Cognitive radio has been designed for solving the problem of spectrum scarcity by using the spectrum of primary users who don’t use their spectrum on that time. For sensing the spectrum, collaborative spectrum sensin...Cognitive radio has been designed for solving the problem of spectrum scarcity by using the spectrum of primary users who don’t use their spectrum on that time. For sensing the spectrum, collaborative spectrum sensing has been utilized because of robustness. In this paper, a new collaborative spectrum method is proposed based on Least Mean Square (LMS) algorithm. In this scheme, the weights of secondary users were updated in time and finally the sensing results were combined in the fusion center based on their trusted weights. Simulation results show that the proposed scheme can significantly reduce the effects of Spectrum Sensing Data Falsification (SSDF) attackers, when they are smart malicious, and even percentage of malicious users are more than trusted users.展开更多
The surge in smishing attacks underscores the urgent need for robust,real-time detection systems powered by advanced deep learning models.This paper introduces PhishNet,a novel ensemble learning framework that integra...The surge in smishing attacks underscores the urgent need for robust,real-time detection systems powered by advanced deep learning models.This paper introduces PhishNet,a novel ensemble learning framework that integrates transformer-based models(RoBERTa)and large language models(LLMs)(GPT-OSS 120B,LLaMA3.370B,and Qwen332B)to enhance smishing detection performance significantly.To mitigate class imbalance,we apply synthetic data augmentation using T5 and leverage various text preprocessing techniques.Our system employs a duallayer voting mechanism:weighted majority voting among LLMs and a final ensemble vote to classify messages as ham,spam,or smishing.Experimental results show an average accuracy improvement from 96%to 98.5%compared to the best standalone transformer,and from 93%to 98.5%when compared to LLMs across datasets.Furthermore,we present a real-time,user-friendly application to operationalize our detection model for practical use.PhishNet demonstrates superior scalability,usability,and detection accuracy,filling critical gaps in current smishing detection methodologies.展开更多
Zero-click attacks represent an advanced cybersecurity threat,capable of compromising devices without user interaction.High-profile examples such as Pegasus,Simjacker,Bluebugging,and Bluesnarfing exploit hidden vulner...Zero-click attacks represent an advanced cybersecurity threat,capable of compromising devices without user interaction.High-profile examples such as Pegasus,Simjacker,Bluebugging,and Bluesnarfing exploit hidden vulnerabilities in software and communication protocols to silently gain access,exfiltrate data,and enable long-term surveillance.Their stealth and ability to evade traditional defenses make detection and mitigation highly challenging.This paper addresses these threats by systematically mapping the tactics and techniques of zero-click attacks using the MITRE ATT&CK framework,a widely adopted standard for modeling adversarial behavior.Through this mapping,we categorize real-world attack vectors and better understand how such attacks operate across the cyber-kill chain.To support threat detection efforts,we propose an Active Learning-based method to efficiently label the Pegasus spyware dataset in alignment with the MITRE ATT&CK framework.This approach reduces the effort of manually annotating data while improving the quality of the labeled data,which is essential to train robust cybersecurity models.In addition,our analysis highlights the structured execution paths of zero-click attacks and reveals gaps in current defense strategies.The findings emphasize the importance of forward-looking strategies such as continuous surveillance,dynamic threat profiling,and security education.By bridging zero-click attack analysis with the MITRE ATT&CK framework and leveraging machine learning for dataset annotation,this work provides a foundation for more accurate threat detection and the development of more resilient and structured cybersecurity frameworks.展开更多
Network attacks have become a critical issue in the internet security domain.Artificial intelligence technology-based detection methodologies have attracted attention;however,recent studies have struggled to adapt to ...Network attacks have become a critical issue in the internet security domain.Artificial intelligence technology-based detection methodologies have attracted attention;however,recent studies have struggled to adapt to changing attack patterns and complex network environments.In addition,it is difficult to explain the detection results logically using artificial intelligence.We propose a method for classifying network attacks using graph models to explain the detection results.First,we reconstruct the network packet data into a graphical structure.We then use a graph model to predict network attacks using edge classification.To explain the prediction results,we observed numerical changes by randomly masking and calculating the importance of neighbors,allowing us to extract significant subgraphs.Our experiments on six public datasets demonstrate superior performance with an average F1-score of 0.960 and accuracy of 0.964,outperforming traditional machine learning and other graph models.The visual representation of the extracted subgraphs highlights the neighboring nodes that have the greatest impact on the results,thus explaining detection.In conclusion,this study demonstrates that graph-based models are suitable for network attack detection in complex environments,and the importance of graph neighbors can be calculated to efficiently analyze the results.This approach can contribute to real-world network security analyses and provide a new direction in the field.展开更多
A defender–attacker–target problem with non-moving target is considered.This problem is modelled by a pursuit-evasion zero-sum differential game with linear dynamics and quadratic cost functional.In this game,the pu...A defender–attacker–target problem with non-moving target is considered.This problem is modelled by a pursuit-evasion zero-sum differential game with linear dynamics and quadratic cost functional.In this game,the pursuer is the defender,while the evader is the attacker.The objective of the pursuer is to minimise the cost functional,while the evader has two objectives:to maximise the cost functional and to keep a given terminal state inequality constraint.The open-loop saddle point solution of this game is obtained in the case where the transfer functions of the controllers for the defender and the attacker are of arbitrary orders.展开更多
