The surge in smishing attacks underscores the urgent need for robust,real-time detection systems powered by advanced deep learning models.This paper introduces PhishNet,a novel ensemble learning framework that integra...The surge in smishing attacks underscores the urgent need for robust,real-time detection systems powered by advanced deep learning models.This paper introduces PhishNet,a novel ensemble learning framework that integrates transformer-based models(RoBERTa)and large language models(LLMs)(GPT-OSS 120B,LLaMA3.370B,and Qwen332B)to enhance smishing detection performance significantly.To mitigate class imbalance,we apply synthetic data augmentation using T5 and leverage various text preprocessing techniques.Our system employs a duallayer voting mechanism:weighted majority voting among LLMs and a final ensemble vote to classify messages as ham,spam,or smishing.Experimental results show an average accuracy improvement from 96%to 98.5%compared to the best standalone transformer,and from 93%to 98.5%when compared to LLMs across datasets.Furthermore,we present a real-time,user-friendly application to operationalize our detection model for practical use.PhishNet demonstrates superior scalability,usability,and detection accuracy,filling critical gaps in current smishing detection methodologies.展开更多
The exponential growth of the Internet of Things(IoT)has introduced significant security challenges,with zero-day attacks emerging as one of the most critical and challenging threats.Traditional Machine Learning(ML)an...The exponential growth of the Internet of Things(IoT)has introduced significant security challenges,with zero-day attacks emerging as one of the most critical and challenging threats.Traditional Machine Learning(ML)and Deep Learning(DL)techniques have demonstrated promising early detection capabilities.However,their effectiveness is limited when handling the vast volumes of IoT-generated data due to scalability constraints,high computational costs,and the costly time-intensive process of data labeling.To address these challenges,this study proposes a Federated Learning(FL)framework that leverages collaborative and hybrid supervised learning to enhance cyber threat detection in IoT networks.By employing Deep Neural Networks(DNNs)and decentralized model training,the approach reduces computational complexity while improving detection accuracy.The proposed model demonstrates robust performance,achieving accuracies of 94.34%,99.95%,and 87.94%on the publicly available kitsune,Bot-IoT,and UNSW-NB15 datasets,respectively.Furthermore,its ability to detect zero-day attacks is validated through evaluations on two additional benchmark datasets,TON-IoT and IoT-23,using a Deep Federated Learning(DFL)framework,underscoring the generalization and effectiveness of the model in heterogeneous and decentralized IoT environments.Experimental results demonstrate superior performance over existing methods,establishing the proposed framework as an efficient and scalable solution for IoT security.展开更多
Zero-click attacks represent an advanced cybersecurity threat,capable of compromising devices without user interaction.High-profile examples such as Pegasus,Simjacker,Bluebugging,and Bluesnarfing exploit hidden vulner...Zero-click attacks represent an advanced cybersecurity threat,capable of compromising devices without user interaction.High-profile examples such as Pegasus,Simjacker,Bluebugging,and Bluesnarfing exploit hidden vulnerabilities in software and communication protocols to silently gain access,exfiltrate data,and enable long-term surveillance.Their stealth and ability to evade traditional defenses make detection and mitigation highly challenging.This paper addresses these threats by systematically mapping the tactics and techniques of zero-click attacks using the MITRE ATT&CK framework,a widely adopted standard for modeling adversarial behavior.Through this mapping,we categorize real-world attack vectors and better understand how such attacks operate across the cyber-kill chain.To support threat detection efforts,we propose an Active Learning-based method to efficiently label the Pegasus spyware dataset in alignment with the MITRE ATT&CK framework.This approach reduces the effort of manually annotating data while improving the quality of the labeled data,which is essential to train robust cybersecurity models.In addition,our analysis highlights the structured execution paths of zero-click attacks and reveals gaps in current defense strategies.The findings emphasize the importance of forward-looking strategies such as continuous surveillance,dynamic threat profiling,and security education.By bridging zero-click attack analysis with the MITRE ATT&CK framework and leveraging machine learning for dataset annotation,this work provides a foundation for more accurate threat detection and the development of more resilient and structured cybersecurity frameworks.展开更多
With the increasing emphasis on personal information protection,encryption through security protocols has emerged as a critical requirement in data transmission and reception processes.Nevertheless,IoT ecosystems comp...With the increasing emphasis on personal information protection,encryption through security protocols has emerged as a critical requirement in data transmission and reception processes.Nevertheless,IoT ecosystems comprise heterogeneous networks where outdated systems coexist with the latest devices,spanning a range of devices from non-encrypted ones to fully encrypted ones.Given the limited visibility into payloads in this context,this study investigates AI-based attack detection methods that leverage encrypted traffic metadata,eliminating the need for decryption and minimizing system performance degradation—especially in light of these heterogeneous devices.Using the UNSW-NB15 and CICIoT-2023 dataset,encrypted and unencrypted traffic were categorized according to security protocol,and AI-based intrusion detection experiments were conducted for each traffic type based on metadata.To mitigate the problem of class imbalance,eight different data sampling techniques were applied.The effectiveness of these sampling techniques was then comparatively analyzed using two ensemble models and three Deep Learning(DL)models from various perspectives.The experimental results confirmed that metadata-based attack detection is feasible using only encrypted traffic.In the UNSW-NB15 dataset,the f1-score of encrypted traffic was approximately 0.98,which is 4.3%higher than that of unencrypted traffic(approximately 0.94).In addition,analysis of the encrypted traffic in the CICIoT-2023 dataset using the same method showed a significantly lower f1-score of roughly 0.43,indicating that the quality of the dataset and the preprocessing approach have a substantial impact on detection performance.Furthermore,when data sampling techniques were applied to encrypted traffic,the recall in the UNSWNB15(Encrypted)dataset improved by up to 23.0%,and in the CICIoT-2023(Encrypted)dataset by 20.26%,showing a similar level of improvement.Notably,in CICIoT-2023,f1-score and Receiver Operation Characteristic-Area Under the Curve(ROC-AUC)increased by 59.0%and 55.94%,respectively.These results suggest that data sampling can have a positive effect even in encrypted environments.However,the extent of the improvement may vary depending on data quality,model architecture,and sampling strategy.展开更多
