Cross-Site Scripting(XSS)remains a significant threat to web application security,exploiting vulnerabilities to hijack user sessions and steal sensitive data.Traditional detection methods often fail to keep pace with ...Cross-Site Scripting(XSS)remains a significant threat to web application security,exploiting vulnerabilities to hijack user sessions and steal sensitive data.Traditional detection methods often fail to keep pace with the evolving sophistication of cyber threats.This paper introduces a novel hybrid ensemble learning framework that leverages a combination of advanced machine learning algorithms—Logistic Regression(LR),Support Vector Machines(SVM),eXtreme Gradient Boosting(XGBoost),Categorical Boosting(CatBoost),and Deep Neural Networks(DNN).Utilizing the XSS-Attacks-2021 dataset,which comprises 460 instances across various real-world trafficrelated scenarios,this framework significantly enhances XSS attack detection.Our approach,which includes rigorous feature engineering and model tuning,not only optimizes accuracy but also effectively minimizes false positives(FP)(0.13%)and false negatives(FN)(0.19%).This comprehensive methodology has been rigorously validated,achieving an unprecedented accuracy of 99.87%.The proposed system is scalable and efficient,capable of adapting to the increasing number of web applications and user demands without a decline in performance.It demonstrates exceptional real-time capabilities,with the ability to detect XSS attacks dynamically,maintaining high accuracy and low latency even under significant loads.Furthermore,despite the computational complexity introduced by the hybrid ensemble approach,strategic use of parallel processing and algorithm tuning ensures that the system remains scalable and performs robustly in real-time applications.Designed for easy integration with existing web security systems,our framework supports adaptable Application Programming Interfaces(APIs)and a modular design,facilitating seamless augmentation of current defenses.This innovation represents a significant advancement in cybersecurity,offering a scalable and effective solution for securing modern web applications against evolving threats.展开更多
JShellLab is an easy to use MATLAB-like environment for the Java Virtual Machine(JVM).It implements scientific scripting based on the JShell Application Programming Interface(API)of modern Java.The paper illustrates t...JShellLab is an easy to use MATLAB-like environment for the Java Virtual Machine(JVM).It implements scientific scripting based on the JShell Application Programming Interface(API)of modern Java.The paper illustrates that JShellLab can significantly facilitate and simplify the development of complex computational demanding scientific software at the JVM.The novelty at the JShellLab is that it completely hides the complexity and the intricate dependencies of optimized scientific software.As an example,the demanded field of deep learning is exploited.Specifically,the implementation of effective practical deep learning-based systems using the JShellLab environment and the Deeplearning4j Java library is considered.展开更多
Although federated learning(FL)improves privacy-preserving by updating parameters without collecting original user data,their shared gradients still leak sensitive user information.Existing differential privacy and en...Although federated learning(FL)improves privacy-preserving by updating parameters without collecting original user data,their shared gradients still leak sensitive user information.Existing differential privacy and encryption techniques typically focus on whether the aggregated gradient is correctly processed and verified only,rather than whether each user is honestly trained locally.To address these above issues,we propose a gradient featurebased collaborative filtering scheme in verification federated learning,where the authenticity of user training is verified using the collaborative filtering(CF)method based on gradient features.Compared with single user gradient detection(such as similarity detection of gradient median),our collaborative filtering scheme can provide more comprehensive and efficient user gradient detection by gradient dimensionality reduction.Also,user gradient security is protected by dynamically generating a mask matrix,and the verifiability of the aggregation result is realized by combining dynamic masks.Finally,we perform comprehensive comparisons and experiments by using CNN models on some classical datasets.Experimental results and analysis show that our scheme outperforms other state-of-the-art schemes,demonstrating the effectiveness of our scheme.展开更多
Cloud computing is a transformational paradigm involving the delivery of applications and services over the Internet,using access mechanisms through microprocessors,smartphones,etc.Latency time to prevent and detect m...Cloud computing is a transformational paradigm involving the delivery of applications and services over the Internet,using access mechanisms through microprocessors,smartphones,etc.Latency time to prevent and detect modern and complex threats remains one of the major challenges.It is then necessary to think about an intrusion prevention system(IPS)design,making it possible to effectively meet the requirements of a cloud computing environment.From this analysis,the central question of the present study is to minimize the latency time for efficient threat prevention and detection in the cloud.To design this IPS design in a cloud computing environment,Azure environment(Microsoft)and its concept of Virtual Private Cloud(VPC)were used.Then,an IPS design was deployed with a ruleset from a mined dataset(via K-means clustering)and processed.Finally,the correlation between the traffic analyzed(virtual network traffic in real-time,logs)and the filtering rules or ruleset of this IPS made it possible to obtain and discuss on a precision rate of around 0.9 in True Positive Rate(TPR)in the prevention Cross-Site Scripting(XSS)attacks targeting the cloud,for a latent time of approximately 6.4 ms.Subsequently,it is important to think about extending the detection capabilities,attack complexity,and high traffic consideration of this IPS.展开更多