With the increasing emphasis on personal information protection,encryption through security protocols has emerged as a critical requirement in data transmission and reception processes.Nevertheless,IoT ecosystems comp...With the increasing emphasis on personal information protection,encryption through security protocols has emerged as a critical requirement in data transmission and reception processes.Nevertheless,IoT ecosystems comprise heterogeneous networks where outdated systems coexist with the latest devices,spanning a range of devices from non-encrypted ones to fully encrypted ones.Given the limited visibility into payloads in this context,this study investigates AI-based attack detection methods that leverage encrypted traffic metadata,eliminating the need for decryption and minimizing system performance degradation—especially in light of these heterogeneous devices.Using the UNSW-NB15 and CICIoT-2023 dataset,encrypted and unencrypted traffic were categorized according to security protocol,and AI-based intrusion detection experiments were conducted for each traffic type based on metadata.To mitigate the problem of class imbalance,eight different data sampling techniques were applied.The effectiveness of these sampling techniques was then comparatively analyzed using two ensemble models and three Deep Learning(DL)models from various perspectives.The experimental results confirmed that metadata-based attack detection is feasible using only encrypted traffic.In the UNSW-NB15 dataset,the f1-score of encrypted traffic was approximately 0.98,which is 4.3%higher than that of unencrypted traffic(approximately 0.94).In addition,analysis of the encrypted traffic in the CICIoT-2023 dataset using the same method showed a significantly lower f1-score of roughly 0.43,indicating that the quality of the dataset and the preprocessing approach have a substantial impact on detection performance.Furthermore,when data sampling techniques were applied to encrypted traffic,the recall in the UNSWNB15(Encrypted)dataset improved by up to 23.0%,and in the CICIoT-2023(Encrypted)dataset by 20.26%,showing a similar level of improvement.Notably,in CICIoT-2023,f1-score and Receiver Operation Characteristic-Area Under the Curve(ROC-AUC)increased by 59.0%and 55.94%,respectively.These results suggest that data sampling can have a positive effect even in encrypted environments.However,the extent of the improvement may vary depending on data quality,model architecture,and sampling strategy.展开更多
In an interview with China Hoy(a Spanish-language sister publication of Beijing Review)reporter An Xinzhu,Demetrio Toledo,a professor of international relations at Brazil's Federal University of ABC,explored the b...In an interview with China Hoy(a Spanish-language sister publication of Beijing Review)reporter An Xinzhu,Demetrio Toledo,a professor of international relations at Brazil's Federal University of ABC,explored the broader implications of the recent U.S.attack on Venezuela.展开更多
Graph Neural Networks(GNNs)have proven highly effective for graph classification across diverse fields such as social networks,bioinformatics,and finance,due to their capability to learn complex graph structures.Howev...Graph Neural Networks(GNNs)have proven highly effective for graph classification across diverse fields such as social networks,bioinformatics,and finance,due to their capability to learn complex graph structures.However,despite their success,GNNs remain vulnerable to adversarial attacks that can significantly degrade their classification accuracy.Existing adversarial attack strategies primarily rely on label information to guide the attacks,which limits their applicability in scenarios where such information is scarce or unavailable.This paper introduces an innovative unsupervised attack method for graph classification,which operates without relying on label information,thereby enhancing its applicability in a broad range of scenarios.Specifically,our method first leverages a graph contrastive learning loss to learn high-quality graph embeddings by comparing different stochastic augmented views of the graphs.To effectively perturb the graphs,we then introduce an implicit estimator that measures the impact of various modifications on graph structures.The proposed strategy identifies and flips edges with the top-K highest scores,determined by the estimator,to maximize the degradation of the model’s performance.In addition,to defend against such attack,we propose a lightweight regularization-based defense mechanism that is specifically tailored to mitigate the structural perturbations introduced by our attack strategy.It enhances model robustness by enforcing embedding consistency and edge-level smoothness during training.We conduct experiments on six public TU graph classification datasets:NCI1,NCI109,Mutagenicity,ENZYMES,COLLAB,and DBLP_v1,to evaluate the effectiveness of our attack and defense strategies.Under an attack budget of 3,the maximum reduction in model accuracy reaches 6.67%on the Graph Convolutional Network(GCN)and 11.67%on the Graph Attention Network(GAT)across different datasets,indicating that our unsupervised method induces degradation comparable to state-of-the-art supervised attacks.Meanwhile,our defense achieves the highest accuracy recovery of 3.89%(GCN)and 5.00%(GAT),demonstrating improved robustness against structural perturbations.展开更多
Transformer-based models have significantly advanced binary code similarity detection(BCSD)by leveraging their semantic encoding capabilities for efficient function matching across diverse compilation settings.Althoug...Transformer-based models have significantly advanced binary code similarity detection(BCSD)by leveraging their semantic encoding capabilities for efficient function matching across diverse compilation settings.Although adversarial examples can strategically undermine the accuracy of BCSD models and protect critical code,existing techniques predominantly depend on inserting artificial instructions,which incur high computational costs and offer limited diversity of perturbations.To address these limitations,we propose AIMA,a novel gradient-guided assembly instruction relocation method.Our method decouples the detection model into tokenization,embedding,and encoding layers to enable efficient gradient computation.Since token IDs of instructions are discrete and nondifferentiable,we compute gradients in the continuous embedding space to evaluate the influence of each token.The most critical tokens are identified by calculating the L2 norm of their embedding gradients.We then establish a mapping between instructions and their corresponding tokens to aggregate token-level importance into instructionlevel significance.To maximize adversarial impact,a sliding window algorithm selects the most influential contiguous segments for relocation,ensuring optimal perturbation with minimal length.This approach efficiently locates critical code regions without expensive search operations.The selected segments are relocated outside their original function boundaries via a jump mechanism,which preserves runtime control flow and functionality while introducing“deletion”effects in the static instruction sequence.Extensive experiments show that AIMA reduces similarity scores by up to 35.8%in state-of-the-art BCSD models.When incorporated into training data,it also enhances model robustness,achieving a 5.9%improvement in AUROC.展开更多
The exponential growth of the Internet of Things(IoT)has introduced significant security challenges,with zero-day attacks emerging as one of the most critical and challenging threats.Traditional Machine Learning(ML)an...The exponential growth of the Internet of Things(IoT)has introduced significant security challenges,with zero-day attacks emerging as one of the most critical and challenging threats.Traditional Machine Learning(ML)and Deep Learning(DL)techniques have demonstrated promising early detection capabilities.However,their effectiveness is limited when handling the vast volumes of IoT-generated data due to scalability constraints,high computational costs,and the costly time-intensive process of data labeling.To address these challenges,this study proposes a Federated Learning(FL)framework that leverages collaborative and hybrid supervised learning to enhance cyber threat detection in IoT networks.By employing Deep Neural Networks(DNNs)and decentralized model training,the approach reduces computational complexity while improving detection accuracy.The proposed model demonstrates robust performance,achieving accuracies of 94.34%,99.95%,and 87.94%on the publicly available kitsune,Bot-IoT,and UNSW-NB15 datasets,respectively.Furthermore,its ability to detect zero-day attacks is validated through evaluations on two additional benchmark datasets,TON-IoT and IoT-23,using a Deep Federated Learning(DFL)framework,underscoring the generalization and effectiveness of the model in heterogeneous and decentralized IoT environments.Experimental results demonstrate superior performance over existing methods,establishing the proposed framework as an efficient and scalable solution for IoT security.展开更多