Graph Neural Networks(GNNs)have proven highly effective for graph classification across diverse fields such as social networks,bioinformatics,and finance,due to their capability to learn complex graph structures.Howev...Graph Neural Networks(GNNs)have proven highly effective for graph classification across diverse fields such as social networks,bioinformatics,and finance,due to their capability to learn complex graph structures.However,despite their success,GNNs remain vulnerable to adversarial attacks that can significantly degrade their classification accuracy.Existing adversarial attack strategies primarily rely on label information to guide the attacks,which limits their applicability in scenarios where such information is scarce or unavailable.This paper introduces an innovative unsupervised attack method for graph classification,which operates without relying on label information,thereby enhancing its applicability in a broad range of scenarios.Specifically,our method first leverages a graph contrastive learning loss to learn high-quality graph embeddings by comparing different stochastic augmented views of the graphs.To effectively perturb the graphs,we then introduce an implicit estimator that measures the impact of various modifications on graph structures.The proposed strategy identifies and flips edges with the top-K highest scores,determined by the estimator,to maximize the degradation of the model’s performance.In addition,to defend against such attack,we propose a lightweight regularization-based defense mechanism that is specifically tailored to mitigate the structural perturbations introduced by our attack strategy.It enhances model robustness by enforcing embedding consistency and edge-level smoothness during training.We conduct experiments on six public TU graph classification datasets:NCI1,NCI109,Mutagenicity,ENZYMES,COLLAB,and DBLP_v1,to evaluate the effectiveness of our attack and defense strategies.Under an attack budget of 3,the maximum reduction in model accuracy reaches 6.67%on the Graph Convolutional Network(GCN)and 11.67%on the Graph Attention Network(GAT)across different datasets,indicating that our unsupervised method induces degradation comparable to state-of-the-art supervised attacks.Meanwhile,our defense achieves the highest accuracy recovery of 3.89%(GCN)and 5.00%(GAT),demonstrating improved robustness against structural perturbations.展开更多
Transformer-based models have significantly advanced binary code similarity detection(BCSD)by leveraging their semantic encoding capabilities for efficient function matching across diverse compilation settings.Althoug...Transformer-based models have significantly advanced binary code similarity detection(BCSD)by leveraging their semantic encoding capabilities for efficient function matching across diverse compilation settings.Although adversarial examples can strategically undermine the accuracy of BCSD models and protect critical code,existing techniques predominantly depend on inserting artificial instructions,which incur high computational costs and offer limited diversity of perturbations.To address these limitations,we propose AIMA,a novel gradient-guided assembly instruction relocation method.Our method decouples the detection model into tokenization,embedding,and encoding layers to enable efficient gradient computation.Since token IDs of instructions are discrete and nondifferentiable,we compute gradients in the continuous embedding space to evaluate the influence of each token.The most critical tokens are identified by calculating the L2 norm of their embedding gradients.We then establish a mapping between instructions and their corresponding tokens to aggregate token-level importance into instructionlevel significance.To maximize adversarial impact,a sliding window algorithm selects the most influential contiguous segments for relocation,ensuring optimal perturbation with minimal length.This approach efficiently locates critical code regions without expensive search operations.The selected segments are relocated outside their original function boundaries via a jump mechanism,which preserves runtime control flow and functionality while introducing“deletion”effects in the static instruction sequence.Extensive experiments show that AIMA reduces similarity scores by up to 35.8%in state-of-the-art BCSD models.When incorporated into training data,it also enhances model robustness,achieving a 5.9%improvement in AUROC.展开更多
As the density of wireless networks increases globally, the vulnerability of overlapped dense wireless communications to interference by hidden nodes and denial-of-service (DoS) attacks is becoming more apparent. Ther...As the density of wireless networks increases globally, the vulnerability of overlapped dense wireless communications to interference by hidden nodes and denial-of-service (DoS) attacks is becoming more apparent. There exists a gap in research on the detection and response to attacks on Medium Access Control (MAC) mechanisms themselves, which would lead to service outages between nodes. Classifying exploitation and deceptive jamming attacks on control mechanisms is particularly challengingdue to their resemblance to normal heavy communication patterns. Accordingly, this paper proposes a machine learning-based selective attack mitigation model that detects DoS attacks on wireless networks by monitoring packet log data. Based on the type of detected attack, it implements effective corresponding mitigation techniques to restore performance to nodes whose availability has been compromised. Experimental results reveal that the accuracy of the proposed model is 14% higher than that of a baseline anomaly detection model. Further, the appropriate mitigation techniques selected by the proposed system based on the attack type improve the average throughput by more than 440% compared to the case without a response.展开更多
Dear Editor,This letter investigates the optimal denial-of-service(DoS)attack scheduling targeting state estimation in cyber-Physical systems(CPSs)with the two-hop multi-channel network.CPSs are designed to achieve ef...Dear Editor,This letter investigates the optimal denial-of-service(DoS)attack scheduling targeting state estimation in cyber-Physical systems(CPSs)with the two-hop multi-channel network.CPSs are designed to achieve efficient,secure and adaptive operation by embedding intelligent and autonomous decision-making capabilities in the physical world.As a key component of the CPSs,the wireless network is vulnerable to various malicious attacks due to its openness[1].DoS attack is one of the most common attacks,characterized of simple execution and significant destructiveness[2].To mitigate the economic losses and environmental damage caused by DoS attacks,it is crucial to model and investigate data transmissions in CPSs.展开更多
This paper investigates the problem of optimal secure control for networked control systems under hybrid attacks.A control strategy based on the Stackelberg game framework is proposed,which differs from conventional m...This paper investigates the problem of optimal secure control for networked control systems under hybrid attacks.A control strategy based on the Stackelberg game framework is proposed,which differs from conventional methods by considering both denial-of-service(DoS)and false data injection(FDI)attacks simultaneously.Additionally,the stability conditions for the system under these hybrid attacks are established.It is technically challenging to design the control strategy by predicting attacker actions based on Stcakelberg game to ensure the system stability under hybrid attacks.Another technical difficulty lies in establishing the conditions for mean-square asymptotic stability due to the complexity of the attack scenarios Finally,simulations on an unstable batch reactor system under hybrid attacks demonstrate the effectiveness of the proposed strategy.展开更多