This paper describes the development of the condition monitoring and faultdiagnosing system of a group of rotating machinery. The data management is performed by means ofdouble redundant data bases stored simultaneous...This paper describes the development of the condition monitoring and faultdiagnosing system of a group of rotating machinery. The data management is performed by means ofdouble redundant data bases stored simultaneously in both the analyzing server and monitoringclient. In this way, high reliability of the storage of data is guaranteed. Condensation of trenddata releases much space resource of the hard disk. Diagnosing strategies orientated to differenttypical faults of rotating machinery are developed and incorporated into the system. Experimentalverification shows that the system is suitable and effective for condition monitoring and faultdiagnosing for a rotating machine group.展开更多
Large-scale neural networks-based federated learning(FL)has gained public recognition for its effective capabilities in distributed training.Nonetheless,the open system architecture inherent to federated learning syst...Large-scale neural networks-based federated learning(FL)has gained public recognition for its effective capabilities in distributed training.Nonetheless,the open system architecture inherent to federated learning systems raises concerns regarding their vulnerability to potential attacks.Poisoning attacks turn into a major menace to federated learning on account of their concealed property and potent destructive force.By altering the local model during routine machine learning training,attackers can easily contaminate the global model.Traditional detection and aggregation solutions mitigate certain threats,but they are still insufficient to completely eliminate the influence generated by attackers.Therefore,federated unlearning that can remove unreliable models while maintaining the accuracy of the global model has become a solution.Unfortunately some existing federated unlearning approaches are rather difficult to be applied in large neural network models because of their high computational expenses.Hence,we propose SlideFU,an efficient anti-poisoning attack federated unlearning framework.The primary concept of SlideFU is to employ sliding window to construct the training process,where all operations are confined within the window.We design a malicious detection scheme based on principal component analysis(PCA),which calculates the trust factors between compressed models in a low-cost way to eliminate unreliable models.After confirming that the global model is under attack,the system activates the federated unlearning process,calibrates the gradients based on the updated direction of the calibration gradients.Experiments on two public datasets demonstrate that our scheme can recover a robust model with extremely high efficiency.展开更多
基金supported by Princess Nourah bint Abdulrahman University Researchers Supporting Project number(PNURSP2024R513),Princess Nourah bint Abdulrahman University,Riyadh,Saudi Arabia.
文摘Cross-Site Scripting(XSS)remains a significant threat to web application security,exploiting vulnerabilities to hijack user sessions and steal sensitive data.Traditional detection methods often fail to keep pace with the evolving sophistication of cyber threats.This paper introduces a novel hybrid ensemble learning framework that leverages a combination of advanced machine learning algorithms—Logistic Regression(LR),Support Vector Machines(SVM),eXtreme Gradient Boosting(XGBoost),Categorical Boosting(CatBoost),and Deep Neural Networks(DNN).Utilizing the XSS-Attacks-2021 dataset,which comprises 460 instances across various real-world trafficrelated scenarios,this framework significantly enhances XSS attack detection.Our approach,which includes rigorous feature engineering and model tuning,not only optimizes accuracy but also effectively minimizes false positives(FP)(0.13%)and false negatives(FN)(0.19%).This comprehensive methodology has been rigorously validated,achieving an unprecedented accuracy of 99.87%.The proposed system is scalable and efficient,capable of adapting to the increasing number of web applications and user demands without a decline in performance.It demonstrates exceptional real-time capabilities,with the ability to detect XSS attacks dynamically,maintaining high accuracy and low latency even under significant loads.Furthermore,despite the computational complexity introduced by the hybrid ensemble approach,strategic use of parallel processing and algorithm tuning ensures that the system remains scalable and performs robustly in real-time applications.Designed for easy integration with existing web security systems,our framework supports adaptable Application Programming Interfaces(APIs)and a modular design,facilitating seamless augmentation of current defenses.This innovation represents a significant advancement in cybersecurity,offering a scalable and effective solution for securing modern web applications against evolving threats.