Recently revealed beam stealing attacks could greatly threaten the security and privacy of IEEE 802.11ad communications.The premise to restore normal network service is detecting and locating beam stealing attackers w...Recently revealed beam stealing attacks could greatly threaten the security and privacy of IEEE 802.11ad communications.The premise to restore normal network service is detecting and locating beam stealing attackers without their cooperation.Current consistency-based methods are only valid for one single attacker and are parametersensitive.From the viewpoint of image processing,this paper proposes an algorithm to jointly detect and locate multiple beam stealing attackers based on RSSI(Received Signal Strength Indicator)map without the training process involved in deep learning-based solutions.Firstly,an RSSI map is constructed based on interpolating the raw RSSI data for enabling high-resolution localization while reducing monitoring cost.Secondly,three image processing steps,including edge detection and segmentation,are conducted on the constructed RSSI map to detect and locate multiple attackers without any prior knowledge about the attackers.To evaluate our proposal’s performance,a series of experiments are conducted based on the collected data.Experimental results have shown that in typical parameter settings,our algorithm’s positioning error does not exceed 0.41 m with a detection rate no less than 91%.展开更多
This paper addresses the consensus problem of nonlinear multi-agent systems subject to external disturbances and uncertainties under denial-ofservice(DoS)attacks.Firstly,an observer-based state feedback control method...This paper addresses the consensus problem of nonlinear multi-agent systems subject to external disturbances and uncertainties under denial-ofservice(DoS)attacks.Firstly,an observer-based state feedback control method is employed to achieve secure control by estimating the system's state in real time.Secondly,by combining a memory-based adaptive eventtriggered mechanism with neural networks,the paper aims to approximate the nonlinear terms in the networked system and efficiently conserve system resources.Finally,based on a two-degree-of-freedom model of a vehicle affected by crosswinds,this paper constructs a multi-unmanned ground vehicle(Multi-UGV)system to validate the effectiveness of the proposed method.Simulation results show that the proposed control strategy can effectively handle external disturbances such as crosswinds in practical applications,ensuring the stability and reliable operation of the Multi-UGV system.展开更多
Sulfate attack-induced expansion of cement-treated aggregates in seasonally frozen regions is a well-known issue which causes continuous expansion in railway subgrades,and particularly in high-speed railways.According...Sulfate attack-induced expansion of cement-treated aggregates in seasonally frozen regions is a well-known issue which causes continuous expansion in railway subgrades,and particularly in high-speed railways.Accordingly,we investigated the influence of material proportions,the number of freeze-thaw(FT)cycles,and temperature gradients on the expansion mechanism of sulfate attack on cement-treated aggregates subjected to FT cycles.The conditions,laws,and dominant factors causing the expansion of aggregates were analyzed through swelling tests.The results indicate that under FT cycles,3%content cement-treated graded macadam only experiences slight deformation.The maximum strain of graded macadam attacked by 1%sodium sulfate content in each FT cycle is significantly larger than that of 3%content cement-treated graded macadam attacked by 1%sodium sulfate content.Using scanning electron microscopy,needle-like crystals were observed during sulfate attack of cement-treated graded macadam.Through quantitative analysis,we determined the recoverable and unrecoverable deformations of graded macadam under FT cycles.For graded macadam under sulfate attack,the expansion is mainly induced by periodic frost heave and salt expansion,as well as salt migration.For cement-treated graded macadam under sulfate attack,the expansion is mainly induced by chemical attack and salt migration.This study can serve as a reference for future research on the mechanics of sulfate attack on cement-treated aggregates that experience FT cycles,and provide theoretical support for methods that remediate the expansion induced by sulfate attack.展开更多
Unsteady aerodynamic characteristics at high angles of attack are of great importance to the design and development of advanced fighter aircraft, which are characterized by post-stall maneuverability with multiple Deg...Unsteady aerodynamic characteristics at high angles of attack are of great importance to the design and development of advanced fighter aircraft, which are characterized by post-stall maneuverability with multiple Degrees-of-Freedom(multi-DOF) and complex flow field structure.In this paper, a special kind of cable-driven parallel mechanism is firstly utilized as a new suspension method to conduct unsteady dynamic wind tunnel tests at high angles of attack, thereby providing experimental aerodynamic data. These tests include a wide range of multi-DOF coupled oscillatory motions with various amplitudes and frequencies. Then, for aerodynamic modeling and analysis, a novel data-driven Feature-Level Attention Recurrent neural network(FLAR) is proposed. This model incorporates a specially designed feature-level attention module that focuses on the state variables affecting the aerodynamic coefficients, thereby enhancing the physical interpretability of the aerodynamic model. Subsequently, spin maneuver simulations, using a mathematical model as the baseline, are conducted to validate the effectiveness of the FLAR. Finally, the results on wind tunnel data reveal that the FLAR accurately predicts aerodynamic coefficients, and observations through the visualization of attention scores identify the key state variables that affect the aerodynamic coefficients. It is concluded that the proposed FLAR enhances the interpretability of the aerodynamic model while achieving good prediction accuracy and generalization capability for multi-DOF coupling motion at high angles of attack.展开更多
