and slow bug exposure speed.To address this issue,we propose a risk areas guidance-based fuzzing technique called RBZZER.First,RBZZER retains MemLock’s memory consumption-guided mechanism and introduces a novel distance-guided approach to expedite the arrival of fuzzing at the potential memory areas.Second,we introduce a new seed scheduling strategy called risk areas-based seed scheduling,which classifies seeds based on potential memory leak areas in the program and further schedules them,thereby effectively improving the efficiency of discovering memory leak vulnerabilities.Experiments demonstrate that RBZZER outperforms the state-of-the-art fuzzing techniques by finding 52%more program unique crashes than the second-best counterpart.In particular,RBZZER can discover the amount of memory leakage at least 112%more than the other baseline fuzzers.Besides,RBZZER detects memory leaks at an average speed that is 9.10x faster than MemLock.