This article proposes an innovative adversarial attack method,AMA(Adaptive Multimodal Attack),which introduces an adaptive feedback mechanism by dynamically adjusting the perturbation strength.Specifically,AMA adjusts...This article proposes an innovative adversarial attack method,AMA(Adaptive Multimodal Attack),which introduces an adaptive feedback mechanism by dynamically adjusting the perturbation strength.Specifically,AMA adjusts perturbation amplitude based on task complexity and optimizes the perturbation direction based on the gradient direction in real time to enhance attack efficiency.Experimental results demonstrate that AMA elevates attack success rates from approximately 78.95%to 89.56%on visual question answering and from78.82%to 84.96%on visual reasoning tasks across representative vision-language benchmarks.These findings demonstrate AMA’s superior attack efficiency and reveal the vulnerability of current visual language models to carefully crafted adversarial examples,underscoring the need to enhance their robustness.展开更多
Dear Editor,The attacker is always going to intrude covertly networked control systems(NCSs)by dynamically changing false data injection attacks(FDIAs)strategy,while the defender try their best to resist attacks by de...Dear Editor,The attacker is always going to intrude covertly networked control systems(NCSs)by dynamically changing false data injection attacks(FDIAs)strategy,while the defender try their best to resist attacks by designing defense strategy on the basis of identifying attack strategy,maintaining stable operation of NCSs.To solve this attack-defense game problem,this letter investigates optimal secure control of NCSs under FDIAs.First,for the alterations of energy caused by false data,a novel attack-defense game model is constructed,which considers the changes of energy caused by the actions of the defender and attacker in the forward and feedback channels.展开更多
Fault attacks have emerged as an increasingly effective approach for integrated circuit security attacks due to their short execution time and minimal data requirement.However,the lack of a unified leakage model remai...Fault attacks have emerged as an increasingly effective approach for integrated circuit security attacks due to their short execution time and minimal data requirement.However,the lack of a unified leakage model remains a critical challenge,as existing methods often rely on algorithm-specific details or prior knowledge of plaintexts and intermediate values.This paper proposes the Fault Probability Model based on Hamming Weight(FPHW)to address this.This novel statistical framework quantifies fault attacks by solely analyzing the statistical response of the target device,eliminating the need for attack algorithm details or implementation specifics.Building on this model,a Fault Injection Attack method based on Mutual Information(FPMIA)is introduced,which recovers keys by leveraging the mutual information between measured fault probability traces and simulated leakage derived from Hamming weight,reducing data requirements by at least 44%compared to the existing Mutual Information Analysis method while achieving a high correlation coefficient of 0.9403 between measured and modeled fault probabilities.Experimental validation on an AES-128 implementation via a Microcontroller Unit demonstrates that FPHW accurately captures the data dependence of fault probability and FPMIA achieves efficient key recovery with robust noise tolerance,establishing a unified and efficient framework that surpasses traditional methods in terms of generality,data efficiency,and practical applicability.展开更多
In recent work,adversarial stickers are widely used to attack face recognition(FR)systems in the physical world.However,it is difficult to evaluate the performance of physical attacks because of the lack of volunteers...In recent work,adversarial stickers are widely used to attack face recognition(FR)systems in the physical world.However,it is difficult to evaluate the performance of physical attacks because of the lack of volunteers in the experiment.In this paper,a simple attack method called incomplete physical adversarial attack(IPAA)is proposed to simulate physical attacks.Different from the process of physical attacks,when an IPAA is conducted,a photo of the adversarial sticker is embedded into a facial image as the input to attack FR systems,which can obtain results similar to those of physical attacks without inviting any volunteers.The results show that IPAA has a higher similarity with physical attacks than digital attacks,indicating that IPAA is able to evaluate the performance of physical attacks.IPAA is effective in quantitatively measuring the impact of the sticker location on the results of attacks.展开更多
Dear Editor,This letter focuses on how an attacker can design suitable improved zero-dynamics (ZD) attack signal based on state estimates of target system. Improved ZD attack is to change zero dynamic gain matrix of a...Dear Editor,This letter focuses on how an attacker can design suitable improved zero-dynamics (ZD) attack signal based on state estimates of target system. Improved ZD attack is to change zero dynamic gain matrix of attack signal to a matrix with determinant greater than 1.展开更多
Attribute-based encryption(ABE)is a cryptographic framework that provides flexible access control by allowing encryption based on user attributes.ABE is widely applied in cloud storage,file sharing,e-Health,and digita...Attribute-based encryption(ABE)is a cryptographic framework that provides flexible access control by allowing encryption based on user attributes.ABE is widely applied in cloud storage,file sharing,e-Health,and digital rightsmanagement.ABE schemes rely on hard cryptographic assumptions such as pairings and others(pairingfree)to ensure their security against external and internal attacks.Internal attacks are carried out by authorized users who misuse their access to compromise security with potentially malicious intent.One common internal attack is the attribute collusion attack,in which users with different attribute keys collaborate to decrypt data they could not individually access.This paper focuses on the ciphertext-policy ABE(CP-ABE),a type of ABE where ciphertexts are produced with access policies.Our firstwork is to carry out the attribute collusion attack against several existing pairingfree CP-ABE schemes.As a main contribution,we introduce a novel attack,termed the anonymous key-leakage attack,concerning the context in which users could anonymously publish their secret keys associated with certain attributes on public platforms without the risk of detection.This kind of internal attack has not been defined or investigated in the literature.We then show that several prominent pairing-based CP-ABE schemes are vulnerable to this attack.We believe that this work will contribute to helping the community evaluate suitable CP-ABE schemes for secure deployment in real-life applications.展开更多