To address the challenges posed by tunnel construction in the alpine region,silica fume mixed concrete is commonly used as a construction material.The correlation between silica fume content and the lining life requir...To address the challenges posed by tunnel construction in the alpine region,silica fume mixed concrete is commonly used as a construction material.The correlation between silica fume content and the lining life requires immediate investigation.In view of this phenomenon,the durability of unit lining concrete is predicted by analyzing three key indicators:carbonation depth,relative dynamic elastic modulus,and residual quality.This prediction is achieved by integrating the Entropy Weight Method,Grey theory life prediction model and BP artificial neural networks using data from tests and predictions of these indicators.Then,the Entropy Weight-Grey theory-BP Network Model is compared with other methods to analyze the predicted life.Finally,verify the sci-entificity of this model,and the optimum silica fume content of unit concrete lining is verified.The results showed,1)The addition of silica fume will accelerate the carbonization of unit concrete lining,and slow down the freeze-thaw cycle and sulfate erosion.2)The utilization of artificial neural networks is essential for enhancing the realism of the data,as it emphasizes the significance of silica fume content.3)Silica fume content of 10%results in the longest life and is the most suitable for lining construction.4)A comparison between single-factor and multi-factor predictions indicates that the multi-factor approach yields a longer maximum life.This improvement can be attributed to the inclusion of additional factors,such as freeze-thaw cycles and carbonation,which enhance the predicted life when employing these methods.In conclusion,the Entropy Weight-Grey Theory-BP Network life prediction Model is well-suited for tunnel lining in the alpine sulfate area of northwest China.展开更多
To improve the vertical axis wind turbine(VAWT)design,the angle of attack(AOA)and airfoil data must be treated correctly.The present paper develops a method for determining AOA on a VAWT based on computational fluid d...To improve the vertical axis wind turbine(VAWT)design,the angle of attack(AOA)and airfoil data must be treated correctly.The present paper develops a method for determining AOA on a VAWT based on computational fluid dynamics(CFD)analysis.First,a CFD analysis of a two-bladed VAWT equipped with a NACA 0012 airfoil is conducted.The thrust and power coefficients are validated through experiments.Second,the blade force and velocity data at monitoring points are collected.The AOA at different azimuth angles is determined by removing the blade self-induction at the monitoring point.Then,the lift and drag coefficients as a function of AOA are extracted.Results show that this method is independent of the monitoring points selection located at certain distance to the blades and the extracted dynamic stall hysteresis is more precise than the one with the“usual”method without considering the self-induction from bound vortices.展开更多
Watermarking is embedding visible or invisible data within media to verify its authenticity or protect copyright.The watermark is embedded in significant spatial or frequency features of the media to make it more resi...Watermarking is embedding visible or invisible data within media to verify its authenticity or protect copyright.The watermark is embedded in significant spatial or frequency features of the media to make it more resistant to intentional or unintentional modification.Some of these features are important perceptual features according to the human visual system(HVS),which means that the embedded watermark should be imperceptible in these features.Therefore,both the designers of watermarking algorithms and potential attackers must consider these perceptual features when carrying out their actions.The two roles will be considered in this paper when designing a robust watermarking algorithm against the most harmful attacks,like volumetric scaling,histogram equalization,and non-conventional watermarking attacks like the Denoising Convolution Neural Network(DnCNN),which must be considered in watermarking algorithm design due to its rising role in the state-of-the-art attacks.The DnCNN is initialized and trained using watermarked image samples created by our proposed Covert and Severe Attacks Resistant Watermarking Algorithm(CSRWA)to prove its robustness.For this algorithm to satisfy the robustness and imperceptibility tradeoff,implementing the Dither Modulation(DM)algorithm is boosted by utilizing the Just Noticeable Distortion(JND)principle to get an improved performance in this sense.Sensitivity,luminance,inter and intra-block contrast are used to adjust the JND values.展开更多
The word“spatial”fundamentally relates to human existence,evolution,and activity in terrestrial and even celestial spaces.After reviewing the spatial features of many areas,the paper describes basics of high level m...The word“spatial”fundamentally relates to human existence,evolution,and activity in terrestrial and even celestial spaces.After reviewing the spatial features of many areas,the paper describes basics of high level model and technology called Spatial Grasp for dealing with large distributed systems,which can provide spatial vision,awareness,management,control,and even consciousness.The technology description includes its key Spatial Grasp Language(SGL),self-evolution of recursive SGL scenarios,and implementation of SGL interpreter converting distributed networked systems into powerful spatial engines.Examples of typical spatial scenarios in SGL include finding shortest path tree and shortest path between network nodes,collecting proper information throughout the whole world,elimination of multiple targets by intelligent teams of chasers,and withstanding cyber attacks in distributed networked systems.Also this paper compares Spatial Grasp model with traditional algorithms,confirming universality of the former for any spatial systems,while the latter just tools for concrete applications.展开更多
The rapid proliferation of electric vehicle(EV)charging infrastructure introduces critical cybersecurity vulnerabilities to power grids system.This study presents an innovative anomaly detection framework for EV charg...The rapid proliferation of electric vehicle(EV)charging infrastructure introduces critical cybersecurity vulnerabilities to power grids system.This study presents an innovative anomaly detection framework for EV charging stations,addressing the unique challenges posed by third-party aggregation platforms.Our approach integrates node equations-based on the parameter identification with a novel deep learning model,xDeepCIN,to detect abnormal data reporting indicative of aggregation attacks.We employ a graph-theoretic approach to model EV charging networks and utilize Markov Chain Monte Carlo techniques for accurate parameter estimation.The xDeepCIN model,incorporating a Compressed Interaction Network,has the ability to capture complex feature interactions in sparse,high-dimensional charging data.Experimental results on both proprietary and public datasets demonstrate significant improvements in anomaly detection performance,with F1-scores increasing by up to 32.3%for specific anomaly types compared to traditional methods,such as wide&deep and DeepFM(Factorization-Machine).Our framework exhibits robust scalability,effectively handling networks ranging from 8 to 85 charging points.Furthermore,we achieve real-time monitoring capabilities,with parameter identification completing within seconds for networks up to 1000 nodes.This research contributes to enhancing the security and reliability of renewable energy systems against evolving cyber threats,offering a comprehensive solution for safeguarding the rapidly expanding EV charging infrastructure.展开更多
文摘Cognitive radio has been designed for solving the problem of spectrum scarcity by using the spectrum of primary users who don’t use their spectrum on that time. For sensing the spectrum, collaborative spectrum sensing has been utilized because of robustness. In this paper, a new collaborative spectrum method is proposed based on Least Mean Square (LMS) algorithm. In this scheme, the weights of secondary users were updated in time and finally the sensing results were combined in the fusion center based on their trusted weights. Simulation results show that the proposed scheme can significantly reduce the effects of Spectrum Sensing Data Falsification (SSDF) attackers, when they are smart malicious, and even percentage of malicious users are more than trusted users.
