Cross-Site Scripting(XSS)remains a significant threat to web application security,exploiting vulnerabilities to hijack user sessions and steal sensitive data.Traditional detection methods often fail to keep pace with ...Cross-Site Scripting(XSS)remains a significant threat to web application security,exploiting vulnerabilities to hijack user sessions and steal sensitive data.Traditional detection methods often fail to keep pace with the evolving sophistication of cyber threats.This paper introduces a novel hybrid ensemble learning framework that leverages a combination of advanced machine learning algorithms—Logistic Regression(LR),Support Vector Machines(SVM),eXtreme Gradient Boosting(XGBoost),Categorical Boosting(CatBoost),and Deep Neural Networks(DNN).Utilizing the XSS-Attacks-2021 dataset,which comprises 460 instances across various real-world trafficrelated scenarios,this framework significantly enhances XSS attack detection.Our approach,which includes rigorous feature engineering and model tuning,not only optimizes accuracy but also effectively minimizes false positives(FP)(0.13%)and false negatives(FN)(0.19%).This comprehensive methodology has been rigorously validated,achieving an unprecedented accuracy of 99.87%.The proposed system is scalable and efficient,capable of adapting to the increasing number of web applications and user demands without a decline in performance.It demonstrates exceptional real-time capabilities,with the ability to detect XSS attacks dynamically,maintaining high accuracy and low latency even under significant loads.Furthermore,despite the computational complexity introduced by the hybrid ensemble approach,strategic use of parallel processing and algorithm tuning ensures that the system remains scalable and performs robustly in real-time applications.Designed for easy integration with existing web security systems,our framework supports adaptable Application Programming Interfaces(APIs)and a modular design,facilitating seamless augmentation of current defenses.This innovation represents a significant advancement in cybersecurity,offering a scalable and effective solution for securing modern web applications against evolving threats.展开更多
JShellLab is an easy to use MATLAB-like environment for the Java Virtual Machine(JVM).It implements scientific scripting based on the JShell Application Programming Interface(API)of modern Java.The paper illustrates t...JShellLab is an easy to use MATLAB-like environment for the Java Virtual Machine(JVM).It implements scientific scripting based on the JShell Application Programming Interface(API)of modern Java.The paper illustrates that JShellLab can significantly facilitate and simplify the development of complex computational demanding scientific software at the JVM.The novelty at the JShellLab is that it completely hides the complexity and the intricate dependencies of optimized scientific software.As an example,the demanded field of deep learning is exploited.Specifically,the implementation of effective practical deep learning-based systems using the JShellLab environment and the Deeplearning4j Java library is considered.展开更多
Cloud computing is a transformational paradigm involving the delivery of applications and services over the Internet,using access mechanisms through microprocessors,smartphones,etc.Latency time to prevent and detect m...Cloud computing is a transformational paradigm involving the delivery of applications and services over the Internet,using access mechanisms through microprocessors,smartphones,etc.Latency time to prevent and detect modern and complex threats remains one of the major challenges.It is then necessary to think about an intrusion prevention system(IPS)design,making it possible to effectively meet the requirements of a cloud computing environment.From this analysis,the central question of the present study is to minimize the latency time for efficient threat prevention and detection in the cloud.To design this IPS design in a cloud computing environment,Azure environment(Microsoft)and its concept of Virtual Private Cloud(VPC)were used.Then,an IPS design was deployed with a ruleset from a mined dataset(via K-means clustering)and processed.Finally,the correlation between the traffic analyzed(virtual network traffic in real-time,logs)and the filtering rules or ruleset of this IPS made it possible to obtain and discuss on a precision rate of around 0.9 in True Positive Rate(TPR)in the prevention Cross-Site Scripting(XSS)attacks targeting the cloud,for a latent time of approximately 6.4 ms.Subsequently,it is important to think about extending the detection capabilities,attack complexity,and high traffic consideration of this IPS.展开更多