Among the four candidate algorithms in the fourth round of NIST standardization,the BIKE(Bit Flipping Key Encapsulation)scheme has a small key size and high efficiency,showing good prospects for application.However,th...Among the four candidate algorithms in the fourth round of NIST standardization,the BIKE(Bit Flipping Key Encapsulation)scheme has a small key size and high efficiency,showing good prospects for application.However,the BIKE scheme based on QC-MDPC(Quasi Cyclic Medium Density Parity Check)codes still faces challenges such as the GJS attack and weak key attacks targeting the decoding failure rate(DFR).This paper analyzes the BGF decoding algorithm of the BIKE scheme,revealing two deep factors that lead to DFR,and proposes a weak key optimization attack method for the BGF decoding algorithm based on these two factors.The proposed method constructs a new weak key set,and experiment results eventually indicate that,considering BIKE’s parameter set targeting 128-bit security,the average decryption failure rate is lowerly bounded by.This result not only highlights a significant vulnerability in the BIKE scheme but also provides valuable insights for future improvements in its design.By addressing these weaknesses,the robustness of QC-MDPC code-based cryptographic systems can be enhanced,paving the way for more secure post-quantum cryptographic solutions.展开更多
In this paper, the attack detection problem is investigated for a class of closed-loop systems subjected to unknownbutbounded noises in the presence of stealthy attacks. The measurement outputs from the sensors are qu...In this paper, the attack detection problem is investigated for a class of closed-loop systems subjected to unknownbutbounded noises in the presence of stealthy attacks. The measurement outputs from the sensors are quantized before transmission.A specific type of perfect stealthy attack, which meets certain rather stringent conditions, is taken into account. Such attacks could be injected by adversaries into both the sensor-toestimator and controller-to-actuator channels, with the aim of disrupting the normal data flow. For the purpose of defending against these perfect stealthy attacks, a novel scheme based on watermarks is developed. This scheme includes the injection of watermarks(applied to data prior to quantization) and the recovery of data(implemented before the data reaches the estimator).The watermark-based scheme is designed to be both timevarying and hidden from adversaries through incorporating a time-varying and bounded watermark signal. Subsequently, a watermark-based attack detection strategy is proposed which thoroughly considers the characteristics of perfect stealthy attacks,thereby ensuring that an alarm is activated upon the occurrence of such attacks. An example is provided to demonstrate the efficacy of the proposed mechanism for detecting attacks.展开更多
This paper addresses the consensus problem of nonlinear multi-agent systems subject to external disturbances and uncertainties under denial-ofservice(DoS)attacks.Firstly,an observer-based state feedback control method...This paper addresses the consensus problem of nonlinear multi-agent systems subject to external disturbances and uncertainties under denial-ofservice(DoS)attacks.Firstly,an observer-based state feedback control method is employed to achieve secure control by estimating the system's state in real time.Secondly,by combining a memory-based adaptive eventtriggered mechanism with neural networks,the paper aims to approximate the nonlinear terms in the networked system and efficiently conserve system resources.Finally,based on a two-degree-of-freedom model of a vehicle affected by crosswinds,this paper constructs a multi-unmanned ground vehicle(Multi-UGV)system to validate the effectiveness of the proposed method.Simulation results show that the proposed control strategy can effectively handle external disturbances such as crosswinds in practical applications,ensuring the stability and reliable operation of the Multi-UGV system.展开更多
Sulfate attack-induced expansion of cement-treated aggregates in seasonally frozen regions is a well-known issue which causes continuous expansion in railway subgrades,and particularly in high-speed railways.According...Sulfate attack-induced expansion of cement-treated aggregates in seasonally frozen regions is a well-known issue which causes continuous expansion in railway subgrades,and particularly in high-speed railways.Accordingly,we investigated the influence of material proportions,the number of freeze-thaw(FT)cycles,and temperature gradients on the expansion mechanism of sulfate attack on cement-treated aggregates subjected to FT cycles.The conditions,laws,and dominant factors causing the expansion of aggregates were analyzed through swelling tests.The results indicate that under FT cycles,3%content cement-treated graded macadam only experiences slight deformation.The maximum strain of graded macadam attacked by 1%sodium sulfate content in each FT cycle is significantly larger than that of 3%content cement-treated graded macadam attacked by 1%sodium sulfate content.Using scanning electron microscopy,needle-like crystals were observed during sulfate attack of cement-treated graded macadam.Through quantitative analysis,we determined the recoverable and unrecoverable deformations of graded macadam under FT cycles.For graded macadam under sulfate attack,the expansion is mainly induced by periodic frost heave and salt expansion,as well as salt migration.For cement-treated graded macadam under sulfate attack,the expansion is mainly induced by chemical attack and salt migration.This study can serve as a reference for future research on the mechanics of sulfate attack on cement-treated aggregates that experience FT cycles,and provide theoretical support for methods that remediate the expansion induced by sulfate attack.展开更多
Unsteady aerodynamic characteristics at high angles of attack are of great importance to the design and development of advanced fighter aircraft, which are characterized by post-stall maneuverability with multiple Deg...Unsteady aerodynamic characteristics at high angles of attack are of great importance to the design and development of advanced fighter aircraft, which are characterized by post-stall maneuverability with multiple Degrees-of-Freedom(multi-DOF) and complex flow field structure.In this paper, a special kind of cable-driven parallel mechanism is firstly utilized as a new suspension method to conduct unsteady dynamic wind tunnel tests at high angles of attack, thereby providing experimental aerodynamic data. These tests include a wide range of multi-DOF coupled oscillatory motions with various amplitudes and frequencies. Then, for aerodynamic modeling and analysis, a novel data-driven Feature-Level Attention Recurrent neural network(FLAR) is proposed. This model incorporates a specially designed feature-level attention module that focuses on the state variables affecting the aerodynamic coefficients, thereby enhancing the physical interpretability of the aerodynamic model. Subsequently, spin maneuver simulations, using a mathematical model as the baseline, are conducted to validate the effectiveness of the FLAR. Finally, the results on wind tunnel data reveal that the FLAR accurately predicts aerodynamic coefficients, and observations through the visualization of attention scores identify the key state variables that affect the aerodynamic coefficients. It is concluded that the proposed FLAR enhances the interpretability of the aerodynamic model while achieving good prediction accuracy and generalization capability for multi-DOF coupling motion at high angles of attack.展开更多
基金funded by the Deanship of Scientific Research(DSR)at King Abdulaziz University,Jeddah,under Grant No.(GPIP:1074-612-2024).