基金funded by the Deanship of Scientific Research(DSR)at King Abdulaziz University,Jeddah,under Grant No.(GPIP:1074-612-2024).
文摘The surge in smishing attacks underscores the urgent need for robust,real-time detection systems powered by advanced deep learning models.This paper introduces PhishNet,a novel ensemble learning framework that integrates transformer-based models(RoBERTa)and large language models(LLMs)(GPT-OSS 120B,LLaMA3.370B,and Qwen332B)to enhance smishing detection performance significantly.To mitigate class imbalance,we apply synthetic data augmentation using T5 and leverage various text preprocessing techniques.Our system employs a duallayer voting mechanism:weighted majority voting among LLMs and a final ensemble vote to classify messages as ham,spam,or smishing.Experimental results show an average accuracy improvement from 96%to 98.5%compared to the best standalone transformer,and from 93%to 98.5%when compared to LLMs across datasets.Furthermore,we present a real-time,user-friendly application to operationalize our detection model for practical use.PhishNet demonstrates superior scalability,usability,and detection accuracy,filling critical gaps in current smishing detection methodologies.
文摘Zero-click attacks represent an advanced cybersecurity threat,capable of compromising devices without user interaction.High-profile examples such as Pegasus,Simjacker,Bluebugging,and Bluesnarfing exploit hidden vulnerabilities in software and communication protocols to silently gain access,exfiltrate data,and enable long-term surveillance.Their stealth and ability to evade traditional defenses make detection and mitigation highly challenging.This paper addresses these threats by systematically mapping the tactics and techniques of zero-click attacks using the MITRE ATT&CK framework,a widely adopted standard for modeling adversarial behavior.Through this mapping,we categorize real-world attack vectors and better understand how such attacks operate across the cyber-kill chain.To support threat detection efforts,we propose an Active Learning-based method to efficiently label the Pegasus spyware dataset in alignment with the MITRE ATT&CK framework.This approach reduces the effort of manually annotating data while improving the quality of the labeled data,which is essential to train robust cybersecurity models.In addition,our analysis highlights the structured execution paths of zero-click attacks and reveals gaps in current defense strategies.The findings emphasize the importance of forward-looking strategies such as continuous surveillance,dynamic threat profiling,and security education.By bridging zero-click attack analysis with the MITRE ATT&CK framework and leveraging machine learning for dataset annotation,this work provides a foundation for more accurate threat detection and the development of more resilient and structured cybersecurity frameworks.
基金supported by the MSIT(Ministry of Science and ICT),Republic of Korea,under the ICAN(ICT Challenge and Advanced Network of HRD)support program(IITP-2025-RS-2023-00259497)supervised by the IITP(Institute for Information&Communications Technology Planning&Evaluation)and was supported by Institute of Information&Communications Technology Planning&Evaluation(IITP)grant funded by the Republic of Korea government(MSIT)(No.IITP-2025-RS-2023-00254129+1 种基金Graduate School of Metaverse Convergence(Sungkyunkwan University))was supported by the Basic Science Research Program of the National Research Foundation(NRF)funded by the Republic of Korean government(MSIT)(No.RS-2024-00346737).
文摘Network attacks have become a critical issue in the internet security domain.Artificial intelligence technology-based detection methodologies have attracted attention;however,recent studies have struggled to adapt to changing attack patterns and complex network environments.In addition,it is difficult to explain the detection results logically using artificial intelligence.We propose a method for classifying network attacks using graph models to explain the detection results.First,we reconstruct the network packet data into a graphical structure.We then use a graph model to predict network attacks using edge classification.To explain the prediction results,we observed numerical changes by randomly masking and calculating the importance of neighbors,allowing us to extract significant subgraphs.Our experiments on six public datasets demonstrate superior performance with an average F1-score of 0.960 and accuracy of 0.964,outperforming traditional machine learning and other graph models.The visual representation of the extracted subgraphs highlights the neighboring nodes that have the greatest impact on the results,thus explaining detection.In conclusion,this study demonstrates that graph-based models are suitable for network attack detection in complex environments,and the importance of graph neighbors can be calculated to efficiently analyze the results.This approach can contribute to real-world network security analyses and provide a new direction in the field.
文摘A defender–attacker–target problem with non-moving target is considered.This problem is modelled by a pursuit-evasion zero-sum differential game with linear dynamics and quadratic cost functional.In this game,the pursuer is the defender,while the evader is the attacker.The objective of the pursuer is to minimise the cost functional,while the evader has two objectives:to maximise the cost functional and to keep a given terminal state inequality constraint.The open-loop saddle point solution of this game is obtained in the case where the transfer functions of the controllers for the defender and the attacker are of arbitrary orders.
基金supported by the Institute of Information&Communications Technology Planning&Evaluation(IITP)grant funded by the Korea government(MSIT)(No.RS-2023-00235509Development of security monitoring technology based network behavior against encrypted cyber threats in ICT convergence environment).