文摘JShellLab is an easy to use MATLAB-like environment for the Java Virtual Machine(JVM).It implements scientific scripting based on the JShell Application Programming Interface(API)of modern Java.The paper illustrates that JShellLab can significantly facilitate and simplify the development of complex computational demanding scientific software at the JVM.The novelty at the JShellLab is that it completely hides the complexity and the intricate dependencies of optimized scientific software.As an example,the demanded field of deep learning is exploited.Specifically,the implementation of effective practical deep learning-based systems using the JShellLab environment and the Deeplearning4j Java library is considered.
基金supported by the National Natural Science Foundation of China(No.62572077)Open Research Fund of Hunan Provincial Key Laboratory of Intelligent Processing of Big Data on Transportation(No.B202403)Hunan Provincial Social Science Achievement Evaluation Committee(No.XSP25YBC686).
文摘Although federated learning(FL)improves privacy-preserving by updating parameters without collecting original user data,their shared gradients still leak sensitive user information.Existing differential privacy and encryption techniques typically focus on whether the aggregated gradient is correctly processed and verified only,rather than whether each user is honestly trained locally.To address these above issues,we propose a gradient featurebased collaborative filtering scheme in verification federated learning,where the authenticity of user training is verified using the collaborative filtering(CF)method based on gradient features.Compared with single user gradient detection(such as similarity detection of gradient median),our collaborative filtering scheme can provide more comprehensive and efficient user gradient detection by gradient dimensionality reduction.Also,user gradient security is protected by dynamically generating a mask matrix,and the verifiability of the aggregation result is realized by combining dynamic masks.Finally,we perform comprehensive comparisons and experiments by using CNN models on some classical datasets.Experimental results and analysis show that our scheme outperforms other state-of-the-art schemes,demonstrating the effectiveness of our scheme.
文摘Cloud computing is a transformational paradigm involving the delivery of applications and services over the Internet,using access mechanisms through microprocessors,smartphones,etc.Latency time to prevent and detect modern and complex threats remains one of the major challenges.It is then necessary to think about an intrusion prevention system(IPS)design,making it possible to effectively meet the requirements of a cloud computing environment.From this analysis,the central question of the present study is to minimize the latency time for efficient threat prevention and detection in the cloud.To design this IPS design in a cloud computing environment,Azure environment(Microsoft)and its concept of Virtual Private Cloud(VPC)were used.Then,an IPS design was deployed with a ruleset from a mined dataset(via K-means clustering)and processed.Finally,the correlation between the traffic analyzed(virtual network traffic in real-time,logs)and the filtering rules or ruleset of this IPS made it possible to obtain and discuss on a precision rate of around 0.9 in True Positive Rate(TPR)in the prevention Cross-Site Scripting(XSS)attacks targeting the cloud,for a latent time of approximately 6.4 ms.Subsequently,it is important to think about extending the detection capabilities,attack complexity,and high traffic consideration of this IPS.
文摘This paper describes the development of the condition monitoring and faultdiagnosing system of a group of rotating machinery. The data management is performed by means ofdouble redundant data bases stored simultaneously in both the analyzing server and monitoringclient. In this way, high reliability of the storage of data is guaranteed. Condensation of trenddata releases much space resource of the hard disk. Diagnosing strategies orientated to differenttypical faults of rotating machinery are developed and incorporated into the system. Experimentalverification shows that the system is suitable and effective for condition monitoring and faultdiagnosing for a rotating machine group.
基金supported in part by the National Social Science Foundation of China under Grant 20BTQ058in part by the Natural Science Foundation of Hunan Province under Grant 2023JJ50033.
文摘Large-scale neural networks-based federated learning(FL)has gained public recognition for its effective capabilities in distributed training.Nonetheless,the open system architecture inherent to federated learning systems raises concerns regarding their vulnerability to potential attacks.Poisoning attacks turn into a major menace to federated learning on account of their concealed property and potent destructive force.By altering the local model during routine machine learning training,attackers can easily contaminate the global model.Traditional detection and aggregation solutions mitigate certain threats,but they are still insufficient to completely eliminate the influence generated by attackers.Therefore,federated unlearning that can remove unreliable models while maintaining the accuracy of the global model has become a solution.Unfortunately some existing federated unlearning approaches are rather difficult to be applied in large neural network models because of their high computational expenses.Hence,we propose SlideFU,an efficient anti-poisoning attack federated unlearning framework.The primary concept of SlideFU is to employ sliding window to construct the training process,where all operations are confined within the window.We design a malicious detection scheme based on principal component analysis(PCA),which calculates the trust factors between compressed models in a low-cost way to eliminate unreliable models.After confirming that the global model is under attack,the system activates the federated unlearning process,calibrates the gradients based on the updated direction of the calibration gradients.Experiments on two public datasets demonstrate that our scheme can recover a robust model with extremely high efficiency.