文摘The surge in smishing attacks underscores the urgent need for robust,real-time detection systems powered by advanced deep learning models.This paper introduces PhishNet,a novel ensemble learning framework that integrates transformer-based models(RoBERTa)and large language models(LLMs)(GPT-OSS 120B,LLaMA3.370B,and Qwen332B)to enhance smishing detection performance significantly.To mitigate class imbalance,we apply synthetic data augmentation using T5 and leverage various text preprocessing techniques.Our system employs a duallayer voting mechanism:weighted majority voting among LLMs and a final ensemble vote to classify messages as ham,spam,or smishing.Experimental results show an average accuracy improvement from 96%to 98.5%compared to the best standalone transformer,and from 93%to 98.5%when compared to LLMs across datasets.Furthermore,we present a real-time,user-friendly application to operationalize our detection model for practical use.PhishNet demonstrates superior scalability,usability,and detection accuracy,filling critical gaps in current smishing detection methodologies.
基金supported by Princess Nourah bint Abdulrahman University Researchers Supporting Project Number(PNURSP2025R97)Princess Nourah bint Abdulrahman University,Riyadh,Saudi Arabia.
文摘The exponential growth of the Internet of Things(IoT)has introduced significant security challenges,with zero-day attacks emerging as one of the most critical and challenging threats.Traditional Machine Learning(ML)and Deep Learning(DL)techniques have demonstrated promising early detection capabilities.However,their effectiveness is limited when handling the vast volumes of IoT-generated data due to scalability constraints,high computational costs,and the costly time-intensive process of data labeling.To address these challenges,this study proposes a Federated Learning(FL)framework that leverages collaborative and hybrid supervised learning to enhance cyber threat detection in IoT networks.By employing Deep Neural Networks(DNNs)and decentralized model training,the approach reduces computational complexity while improving detection accuracy.The proposed model demonstrates robust performance,achieving accuracies of 94.34%,99.95%,and 87.94%on the publicly available kitsune,Bot-IoT,and UNSW-NB15 datasets,respectively.Furthermore,its ability to detect zero-day attacks is validated through evaluations on two additional benchmark datasets,TON-IoT and IoT-23,using a Deep Federated Learning(DFL)framework,underscoring the generalization and effectiveness of the model in heterogeneous and decentralized IoT environments.Experimental results demonstrate superior performance over existing methods,establishing the proposed framework as an efficient and scalable solution for IoT security.
文摘Zero-click attacks represent an advanced cybersecurity threat,capable of compromising devices without user interaction.High-profile examples such as Pegasus,Simjacker,Bluebugging,and Bluesnarfing exploit hidden vulnerabilities in software and communication protocols to silently gain access,exfiltrate data,and enable long-term surveillance.Their stealth and ability to evade traditional defenses make detection and mitigation highly challenging.This paper addresses these threats by systematically mapping the tactics and techniques of zero-click attacks using the MITRE ATT&CK framework,a widely adopted standard for modeling adversarial behavior.Through this mapping,we categorize real-world attack vectors and better understand how such attacks operate across the cyber-kill chain.To support threat detection efforts,we propose an Active Learning-based method to efficiently label the Pegasus spyware dataset in alignment with the MITRE ATT&CK framework.This approach reduces the effort of manually annotating data while improving the quality of the labeled data,which is essential to train robust cybersecurity models.In addition,our analysis highlights the structured execution paths of zero-click attacks and reveals gaps in current defense strategies.The findings emphasize the importance of forward-looking strategies such as continuous surveillance,dynamic threat profiling,and security education.By bridging zero-click attack analysis with the MITRE ATT&CK framework and leveraging machine learning for dataset annotation,this work provides a foundation for more accurate threat detection and the development of more resilient and structured cybersecurity frameworks.
基金supported by the Institute of Information&Communications Technology Planning&Evaluation(IITP)grant funded by the Korea government(MSIT)(No.RS-2023-00235509Development of security monitoring technology based network behavior against encrypted cyber threats in ICT convergence environment).
文摘With the increasing emphasis on personal information protection,encryption through security protocols has emerged as a critical requirement in data transmission and reception processes.Nevertheless,IoT ecosystems comprise heterogeneous networks where outdated systems coexist with the latest devices,spanning a range of devices from non-encrypted ones to fully encrypted ones.Given the limited visibility into payloads in this context,this study investigates AI-based attack detection methods that leverage encrypted traffic metadata,eliminating the need for decryption and minimizing system performance degradation—especially in light of these heterogeneous devices.Using the UNSW-NB15 and CICIoT-2023 dataset,encrypted and unencrypted traffic were categorized according to security protocol,and AI-based intrusion detection experiments were conducted for each traffic type based on metadata.To mitigate the problem of class imbalance,eight different data sampling techniques were applied.The effectiveness of these sampling techniques was then comparatively analyzed using two ensemble models and three Deep Learning(DL)models from various perspectives.The experimental results confirmed that metadata-based attack detection is feasible using only encrypted traffic.In the UNSW-NB15 dataset,the f1-score of encrypted traffic was approximately 0.98,which is 4.3%higher than that of unencrypted traffic(approximately 0.94).In addition,analysis of the encrypted traffic in the CICIoT-2023 dataset using the same method showed a significantly lower f1-score of roughly 0.43,indicating that the quality of the dataset and the preprocessing approach have a substantial impact on detection performance.Furthermore,when data sampling techniques were applied to encrypted traffic,the recall in the UNSWNB15(Encrypted)dataset improved by up to 23.0%,and in the CICIoT-2023(Encrypted)dataset by 20.26%,showing a similar level of improvement.Notably,in CICIoT-2023,f1-score and Receiver Operation Characteristic-Area Under the Curve(ROC-AUC)increased by 59.0%and 55.94%,respectively.These results suggest that data sampling can have a positive effect even in encrypted environments.However,the extent of the improvement may vary depending on data quality,model architecture,and sampling strategy.