文摘With the increasing emphasis on personal information protection,encryption through security protocols has emerged as a critical requirement in data transmission and reception processes.Nevertheless,IoT ecosystems comprise heterogeneous networks where outdated systems coexist with the latest devices,spanning a range of devices from non-encrypted ones to fully encrypted ones.Given the limited visibility into payloads in this context,this study investigates AI-based attack detection methods that leverage encrypted traffic metadata,eliminating the need for decryption and minimizing system performance degradation—especially in light of these heterogeneous devices.Using the UNSW-NB15 and CICIoT-2023 dataset,encrypted and unencrypted traffic were categorized according to security protocol,and AI-based intrusion detection experiments were conducted for each traffic type based on metadata.To mitigate the problem of class imbalance,eight different data sampling techniques were applied.The effectiveness of these sampling techniques was then comparatively analyzed using two ensemble models and three Deep Learning(DL)models from various perspectives.The experimental results confirmed that metadata-based attack detection is feasible using only encrypted traffic.In the UNSW-NB15 dataset,the f1-score of encrypted traffic was approximately 0.98,which is 4.3%higher than that of unencrypted traffic(approximately 0.94).In addition,analysis of the encrypted traffic in the CICIoT-2023 dataset using the same method showed a significantly lower f1-score of roughly 0.43,indicating that the quality of the dataset and the preprocessing approach have a substantial impact on detection performance.Furthermore,when data sampling techniques were applied to encrypted traffic,the recall in the UNSWNB15(Encrypted)dataset improved by up to 23.0%,and in the CICIoT-2023(Encrypted)dataset by 20.26%,showing a similar level of improvement.Notably,in CICIoT-2023,f1-score and Receiver Operation Characteristic-Area Under the Curve(ROC-AUC)increased by 59.0%and 55.94%,respectively.These results suggest that data sampling can have a positive effect even in encrypted environments.However,the extent of the improvement may vary depending on data quality,model architecture,and sampling strategy.
文摘In an interview with China Hoy(a Spanish-language sister publication of Beijing Review)reporter An Xinzhu,Demetrio Toledo,a professor of international relations at Brazil's Federal University of ABC,explored the broader implications of the recent U.S.attack on Venezuela.
基金funded by the National Key Research and Development Program of China(Grant No.2024YFE0209000)the NSFC(Grant No.U23B2019).
文摘Graph Neural Networks(GNNs)have proven highly effective for graph classification across diverse fields such as social networks,bioinformatics,and finance,due to their capability to learn complex graph structures.However,despite their success,GNNs remain vulnerable to adversarial attacks that can significantly degrade their classification accuracy.Existing adversarial attack strategies primarily rely on label information to guide the attacks,which limits their applicability in scenarios where such information is scarce or unavailable.This paper introduces an innovative unsupervised attack method for graph classification,which operates without relying on label information,thereby enhancing its applicability in a broad range of scenarios.Specifically,our method first leverages a graph contrastive learning loss to learn high-quality graph embeddings by comparing different stochastic augmented views of the graphs.To effectively perturb the graphs,we then introduce an implicit estimator that measures the impact of various modifications on graph structures.The proposed strategy identifies and flips edges with the top-K highest scores,determined by the estimator,to maximize the degradation of the model’s performance.In addition,to defend against such attack,we propose a lightweight regularization-based defense mechanism that is specifically tailored to mitigate the structural perturbations introduced by our attack strategy.It enhances model robustness by enforcing embedding consistency and edge-level smoothness during training.We conduct experiments on six public TU graph classification datasets:NCI1,NCI109,Mutagenicity,ENZYMES,COLLAB,and DBLP_v1,to evaluate the effectiveness of our attack and defense strategies.Under an attack budget of 3,the maximum reduction in model accuracy reaches 6.67%on the Graph Convolutional Network(GCN)and 11.67%on the Graph Attention Network(GAT)across different datasets,indicating that our unsupervised method induces degradation comparable to state-of-the-art supervised attacks.Meanwhile,our defense achieves the highest accuracy recovery of 3.89%(GCN)and 5.00%(GAT),demonstrating improved robustness against structural perturbations.
基金supported by Key Laboratory of Cyberspace Security,Ministry of Education,China。
文摘Transformer-based models have significantly advanced binary code similarity detection(BCSD)by leveraging their semantic encoding capabilities for efficient function matching across diverse compilation settings.Although adversarial examples can strategically undermine the accuracy of BCSD models and protect critical code,existing techniques predominantly depend on inserting artificial instructions,which incur high computational costs and offer limited diversity of perturbations.To address these limitations,we propose AIMA,a novel gradient-guided assembly instruction relocation method.Our method decouples the detection model into tokenization,embedding,and encoding layers to enable efficient gradient computation.Since token IDs of instructions are discrete and nondifferentiable,we compute gradients in the continuous embedding space to evaluate the influence of each token.The most critical tokens are identified by calculating the L2 norm of their embedding gradients.We then establish a mapping between instructions and their corresponding tokens to aggregate token-level importance into instructionlevel significance.To maximize adversarial impact,a sliding window algorithm selects the most influential contiguous segments for relocation,ensuring optimal perturbation with minimal length.This approach efficiently locates critical code regions without expensive search operations.The selected segments are relocated outside their original function boundaries via a jump mechanism,which preserves runtime control flow and functionality while introducing“deletion”effects in the static instruction sequence.Extensive experiments show that AIMA reduces similarity scores by up to 35.8%in state-of-the-art BCSD models.When incorporated into training data,it also enhances model robustness,achieving a 5.9%improvement in AUROC.
基金supported by Princess Nourah bint Abdulrahman University Researchers Supporting Project Number(PNURSP2025R97)Princess Nourah bint Abdulrahman University,Riyadh,Saudi Arabia.