This paper describes the development of the condition monitoring and faultdiagnosing system of a group of rotating machinery. The data management is performed by means ofdouble redundant data bases stored simultaneous...This paper describes the development of the condition monitoring and faultdiagnosing system of a group of rotating machinery. The data management is performed by means ofdouble redundant data bases stored simultaneously in both the analyzing server and monitoringclient. In this way, high reliability of the storage of data is guaranteed. Condensation of trenddata releases much space resource of the hard disk. Diagnosing strategies orientated to differenttypical faults of rotating machinery are developed and incorporated into the system. Experimentalverification shows that the system is suitable and effective for condition monitoring and faultdiagnosing for a rotating machine group.展开更多
Large-scale neural networks-based federated learning(FL)has gained public recognition for its effective capabilities in distributed training.Nonetheless,the open system architecture inherent to federated learning syst...Large-scale neural networks-based federated learning(FL)has gained public recognition for its effective capabilities in distributed training.Nonetheless,the open system architecture inherent to federated learning systems raises concerns regarding their vulnerability to potential attacks.Poisoning attacks turn into a major menace to federated learning on account of their concealed property and potent destructive force.By altering the local model during routine machine learning training,attackers can easily contaminate the global model.Traditional detection and aggregation solutions mitigate certain threats,but they are still insufficient to completely eliminate the influence generated by attackers.Therefore,federated unlearning that can remove unreliable models while maintaining the accuracy of the global model has become a solution.Unfortunately some existing federated unlearning approaches are rather difficult to be applied in large neural network models because of their high computational expenses.Hence,we propose SlideFU,an efficient anti-poisoning attack federated unlearning framework.The primary concept of SlideFU is to employ sliding window to construct the training process,where all operations are confined within the window.We design a malicious detection scheme based on principal component analysis(PCA),which calculates the trust factors between compressed models in a low-cost way to eliminate unreliable models.After confirming that the global model is under attack,the system activates the federated unlearning process,calibrates the gradients based on the updated direction of the calibration gradients.Experiments on two public datasets demonstrate that our scheme can recover a robust model with extremely high efficiency.展开更多
本课题设计的数控系统可定制界面是以QT为平台,采用脚本程序定制界面的功能来实现。包括人机界面的设计与构建,QT界面加载器和脚本引擎的扩展,以及底层接口主程序的实现等;同时在QT图形组件类的基础上构建了数控系统专用的图形组件类库...本课题设计的数控系统可定制界面是以QT为平台,采用脚本程序定制界面的功能来实现。包括人机界面的设计与构建,QT界面加载器和脚本引擎的扩展,以及底层接口主程序的实现等;同时在QT图形组件类的基础上构建了数控系统专用的图形组件类库,是实现界面可定制性的基础。该方法充分利用了QT在GUI(Graphical User Interface,图形用户界面)设计方面的优势以及新增的支持脚本功能模块,使定制人机界面的过程变得简便快捷。展开更多
基金supported by Princess Nourah bint Abdulrahman University Researchers Supporting Project number(PNURSP2024R513),Princess Nourah bint Abdulrahman University,Riyadh,Saudi Arabia.
文摘Cross-Site Scripting(XSS)remains a significant threat to web application security,exploiting vulnerabilities to hijack user sessions and steal sensitive data.Traditional detection methods often fail to keep pace with the evolving sophistication of cyber threats.This paper introduces a novel hybrid ensemble learning framework that leverages a combination of advanced machine learning algorithms—Logistic Regression(LR),Support Vector Machines(SVM),eXtreme Gradient Boosting(XGBoost),Categorical Boosting(CatBoost),and Deep Neural Networks(DNN).Utilizing the XSS-Attacks-2021 dataset,which comprises 460 instances across various real-world trafficrelated scenarios,this framework significantly enhances XSS attack detection.Our approach,which includes rigorous feature engineering and model tuning,not only optimizes accuracy but also effectively minimizes false positives(FP)(0.13%)and false negatives(FN)(0.19%).This comprehensive methodology has been rigorously validated,achieving an unprecedented accuracy of 99.87%.The proposed system is scalable and efficient,capable of adapting to the increasing number of web applications and user demands without a decline in performance.It demonstrates exceptional real-time capabilities,with the ability to detect XSS attacks dynamically,maintaining high accuracy and low latency even under significant loads.Furthermore,despite the computational complexity introduced by the hybrid ensemble approach,strategic use of parallel processing and algorithm tuning ensures that the system remains scalable and performs robustly in real-time applications.Designed for easy integration with existing web security systems,our framework supports adaptable Application Programming Interfaces(APIs)and a modular design,facilitating seamless augmentation of current defenses.This innovation represents a significant advancement in cybersecurity,offering a scalable and effective solution for securing modern web applications against evolving threats.