基金funded by the National Key Research and Development Program of China(Grant No.2024YFE0209000)the NSFC(Grant No.U23B2019).
文摘Graph Neural Networks(GNNs)have proven highly effective for graph classification across diverse fields such as social networks,bioinformatics,and finance,due to their capability to learn complex graph structures.However,despite their success,GNNs remain vulnerable to adversarial attacks that can significantly degrade their classification accuracy.Existing adversarial attack strategies primarily rely on label information to guide the attacks,which limits their applicability in scenarios where such information is scarce or unavailable.This paper introduces an innovative unsupervised attack method for graph classification,which operates without relying on label information,thereby enhancing its applicability in a broad range of scenarios.Specifically,our method first leverages a graph contrastive learning loss to learn high-quality graph embeddings by comparing different stochastic augmented views of the graphs.To effectively perturb the graphs,we then introduce an implicit estimator that measures the impact of various modifications on graph structures.The proposed strategy identifies and flips edges with the top-K highest scores,determined by the estimator,to maximize the degradation of the model’s performance.In addition,to defend against such attack,we propose a lightweight regularization-based defense mechanism that is specifically tailored to mitigate the structural perturbations introduced by our attack strategy.It enhances model robustness by enforcing embedding consistency and edge-level smoothness during training.We conduct experiments on six public TU graph classification datasets:NCI1,NCI109,Mutagenicity,ENZYMES,COLLAB,and DBLP_v1,to evaluate the effectiveness of our attack and defense strategies.Under an attack budget of 3,the maximum reduction in model accuracy reaches 6.67%on the Graph Convolutional Network(GCN)and 11.67%on the Graph Attention Network(GAT)across different datasets,indicating that our unsupervised method induces degradation comparable to state-of-the-art supervised attacks.Meanwhile,our defense achieves the highest accuracy recovery of 3.89%(GCN)and 5.00%(GAT),demonstrating improved robustness against structural perturbations.
基金supported by Key Laboratory of Cyberspace Security,Ministry of Education,China。
文摘Transformer-based models have significantly advanced binary code similarity detection(BCSD)by leveraging their semantic encoding capabilities for efficient function matching across diverse compilation settings.Although adversarial examples can strategically undermine the accuracy of BCSD models and protect critical code,existing techniques predominantly depend on inserting artificial instructions,which incur high computational costs and offer limited diversity of perturbations.To address these limitations,we propose AIMA,a novel gradient-guided assembly instruction relocation method.Our method decouples the detection model into tokenization,embedding,and encoding layers to enable efficient gradient computation.Since token IDs of instructions are discrete and nondifferentiable,we compute gradients in the continuous embedding space to evaluate the influence of each token.The most critical tokens are identified by calculating the L2 norm of their embedding gradients.We then establish a mapping between instructions and their corresponding tokens to aggregate token-level importance into instructionlevel significance.To maximize adversarial impact,a sliding window algorithm selects the most influential contiguous segments for relocation,ensuring optimal perturbation with minimal length.This approach efficiently locates critical code regions without expensive search operations.The selected segments are relocated outside their original function boundaries via a jump mechanism,which preserves runtime control flow and functionality while introducing“deletion”effects in the static instruction sequence.Extensive experiments show that AIMA reduces similarity scores by up to 35.8%in state-of-the-art BCSD models.When incorporated into training data,it also enhances model robustness,achieving a 5.9%improvement in AUROC.
基金supported by the Ministry of Trade,Industry and Energy(MOTIE)under Training Industrial Security Specialist for High-Tech Industry(RS-2024-00415520)supervised by the Korea Institute for Advancement of Technology(KIAT)the Ministry of Science and ICT(MSIT)under the ICT Challenge and Advanced Network of HRD(ICAN)Program(No.IITP-2022-RS-2022-00156310)supervised by the Institute of Information&Communication Technology Planning&Evaluation(IITP).
文摘As the density of wireless networks increases globally, the vulnerability of overlapped dense wireless communications to interference by hidden nodes and denial-of-service (DoS) attacks is becoming more apparent. There exists a gap in research on the detection and response to attacks on Medium Access Control (MAC) mechanisms themselves, which would lead to service outages between nodes. Classifying exploitation and deceptive jamming attacks on control mechanisms is particularly challengingdue to their resemblance to normal heavy communication patterns. Accordingly, this paper proposes a machine learning-based selective attack mitigation model that detects DoS attacks on wireless networks by monitoring packet log data. Based on the type of detected attack, it implements effective corresponding mitigation techniques to restore performance to nodes whose availability has been compromised. Experimental results reveal that the accuracy of the proposed model is 14% higher than that of a baseline anomaly detection model. Further, the appropriate mitigation techniques selected by the proposed system based on the attack type improve the average throughput by more than 440% compared to the case without a response.
文摘Dear Editor,This letter investigates the optimal denial-of-service(DoS)attack scheduling targeting state estimation in cyber-Physical systems(CPSs)with the two-hop multi-channel network.CPSs are designed to achieve efficient,secure and adaptive operation by embedding intelligent and autonomous decision-making capabilities in the physical world.As a key component of the CPSs,the wireless network is vulnerable to various malicious attacks due to its openness[1].DoS attack is one of the most common attacks,characterized of simple execution and significant destructiveness[2].To mitigate the economic losses and environmental damage caused by DoS attacks,it is crucial to model and investigate data transmissions in CPSs.
基金supported in part by Shanghai Rising-Star Program,China under grant 22QA1409400in part by National Natural Science Foundation of China under grant 62473287 and 62088101in part by Shanghai Municipal Science and Technology Major Project under grant 2021SHZDZX0100.