文摘The exponential growth of the Internet of Things(IoT)has introduced significant security challenges,with zero-day attacks emerging as one of the most critical and challenging threats.Traditional Machine Learning(ML)and Deep Learning(DL)techniques have demonstrated promising early detection capabilities.However,their effectiveness is limited when handling the vast volumes of IoT-generated data due to scalability constraints,high computational costs,and the costly time-intensive process of data labeling.To address these challenges,this study proposes a Federated Learning(FL)framework that leverages collaborative and hybrid supervised learning to enhance cyber threat detection in IoT networks.By employing Deep Neural Networks(DNNs)and decentralized model training,the approach reduces computational complexity while improving detection accuracy.The proposed model demonstrates robust performance,achieving accuracies of 94.34%,99.95%,and 87.94%on the publicly available kitsune,Bot-IoT,and UNSW-NB15 datasets,respectively.Furthermore,its ability to detect zero-day attacks is validated through evaluations on two additional benchmark datasets,TON-IoT and IoT-23,using a Deep Federated Learning(DFL)framework,underscoring the generalization and effectiveness of the model in heterogeneous and decentralized IoT environments.Experimental results demonstrate superior performance over existing methods,establishing the proposed framework as an efficient and scalable solution for IoT security.
基金This work was supported in part by the National Natural Science Foundation of China(Grant No.61671471)。
文摘Recently revealed beam stealing attacks could greatly threaten the security and privacy of IEEE 802.11ad communications.The premise to restore normal network service is detecting and locating beam stealing attackers without their cooperation.Current consistency-based methods are only valid for one single attacker and are parametersensitive.From the viewpoint of image processing,this paper proposes an algorithm to jointly detect and locate multiple beam stealing attackers based on RSSI(Received Signal Strength Indicator)map without the training process involved in deep learning-based solutions.Firstly,an RSSI map is constructed based on interpolating the raw RSSI data for enabling high-resolution localization while reducing monitoring cost.Secondly,three image processing steps,including edge detection and segmentation,are conducted on the constructed RSSI map to detect and locate multiple attackers without any prior knowledge about the attackers.To evaluate our proposal’s performance,a series of experiments are conducted based on the collected data.Experimental results have shown that in typical parameter settings,our algorithm’s positioning error does not exceed 0.41 m with a detection rate no less than 91%.
基金The National Natural Science Foundation of China(W2431048)The Science and Technology Research Program of Chongqing Municipal Education Commission,China(KJZDK202300807)The Chongqing Natural Science Foundation,China(CSTB2024NSCQQCXMX0052).
文摘This paper addresses the consensus problem of nonlinear multi-agent systems subject to external disturbances and uncertainties under denial-ofservice(DoS)attacks.Firstly,an observer-based state feedback control method is employed to achieve secure control by estimating the system's state in real time.Secondly,by combining a memory-based adaptive eventtriggered mechanism with neural networks,the paper aims to approximate the nonlinear terms in the networked system and efficiently conserve system resources.Finally,based on a two-degree-of-freedom model of a vehicle affected by crosswinds,this paper constructs a multi-unmanned ground vehicle(Multi-UGV)system to validate the effectiveness of the proposed method.Simulation results show that the proposed control strategy can effectively handle external disturbances such as crosswinds in practical applications,ensuring the stability and reliable operation of the Multi-UGV system.
基金National Natural Science Foundation of China(Nos.42171130 and 42301158)Pilot Project of China’s Strength in Transportation for the Central Research Institute(No.QG2021-1-4-7)National Key Technology Research and Development Program of the Ministry of Science and Technology of China(No.2021YFB2601200).
文摘Sulfate attack-induced expansion of cement-treated aggregates in seasonally frozen regions is a well-known issue which causes continuous expansion in railway subgrades,and particularly in high-speed railways.Accordingly,we investigated the influence of material proportions,the number of freeze-thaw(FT)cycles,and temperature gradients on the expansion mechanism of sulfate attack on cement-treated aggregates subjected to FT cycles.The conditions,laws,and dominant factors causing the expansion of aggregates were analyzed through swelling tests.The results indicate that under FT cycles,3%content cement-treated graded macadam only experiences slight deformation.The maximum strain of graded macadam attacked by 1%sodium sulfate content in each FT cycle is significantly larger than that of 3%content cement-treated graded macadam attacked by 1%sodium sulfate content.Using scanning electron microscopy,needle-like crystals were observed during sulfate attack of cement-treated graded macadam.Through quantitative analysis,we determined the recoverable and unrecoverable deformations of graded macadam under FT cycles.For graded macadam under sulfate attack,the expansion is mainly induced by periodic frost heave and salt expansion,as well as salt migration.For cement-treated graded macadam under sulfate attack,the expansion is mainly induced by chemical attack and salt migration.This study can serve as a reference for future research on the mechanics of sulfate attack on cement-treated aggregates that experience FT cycles,and provide theoretical support for methods that remediate the expansion induced by sulfate attack.
基金supported by the National Natural Science Foundation of China(Nos.12172315,12072304,11702232)the Fujian Provincial Natural Science Foundation,China(No.2021J01050)the Aeronautical Science Foundation of China(No.20220013068002).
文摘Unsteady aerodynamic characteristics at high angles of attack are of great importance to the design and development of advanced fighter aircraft, which are characterized by post-stall maneuverability with multiple Degrees-of-Freedom(multi-DOF) and complex flow field structure.In this paper, a special kind of cable-driven parallel mechanism is firstly utilized as a new suspension method to conduct unsteady dynamic wind tunnel tests at high angles of attack, thereby providing experimental aerodynamic data. These tests include a wide range of multi-DOF coupled oscillatory motions with various amplitudes and frequencies. Then, for aerodynamic modeling and analysis, a novel data-driven Feature-Level Attention Recurrent neural network(FLAR) is proposed. This model incorporates a specially designed feature-level attention module that focuses on the state variables affecting the aerodynamic coefficients, thereby enhancing the physical interpretability of the aerodynamic model. Subsequently, spin maneuver simulations, using a mathematical model as the baseline, are conducted to validate the effectiveness of the FLAR. Finally, the results on wind tunnel data reveal that the FLAR accurately predicts aerodynamic coefficients, and observations through the visualization of attention scores identify the key state variables that affect the aerodynamic coefficients. It is concluded that the proposed FLAR enhances the interpretability of the aerodynamic model while achieving good prediction accuracy and generalization capability for multi-DOF coupling motion at high angles of attack.