文摘JShellLab is an easy to use MATLAB-like environment for the Java Virtual Machine(JVM).It implements scientific scripting based on the JShell Application Programming Interface(API)of modern Java.The paper illustrates that JShellLab can significantly facilitate and simplify the development of complex computational demanding scientific software at the JVM.The novelty at the JShellLab is that it completely hides the complexity and the intricate dependencies of optimized scientific software.As an example,the demanded field of deep learning is exploited.Specifically,the implementation of effective practical deep learning-based systems using the JShellLab environment and the Deeplearning4j Java library is considered.
文摘Cloud computing is a transformational paradigm involving the delivery of applications and services over the Internet,using access mechanisms through microprocessors,smartphones,etc.Latency time to prevent and detect modern and complex threats remains one of the major challenges.It is then necessary to think about an intrusion prevention system(IPS)design,making it possible to effectively meet the requirements of a cloud computing environment.From this analysis,the central question of the present study is to minimize the latency time for efficient threat prevention and detection in the cloud.To design this IPS design in a cloud computing environment,Azure environment(Microsoft)and its concept of Virtual Private Cloud(VPC)were used.Then,an IPS design was deployed with a ruleset from a mined dataset(via K-means clustering)and processed.Finally,the correlation between the traffic analyzed(virtual network traffic in real-time,logs)and the filtering rules or ruleset of this IPS made it possible to obtain and discuss on a precision rate of around 0.9 in True Positive Rate(TPR)in the prevention Cross-Site Scripting(XSS)attacks targeting the cloud,for a latent time of approximately 6.4 ms.Subsequently,it is important to think about extending the detection capabilities,attack complexity,and high traffic consideration of this IPS.
文摘This paper describes the development of the condition monitoring and faultdiagnosing system of a group of rotating machinery. The data management is performed by means ofdouble redundant data bases stored simultaneously in both the analyzing server and monitoringclient. In this way, high reliability of the storage of data is guaranteed. Condensation of trenddata releases much space resource of the hard disk. Diagnosing strategies orientated to differenttypical faults of rotating machinery are developed and incorporated into the system. Experimentalverification shows that the system is suitable and effective for condition monitoring and faultdiagnosing for a rotating machine group.
基金supported in part by the National Social Science Foundation of China under Grant 20BTQ058in part by the Natural Science Foundation of Hunan Province under Grant 2023JJ50033.
文摘Large-scale neural networks-based federated learning(FL)has gained public recognition for its effective capabilities in distributed training.Nonetheless,the open system architecture inherent to federated learning systems raises concerns regarding their vulnerability to potential attacks.Poisoning attacks turn into a major menace to federated learning on account of their concealed property and potent destructive force.By altering the local model during routine machine learning training,attackers can easily contaminate the global model.Traditional detection and aggregation solutions mitigate certain threats,but they are still insufficient to completely eliminate the influence generated by attackers.Therefore,federated unlearning that can remove unreliable models while maintaining the accuracy of the global model has become a solution.Unfortunately some existing federated unlearning approaches are rather difficult to be applied in large neural network models because of their high computational expenses.Hence,we propose SlideFU,an efficient anti-poisoning attack federated unlearning framework.The primary concept of SlideFU is to employ sliding window to construct the training process,where all operations are confined within the window.We design a malicious detection scheme based on principal component analysis(PCA),which calculates the trust factors between compressed models in a low-cost way to eliminate unreliable models.After confirming that the global model is under attack,the system activates the federated unlearning process,calibrates the gradients based on the updated direction of the calibration gradients.Experiments on two public datasets demonstrate that our scheme can recover a robust model with extremely high efficiency.
文摘本课题设计的数控系统可定制界面是以QT为平台,采用脚本程序定制界面的功能来实现。包括人机界面的设计与构建,QT界面加载器和脚本引擎的扩展,以及底层接口主程序的实现等;同时在QT图形组件类的基础上构建了数控系统专用的图形组件类库,是实现界面可定制性的基础。该方法充分利用了QT在GUI(Graphical User Interface,图形用户界面)设计方面的优势以及新增的支持脚本功能模块,使定制人机界面的过程变得简便快捷。