文摘This paper investigates the problem of optimal secure control for networked control systems under hybrid attacks.A control strategy based on the Stackelberg game framework is proposed,which differs from conventional methods by considering both denial-of-service(DoS)and false data injection(FDI)attacks simultaneously.Additionally,the stability conditions for the system under these hybrid attacks are established.It is technically challenging to design the control strategy by predicting attacker actions based on Stcakelberg game to ensure the system stability under hybrid attacks.Another technical difficulty lies in establishing the conditions for mean-square asymptotic stability due to the complexity of the attack scenarios Finally,simulations on an unstable batch reactor system under hybrid attacks demonstrate the effectiveness of the proposed strategy.
基金funded by the Natural Science Foundation of Jiangsu Province(Program BK20240699)National Natural Science Foundation of China(Program 62402228).
文摘This article proposes an innovative adversarial attack method,AMA(Adaptive Multimodal Attack),which introduces an adaptive feedback mechanism by dynamically adjusting the perturbation strength.Specifically,AMA adjusts perturbation amplitude based on task complexity and optimizes the perturbation direction based on the gradient direction in real time to enhance attack efficiency.Experimental results demonstrate that AMA elevates attack success rates from approximately 78.95%to 89.56%on visual question answering and from78.82%to 84.96%on visual reasoning tasks across representative vision-language benchmarks.These findings demonstrate AMA’s superior attack efficiency and reveal the vulnerability of current visual language models to carefully crafted adversarial examples,underscoring the need to enhance their robustness.
基金supported in part by the National Science Foundation of China(62373240,62273224,U24A20259).
文摘Dear Editor,The attacker is always going to intrude covertly networked control systems(NCSs)by dynamically changing false data injection attacks(FDIAs)strategy,while the defender try their best to resist attacks by designing defense strategy on the basis of identifying attack strategy,maintaining stable operation of NCSs.To solve this attack-defense game problem,this letter investigates optimal secure control of NCSs under FDIAs.First,for the alterations of energy caused by false data,a novel attack-defense game model is constructed,which considers the changes of energy caused by the actions of the defender and attacker in the forward and feedback channels.
文摘Fault attacks have emerged as an increasingly effective approach for integrated circuit security attacks due to their short execution time and minimal data requirement.However,the lack of a unified leakage model remains a critical challenge,as existing methods often rely on algorithm-specific details or prior knowledge of plaintexts and intermediate values.This paper proposes the Fault Probability Model based on Hamming Weight(FPHW)to address this.This novel statistical framework quantifies fault attacks by solely analyzing the statistical response of the target device,eliminating the need for attack algorithm details or implementation specifics.Building on this model,a Fault Injection Attack method based on Mutual Information(FPMIA)is introduced,which recovers keys by leveraging the mutual information between measured fault probability traces and simulated leakage derived from Hamming weight,reducing data requirements by at least 44%compared to the existing Mutual Information Analysis method while achieving a high correlation coefficient of 0.9403 between measured and modeled fault probabilities.Experimental validation on an AES-128 implementation via a Microcontroller Unit demonstrates that FPHW accurately captures the data dependence of fault probability and FPMIA achieves efficient key recovery with robust noise tolerance,establishing a unified and efficient framework that surpasses traditional methods in terms of generality,data efficiency,and practical applicability.
文摘In recent work,adversarial stickers are widely used to attack face recognition(FR)systems in the physical world.However,it is difficult to evaluate the performance of physical attacks because of the lack of volunteers in the experiment.In this paper,a simple attack method called incomplete physical adversarial attack(IPAA)is proposed to simulate physical attacks.Different from the process of physical attacks,when an IPAA is conducted,a photo of the adversarial sticker is embedded into a facial image as the input to attack FR systems,which can obtain results similar to those of physical attacks without inviting any volunteers.The results show that IPAA has a higher similarity with physical attacks than digital attacks,indicating that IPAA is able to evaluate the performance of physical attacks.IPAA is effective in quantitatively measuring the impact of the sticker location on the results of attacks.
基金supported in part by the National Natural Science Foundation of China(61873106,62303109)Start-Up Research Fund of Southeast University(RF1028623002)Shenzhen Science and Technology Program(JCYJ20230807114609019)
文摘Dear Editor,This letter focuses on how an attacker can design suitable improved zero-dynamics (ZD) attack signal based on state estimates of target system. Improved ZD attack is to change zero dynamic gain matrix of attack signal to a matrix with determinant greater than 1.
文摘Attribute-based encryption(ABE)is a cryptographic framework that provides flexible access control by allowing encryption based on user attributes.ABE is widely applied in cloud storage,file sharing,e-Health,and digital rightsmanagement.ABE schemes rely on hard cryptographic assumptions such as pairings and others(pairingfree)to ensure their security against external and internal attacks.Internal attacks are carried out by authorized users who misuse their access to compromise security with potentially malicious intent.One common internal attack is the attribute collusion attack,in which users with different attribute keys collaborate to decrypt data they could not individually access.This paper focuses on the ciphertext-policy ABE(CP-ABE),a type of ABE where ciphertexts are produced with access policies.Our firstwork is to carry out the attribute collusion attack against several existing pairingfree CP-ABE schemes.As a main contribution,we introduce a novel attack,termed the anonymous key-leakage attack,concerning the context in which users could anonymously publish their secret keys associated with certain attributes on public platforms without the risk of detection.This kind of internal attack has not been defined or investigated in the literature.We then show that several prominent pairing-based CP-ABE schemes are vulnerable to this attack.We believe that this work will contribute to helping the community evaluate suitable CP-ABE schemes for secure deployment in real-life applications.
基金funded by Beijing Institute of Electronic Science and Technology Postgraduate Excellence Demonstration Course Project(20230002Z0452).