基金funded by the Technology Funding Scheme of China Construction Second Engineering Bureau LTD(2020ZX150002)the National Natural Science Foundation Project of China(12262018).
文摘To address the challenges posed by tunnel construction in the alpine region,silica fume mixed concrete is commonly used as a construction material.The correlation between silica fume content and the lining life requires immediate investigation.In view of this phenomenon,the durability of unit lining concrete is predicted by analyzing three key indicators:carbonation depth,relative dynamic elastic modulus,and residual quality.This prediction is achieved by integrating the Entropy Weight Method,Grey theory life prediction model and BP artificial neural networks using data from tests and predictions of these indicators.Then,the Entropy Weight-Grey theory-BP Network Model is compared with other methods to analyze the predicted life.Finally,verify the sci-entificity of this model,and the optimum silica fume content of unit concrete lining is verified.The results showed,1)The addition of silica fume will accelerate the carbonization of unit concrete lining,and slow down the freeze-thaw cycle and sulfate erosion.2)The utilization of artificial neural networks is essential for enhancing the realism of the data,as it emphasizes the significance of silica fume content.3)Silica fume content of 10%results in the longest life and is the most suitable for lining construction.4)A comparison between single-factor and multi-factor predictions indicates that the multi-factor approach yields a longer maximum life.This improvement can be attributed to the inclusion of additional factors,such as freeze-thaw cycles and carbonation,which enhance the predicted life when employing these methods.In conclusion,the Entropy Weight-Grey Theory-BP Network life prediction Model is well-suited for tunnel lining in the alpine sulfate area of northwest China.
文摘To improve the vertical axis wind turbine(VAWT)design,the angle of attack(AOA)and airfoil data must be treated correctly.The present paper develops a method for determining AOA on a VAWT based on computational fluid dynamics(CFD)analysis.First,a CFD analysis of a two-bladed VAWT equipped with a NACA 0012 airfoil is conducted.The thrust and power coefficients are validated through experiments.Second,the blade force and velocity data at monitoring points are collected.The AOA at different azimuth angles is determined by removing the blade self-induction at the monitoring point.Then,the lift and drag coefficients as a function of AOA are extracted.Results show that this method is independent of the monitoring points selection located at certain distance to the blades and the extracted dynamic stall hysteresis is more precise than the one with the“usual”method without considering the self-induction from bound vortices.
文摘Watermarking is embedding visible or invisible data within media to verify its authenticity or protect copyright.The watermark is embedded in significant spatial or frequency features of the media to make it more resistant to intentional or unintentional modification.Some of these features are important perceptual features according to the human visual system(HVS),which means that the embedded watermark should be imperceptible in these features.Therefore,both the designers of watermarking algorithms and potential attackers must consider these perceptual features when carrying out their actions.The two roles will be considered in this paper when designing a robust watermarking algorithm against the most harmful attacks,like volumetric scaling,histogram equalization,and non-conventional watermarking attacks like the Denoising Convolution Neural Network(DnCNN),which must be considered in watermarking algorithm design due to its rising role in the state-of-the-art attacks.The DnCNN is initialized and trained using watermarked image samples created by our proposed Covert and Severe Attacks Resistant Watermarking Algorithm(CSRWA)to prove its robustness.For this algorithm to satisfy the robustness and imperceptibility tradeoff,implementing the Dither Modulation(DM)algorithm is boosted by utilizing the Just Noticeable Distortion(JND)principle to get an improved performance in this sense.Sensitivity,luminance,inter and intra-block contrast are used to adjust the JND values.
文摘The word“spatial”fundamentally relates to human existence,evolution,and activity in terrestrial and even celestial spaces.After reviewing the spatial features of many areas,the paper describes basics of high level model and technology called Spatial Grasp for dealing with large distributed systems,which can provide spatial vision,awareness,management,control,and even consciousness.The technology description includes its key Spatial Grasp Language(SGL),self-evolution of recursive SGL scenarios,and implementation of SGL interpreter converting distributed networked systems into powerful spatial engines.Examples of typical spatial scenarios in SGL include finding shortest path tree and shortest path between network nodes,collecting proper information throughout the whole world,elimination of multiple targets by intelligent teams of chasers,and withstanding cyber attacks in distributed networked systems.Also this paper compares Spatial Grasp model with traditional algorithms,confirming universality of the former for any spatial systems,while the latter just tools for concrete applications.
基金supported by Jiangsu Provincial Science and Technology Project,grant number J2023124.Jing Guo received this grant,the URLs of sponsors’website is https://kxjst.jiangsu.gov.cn/(accessed on 06 June 2024).
文摘The rapid proliferation of electric vehicle(EV)charging infrastructure introduces critical cybersecurity vulnerabilities to power grids system.This study presents an innovative anomaly detection framework for EV charging stations,addressing the unique challenges posed by third-party aggregation platforms.Our approach integrates node equations-based on the parameter identification with a novel deep learning model,xDeepCIN,to detect abnormal data reporting indicative of aggregation attacks.We employ a graph-theoretic approach to model EV charging networks and utilize Markov Chain Monte Carlo techniques for accurate parameter estimation.The xDeepCIN model,incorporating a Compressed Interaction Network,has the ability to capture complex feature interactions in sparse,high-dimensional charging data.Experimental results on both proprietary and public datasets demonstrate significant improvements in anomaly detection performance,with F1-scores increasing by up to 32.3%for specific anomaly types compared to traditional methods,such as wide&deep and DeepFM(Factorization-Machine).Our framework exhibits robust scalability,effectively handling networks ranging from 8 to 85 charging points.Furthermore,we achieve real-time monitoring capabilities,with parameter identification completing within seconds for networks up to 1000 nodes.This research contributes to enhancing the security and reliability of renewable energy systems against evolving cyber threats,offering a comprehensive solution for safeguarding the rapidly expanding EV charging infrastructure.