文摘Among the four candidate algorithms in the fourth round of NIST standardization,the BIKE(Bit Flipping Key Encapsulation)scheme has a small key size and high efficiency,showing good prospects for application.However,the BIKE scheme based on QC-MDPC(Quasi Cyclic Medium Density Parity Check)codes still faces challenges such as the GJS attack and weak key attacks targeting the decoding failure rate(DFR).This paper analyzes the BGF decoding algorithm of the BIKE scheme,revealing two deep factors that lead to DFR,and proposes a weak key optimization attack method for the BGF decoding algorithm based on these two factors.The proposed method constructs a new weak key set,and experiment results eventually indicate that,considering BIKE’s parameter set targeting 128-bit security,the average decryption failure rate is lowerly bounded by.This result not only highlights a significant vulnerability in the BIKE scheme but also provides valuable insights for future improvements in its design.By addressing these weaknesses,the robustness of QC-MDPC code-based cryptographic systems can be enhanced,paving the way for more secure post-quantum cryptographic solutions.
基金supported in part by the National Natural Science Foundation of China(61933007,62273087,62273088,U21A2019)the Shanghai Pujiang Program of China(22PJ1400400)+2 种基金the Hainan Province Science and Technology Special Fund of China(ZDYF2022SHFZ105)the Royal Society of U.K.the Alexander von Humboldt Foundation of Germany
文摘In this paper, the attack detection problem is investigated for a class of closed-loop systems subjected to unknownbutbounded noises in the presence of stealthy attacks. The measurement outputs from the sensors are quantized before transmission.A specific type of perfect stealthy attack, which meets certain rather stringent conditions, is taken into account. Such attacks could be injected by adversaries into both the sensor-toestimator and controller-to-actuator channels, with the aim of disrupting the normal data flow. For the purpose of defending against these perfect stealthy attacks, a novel scheme based on watermarks is developed. This scheme includes the injection of watermarks(applied to data prior to quantization) and the recovery of data(implemented before the data reaches the estimator).The watermark-based scheme is designed to be both timevarying and hidden from adversaries through incorporating a time-varying and bounded watermark signal. Subsequently, a watermark-based attack detection strategy is proposed which thoroughly considers the characteristics of perfect stealthy attacks,thereby ensuring that an alarm is activated upon the occurrence of such attacks. An example is provided to demonstrate the efficacy of the proposed mechanism for detecting attacks.
基金The National Natural Science Foundation of China(W2431048)The Science and Technology Research Program of Chongqing Municipal Education Commission,China(KJZDK202300807)The Chongqing Natural Science Foundation,China(CSTB2024NSCQQCXMX0052).
文摘This paper addresses the consensus problem of nonlinear multi-agent systems subject to external disturbances and uncertainties under denial-ofservice(DoS)attacks.Firstly,an observer-based state feedback control method is employed to achieve secure control by estimating the system's state in real time.Secondly,by combining a memory-based adaptive eventtriggered mechanism with neural networks,the paper aims to approximate the nonlinear terms in the networked system and efficiently conserve system resources.Finally,based on a two-degree-of-freedom model of a vehicle affected by crosswinds,this paper constructs a multi-unmanned ground vehicle(Multi-UGV)system to validate the effectiveness of the proposed method.Simulation results show that the proposed control strategy can effectively handle external disturbances such as crosswinds in practical applications,ensuring the stability and reliable operation of the Multi-UGV system.
基金National Natural Science Foundation of China(Nos.42171130 and 42301158)Pilot Project of China’s Strength in Transportation for the Central Research Institute(No.QG2021-1-4-7)National Key Technology Research and Development Program of the Ministry of Science and Technology of China(No.2021YFB2601200).
文摘Sulfate attack-induced expansion of cement-treated aggregates in seasonally frozen regions is a well-known issue which causes continuous expansion in railway subgrades,and particularly in high-speed railways.Accordingly,we investigated the influence of material proportions,the number of freeze-thaw(FT)cycles,and temperature gradients on the expansion mechanism of sulfate attack on cement-treated aggregates subjected to FT cycles.The conditions,laws,and dominant factors causing the expansion of aggregates were analyzed through swelling tests.The results indicate that under FT cycles,3%content cement-treated graded macadam only experiences slight deformation.The maximum strain of graded macadam attacked by 1%sodium sulfate content in each FT cycle is significantly larger than that of 3%content cement-treated graded macadam attacked by 1%sodium sulfate content.Using scanning electron microscopy,needle-like crystals were observed during sulfate attack of cement-treated graded macadam.Through quantitative analysis,we determined the recoverable and unrecoverable deformations of graded macadam under FT cycles.For graded macadam under sulfate attack,the expansion is mainly induced by periodic frost heave and salt expansion,as well as salt migration.For cement-treated graded macadam under sulfate attack,the expansion is mainly induced by chemical attack and salt migration.This study can serve as a reference for future research on the mechanics of sulfate attack on cement-treated aggregates that experience FT cycles,and provide theoretical support for methods that remediate the expansion induced by sulfate attack.
基金supported by the National Natural Science Foundation of China(Nos.12172315,12072304,11702232)the Fujian Provincial Natural Science Foundation,China(No.2021J01050)the Aeronautical Science Foundation of China(No.20220013068002).
文摘Unsteady aerodynamic characteristics at high angles of attack are of great importance to the design and development of advanced fighter aircraft, which are characterized by post-stall maneuverability with multiple Degrees-of-Freedom(multi-DOF) and complex flow field structure.In this paper, a special kind of cable-driven parallel mechanism is firstly utilized as a new suspension method to conduct unsteady dynamic wind tunnel tests at high angles of attack, thereby providing experimental aerodynamic data. These tests include a wide range of multi-DOF coupled oscillatory motions with various amplitudes and frequencies. Then, for aerodynamic modeling and analysis, a novel data-driven Feature-Level Attention Recurrent neural network(FLAR) is proposed. This model incorporates a specially designed feature-level attention module that focuses on the state variables affecting the aerodynamic coefficients, thereby enhancing the physical interpretability of the aerodynamic model. Subsequently, spin maneuver simulations, using a mathematical model as the baseline, are conducted to validate the effectiveness of the FLAR. Finally, the results on wind tunnel data reveal that the FLAR accurately predicts aerodynamic coefficients, and observations through the visualization of attention scores identify the key state variables that affect the aerodynamic coefficients. It is concluded that the proposed FLAR enhances the interpretability of the aerodynamic model while achieving good prediction accuracy and generalization capability for multi-DOF coupling motion at high angles of attack.
